internal/govulncheck: rename and document fields in Config
Analysis is renamed to AnalysisType.
OutputFormat is renamed to OutputType.
The options for each type is now documented.
Change-Id: I7dd22ce9a5dd932a5fb44cc84d73da772ddebae4
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/437779
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Jonathan Amsterdam <jba@google.com>
Run-TryBot: Julie Qiu <julieqiu@google.com>
Auto-Submit: Julie Qiu <julieqiu@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
diff --git a/cmd/govulncheck/main.go b/cmd/govulncheck/main.go
index 74e943d..d1d62d9 100644
--- a/cmd/govulncheck/main.go
+++ b/cmd/govulncheck/main.go
@@ -74,8 +74,8 @@
}
govulncheck.Run(govulncheck.Config{
- Analysis: mode,
- OutputFormat: outputType,
+ AnalysisType: mode,
+ OutputType: outputType,
Patterns: patterns,
SourceLoadConfig: packages.Config{
Dir: filepath.FromSlash(dirFlag),
diff --git a/internal/govulncheck/config.go b/internal/govulncheck/config.go
index 0b5e76b..db15407 100644
--- a/internal/govulncheck/config.go
+++ b/internal/govulncheck/config.go
@@ -7,29 +7,43 @@
import "golang.org/x/tools/go/packages"
const (
+ // analysisBinary is used for binary analysis with vulncheck.Binary.
analysisBinary = "binary"
+
+ // analysisSource is used for source code analysis with vulncheck.Source.
analysisSource = "source"
+)
- formatJSON = "json"
- formatSummary = "summary"
- formatText = "text"
- formatVerbose = "verbose"
+const (
+ // outputText is the default output type for `govulncheck`.
+ outputText = "text"
+ // outputVerbose is the output type for `govulncheck -v`.
+ outputVerbose = "verbose"
+
+ // outputJSON is the output type for `govulncheck -json`, which will print
+ // the JSON-encoded vulncheck.Result.
+ outputJSON = "json"
+
+ // outputSummary is the output type for `govulncheck -summary-json`, which
+ // will print the JSON-encoded govulncheck.Summary.
+ //
+ // This is only meant by use for experimental with gopls.
+ outputSummary = "summary"
+)
+
+const (
envGOVULNDB = "GOVULNDB"
-
- vulndbHost = "https://vuln.go.dev"
+ vulndbHost = "https://vuln.go.dev"
)
// Config is the configuration for Main.
type Config struct {
- // Analysis specifies the vulncheck analysis type. Valid types are "source" and "binary"
- Analysis string
- // OutputFormat specifies the result type. Valid types are:
- // "text": print human readable compact text output to STDOUT.
- // "verbose": print human readable verbose text output to STDOUT.
- // "json": print JSON-encoded vulncheck.Result.
- // "summary": print JSON-encoded Summary.
- OutputFormat string
+ // AnalysisType specifies the vulncheck analysis type.
+ AnalysisType string
+
+ // OutputType specifies the output format type.
+ OutputType string
// Patterns are either the binary path for "binary" analysis mode, or
// go package patterns for "source" analysis mode.
diff --git a/internal/govulncheck/run.go b/internal/govulncheck/run.go
index 853f551..335f162 100644
--- a/internal/govulncheck/run.go
+++ b/internal/govulncheck/run.go
@@ -36,8 +36,8 @@
vcfg := &vulncheck.Config{Client: dbClient, SourceGoVersion: goVersion()}
patterns := cfg.Patterns
- format := cfg.OutputFormat
- if format == formatText || format == formatVerbose {
+ format := cfg.OutputType
+ if format == outputText || format == outputVerbose {
fmt.Printf(`govulncheck is an experimental tool. Share feedback at https://go.dev/s/govulncheck-feedback.
Scanning for dependencies with known vulnerabilities...
@@ -49,7 +49,7 @@
unaffected []*vulncheck.Vuln
ctx = context.Background()
)
- switch cfg.Analysis {
+ switch cfg.AnalysisType {
case analysisBinary:
f, err := os.Open(patterns[0])
if err != nil {
@@ -85,25 +85,25 @@
unaffected = filterUnaffected(r)
r.Vulns = filterCalled(r)
default:
- die("govulncheck: invalid analysis mode %q", cfg.Analysis)
+ die("govulncheck: invalid analysis mode %q", cfg.AnalysisType)
}
switch format {
- case formatJSON:
+ case outputJSON:
// Following golang.org/x/tools/go/analysis/singlechecker,
// return 0 exit code in -json mode.
writeJSON(r)
os.Exit(0)
- case formatText, formatVerbose:
+ case outputText, outputVerbose:
// set of top-level packages, used to find representative symbols
ci := GetCallInfo(r, pkgs)
- writeText(r, ci, unaffected, format == formatVerbose)
- case formatSummary:
+ writeText(r, ci, unaffected, format == outputVerbose)
+ case outputSummary:
ci := GetCallInfo(r, pkgs)
writeJSON(summary(ci, unaffected))
os.Exit(0)
default:
- die("govulncheck: unrecognized output type %q", cfg.OutputFormat)
+ die("govulncheck: unrecognized output type %q", cfg.OutputType)
}
// Following golang.org/x/tools/go/analysis/singlechecker,
