all: run lint tests in parallel
Also fix some spelling errors which were causing test failures.
Change-Id: I4f4ad5d2cba805dcba8908f09653710e19ace4ea
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/728720
Reviewed-by: Ethan Lee <ethanalee@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
diff --git a/all_test.go b/all_test.go
index 7e222c3..ee095d8 100644
--- a/all_test.go
+++ b/all_test.go
@@ -15,6 +15,7 @@
"runtime"
"sort"
"strings"
+ "sync"
"testing"
"time"
@@ -98,15 +99,17 @@
}
// Map from summaries to report paths, used to check for duplicate summaries.
- summaries := make(map[string]string)
+ summaries := sync.Map{}
sort.Strings(reports)
for _, filename := range reports {
t.Run(filename, func(t *testing.T) {
- r, err := report.Read(filename)
+ cFilename := filename // capture variable so we can run tests in parallel safely
+ t.Parallel()
+ r, err := report.Read(cFilename)
if err != nil {
t.Fatal(err)
}
- if err := r.CheckFilename(filename); err != nil {
+ if err := r.CheckFilename(cFilename); err != nil {
t.Error(err)
}
lints := lint(r)
@@ -122,15 +125,14 @@
}
}
for r2, aliases := range duplicates {
- t.Errorf("report %s shares duplicate alias(es) %s with report %s", filename, aliases, r2)
+ t.Errorf("report %s shares duplicate alias(es) %s with report %s", cFilename, aliases, r2)
}
// Ensure that each reviewed report has a unique summary.
if r.IsReviewed() {
if summary := r.Summary.String(); summary != "" {
- if report, ok := summaries[summary]; ok {
- t.Errorf("report %s shares duplicate summary %q with report %s", filename, summary, report)
- } else {
- summaries[summary] = filename
+ existingFile, loaded := summaries.LoadOrStore(summary, cFilename)
+ if loaded {
+ t.Errorf("report %s shares duplicate summary %q with report %s", cFilename, summary, existingFile)
}
}
}
@@ -141,7 +143,7 @@
if r.IsUnreviewed() && !r.IsExcluded() && !r.UnreviewedOK {
pr, _ := priority.AnalyzeReport(r, rc, modulesToImports)
if pr.Priority == priority.High {
- t.Errorf("UNREVIEWED report %s is high priority (should be NEEDS_REVIEW or REVIEWED) - reason: %s", filename, pr.Reason)
+ t.Errorf("UNREVIEWED report %s is high priority (should be NEEDS_REVIEW or REVIEWED) - reason: %s", cFilename, pr.Reason)
}
}
// Check that a correct OSV file was generated for each YAML report.
diff --git a/data/cve/v5/GO-2025-4006.json b/data/cve/v5/GO-2025-4006.json
index a77bb0b..ca5b39d 100644
--- a/data/cve/v5/GO-2025-4006.json
+++ b/data/cve/v5/GO-2025-4006.json
@@ -13,7 +13,7 @@
"descriptions": [
{
"lang": "en",
- "value": "The ParseAddress function constructeds domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption."
+ "value": "The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption."
}
],
"affected": [
diff --git a/data/osv/GO-2025-4006.json b/data/osv/GO-2025-4006.json
index 4df4ef1..cbf365c 100644
--- a/data/osv/GO-2025-4006.json
+++ b/data/osv/GO-2025-4006.json
@@ -8,7 +8,7 @@
"CVE-2025-61725"
],
"summary": "Excessive CPU consumption in ParseAddress in net/mail",
- "details": "The ParseAddress function constructeds domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption.",
+ "details": "The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption.",
"affected": [
{
"package": {
diff --git a/data/osv/GO-2025-4177.json b/data/osv/GO-2025-4177.json
index e54a312..7ecba28 100644
--- a/data/osv/GO-2025-4177.json
+++ b/data/osv/GO-2025-4177.json
@@ -7,8 +7,8 @@
"CVE-2025-64750",
"GHSA-wwrx-w7c9-rf87"
],
- "summary": "Singluarity ineffectively applies of selinux / apparmor LSM process labels in github.com/sylabs/singularity",
- "details": "Singluarity ineffectively applies of selinux / apparmor LSM process labels in github.com/sylabs/singularity.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/sylabs/singularity/v4 before v4.1.11.",
+ "summary": "Singularity ineffectively applies of selinux / apparmor LSM process labels in github.com/sylabs/singularity",
+ "details": "Singularity ineffectively applies of selinux / apparmor LSM process labels in github.com/sylabs/singularity.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/sylabs/singularity/v4 before v4.1.11.",
"affected": [
{
"package": {
diff --git a/data/reports/GO-2025-4006.yaml b/data/reports/GO-2025-4006.yaml
index dd7123b..2dedb60 100644
--- a/data/reports/GO-2025-4006.yaml
+++ b/data/reports/GO-2025-4006.yaml
@@ -18,7 +18,7 @@
- ParseAddressList
summary: Excessive CPU consumption in ParseAddress in net/mail
description: |-
- The ParseAddress function constructeds domain-literal address components
+ The ParseAddress function constructs domain-literal address components
through repeated string concatenation. When parsing large domain-literal
components, this can cause excessive CPU consumption.
cves:
diff --git a/data/reports/GO-2025-4177.yaml b/data/reports/GO-2025-4177.yaml
index f3d9aff..55fd55e 100644
--- a/data/reports/GO-2025-4177.yaml
+++ b/data/reports/GO-2025-4177.yaml
@@ -8,7 +8,7 @@
non_go_versions:
- fixed: 4.1.11
vulnerable_at: 4.3.5
-summary: Singluarity ineffectively applies of selinux / apparmor LSM process labels in github.com/sylabs/singularity
+summary: Singularity ineffectively applies of selinux / apparmor LSM process labels in github.com/sylabs/singularity
cves:
- CVE-2025-64750
ghsas:
