add a github actions config (#985)

* add a github actions config * fix(log): Don't create a log dir when testing * remove a meaningless test case * Thanks for everything, Mr, Travys. * add golangci * add goreleaser.yml * add tidy.yml * add golang-ci * fix many lint warnings
2020-05-27 20:11:24 +09:00
parent 2374f578ed
commit 62c9409fe9
32 changed files with 233 additions and 216 deletions
--- a/.github/workflows/golangci.yml
+++ b/.github/workflows/golangci.yml
@@ -0,0 +1,28 @@
+name: golangci-lint
+on:
+  push:
+    tags:
+      - v*
+    branches:
+      - master
+  pull_request:
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v1
+        with:
+          # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.
+          version: v1.26
+          
+          # Optional: working directory, useful for monorepos
+          # working-directory: somedir
+
+          # Optional: golangci-lint command line arguments.
+          # args: --issues-exit-code=0
+
+          # Optional: show only new issues if it's a pull request. The default value is `false`.
+          # only-new-issues: true
--- a/.github/workflows/goreleaser.yml
+++ b/.github/workflows/goreleaser.yml
@@ -0,0 +1,31 @@
+name: goreleaser
+
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Unshallow
+        run: git fetch --prune --unshallow
+      -
+        name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.14
+      -
+        name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v2
+        with:
+          version: latest
+          args: release --rm-dist
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -0,0 +1,21 @@
+name: Test
+
+on: [pull_request]
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+
+    - name: Set up Go 1.x
+      uses: actions/setup-go@v2
+      with:
+        go-version: 1.14.x
+      id: go
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v2
+
+    - name: Test
+      run: make test
--- a/.github/workflows/tidy.yml
+++ b/.github/workflows/tidy.yml
@@ -0,0 +1,22 @@
+name: go-mod-tidy-pr
+
+on:
+  schedule:
+    - cron: "0 0 * * 1" # Weekly build
+
+jobs:
+  go-mod-tidy-pr:
+    name: go-mod-tidy-pr
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Run go-mod-tidy-pr
+        uses: sue445/go-mod-tidy-pr@master
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          git_user_name: kotakanbe
+          git_user_email: kotakanbe@gmail.com
+          go_version: 1.14.x
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -0,0 +1,15 @@
+linters-settings:
+  errcheck:
+    #exclude: /path/to/file.txt
+
+linters:
+  disable-all: true
+  enable:
+    - goimports
+    - golint
+    - govet
+    - misspell
+    - errcheck
+    - staticcheck
+    - prealloc
+    - ineffassign
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,7 +0,0 @@
-language: go
-
-go:
-  - "1.13.x"
-
-after_success:
-  - test -n "$TRAVIS_TAG" && curl -sL https://git.io/goreleaser | bash
--- a/cache/bolt_test.go
+++ b/cache/bolt_test.go
@@ -46,7 +46,7 @@ func TestSetupBolt(t *testing.T) {
 		t.Errorf("Failed to open bolt: %s", err)
 	}

-	db.View(func(tx *bolt.Tx) error {
+	_ = db.View(func(tx *bolt.Tx) error {
 		bkt := tx.Bucket([]byte(metabucket))
 		if bkt == nil {
 			t.Errorf("Meta bucket nof found")
@@ -87,7 +87,7 @@ func TestEnsureBuckets(t *testing.T) {
 	if err != nil {
 		t.Errorf("Failed to open bolt: %s", err)
 	}
-	db.View(func(tx *bolt.Tx) error {
+	_ = db.View(func(tx *bolt.Tx) error {
 		bkt := tx.Bucket([]byte(servername))
 		if bkt == nil {
 			t.Errorf("Meta bucket nof found")
--- a/github/github.go
+++ b/github/github.go
@@ -58,7 +58,7 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (
 		}

 		alerts := SecurityAlerts{}
-		if json.Unmarshal(body, &alerts); err != nil {
+		if err := json.Unmarshal(body, &alerts); err != nil {
 			return 0, err
 		}

--- a/gost/microsoft.go
+++ b/gost/microsoft.go
@@ -18,7 +18,7 @@ func (ms Microsoft) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (n
 	if driver == nil {
 		return 0, nil
 	}
-	var cveIDs []string
+	cveIDs := []string{}
 	for cveID := range r.ScannedCves {
 		cveIDs = append(cveIDs, cveID)
 	}
@@ -72,7 +72,7 @@ func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveCont
 	if 0 < len(cve.Workaround) {
 		option["workaround"] = cve.Workaround
 	}
-	var kbids []string
+	kbids := []string{}
 	for _, kbid := range cve.KBIDs {
 		kbids = append(kbids, kbid.KBID)
 	}
--- a/gost/pseudo.go
+++ b/gost/pseudo.go
@@ -1,9 +1,10 @@
 package gost

 import (
+	"strings"
+
 	"github.com/future-architect/vuls/models"
 	"github.com/knqyf263/gost/db"
-	"strings"
 )

 // Pseudo is Gost client except for RedHat family and Debian
--- a/gost/redhat.go
+++ b/gost/redhat.go
@@ -23,7 +23,7 @@ func (red RedHat) DetectUnfixed(driver db.DB, r *models.ScanResult, ignoreWillNo
 }

 func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
-	var cveIDs []string
+	cveIDs := []string{}
 	for cveID, vuln := range r.ScannedCves {
 		if _, ok := vuln.CveContents[models.RedHatAPI]; ok {
 			continue
@@ -139,8 +139,7 @@ func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult, ignoreWillNotF
 		}
 		for _, pack := range r.Packages {
 			// CVE-ID: RedhatCVE
-			cves := map[string]gostmodels.RedhatCVE{}
-			cves = driver.GetUnfixedCvesRedhat(major(r.Release), pack.Name, ignoreWillNotFix)
+			cves := driver.GetUnfixedCvesRedhat(major(r.Release), pack.Name, ignoreWillNotFix)
 			for _, cve := range cves {
 				cveCont := red.ConvertToModel(&cve)
 				v, ok := r.ScannedCves[cve.Name]
@@ -245,7 +244,7 @@ func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) *models.CveContent {
 		v3severity = cve.ThreatSeverity
 	}

-	var refs []models.Reference
+	refs := []models.Reference{}
 	for _, r := range cve.References {
 		refs = append(refs, models.Reference{Link: r.Reference})
 	}
--- a/models/library.go
+++ b/models/library.go
@@ -45,7 +45,7 @@ func (s LibraryScanner) Scan() ([]VulnInfo, error) {
 		return nil, xerrors.New("unknown file type")
 	}

-	var vulnerabilities []VulnInfo
+	var vulnerabilities = []VulnInfo{}
 	for _, pkg := range s.Libs {
 		v, err := version.NewVersion(pkg.Version)
 		if err != nil {
--- a/models/library_test.go
+++ b/models/library_test.go
@@ -4,56 +4,9 @@ import (
 	"reflect"
 	"testing"

-	"github.com/aquasecurity/trivy-db/pkg/db"
-	"github.com/aquasecurity/trivy/pkg/log"
 	"github.com/aquasecurity/trivy/pkg/types"
-	"github.com/aquasecurity/trivy/pkg/utils"
 )

-func TestScan(t *testing.T) {
-	var tests = []struct {
-		path string
-		pkgs []types.Library
-	}{
-		{
-			path: "app/package-lock.json",
-			pkgs: []types.Library{
-				{
-					Name:    "jquery",
-					Version: "2.2.4",
-				},
-				{
-					Name:    "@babel/traverse",
-					Version: "7.4.4",
-				},
-			},
-		},
-	}
-
-	if err := log.InitLogger(false, false); err != nil {
-		t.Errorf("trivy logger failed")
-	}
-
-	cacheDir := utils.DefaultCacheDir()
-	if err := db.Init(cacheDir); err != nil {
-		t.Errorf("trivy db.Init failed")
-	}
-	for _, v := range tests {
-		lib := LibraryScanner{
-			Path: v.path,
-			Libs: v.pkgs,
-		}
-		actual, err := lib.Scan()
-		if err != nil {
-			t.Errorf("error occurred")
-		}
-		if len(actual) == 0 {
-			t.Errorf("no vuln found : actual: %v\n", actual)
-		}
-	}
-	db.Close()
-}
-
 func TestLibraryScanners_Find(t *testing.T) {
 	type args struct {
 		name string
--- a/models/scanresults.go
+++ b/models/scanresults.go
@@ -195,7 +195,7 @@ func (r ScanResult) FilterUnfixed() ScanResult {

 // FilterIgnorePkgs is filter function.
 func (r ScanResult) FilterIgnorePkgs() ScanResult {
-	ignorePkgsRegexps := []string{}
+	var ignorePkgsRegexps []string
 	if len(r.Container.Name) == 0 {
 		ignorePkgsRegexps = config.Conf.Servers[r.ServerName].IgnorePkgsRegexp
 	} else {
--- a/models/utils.go
+++ b/models/utils.go
@@ -6,60 +6,18 @@ import (
 	cvedict "github.com/kotakanbe/go-cve-dictionary/models"
 )

-// ConvertNvdXMLToModel convert NVD to CveContent
-func ConvertNvdXMLToModel(cveID string, nvd *cvedict.NvdXML) *CveContent {
-	if nvd == nil {
-		return nil
-	}
-	var cpes []Cpe
-	for _, c := range nvd.Cpes {
-		cpes = append(cpes, Cpe{
-			FormattedString: c.FormattedString,
-			URI:             c.URI,
-		})
-	}
-
-	var refs []Reference
-	for _, r := range nvd.References {
-		refs = append(refs, Reference{
-			Link:   r.Link,
-			Source: r.Source,
-		})
-	}
-
-	cweIDs := []string{}
-	for _, cid := range nvd.Cwes {
-		cweIDs = append(cweIDs, cid.CweID)
-	}
-
-	return &CveContent{
-		Type:          Nvd,
-		CveID:         cveID,
-		Summary:       nvd.Summary,
-		Cvss2Score:    nvd.Cvss2.BaseScore,
-		Cvss2Vector:   nvd.Cvss2.VectorString,
-		Cvss2Severity: nvd.Cvss2.Severity,
-		SourceLink:    "https://nvd.nist.gov/vuln/detail/" + cveID,
-		// Cpes:          cpes,
-		CweIDs:       cweIDs,
-		References:   refs,
-		Published:    nvd.PublishedDate,
-		LastModified: nvd.LastModifiedDate,
-	}
-}
-
 // ConvertJvnToModel convert JVN to CveContent
 func ConvertJvnToModel(cveID string, jvn *cvedict.Jvn) *CveContent {
 	if jvn == nil {
 		return nil
 	}
-	var cpes []Cpe
-	for _, c := range jvn.Cpes {
-		cpes = append(cpes, Cpe{
-			FormattedString: c.FormattedString,
-			URI:             c.URI,
-		})
-	}
+	// var cpes = []Cpe{}
+	// for _, c := range jvn.Cpes {
+	// 	cpes = append(cpes, Cpe{
+	// 		FormattedString: c.FormattedString,
+	// 		URI:             c.URI,
+	// 	})
+	// }

 	refs := []Reference{}
 	for _, r := range jvn.References {
@@ -93,15 +51,15 @@ func ConvertNvdJSONToModel(cveID string, nvd *cvedict.NvdJSON) *CveContent {
 	if nvd == nil {
 		return nil
 	}
-	var cpes []Cpe
-	for _, c := range nvd.Cpes {
-		cpes = append(cpes, Cpe{
-			FormattedString: c.FormattedString,
-			URI:             c.URI,
-		})
-	}
+	// var cpes = []Cpe{}
+	// for _, c := range nvd.Cpes {
+	// 	cpes = append(cpes, Cpe{
+	// 		FormattedString: c.FormattedString,
+	// 		URI:             c.URI,
+	// 	})
+	// }

-	var refs []Reference
+	var refs = []Reference{}
 	for _, r := range nvd.References {
 		refs = append(refs, Reference{
 			Link:   r.Link,
--- a/models/vulninfos.go
+++ b/models/vulninfos.go
@@ -644,15 +644,6 @@ func (c Cvss) Format() string {
 	return ""
 }

-func cvss2ScoreToSeverity(score float64) string {
-	if 7.0 <= score {
-		return "HIGH"
-	} else if 4.0 <= score {
-		return "MEDIUM"
-	}
-	return "LOW"
-}
-
 // Amazon Linux Security Advisory
 // Critical, Important, Medium, Low
 // https://alas.aws.amazon.com/
--- a/oval/debian.go
+++ b/oval/debian.go
@@ -76,7 +76,7 @@ func (o DebianBase) update(r *models.ScanResult, defPacks defPacks) {
 }

 func (o DebianBase) convertToModel(def *ovalmodels.Definition) *models.CveContent {
-	var refs []models.Reference
+	refs := []models.Reference{}
 	for _, r := range def.References {
 		refs = append(refs, models.Reference{
 			Link:   r.RefURL,
--- a/oval/suse.go
+++ b/oval/suse.go
@@ -86,7 +86,7 @@ func (o SUSE) update(r *models.ScanResult, defPacks defPacks) {
 }

 func (o SUSE) convertToModel(def *ovalmodels.Definition) *models.CveContent {
-	var refs []models.Reference
+	refs := []models.Reference{}
 	for _, r := range def.References {
 		refs = append(refs, models.Reference{
 			Link:   r.RefURL,
--- a/report/email.go
+++ b/report/email.go
@@ -54,14 +54,15 @@ func (w EMailWriter) Write(rs ...models.ScanResult) (err error) {
 			}
 		}
 	}
-	summary := ""
+	var summary string
 	if config.Conf.IgnoreUnscoredCves {
 		summary = fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d)",
 			m["High"]+m["Medium"]+m["Low"], m["High"], m["Medium"], m["Low"])
+	} else {
+		summary = fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d ?:%d)",
+			m["High"]+m["Medium"]+m["Low"]+m["Unknown"],
+			m["High"], m["Medium"], m["Low"], m["Unknown"])
 	}
-	summary = fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d ?:%d)",
-		m["High"]+m["Medium"]+m["Low"]+m["Unknown"],
-		m["High"], m["Medium"], m["Low"], m["Unknown"])
 	origmessage := message
 	if conf.FormatOneEMail {
 		message = fmt.Sprintf("One Line Summary\r\n================\r\n%s", formatOneLineSummary(rs...))
--- a/report/http.go
+++ b/report/http.go
@@ -17,7 +17,9 @@ type HTTPRequestWriter struct{}
 func (w HTTPRequestWriter) Write(rs ...models.ScanResult) (err error) {
 	for _, r := range rs {
 		b := new(bytes.Buffer)
-		json.NewEncoder(b).Encode(r)
+		if err := json.NewEncoder(b).Encode(r); err != nil {
+			return err
+		}
 		_, err = http.Post(c.Conf.HTTP.URL, "application/json; charset=utf-8", b)
 		if err != nil {
 			return err
--- a/report/report.go
+++ b/report/report.go
@@ -213,7 +213,7 @@ func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, igno

 // fillCveDetail fetches NVD, JVN from CVE Database
 func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error {
-	var cveIDs []string
+	cveIDs := []string{}
 	for _, v := range r.ScannedCves {
 		cveIDs = append(cveIDs, v.CveID)
 	}
@@ -224,9 +224,6 @@ func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error {
 	}
 	for _, d := range ds {
 		nvd := models.ConvertNvdJSONToModel(d.CveID, d.NvdJSON)
-		if nvd == nil {
-			nvd = models.ConvertNvdXMLToModel(d.CveID, d.NvdXML)
-		}
 		jvn := models.ConvertJvnToModel(d.CveID, d.Jvn)

 		alerts := fillCertAlerts(&d)
@@ -533,6 +530,7 @@ func EnsureUUIDs(configPath string, results models.ScanResults) (err error) {
 		return results[i].ServerName < results[j].ServerName
 	})

+	re := regexp.MustCompile(reUUID)
 	for i, r := range results {
 		server := c.Conf.Servers[r.ServerName]
 		if server.UUIDs == nil {
@@ -554,8 +552,8 @@ func EnsureUUIDs(configPath string, results models.ScanResults) (err error) {
 		}

 		if id, ok := server.UUIDs[name]; ok {
-			matched, err := regexp.MatchString(reUUID, id)
-			if !matched || err != nil {
+			ok := re.MatchString(id)
+			if !ok || err != nil {
 				util.Log.Warnf("UUID is invalid. Re-generate UUID %s: %s", id, err)
 			} else {
 				if r.IsContainer() {
--- a/report/s3.go
+++ b/report/s3.go
@@ -23,16 +23,24 @@ import (
 // S3Writer writes results to S3
 type S3Writer struct{}

