internal/govulncheck: merge cmd/govulncheck/govulnchecklib
So long govulnchecklib
Change-Id: If1d1187460651e73ee3feb853bf5528097b009b4
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/435901
Reviewed-by: Julie Qiu <julieqiu@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Hyang-Ah Hana Kim <hyangah@gmail.com>
Reviewed-by: Julie Qiu <julie@golang.org>
diff --git a/cmd/govulncheck/main.go b/cmd/govulncheck/main.go
index 5a7ab45..4c730e1 100644
--- a/cmd/govulncheck/main.go
+++ b/cmd/govulncheck/main.go
@@ -13,7 +13,7 @@
"golang.org/x/tools/go/buildutil"
"golang.org/x/tools/go/packages"
- "golang.org/x/vuln/cmd/govulncheck/govulnchecklib"
+ "golang.org/x/vuln/internal/govulncheck"
)
var (
@@ -73,7 +73,7 @@
buildFlags = []string{fmt.Sprintf("-tags=%s", strings.Join(tagsFlag, ","))}
}
- govulnchecklib.Main(govulnchecklib.Config{
+ govulncheck.Main(govulncheck.Config{
Analysis: mode,
OutputFormat: outputType,
Patterns: patterns,
diff --git a/cmd/govulncheck/govulnchecklib/binary_118.go b/internal/govulncheck/binary_118.go
similarity index 94%
rename from cmd/govulncheck/govulnchecklib/binary_118.go
rename to internal/govulncheck/binary_118.go
index 32d2529..de71f3d 100644
--- a/cmd/govulncheck/govulnchecklib/binary_118.go
+++ b/internal/govulncheck/binary_118.go
@@ -5,7 +5,7 @@
//go:build go1.18
// +build go1.18
-package govulnchecklib
+package govulncheck
import (
"context"
diff --git a/cmd/govulncheck/govulnchecklib/binary_not118.go b/internal/govulncheck/binary_not118.go
similarity index 94%
rename from cmd/govulncheck/govulnchecklib/binary_not118.go
rename to internal/govulncheck/binary_not118.go
index 8d39ad3..06b43e2 100644
--- a/cmd/govulncheck/govulnchecklib/binary_not118.go
+++ b/internal/govulncheck/binary_not118.go
@@ -5,7 +5,7 @@
//go:build !go1.18
// +build !go1.18
-package govulnchecklib
+package govulncheck
import (
"context"
diff --git a/cmd/govulncheck/govulnchecklib/errors.go b/internal/govulncheck/errors.go
similarity index 98%
rename from cmd/govulncheck/govulnchecklib/errors.go
rename to internal/govulncheck/errors.go
index ef86320..5f993a8 100644
--- a/cmd/govulncheck/govulnchecklib/errors.go
+++ b/internal/govulncheck/errors.go
@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-package govulnchecklib
+package govulncheck
import (
"errors"
diff --git a/cmd/govulncheck/govulnchecklib/formatting.go b/internal/govulncheck/formatting.go
similarity index 98%
rename from cmd/govulncheck/govulnchecklib/formatting.go
rename to internal/govulncheck/formatting.go
index eb7e7f1..c2254da 100644
--- a/cmd/govulncheck/govulnchecklib/formatting.go
+++ b/internal/govulncheck/formatting.go
@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-package govulnchecklib
+package govulncheck
import (
"bytes"
diff --git a/cmd/govulncheck/govulnchecklib/formatting_test.go b/internal/govulncheck/formatting_test.go
similarity index 98%
rename from cmd/govulncheck/govulnchecklib/formatting_test.go
rename to internal/govulncheck/formatting_test.go
index 9b54794..d8de82b 100644
--- a/cmd/govulncheck/govulnchecklib/formatting_test.go
+++ b/internal/govulncheck/formatting_test.go
@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-package govulnchecklib
+package govulncheck
import (
"bytes"
diff --git a/cmd/govulncheck/govulnchecklib/main.go b/internal/govulncheck/main.go
similarity index 89%
rename from cmd/govulncheck/govulnchecklib/main.go
rename to internal/govulncheck/main.go
index a16593d..03ed398 100644
--- a/cmd/govulncheck/govulnchecklib/main.go
+++ b/internal/govulncheck/main.go
@@ -2,11 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// Package govulnchecklib defines the main function for the govulncheck command.
-//
-// WARNING: this package is made public only to make it easy to integrate govulncheck
-// in certain tools like (e.g. gopls). The API is not stable and may change any time.
-package govulnchecklib
+package govulncheck
import (
"bytes"
@@ -22,7 +18,6 @@
"golang.org/x/exp/maps"
"golang.org/x/tools/go/packages"
"golang.org/x/vuln/client"
- "golang.org/x/vuln/internal/govulncheck"
"golang.org/x/vuln/osv"
"golang.org/x/vuln/vulncheck"
)
@@ -53,7 +48,7 @@
dbs = strings.Split(GOVULNDB, ",")
}
dbClient, err := client.NewClient(dbs, client.Options{
- HTTPCache: govulncheck.DefaultCache(),
+ HTTPCache: DefaultCache(),
})
if err != nil {
die("govulncheck: %s", err)
@@ -87,7 +82,7 @@
}
case "source":
cfg := &cfg.SourceLoadConfig
- pkgs, err = govulncheck.LoadPackages(cfg, patterns...)
+ pkgs, err = LoadPackages(cfg, patterns...)
if err != nil {
// Try to provide a meaningful and actionable error message.
if !fileExists(filepath.Join(cfg.Dir, "go.mod")) {
@@ -121,10 +116,10 @@
os.Exit(0)
case "text", "verbose":
// set of top-level packages, used to find representative symbols
- ci := govulncheck.GetCallInfo(r, pkgs)
+ ci := GetCallInfo(r, pkgs)
writeText(r, ci, unaffected, format == "verbose")
case "summary":
- ci := govulncheck.GetCallInfo(r, pkgs)
+ ci := GetCallInfo(r, pkgs)
writeJSON(summary(ci, unaffected))
os.Exit(0)
default:
@@ -209,7 +204,7 @@
lineLength = 55
)
-func writeText(r *vulncheck.Result, ci *govulncheck.CallInfo, unaffected []*vulncheck.Vuln, verbose bool) {
+func writeText(r *vulncheck.Result, ci *CallInfo, unaffected []*vulncheck.Vuln, verbose bool) {
uniqueVulns := map[string]bool{}
for _, v := range r.Vulns {
uniqueVulns[v.OSV.ID] = true
@@ -278,7 +273,7 @@
`, idx, id, indent(details, 2), callstack, found, fixed, platforms, id)
}
-func foundVersion(modulePath, pkgPath string, ci *govulncheck.CallInfo) string {
+func foundVersion(modulePath, pkgPath string, ci *CallInfo) string {
var found string
if v := ci.ModuleVersions[modulePath]; v != "" {
found = packageVersionString(pkgPath, v[1:])
@@ -287,18 +282,18 @@
}
func fixedVersion(pkgPath string, affected []osv.Affected) string {
- fixed := govulncheck.LatestFixed(affected)
+ fixed := LatestFixed(affected)
if fixed != "" {
fixed = packageVersionString(pkgPath, fixed)
}
return fixed
}
-func defaultCallStacks(vg []*vulncheck.Vuln, ci *govulncheck.CallInfo) string {
+func defaultCallStacks(vg []*vulncheck.Vuln, ci *CallInfo) string {
var summaries []string
for _, v := range vg {
if css := ci.CallStacks[v]; len(css) > 0 {
- if sum := govulncheck.SummarizeCallStack(css[0], ci.TopPackages, v.PkgPath); sum != "" {
+ if sum := SummarizeCallStack(css[0], ci.TopPackages, v.PkgPath); sum != "" {
summaries = append(summaries, strings.TrimSpace(sum))
}
}
@@ -315,7 +310,7 @@
return b.String()
}
-func verboseCallStacks(vg []*vulncheck.Vuln, ci *govulncheck.CallInfo) string {
+func verboseCallStacks(vg []*vulncheck.Vuln, ci *CallInfo) string {
// Display one full call stack for each vuln.
i := 1
nMore := 0
@@ -327,8 +322,8 @@
}
b.WriteString(fmt.Sprintf("#%d: for function %s\n", i, v.Symbol))
for _, e := range css[0] {
- b.WriteString(fmt.Sprintf(" %s\n", govulncheck.FuncName(e.Function)))
- if pos := govulncheck.AbsRelShorter(govulncheck.FuncPos(e.Call)); pos != "" {
+ b.WriteString(fmt.Sprintf(" %s\n", FuncName(e.Function)))
+ if pos := AbsRelShorter(FuncPos(e.Call)); pos != "" {
b.WriteString(fmt.Sprintf(" %s\n", pos))
}
}
diff --git a/cmd/govulncheck/govulnchecklib/main_test.go b/internal/govulncheck/main_test.go
similarity index 96%
rename from cmd/govulncheck/govulnchecklib/main_test.go
rename to internal/govulncheck/main_test.go
index 703d5fb..c325712 100644
--- a/cmd/govulncheck/govulnchecklib/main_test.go
+++ b/internal/govulncheck/main_test.go
@@ -2,13 +2,12 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-package govulnchecklib
+package govulncheck
import (
"testing"
"github.com/google/go-cmp/cmp"
- "golang.org/x/vuln/internal/govulncheck"
"golang.org/x/vuln/osv"
)
@@ -100,7 +99,7 @@
},
} {
t.Run(test.name, func(t *testing.T) {
- got := govulncheck.LatestFixed(test.in)
+ got := LatestFixed(test.in)
if got != test.want {
t.Errorf("got %q, want %q", got, test.want)
}
diff --git a/cmd/govulncheck/govulnchecklib/stdlib.go b/internal/govulncheck/stdlib.go
similarity index 98%
rename from cmd/govulncheck/govulnchecklib/stdlib.go
rename to internal/govulncheck/stdlib.go
index ccd276d..3edc5d0 100644
--- a/cmd/govulncheck/govulnchecklib/stdlib.go
+++ b/internal/govulncheck/stdlib.go
@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-package govulnchecklib
+package govulncheck
import (
"fmt"
diff --git a/cmd/govulncheck/govulnchecklib/summary.go b/internal/govulncheck/summary.go
similarity index 87%
rename from cmd/govulncheck/govulnchecklib/summary.go
rename to internal/govulncheck/summary.go
index be68f0a..e251426 100644
--- a/cmd/govulncheck/govulnchecklib/summary.go
+++ b/internal/govulncheck/summary.go
@@ -2,10 +2,9 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-package govulnchecklib
+package govulncheck
import (
- "golang.org/x/vuln/internal/govulncheck"
"golang.org/x/vuln/osv"
"golang.org/x/vuln/vulncheck"
)
@@ -47,7 +46,7 @@
}
// summary summarize the analysis result.
-func summary(ci *govulncheck.CallInfo, unaffected []*vulncheck.Vuln) Summary {
+func summary(ci *CallInfo, unaffected []*vulncheck.Vuln) Summary {
var affecting, unaffecting []Vuln
for _, vg := range ci.VulnGroups {
// All the vulns in vg have the same PkgPath, ModPath and OSV.
@@ -79,7 +78,7 @@
}
}
-func summarizeCallStacks(vg []*vulncheck.Vuln, ci *govulncheck.CallInfo) []Trace {
+func summarizeCallStacks(vg []*vulncheck.Vuln, ci *CallInfo) []Trace {
cs := make([]Trace, 0, len(vg))
// report one full call stack for each vuln.
for _, v := range vg {
@@ -90,13 +89,13 @@
stack := make([]StackEntry, 0, len(css))
for _, e := range css[0] {
stack = append(stack, StackEntry{
- FuncName: govulncheck.FuncName(e.Function),
- CallSite: govulncheck.FuncPos(e.Call),
+ FuncName: FuncName(e.Function),
+ CallSite: FuncPos(e.Call),
})
}
cs = append(cs, Trace{
Symbol: v.Symbol,
- Desc: govulncheck.SummarizeCallStack(css[0], ci.TopPackages, v.PkgPath),
+ Desc: SummarizeCallStack(css[0], ci.TopPackages, v.PkgPath),
Stack: stack,
Seen: len(css),
})