From 62c9409fe92b9d255cfb924d6b3215d13446e324 Mon Sep 17 00:00:00 2001 From: Kota Kanbe Date: Wed, 27 May 2020 20:11:24 +0900 Subject: [PATCH] add a github actions config (#985) * add a github actions config * fix(log): Don't create a log dir when testing * remove a meaningless test case * Thanks for everything, Mr, Travys. * add golangci * add goreleaser.yml * add tidy.yml * add golang-ci * fix many lint warnings --- .github/workflows/golangci.yml | 28 +++++++++++ .github/workflows/goreleaser.yml | 31 +++++++++++++ .github/workflows/test.yml | 21 +++++++++ .github/workflows/tidy.yml | 22 +++++++++ .golangci.yml | 15 ++++++ .travis.yml | 7 --- cache/bolt_test.go | 4 +- github/github.go | 2 +- gost/microsoft.go | 4 +- gost/pseudo.go | 3 +- gost/redhat.go | 7 ++- models/library.go | 2 +- models/library_test.go | 47 ------------------- models/scanresults.go | 2 +- models/utils.go | 72 ++++++----------------------- models/vulninfos.go | 9 ---- oval/debian.go | 2 +- oval/suse.go | 2 +- report/email.go | 9 ++-- report/http.go | 4 +- report/report.go | 10 ++-- report/s3.go | 27 ++++++++--- report/slack.go | 6 --- report/syslog.go | 2 +- report/tui.go | 79 ++++++++++++++------------------ report/util.go | 2 +- scan/base.go | 2 +- scan/debian.go | 2 +- scan/debian_test.go | 4 +- scan/freebsd.go | 2 +- server/server.go | 5 +- util/logutil.go | 15 +++--- 32 files changed, 233 insertions(+), 216 deletions(-) create mode 100644 .github/workflows/golangci.yml create mode 100644 .github/workflows/goreleaser.yml create mode 100644 .github/workflows/test.yml create mode 100644 .github/workflows/tidy.yml create mode 100644 .golangci.yml delete mode 100644 .travis.yml diff --git a/.github/workflows/golangci.yml b/.github/workflows/golangci.yml new file mode 100644 index 00000000..b061bc84 --- /dev/null +++ b/.github/workflows/golangci.yml @@ -0,0 +1,28 @@ +name: golangci-lint +on: + push: + tags: + - v* + branches: + - master + pull_request: +jobs: + golangci: + name: lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: golangci-lint + uses: golangci/golangci-lint-action@v1 + with: + # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version. + version: v1.26 + + # Optional: working directory, useful for monorepos + # working-directory: somedir + + # Optional: golangci-lint command line arguments. + # args: --issues-exit-code=0 + + # Optional: show only new issues if it's a pull request. The default value is `false`. + # only-new-issues: true diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml new file mode 100644 index 00000000..45b637ab --- /dev/null +++ b/.github/workflows/goreleaser.yml @@ -0,0 +1,31 @@ +name: goreleaser + +on: + push: + tags: + - '*' + +jobs: + goreleaser: + runs-on: ubuntu-latest + steps: + - + name: Checkout + uses: actions/checkout@v2 + - + name: Unshallow + run: git fetch --prune --unshallow + - + name: Set up Go + uses: actions/setup-go@v2 + with: + go-version: 1.14 + - + name: Run GoReleaser + uses: goreleaser/goreleaser-action@v2 + with: + version: latest + args: release --rm-dist + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..50afe2bc --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,21 @@ +name: Test + +on: [pull_request] + +jobs: + build: + name: Build + runs-on: ubuntu-latest + steps: + + - name: Set up Go 1.x + uses: actions/setup-go@v2 + with: + go-version: 1.14.x + id: go + + - name: Check out code into the Go module directory + uses: actions/checkout@v2 + + - name: Test + run: make test diff --git a/.github/workflows/tidy.yml b/.github/workflows/tidy.yml new file mode 100644 index 00000000..ea5bfe38 --- /dev/null +++ b/.github/workflows/tidy.yml @@ -0,0 +1,22 @@ +name: go-mod-tidy-pr + +on: + schedule: + - cron: "0 0 * * 1" # Weekly build + +jobs: + go-mod-tidy-pr: + name: go-mod-tidy-pr + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Run go-mod-tidy-pr + uses: sue445/go-mod-tidy-pr@master + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + git_user_name: kotakanbe + git_user_email: kotakanbe@gmail.com + go_version: 1.14.x \ No newline at end of file diff --git a/.golangci.yml b/.golangci.yml new file mode 100644 index 00000000..4db027da --- /dev/null +++ b/.golangci.yml @@ -0,0 +1,15 @@ +linters-settings: + errcheck: + #exclude: /path/to/file.txt + +linters: + disable-all: true + enable: + - goimports + - golint + - govet + - misspell + - errcheck + - staticcheck + - prealloc + - ineffassign diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index c79e374e..00000000 --- a/.travis.yml +++ /dev/null @@ -1,7 +0,0 @@ -language: go - -go: - - "1.13.x" - -after_success: - - test -n "$TRAVIS_TAG" && curl -sL https://git.io/goreleaser | bash diff --git a/cache/bolt_test.go b/cache/bolt_test.go index 6aa28fcc..dd78024a 100644 --- a/cache/bolt_test.go +++ b/cache/bolt_test.go @@ -46,7 +46,7 @@ func TestSetupBolt(t *testing.T) { t.Errorf("Failed to open bolt: %s", err) } - db.View(func(tx *bolt.Tx) error { + _ = db.View(func(tx *bolt.Tx) error { bkt := tx.Bucket([]byte(metabucket)) if bkt == nil { t.Errorf("Meta bucket nof found") @@ -87,7 +87,7 @@ func TestEnsureBuckets(t *testing.T) { if err != nil { t.Errorf("Failed to open bolt: %s", err) } - db.View(func(tx *bolt.Tx) error { + _ = db.View(func(tx *bolt.Tx) error { bkt := tx.Bucket([]byte(servername)) if bkt == nil { t.Errorf("Meta bucket nof found") diff --git a/github/github.go b/github/github.go index ea6c91d9..9ff2bb1a 100644 --- a/github/github.go +++ b/github/github.go @@ -58,7 +58,7 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) ( } alerts := SecurityAlerts{} - if json.Unmarshal(body, &alerts); err != nil { + if err := json.Unmarshal(body, &alerts); err != nil { return 0, err } diff --git a/gost/microsoft.go b/gost/microsoft.go index 8409b507..7cfd5d7e 100644 --- a/gost/microsoft.go +++ b/gost/microsoft.go @@ -18,7 +18,7 @@ func (ms Microsoft) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (n if driver == nil { return 0, nil } - var cveIDs []string + cveIDs := []string{} for cveID := range r.ScannedCves { cveIDs = append(cveIDs, cveID) } @@ -72,7 +72,7 @@ func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveCont if 0 < len(cve.Workaround) { option["workaround"] = cve.Workaround } - var kbids []string + kbids := []string{} for _, kbid := range cve.KBIDs { kbids = append(kbids, kbid.KBID) } diff --git a/gost/pseudo.go b/gost/pseudo.go index 225493bf..74a3875c 100644 --- a/gost/pseudo.go +++ b/gost/pseudo.go @@ -1,9 +1,10 @@ package gost import ( + "strings" + "github.com/future-architect/vuls/models" "github.com/knqyf263/gost/db" - "strings" ) // Pseudo is Gost client except for RedHat family and Debian diff --git a/gost/redhat.go