-func getS3() *s3.S3 {
-	Config := &aws.Config{
+func getS3() (*s3.S3, error) {
+	ses, err := session.NewSession()
+	if err != nil {
+		return nil, err
+	}
+	config := &aws.Config{
 		Region: aws.String(c.Conf.AWS.Region),
 		Credentials: credentials.NewChainCredentials([]credentials.Provider{
 			&credentials.EnvProvider{},
 			&credentials.SharedCredentialsProvider{Filename: "", Profile: c.Conf.AWS.Profile},
-			&ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(session.New())},
+			&ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(ses)},
 		}),
 	}
-	return s3.New(session.New(Config))
+	s, err := session.NewSession(config)
+	if err != nil {
+		return nil, err
+	}
+	return s3.New(s), nil
 }

 // Write results to S3
@@ -42,7 +50,10 @@ func (w S3Writer) Write(rs ...models.ScanResult) (err error) {
 		return nil
 	}

-	svc := getS3()
+	svc, err := getS3()
+	if err != nil {
+		return err
+	}

 	if c.Conf.FormatOneLineText {
 		timestr := rs[0].ScannedAt.Format(time.RFC3339)
@@ -99,7 +110,11 @@ func (w S3Writer) Write(rs ...models.ScanResult) (err error) {

 // CheckIfBucketExists check the existence of S3 bucket
 func CheckIfBucketExists() error {
-	svc := getS3()
+	svc, err := getS3()
+	if err != nil {
+		return err
+	}
+
 	result, err := svc.ListBuckets(&s3.ListBucketsInput{})
 	if err != nil {
 		return xerrors.Errorf(
--- a/report/slack.go
+++ b/report/slack.go
@@ -16,12 +16,6 @@ import (
 	"golang.org/x/xerrors"
 )

-type field struct {
-	Title string `json:"title"`
-	Value string `json:"value"`
-	Short bool   `json:"short"`
-}
-
 type message struct {
 	Text        string             `json:"text"`
 	Username    string             `json:"username"`
--- a/report/syslog.go
+++ b/report/syslog.go
@@ -28,7 +28,7 @@ func (w SyslogWriter) Write(rs ...models.ScanResult) (err error) {
 	for _, r := range rs {
 		messages := w.encodeSyslog(r)
 		for _, m := range messages {
-			if _, err = fmt.Fprintf(sysLog, m); err != nil {
+			if _, err = fmt.Fprint(sysLog, m); err != nil {
 				return err
 			}
 		}
--- a/report/tui.go
+++ b/report/tui.go
@@ -101,7 +101,6 @@ func keybindings(g *gocui.Gui) (err error) {
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeySpace, gocui.ModNone, cursorPageDown))
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeyBackspace, gocui.ModNone, cursorPageUp))
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeyBackspace2, gocui.ModNone, cursorPageUp))
-	//  errs = append(errs, g.SetKeybinding("summary", gocui.KeyCtrlM, gocui.ModNone, cursorMoveMiddle))
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeyEnter, gocui.ModNone, nextView))
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeyCtrlN, gocui.ModNone, nextSummary))
 	errs = append(errs, g.SetKeybinding("summary", gocui.KeyCtrlP, gocui.ModNone, previousSummary))
@@ -169,7 +168,7 @@ func nextView(g *gocui.Gui, v *gocui.View) error {
 	var err error

 	if v == nil {
-		err = g.SetCurrentView("side")
+		return g.SetCurrentView("side")
 	}
 	switch v.Name() {
 	case "side":
@@ -190,7 +189,7 @@ func previousView(g *gocui.Gui, v *gocui.View) error {
 	var err error

 	if v == nil {
-		err = g.SetCurrentView("side")
+		return g.SetCurrentView("side")
 	}
 	switch v.Name() {
 	case "side":
@@ -283,31 +282,15 @@ func cursorDown(g *gocui.Gui, v *gocui.View) error {
 				return err
 			}
 		}
-		onMovingCursorRedrawView(g, v)
+		err := onMovingCursorRedrawView(g, v)
+		if err != nil {
+			return err
+		}
 	}

 	cx, cy := v.Cursor()
 	ox, oy := v.Origin()
-	debug(g, fmt.Sprintf("%v, %v, %v, %v", cx, cy, ox, oy))
-	return nil
-}
-
-func cursorMoveTop(g *gocui.Gui, v *gocui.View) error {
-	if v != nil {
-		cx, _ := v.Cursor()
-		v.SetCursor(cx, 0)
-	}
-	onMovingCursorRedrawView(g, v)
-	return nil
-}
-
-func cursorMoveBottom(g *gocui.Gui, v *gocui.View) error {
-	if v != nil {
-		_, maxY := v.Size()
-		cx, _ := v.Cursor()
-		v.SetCursor(cx, maxY-1)
-	}
-	onMovingCursorRedrawView(g, v)
+	_ = debug(g, fmt.Sprintf("%v, %v, %v, %v", cx, cy, ox, oy))
 	return nil
 }

@@ -315,9 +298,13 @@ func cursorMoveMiddle(g *gocui.Gui, v *gocui.View) error {
 	if v != nil {
 		_, maxY := v.Size()
 		cx, _ := v.Cursor()
-		v.SetCursor(cx, maxY/2)
+		if err := v.SetCursor(cx, maxY/2); err != nil {
+			return err
+		}
+	}
+	if err := onMovingCursorRedrawView(g, v); err != nil {
+		return err
 	}
-	onMovingCursorRedrawView(g, v)
 	return nil
 }

@@ -332,23 +319,25 @@ func cursorPageDown(g *gocui.Gui, v *gocui.View) error {

 		if !ok {
 			if yLimit < maxY {
-				v.SetCursor(cx, yLimit)
+				_ = v.SetCursor(cx, yLimit)
 			} else {
-				v.SetCursor(cx, maxY-1)
-				v.SetOrigin(ox, yLimit-maxY+1)
+				_ = v.SetCursor(cx, maxY-1)
+				_ = v.SetOrigin(ox, yLimit-maxY+1)
 			}
 		} else if yLimit < oy+jump+maxY {
 			if yLimit < maxY {
-				v.SetCursor(cx, yLimit)
+				_ = v.SetCursor(cx, yLimit)
 			} else {
-				v.SetOrigin(ox, yLimit-maxY+1)
-				v.SetCursor(cx, maxY-1)
+				_ = v.SetOrigin(ox, yLimit-maxY+1)
+				_ = v.SetCursor(cx, maxY-1)
 			}
 		} else {
-			v.SetCursor(cx, cy)
-			v.SetOrigin(ox, oy+jump)
+			_ = v.SetCursor(cx, cy)
+			if err := v.SetOrigin(ox, oy+jump); err != nil {
+				return err
+			}
 		}
-		onMovingCursorRedrawView(g, v)
+		_ = onMovingCursorRedrawView(g, v)
 	}
 	return nil
 }
@@ -363,7 +352,7 @@ func cursorUp(g *gocui.Gui, v *gocui.View) error {
 			}
 		}
 	}
-	onMovingCursorRedrawView(g, v)
+	_ = onMovingCursorRedrawView(g, v)
 	return nil
 }

@@ -373,11 +362,13 @@ func cursorPageUp(g *gocui.Gui, v *gocui.View) error {
 		cx, _ := v.Cursor()
 		ox, oy := v.Origin()
 		if err := v.SetOrigin(ox, oy-jump); err != nil {
-			v.SetOrigin(ox, 0)
-			v.SetCursor(cx, 0)
+			if err := v.SetOrigin(ox, 0); err != nil {
+				return err
+			}
+			_ = v.SetCursor(cx, 0)

 		}
-		onMovingCursorRedrawView(g, v)
+		_ = onMovingCursorRedrawView(g, v)
 	}
 	return nil
 }
@@ -544,10 +535,12 @@ func debug(g *gocui.Gui, str string) error {
 	if config.Conf.Debug {
 		maxX, maxY := g.Size()
 		if _, err := g.View("debug"); err != gocui.ErrUnknownView {
-			g.DeleteView("debug")
+			if err := g.DeleteView("debug"); err != nil {
+				return err
+			}
 		}
 		if v, err := g.SetView("debug", maxX/2-7, maxY/2, maxX/2+7, maxY/2+2); err != nil {
-			fmt.Fprintf(v, str)
+			fmt.Fprint(v, str)
 		}
 	}
 	return nil
@@ -584,7 +577,7 @@ func setSummaryLayout(g *gocui.Gui) error {
 		}

 		lines := summaryLines(currentScanResult)
-		fmt.Fprintf(v, lines)
+		fmt.Fprint(v, lines)