b/gost/redhat.go index b2788da1..2a3fc729 100644 --- a/gost/redhat.go +++ b/gost/redhat.go @@ -23,7 +23,7 @@ func (red RedHat) DetectUnfixed(driver db.DB, r *models.ScanResult, ignoreWillNo } func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error { - var cveIDs []string + cveIDs := []string{} for cveID, vuln := range r.ScannedCves { if _, ok := vuln.CveContents[models.RedHatAPI]; ok { continue @@ -139,8 +139,7 @@ func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult, ignoreWillNotF } for _, pack := range r.Packages { // CVE-ID: RedhatCVE - cves := map[string]gostmodels.RedhatCVE{} - cves = driver.GetUnfixedCvesRedhat(major(r.Release), pack.Name, ignoreWillNotFix) + cves := driver.GetUnfixedCvesRedhat(major(r.Release), pack.Name, ignoreWillNotFix) for _, cve := range cves { cveCont := red.ConvertToModel(&cve) v, ok := r.ScannedCves[cve.Name] @@ -245,7 +244,7 @@ func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) *models.CveContent { v3severity = cve.ThreatSeverity } - var refs []models.Reference + refs := []models.Reference{} for _, r := range cve.References { refs = append(refs, models.Reference{Link: r.Reference}) } diff --git a/models/library.go b/models/library.go index 9e400d8b..5eb6731a 100644 --- a/models/library.go +++ b/models/library.go @@ -45,7 +45,7 @@ func (s LibraryScanner) Scan() ([]VulnInfo, error) { return nil, xerrors.New("unknown file type") } - var vulnerabilities []VulnInfo + var vulnerabilities = []VulnInfo{} for _, pkg := range s.Libs { v, err := version.NewVersion(pkg.Version) if err != nil { diff --git a/models/library_test.go b/models/library_test.go index 5616d43b..ae0bc2c8 100644 --- a/models/library_test.go +++ b/models/library_test.go @@ -4,56 +4,9 @@ import ( "reflect" "testing" - "github.com/aquasecurity/trivy-db/pkg/db" - "github.com/aquasecurity/trivy/pkg/log" "github.com/aquasecurity/trivy/pkg/types" - "github.com/aquasecurity/trivy/pkg/utils" ) -func TestScan(t *testing.T) { - var tests = []struct { - path string - pkgs []types.Library - }{ - { - path: "app/package-lock.json", - pkgs: []types.Library{ - { - Name: "jquery", - Version: "2.2.4", - }, - { - Name: "@babel/traverse", - Version: "7.4.4", - }, - }, - }, - } - - if err := log.InitLogger(false, false); err != nil { - t.Errorf("trivy logger failed") - } - - cacheDir := utils.DefaultCacheDir() - if err := db.Init(cacheDir); err != nil { - t.Errorf("trivy db.Init failed") - } - for _, v := range tests { - lib := LibraryScanner{ - Path: v.path, - Libs: v.pkgs, - } - actual, err := lib.Scan() - if err != nil { - t.Errorf("error occurred") - } - if len(actual) == 0 { - t.Errorf("no vuln found : actual: %v\n", actual) - } - } - db.Close() -} - func TestLibraryScanners_Find(t *testing.T) { type args struct { name string diff --git a/models/scanresults.go b/models/scanresults.go index 2a7dbd78..a5d7734c 100644 --- a/models/scanresults.go +++ b/models/scanresults.go @@ -195,7 +195,7 @@ func (r ScanResult) FilterUnfixed() ScanResult { // FilterIgnorePkgs is filter function. func (r ScanResult) FilterIgnorePkgs() ScanResult { - ignorePkgsRegexps := []string{} + var ignorePkgsRegexps []string if len(r.Container.Name) == 0 { ignorePkgsRegexps = config.Conf.Servers[r.ServerName].IgnorePkgsRegexp } else { diff --git a/models/utils.go b/models/utils.go index 22c87856..de7937b6 100644 --- a/models/utils.go +++ b/models/utils.go @@ -6,60 +6,18 @@ import ( cvedict "github.com/kotakanbe/go-cve-dictionary/models" ) -// ConvertNvdXMLToModel convert NVD to CveContent -func ConvertNvdXMLToModel(cveID string, nvd *cvedict.NvdXML) *CveContent { - if nvd == nil { - return nil - } - var cpes []Cpe - for _, c := range nvd.Cpes { - cpes = append(cpes, Cpe{ - FormattedString: c.FormattedString, - URI: c.URI, - }) - } - - var refs []Reference - for _, r := range nvd.References { - refs = append(refs, Reference{ - Link: r.Link, - Source: r.Source, - }) - } - - cweIDs := []string{} - for _, cid := range nvd.Cwes { - cweIDs = append(cweIDs, cid.CweID) - } - - return &CveContent{ - Type: Nvd, - CveID: cveID, - Summary: nvd.Summary, - Cvss2Score: nvd.Cvss2.BaseScore, - Cvss2Vector: nvd.Cvss2.VectorString, - Cvss2Severity: nvd.Cvss2.Severity, - SourceLink: "https://nvd.nist.gov/vuln/detail/" + cveID, - // Cpes: cpes, - CweIDs: cweIDs, - References: refs, - Published: nvd.PublishedDate, - LastModified: nvd.LastModifiedDate, - } -} - // ConvertJvnToModel convert JVN to CveContent func ConvertJvnToModel(cveID string, jvn *cvedict.Jvn) *CveContent { if jvn == nil { return nil } - var cpes []Cpe - for _, c := range jvn.Cpes { - cpes = append(cpes, Cpe{ - FormattedString: c.FormattedString, - URI: c.URI, - }) - } + // var cpes = []Cpe{} + // for _, c := range jvn.Cpes { + // cpes = append(cpes, Cpe{ + // FormattedString: c.FormattedString, + // URI: c.URI, + // }) + // } refs := []Reference{} for _, r := range jvn.References { @@ -93,15 +51,15 @@ func ConvertNvdJSONToModel(cveID string, nvd *cvedict.NvdJSON) *CveContent { if nvd == nil { return nil } - var cpes []Cpe - for _, c := range nvd.Cpes { - cpes = append(cpes, Cpe{ - FormattedString: c.FormattedString, - URI: c.URI, - }) - } + // var cpes = []Cpe{} + // for _, c := range nvd.Cpes { + // cpes = append(cpes, Cpe{ + // FormattedString: c.FormattedString, + // URI: c.URI, + // }) + // } - var refs []Reference + var refs = []Reference{} for _, r := range nvd.References { refs = append(refs, Reference{ Link: r.Link, diff --git a/models/vulninfos.go b/models/vulninfos.go index c65985a6..e5778e7a 100644 --- a/models/vulninfos.go +++ b/models/vulninfos.go @@ -644,15 +644,6 @@ func (c Cvss) Format() string { return "" } -func cvss2ScoreToSeverity(score float64) string { - if 7.0 <= score { - return "HIGH" - } else if 4.0 <= score { - return "MEDIUM" - } - return "LOW" -} - // Amazon Linux Security Advisory // Critical, Important, Medium, Low // https://alas.aws.amazon.com/ diff --git a/oval/debian.go b/oval/debian.go index 0efc1010..a73b2c63 100644 --- a/oval/debian.go +++ b/oval/debian.go @@ -76,7 +76,7 @@ func (o DebianBase) update(r *models.ScanResult, defPacks defPacks) { } func (o DebianBase) convertToModel(def *ovalmodels.Definition) *models.CveContent { - var refs []models.Reference + refs := []models.Reference{} for _, r := range def.References { refs = append(refs, models.Reference{ Link: r.RefURL, diff --git a/oval/suse.go b/oval/suse.go index fff224d6..02925e9f 100644 --- a/oval/suse.go +++ b/oval/suse.go @@ -86,7 +86,7 @@ func (o SUSE) update(r *models.ScanResult, defPacks defPacks) { } func (o SUSE) convertToModel(def *ovalmodels.Definition) *models.CveContent { - var refs []models.Reference + refs := []models.Reference{} for _, r := range def.References { refs = append(refs, models.Reference{ Link: r.RefURL, diff --git a/report/email.go b/report/email.go index 7854d9ce..6bfbe0eb 100644 --- a/report/email.go +++ b/report/email.go @@ -54,14 +54,15 @@ func (w EMailWriter) Write(rs ...models.ScanResult) (err error) { } } } - summary := "" + var summary string if config.Conf.IgnoreUnscoredCves { summary = fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d)", m["High"]+m["Medium"]+m["Low"], m["High"], m["Medium"], m["Low"]) + } else { + summary = fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d ?:%d)", + m["High"]+m["Medium"]+m["Low"]+m["Unknown"], + m["High"], m["Medium"], m["Low"], m["Unknown"]) } - summary = fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d ?:%d)", - m["High"]+m["Medium"]+m["Low"]+m["Unknown"], - m["High"], m["Medium"], m["Low"], m["Unknown"]) origmessage := message if conf.FormatOneEMail { message = fmt.Sprintf("One Line Summary\r\n================\r\n%s", formatOneLineSummary(rs...)) diff --git a/report/http.go b/report/http.go index 2756b343..cda8315e 100644 --- a/report/http.go +++ b/report/http.go @@ -17,7 +17,9 @@ type HTTPRequestWriter struct{} func (w HTTPRequestWriter) Write(rs ...models.ScanResult) (err error) { for _, r := range rs { b := new(bytes.Buffer) - json.NewEncoder(b).Encode(r) + if err := json.NewEncoder(b).Encode(r); err != nil { + return err + } _, err = http.Post(c.Conf.HTTP.URL, "application/json; charset=utf-8", b) if err != nil { return err diff --git a/report/report.go b/report/report.go index dff18931..91fdcc38 100644 --- a/report/report.go +++ b/report/report.go @@ -213,7 +213,7 @@ func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, igno // fillCveDetail fetches NVD, JVN from CVE Database func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error { - var cveIDs []string + cveIDs := []string{} for _, v := range r.ScannedCves { cveIDs = append(cveIDs, v.CveID) } @@ -224,9 +224,6 @@ func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error { } for _, d := range ds { nvd := models.ConvertNvdJSONToModel(d.CveID, d.NvdJSON) - if nvd == nil { - nvd = models.ConvertNvdXMLToModel(d.CveID, d.NvdXML) - } jvn := models.ConvertJvnToModel(d.CveID, d.Jvn) alerts := fillCertAlerts(&d) @@ -533,6 +530,7 @@ func EnsureUUIDs(configPath string, results models.ScanResults) (err error) { return results[i].ServerName < results[j].ServerName }) + re := regexp.MustCompile(reUUID) for i, r := range results { server := c.Conf.Servers[r.ServerName] if server.UUIDs == nil { @@ -554,8 +552,8 @@ func EnsureUUIDs(configPath string, results models.ScanResults) (err error) { } if id, ok := server.UUIDs[name]; ok { - matched, err := regexp.MatchString(reUUID, id) - if !matched || err != nil { + ok := re.MatchString(id) + if !ok || err != nil { util.Log.Warnf("UUID is invalid. Re-generate UUID %s: %s", id, err) } else { if r.IsContainer() { diff --git a/report/s3.go b/report/s3.go index a94eafac..7041d1e7 100644 --- a/report/s3.go +++ b/report/s3.go @@ -23,16 +23,24 @@ import ( // S3Writer writes results to S3 type S3Writer struct{} -func getS3() *s3.S3 { - Config := &aws.Config{ +func getS3() (*s3.S3, error) { + ses, err := session.NewSession() + if err != nil { + return nil, err + } + config := &aws.Config{ Region: aws.String(c.Conf.AWS.Region), Credentials: credentials.NewChainCredentials([]credentials.Provider{ &credentials.EnvProvider{}, &credentials.SharedCredentialsProvider{Filename: "", Profile: c.Conf.AWS.Profile}, - &ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(session.New())}, + &ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(ses)}, }), } - return s3.New(session.New(Config)) + s, err := session.NewSession(config) + if err != nil { + return nil, err + } + return s3.New(s), nil } // Write results to S3 @@ -42,7 +50,10 @@ func (w S3Writer) Write(rs ...models.ScanResult) (err error) { return nil } - svc := getS3() + svc, err := getS3() + if err != nil { + return err + } if c.Conf.FormatOneLineText { timestr := rs[0].ScannedAt.Format(time.RFC3339) @@ -99,7 +110,11 @@ func (w S3Writer) Write(rs ...models.ScanResult) (err error) { // CheckIfBucketExists check the existence of S3 bucket func CheckIfBucketExists() error { - svc := getS3() + svc, err := getS3() + if err != nil { + return err + } + result, err := svc.ListBuckets(&s3.ListBucketsInput{}) if err != nil { return xerrors.Errorf( diff --git a/report/slack.go b/report/slack.go index 9f0a2668..3b0e3c87 100644 --- a/report/slack.go +++ b/report/slack.go @@ -16,12 +16,6 @@ import ( "golang.org/x/xerrors" ) -type field struct { - Title string `json:"title"` - Value string `json:"value"` - Short bool `json:"short"` -} - type message struct { Text string `json:"text"` Username string `json:"username"` diff --git a/report/syslog.go b/report/syslog.go index 32e978d7..625c2c4d 100644 --- a/report/syslog.go +++ b/report/syslog.go @@ -28,7 +28,7 @@ func (w SyslogWriter) Write(rs ...models.ScanResult) (err error) { for _, r := range rs { messages := w.encodeSyslog(r) for _, m := range messages { - if _, err = fmt.Fprintf(sysLog, m); err != nil { + if _, err = fmt.Fprint(sysLog, m); err != nil { return err } } diff --git a/report/tui.go b/report/tui.go index 1c44d385..192afc32 100644 --- a/report/tui.go +++ b/report/tui.go @@ -101,7 +101,6 @@ func keybindings(g *gocui.Gui) (err error) { errs = append(errs, g.SetKeybinding("summary", gocui.KeySpace, gocui.ModNone, cursorPageDown)) errs = append(errs, g.SetKeybinding("summary", gocui.KeyBackspace, gocui.ModNone, cursorPageUp)) errs = append(errs, g.SetKeybinding("summary", gocui.KeyBackspace2, gocui.ModNone, cursorPageUp)) - // errs = append(errs, g.SetKeybinding("summary", gocui.KeyCtrlM, gocui.ModNone, cursorMoveMiddle)) errs = append(errs, g.SetKeybinding("summary", gocui.KeyEnter, gocui.ModNone, nextView)) errs = append(errs, g.SetKeybinding("summary", gocui.KeyCtrlN, gocui.ModNone, nextSummary)) errs = append(errs, g.SetKeybinding("summary", gocui.KeyCtrlP, gocui.ModNone, previousSummary)) @@ -169,7 +168,7 @@ func nextView(g *gocui.Gui, v *gocui.View) error { var err error if v == nil { - err = g.SetCurrentView("side") + return g.SetCurrentView("side") } switch v.Name() { case "side": @@ -190,7 +189,7 @@ func previousView(g *gocui.Gui, v *gocui.View) error { var err error if v == nil { - err = g.SetCurrentView("side") + return g.SetCurrentView("side") } switch v.Name() { case "side": @@ -283,31 +282,15 @@ func cursorDown(g *gocui.Gui, v *gocui.View) error { return err } } - onMovingCursorRedrawView(g, v) + err := onMovingCursorRedrawView(g, v) + if err != nil { + return err + } } cx, cy := v.Cursor() ox, oy := v.Origin() - debug(g, fmt.Sprintf("%v, %v, %v, %v", cx, cy, ox, oy)) - return nil -} - -func cursorMoveTop(g *gocui.Gui, v *gocui.View) error { - if v != nil { - cx, _ := v.Cursor() - v.SetCursor(cx, 0) - } - onMovingCursorRedrawView(g, v) - return nil -} - -func cursorMoveBottom(g *gocui.Gui, v *gocui.View) error { - if v != nil { - _, maxY := v.Size() - cx, _ := v.Cursor() - v.SetCursor(cx, maxY-1) - } - onMovingCursorRedrawView(g, v) + _ = debug(g, fmt.Sprintf("%v, %v, %v, %v", cx, cy, ox, oy)) return nil } @@ -315,9 +298,13 @@ func cursorMoveMiddle(g *gocui.Gui, v *gocui.View) error { if v != nil { _, maxY := v.Size() cx, _ := v.Cursor() - v.SetCursor(cx, maxY/2) + if err := v.SetCursor(cx, maxY/2); err != nil { + return err + } + } + if err := onMovingCursorRedrawView(g, v); err != nil { + return err } - onMovingCursorRedrawView(g, v) return nil } @@ -332,23 +319,25 @@ func cursorPageDown(g *gocui.Gui, v *gocui.View) error { if !ok { if yLimit < maxY { - v.SetCursor(cx, yLimit) + _ = v.SetCursor(cx, yLimit) } else { - v.SetCursor(cx, maxY-1) - v.SetOrigin(ox, yLimit-maxY+1) + _ = v.SetCursor(cx, maxY-1) + _ = v.SetOrigin(ox, yLimit-maxY+1) } } else if yLimit < oy+jump+maxY { if yLimit < maxY { - v.SetCursor(cx, yLimit) + _ = v.SetCursor(cx, yLimit) } else { - v.SetOrigin(ox, yLimit-maxY+1) - v.SetCursor(cx, maxY-1) + _ = v.SetOrigin(ox, yLimit-maxY+1) + _ = v.SetCursor(cx, maxY-1) } } else { - v.SetCursor(cx, cy) - v.SetOrigin(ox, oy+jump) + _ = v.SetCursor(cx, cy) + if err := v.SetOrigin(ox, oy+jump); err != nil { + return err + } } - onMovingCursorRedrawView(g, v) + _ = onMovingCursorRedrawView(g, v) } return nil } @@ -363,7 +352,7 @@ func cursorUp(g *gocui.Gui, v *gocui.View) error { } } } - onMovingCursorRedrawView(g, v) + _ = onMovingCursorRedrawView(g, v) return nil } @@ -373,11 +362,13 @@ func cursorPageUp(g *gocui.Gui, v *gocui.View) error { cx, _ := v.Cursor() ox, oy := v.Origin() if err := v.SetOrigin(ox, oy-jump); err != nil { - v.SetOrigin(ox, 0) - v.SetCursor(cx, 0) + if err := v.SetOrigin(ox, 0); err != nil { + return err + } + _ = v.SetCursor(cx, 0) } - onMovingCursorRedrawView(g, v) + _ = onMovingCursorRedrawView(g, v) } return nil } @@ -544,10 +535,12 @@ func debug(g *gocui.Gui, str string) error { if config.Conf.Debug { maxX, maxY := g.Size() if _, err := g.View("debug"); err != gocui.ErrUnknownView { - g.DeleteView("debug") + if err := g.DeleteView("debug"); err != nil { + return err + } } if v, err := g.SetView("debug", maxX/2-7, maxY/2, maxX/2+7, maxY/2+2); err != nil { - fmt.Fprintf(v, str) + fmt.Fprint(v, str) } } return nil @@ -584,7 +577,7 @@ func setSummaryLayout(g *gocui.Gui) error { } lines := summaryLines(currentScanResult) - fmt.Fprintf(v, lines) + fmt.Fprint(v, lines) v.Highlight = true v.Editable = false @@ -720,8 +713,6 @@ func setChangelogLayout(g *gocui.Gui) error { lines = append(lines, fmt.Sprintf(" * PID: %s %s Port: %s", p.PID, p.Name, p.ListenPorts)) } - } else { - // lines = append(lines, fmt.Sprintf(" * No affected process")) } } } diff --git a/report/util.go b/report/util.go index 18e33ee2..df9f8007 100644 --- a/report/util.go +++ b/report/util.go @@ -608,7 +608,7 @@ func ListValidJSONDirs() (dirs []string, err error) { // Otherwise, returns the path of the latest directory func JSONDir(args []string) (string, error) { var err error - dirs := []string{} + var dirs []string if 0 < len(args) { if dirs, err = ListValidJSONDirs(); err != nil { diff --git a/scan/base.go b/scan/base.go index 3580a954..990dd6c7 100644 --- a/scan/base.go +++ b/scan/base.go @@ -676,7 +676,7 @@ func (l *base) detectWpThemes() ([]models.WpPackage, error) { } err := json.Unmarshal([]byte(r.Stdout), &themes) if err != nil { - return nil, xerrors.Errorf("Failed to unmarshal wp theme list: %w", cmd, err) + return nil, xerrors.Errorf("Failed to unmarshal wp theme list: %w", err) } for i := range themes { themes[i].Type = models.WPTheme diff --git a/scan/debian.go b/scan/debian.go index e5aedde7..f4eebb6b 100644 --- a/scan/debian.go +++ b/scan/debian.go @@ -687,7 +687,7 @@ func (o *debian) scanChangelogs(updatablePacks models.Packages, meta *cache.Meta return nil, xerrors.Errorf("errs: %w", errs) } - var cveIDs []DetectedCveID + cveIDs := []DetectedCveID{} for k := range cvePackages { cveIDs = append(cveIDs, k) } diff --git a/scan/debian_test.go b/scan/debian_test.go index 36c0c238..247ed49a 100644 --- a/scan/debian_test.go +++ b/scan/debian_test.go @@ -389,8 +389,8 @@ Calculating upgrade... Done } if len(tt.expected) != len(actual) { t.Errorf("Result length is not as same as expected. expected: %d, actual: %d", len(tt.expected), len(actual)) - pp.Println(tt.expected) - pp.Println(actual) + _, _ = pp.Println(tt.expected) + _, _ = pp.Println(actual) return } for i := range tt.expected { diff --git a/scan/freebsd.go b/scan/freebsd.go index ddfda19d..fe4745cc 100644 --- a/scan/freebsd.go +++ b/scan/freebsd.go @@ -189,7 +189,7 @@ func (o *bsd) scanUnsecurePackages() (models.VulnInfos, error) { return nil, nil } - var packAdtRslt []pkgAuditResult + packAdtRslt := []pkgAuditResult{} blocks := o.splitIntoBlocks(r.Stdout) for _, b := range blocks { name, cveIDs, vulnID := o.parseBlock(b) diff --git a/server/server.go b/server/server.go index 39f419de..62bb4a47 100644 --- a/server/server.go +++ b/server/server.go @@ -41,7 +41,10 @@ func (h VulsHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { } } else if mediatype == "text/plain" { buf := new(bytes.Buffer) - io.Copy(buf, r.Body) + if _, err := io.Copy(buf, r.Body); err != nil { + http.Error(w, err.Error(), http.StatusBadRequest) + return + } if result, err = scan.ViaHTTP(r.Header, buf.String()); err != nil { util.Log.Error(err) http.Error(w, err.Error(), http.StatusBadRequest) diff --git a/util/logutil.go b/util/logutil.go index f9f3f386..ef7abb82 100644 --- a/util/logutil.go +++ b/util/logutil.go @@ -1,6 +1,7 @@ package util import ( + "flag" "fmt" "io/ioutil" "os" @@ -39,14 +40,14 @@ func NewCustomLogger(c config.ServerInfo) *logrus.Entry { logDir = config.Conf.LogDir } - if _, err := os.Stat(logDir); os.IsNotExist(err) { - if err := os.Mkdir(logDir, 0700); err != nil { - log.Errorf("Failed to create log directory. path: %s, err: %s", logDir, err) - } - } - // Only log to a file if quiet mode enabled - if config.Conf.Quiet { + if config.Conf.Quiet && flag.Lookup("test.v") == nil { + if _, err := os.Stat(logDir); os.IsNotExist(err) { + if err := os.Mkdir(logDir, 0700); err != nil { + log.Errorf("Failed to create log directory. path: %s, err: %s", logDir, err) + } + } + logFile := logDir + "/vuls.log" if file, err := os.OpenFile(logFile, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0644); err == nil { log.Out = file