 		v.Highlight = true
 		v.Editable = false
@@ -720,8 +713,6 @@ func setChangelogLayout(g *gocui.Gui) error {
 						lines = append(lines, fmt.Sprintf("  * PID: %s %s Port: %s",
 							p.PID, p.Name, p.ListenPorts))
 					}
-				} else {
-					// lines = append(lines, fmt.Sprintf("  * No affected process"))
 				}
 			}
 		}
--- a/report/util.go
+++ b/report/util.go
@@ -608,7 +608,7 @@ func ListValidJSONDirs() (dirs []string, err error) {
 // Otherwise, returns the path of the latest directory
 func JSONDir(args []string) (string, error) {
 	var err error
-	dirs := []string{}
+	var dirs []string

 	if 0 < len(args) {
 		if dirs, err = ListValidJSONDirs(); err != nil {
--- a/scan/base.go
+++ b/scan/base.go
@@ -676,7 +676,7 @@ func (l *base) detectWpThemes() ([]models.WpPackage, error) {
 	}
 	err := json.Unmarshal([]byte(r.Stdout), &themes)
 	if err != nil {
-		return nil, xerrors.Errorf("Failed to unmarshal wp theme list: %w", cmd, err)
+		return nil, xerrors.Errorf("Failed to unmarshal wp theme list: %w", err)
 	}
 	for i := range themes {
 		themes[i].Type = models.WPTheme
--- a/scan/debian.go
+++ b/scan/debian.go
@@ -687,7 +687,7 @@ func (o *debian) scanChangelogs(updatablePacks models.Packages, meta *cache.Meta
 		return nil, xerrors.Errorf("errs: %w", errs)
 	}

-	var cveIDs []DetectedCveID
+	cveIDs := []DetectedCveID{}
 	for k := range cvePackages {
 		cveIDs = append(cveIDs, k)
 	}
--- a/scan/debian_test.go
+++ b/scan/debian_test.go
@@ -389,8 +389,8 @@ Calculating upgrade... Done
 		}
 		if len(tt.expected) != len(actual) {
 			t.Errorf("Result length is not as same as expected. expected: %d, actual: %d", len(tt.expected), len(actual))
-			pp.Println(tt.expected)
-			pp.Println(actual)
+			_, _ = pp.Println(tt.expected)
+			_, _ = pp.Println(actual)
 			return
 		}
 		for i := range tt.expected {
--- a/scan/freebsd.go
+++ b/scan/freebsd.go
@@ -189,7 +189,7 @@ func (o *bsd) scanUnsecurePackages() (models.VulnInfos, error) {
 		return nil, nil
 	}

-	var packAdtRslt []pkgAuditResult
+	packAdtRslt := []pkgAuditResult{}
 	blocks := o.splitIntoBlocks(r.Stdout)
 	for _, b := range blocks {
 		name, cveIDs, vulnID := o.parseBlock(b)
--- a/server/server.go
+++ b/server/server.go
@@ -41,7 +41,10 @@ func (h VulsHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		}
 	} else if mediatype == "text/plain" {
 		buf := new(bytes.Buffer)
-		io.Copy(buf, r.Body)
+		if _, err := io.Copy(buf, r.Body); err != nil {
+			http.Error(w, err.Error(), http.StatusBadRequest)
+			return
+		}
 		if result, err = scan.ViaHTTP(r.Header, buf.String()); err != nil {
 			util.Log.Error(err)
 			http.Error(w, err.Error(), http.StatusBadRequest)
--- a/util/logutil.go
+++ b/util/logutil.go
@@ -1,6 +1,7 @@
 package util

 import (
+	"flag"
 	"fmt"
 	"io/ioutil"
 	"os"
@@ -39,14 +40,14 @@ func NewCustomLogger(c config.ServerInfo) *logrus.Entry {
 		logDir = config.Conf.LogDir
 	}

-	if _, err := os.Stat(logDir); os.IsNotExist(err) {
-		if err := os.Mkdir(logDir, 0700); err != nil {
-			log.Errorf("Failed to create log directory. path: %s, err: %s", logDir, err)
-		}
-	}
-
 	// Only log to a file if quiet mode enabled
-	if config.Conf.Quiet {
+	if config.Conf.Quiet && flag.Lookup("test.v") == nil {
+		if _, err := os.Stat(logDir); os.IsNotExist(err) {
+			if err := os.Mkdir(logDir, 0700); err != nil {
+				log.Errorf("Failed to create log directory. path: %s, err: %s", logDir, err)
+			}
+		}
+
 		logFile := logDir + "/vuls.log"
 		if file, err := os.OpenFile(logFile, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0644); err == nil {
 			log.Out = file