From fcc6d71be2c3ce7d9305c04fc2e87af554571bac Mon Sep 17 00:00:00 2001 From: Dmitry Vyukov Date: Mon, 22 Feb 2021 20:37:25 +0100 Subject: go.mod: update golangci-lint to v1.37 --- .../ryancurrah/gomodguard/.gomodguard.yaml | 27 ---- vendor/github.com/ryancurrah/gomodguard/README.md | 10 +- vendor/github.com/ryancurrah/gomodguard/VERSION | 2 +- vendor/github.com/ryancurrah/gomodguard/cmd.go | 7 +- vendor/github.com/ryancurrah/gomodguard/go.mod | 5 +- vendor/github.com/ryancurrah/gomodguard/go.sum | 10 +- .../github.com/ryancurrah/gomodguard/gomodguard.go | 153 +++++++++------------ 7 files changed, 86 insertions(+), 128 deletions(-) delete mode 100644 vendor/github.com/ryancurrah/gomodguard/.gomodguard.yaml (limited to 'vendor/github.com/ryancurrah') diff --git a/vendor/github.com/ryancurrah/gomodguard/.gomodguard.yaml b/vendor/github.com/ryancurrah/gomodguard/.gomodguard.yaml deleted file mode 100644 index 38a2f0be0..000000000 --- a/vendor/github.com/ryancurrah/gomodguard/.gomodguard.yaml +++ /dev/null @@ -1,27 +0,0 @@ -allowed: - modules: # List of allowed modules - - gopkg.in/yaml.v2 - - github.com/go-xmlfmt/xmlfmt - - github.com/Masterminds/semver - domains: # List of allowed module domains - - golang.org - -blocked: - modules: # List of blocked modules - - github.com/uudashr/go-module: # Blocked module - recommendations: # Recommended modules that should be used instead (Optional) - - golang.org/x/mod - reason: "`mod` is the official go.mod parser library." # Reason why the recommended module should be used (Optional) - - github.com/mitchellh/go-homedir: - recommendations: - - github.com/ryancurrah/gomodguard - reason: "testing if the current/linted module is not blocked when it is recommended" - - github.com/phayes/checkstyle: - recommendations: - - github.com/someother/module - reason: "testing if module is blocked with recommendation" - - versions: - - github.com/mitchellh/go-homedir: - version: "<= 1.1.0" - reason: "testing if blocked version constraint works." diff --git a/vendor/github.com/ryancurrah/gomodguard/README.md b/vendor/github.com/ryancurrah/gomodguard/README.md index f09b5e1f4..8e2e41688 100644 --- a/vendor/github.com/ryancurrah/gomodguard/README.md +++ b/vendor/github.com/ryancurrah/gomodguard/README.md @@ -1,6 +1,10 @@ # gomodguard -![Codecov](https://img.shields.io/codecov/c/gh/ryancurrah/gomodguard?style=flat-square) -![GitHub Workflow Status](https://img.shields.io/github/workflow/status/ryancurrah/gomodguard/Go?logo=Go&style=flat-square) +[![License](https://img.shields.io/github/license/ryancurrah/gomodguard?style=flat-square)](/LICENSE) +[![Codecov](https://img.shields.io/codecov/c/gh/ryancurrah/gomodguard?style=flat-square)](https://codecov.io/gh/ryancurrah/gomodguard) +[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/ryancurrah/gomodguard/Go?logo=Go&style=flat-square)](https://github.com/ryancurrah/gomodguard/actions?query=workflow%3AGo) +[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/ryancurrah/gomodguard?style=flat-square)](https://github.com/ryancurrah/gomodguard/releases/latest) +[![Docker](https://img.shields.io/docker/pulls/ryancurrah/gomodguard?style=flat-square)](https://hub.docker.com/r/ryancurrah/gomodguard) +[![Github Releases Stats of golangci-lint](https://img.shields.io/github/downloads/ryancurrah/gomodguard/total.svg?logo=github&style=flat-square)](https://somsubhra.com/github-release-stats/?username=ryancurrah&repository=gomodguard) @@ -8,7 +12,7 @@ Allow and block list linter for direct Go module dependencies. This is useful fo ## Description -Allowed and blocked modules are defined in a `.gomodguard.yaml` or `~/.gomodguard.yaml` file. +Allowed and blocked modules are defined in a `./.gomodguard.yaml` or `~/.gomodguard.yaml` file. Modules can be allowed by module or domain name. When allowed modules are specified any modules not in the allowed configuration are blocked. diff --git a/vendor/github.com/ryancurrah/gomodguard/VERSION b/vendor/github.com/ryancurrah/gomodguard/VERSION index 3e7bcf08c..795460fce 100644 --- a/vendor/github.com/ryancurrah/gomodguard/VERSION +++ b/vendor/github.com/ryancurrah/gomodguard/VERSION @@ -1 +1 @@ -v1.0.4 +v1.1.0 diff --git a/vendor/github.com/ryancurrah/gomodguard/cmd.go b/vendor/github.com/ryancurrah/gomodguard/cmd.go index 652e61f8c..89a22aeb6 100644 --- a/vendor/github.com/ryancurrah/gomodguard/cmd.go +++ b/vendor/github.com/ryancurrah/gomodguard/cmd.go @@ -82,11 +82,16 @@ func Run() int { filteredFiles := GetFilteredFiles(cwd, noTest, args) - processor, err := NewProcessor(*config, logger) + processor, err := NewProcessor(config) if err != nil { logger.Fatalf("error: %s", err) } + logger.Printf("info: allowed modules, %+v", config.Allowed.Modules) + logger.Printf("info: allowed module domains, %+v", config.Allowed.Domains) + logger.Printf("info: blocked modules, %+v", config.Blocked.Modules.Get()) + logger.Printf("info: blocked modules with version constraints, %+v", config.Blocked.Versions.Get()) + results := processor.ProcessFiles(filteredFiles) if report == "checkstyle" { diff --git a/vendor/github.com/ryancurrah/gomodguard/go.mod b/vendor/github.com/ryancurrah/gomodguard/go.mod index 15231c986..1f1748355 100644 --- a/vendor/github.com/ryancurrah/gomodguard/go.mod +++ b/vendor/github.com/ryancurrah/gomodguard/go.mod @@ -7,7 +7,6 @@ require ( github.com/go-xmlfmt/xmlfmt v0.0.0-20191208150333-d5b6f63a941b github.com/mitchellh/go-homedir v1.1.0 github.com/phayes/checkstyle v0.0.0-20170904204023-bfd46e6a821d - github.com/pkg/errors v0.9.1 - golang.org/x/mod v0.2.0 - gopkg.in/yaml.v2 v2.2.8 + golang.org/x/mod v0.4.0 + gopkg.in/yaml.v2 v2.4.0 ) diff --git a/vendor/github.com/ryancurrah/gomodguard/go.sum b/vendor/github.com/ryancurrah/gomodguard/go.sum index 55ae4e571..ccbc5e032 100644 --- a/vendor/github.com/ryancurrah/gomodguard/go.sum +++ b/vendor/github.com/ryancurrah/gomodguard/go.sum @@ -6,12 +6,10 @@ github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/phayes/checkstyle v0.0.0-20170904204023-bfd46e6a821d h1:CdDQnGF8Nq9ocOS/xlSptM1N3BbrA6/kmaep5ggwaIA= github.com/phayes/checkstyle v0.0.0-20170904204023-bfd46e6a821d/go.mod h1:3OzsM7FXDQlpCiw2j81fOmAwQLnZnLGXVKUzeKQXIAw= -github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/mod v0.2.0 h1:KU7oHjnv3XNWfa5COkzUifxZmxp1TyI7ImMXqFxLwvQ= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.0 h1:8pl+sMODzuvGJkmj2W4kZihvVb5mKm8pB/X44PIQHv8= +golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -24,5 +22,5 @@ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898 h1:/atklqdjdhuosWIl6AIbO golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= diff --git a/vendor/github.com/ryancurrah/gomodguard/gomodguard.go b/vendor/github.com/ryancurrah/gomodguard/gomodguard.go index 16467734c..3f2cc0d86 100644 --- a/vendor/github.com/ryancurrah/gomodguard/gomodguard.go +++ b/vendor/github.com/ryancurrah/gomodguard/gomodguard.go @@ -7,7 +7,6 @@ import ( "go/parser" "go/token" "io/ioutil" - "log" "os" "os/exec" "strings" @@ -24,30 +23,20 @@ const ( ) var ( - blockReasonNotInAllowedList = "import of package `%s` is blocked because the module is not in the allowed modules list." - blockReasonInBlockedList = "import of package `%s` is blocked because the module is in the blocked modules list." + blockReasonNotInAllowedList = "import of package `%s` is blocked because the module is not in the allowed modules list." + blockReasonInBlockedList = "import of package `%s` is blocked because the module is in the blocked modules list." + blockReasonHasLocalReplaceDirective = "import of package `%s` is blocked because the module has a local replace directive." ) // BlockedVersion has a version constraint a reason why the the module version is blocked. type BlockedVersion struct { - Version string `yaml:"version"` - Reason string `yaml:"reason"` - lintedModuleVersion string `yaml:"-"` + Version string `yaml:"version"` + Reason string `yaml:"reason"` } -// Set required values for performing checks. This must be ran before running anything else. -func (r *BlockedVersion) Set(lintedModuleVersion string) { - r.lintedModuleVersion = lintedModuleVersion -} - -// IsAllowed returns true if the blocked module is allowed. You must Set() values first. -func (r *BlockedVersion) IsAllowed() bool { - return !r.isLintedModuleVersionBlocked() -} - -// isLintedModuleVersionBlocked returns true if version constraint specified and the -// linted module version meets the constraint. -func (r *BlockedVersion) isLintedModuleVersionBlocked() bool { +// IsLintedModuleVersionBlocked returns true if a version constraint is specified and the +// linted module version matches the constraint. +func (r *BlockedVersion) IsLintedModuleVersionBlocked(lintedModuleVersion string) bool { if r.Version == "" { return false } @@ -57,26 +46,28 @@ func (r *BlockedVersion) isLintedModuleVersionBlocked() bool { return false } - version, err := semver.NewVersion(strings.TrimLeft(r.lintedModuleVersion, "v")) + version, err := semver.NewVersion(lintedModuleVersion) if err != nil { return false } - return constraint.Check(version) + meet := constraint.Check(version) + + return meet } // Message returns the reason why the module version is blocked. -func (r *BlockedVersion) Message() string { +func (r *BlockedVersion) Message(lintedModuleVersion string) string { msg := "" - // Add version contraint to message - msg += fmt.Sprintf("version `%s` is blocked because it does not meet the version constraint `%s`.", r.lintedModuleVersion, r.Version) + // Add version contraint to message. + msg += fmt.Sprintf("version `%s` is blocked because it does not meet the version constraint `%s`.", lintedModuleVersion, r.Version) if r.Reason == "" { return msg } - // Add reason to message + // Add reason to message. msg += fmt.Sprintf(" %s.", strings.TrimRight(r.Reason, ".")) return msg @@ -84,32 +75,22 @@ func (r *BlockedVersion) Message() string { // BlockedModule has alternative modules to use and a reason why the module is blocked. type BlockedModule struct { - Recommendations []string `yaml:"recommendations"` - Reason string `yaml:"reason"` - currentModuleName string `yaml:"-"` + Recommendations []string `yaml:"recommendations"` + Reason string `yaml:"reason"` } -// Set required values for performing checks. This must be ran before running anything else. -func (r *BlockedModule) Set(currentModuleName string) { - r.currentModuleName = currentModuleName -} - -// IsAllowed returns true if the blocked module is allowed. You must Set() values first. -func (r *BlockedModule) IsAllowed() bool { - // If the current go.mod file being linted is a recommended module of a - // blocked module and it imports that blocked module, do not set as blocked. - // This could mean that the linted module is a wrapper for that blocked module. - return r.isCurrentModuleARecommendation() -} - -// isCurrentModuleARecommendation returns true if the current module is in the Recommendations list. -func (r *BlockedModule) isCurrentModuleARecommendation() bool { +// IsCurrentModuleARecommendation returns true if the current module is in the Recommendations list. +// +// If the current go.mod file being linted is a recommended module of a +// blocked module and it imports that blocked module, do not set as blocked. +// This could mean that the linted module is a wrapper for that blocked module. +func (r *BlockedModule) IsCurrentModuleARecommendation(currentModuleName string) bool { if r == nil { return false } for n := range r.Recommendations { - if strings.TrimSpace(r.currentModuleName) == strings.TrimSpace(r.Recommendations[n]) { + if strings.TrimSpace(currentModuleName) == strings.TrimSpace(r.Recommendations[n]) { return true } } @@ -177,11 +158,10 @@ func (b BlockedVersions) Get() []string { } // GetBlockReason returns a block version if one is set for the provided linted module name. -func (b BlockedVersions) GetBlockReason(lintedModuleName, lintedModuleVersion string) *BlockedVersion { +func (b BlockedVersions) GetBlockReason(lintedModuleName string) *BlockedVersion { for _, blockedModule := range b { for blockedModuleName, blockedVersion := range blockedModule { - if strings.EqualFold(strings.TrimSpace(lintedModuleName), strings.TrimSpace(blockedModuleName)) { - blockedVersion.Set(lintedModuleVersion) + if strings.TrimSpace(lintedModuleName) == strings.TrimSpace(blockedModuleName) { return &blockedVersion } } @@ -208,11 +188,10 @@ func (b BlockedModules) Get() []string { } // GetBlockReason returns a block module if one is set for the provided linted module name. -func (b BlockedModules) GetBlockReason(currentModuleName, lintedModuleName string) *BlockedModule { +func (b BlockedModules) GetBlockReason(lintedModuleName string) *BlockedModule { for _, blockedModule := range b { for blockedModuleName, blockedModule := range blockedModule { - if strings.EqualFold(strings.TrimSpace(lintedModuleName), strings.TrimSpace(blockedModuleName)) { - blockedModule.Set(currentModuleName) + if strings.TrimSpace(lintedModuleName) == strings.TrimSpace(blockedModuleName) { return &blockedModule } } @@ -234,7 +213,7 @@ func (a *Allowed) IsAllowedModule(moduleName string) bool { allowedModules := a.Modules for i := range allowedModules { - if strings.EqualFold(strings.TrimSpace(moduleName), strings.TrimSpace(allowedModules[i])) { + if strings.TrimSpace(moduleName) == strings.TrimSpace(allowedModules[i]) { return true } } @@ -259,8 +238,9 @@ func (a *Allowed) IsAllowedModuleDomain(moduleName string) bool { // Blocked is a list of modules that are // blocked and not to be used. type Blocked struct { - Modules BlockedModules `yaml:"modules"` - Versions BlockedVersions `yaml:"versions"` + Modules BlockedModules `yaml:"modules"` + Versions BlockedVersions `yaml:"versions"` + LocalReplaceDirectives bool `yaml:"local_replace_directives"` } // Configuration of gomodguard allow and block lists. @@ -285,38 +265,31 @@ func (r *Result) String() string { // Processor processes Go files. type Processor struct { - Config Configuration - Logger *log.Logger + Config *Configuration Modfile *modfile.File blockedModulesFromModFile map[string][]string Result []Result } // NewProcessor will create a Processor to lint blocked packages. -func NewProcessor(config Configuration, logger *log.Logger) (*Processor, error) { +func NewProcessor(config *Configuration) (*Processor, error) { goModFileBytes, err := loadGoModFile() if err != nil { return nil, fmt.Errorf(errReadingGoModFile, goModFilename, err) } - mfile, err := modfile.Parse(goModFilename, goModFileBytes, nil) + modFile, err := modfile.Parse(goModFilename, goModFileBytes, nil) if err != nil { return nil, fmt.Errorf(errParsingGoModFile, goModFilename, err) } - logger.Printf("info: allowed modules, %+v", config.Allowed.Modules) - logger.Printf("info: allowed module domains, %+v", config.Allowed.Domains) - logger.Printf("info: blocked modules, %+v", config.Blocked.Modules.Get()) - logger.Printf("info: blocked modules with version constraints, %+v", config.Blocked.Versions.Get()) - p := &Processor{ Config: config, - Logger: logger, - Modfile: mfile, + Modfile: modFile, Result: []Result{}, } - p.SetBlockedModulesFromModFile() + p.SetBlockedModules() return p, nil } @@ -324,19 +297,6 @@ func NewProcessor(config Configuration, logger *log.Logger) (*Processor, error) // ProcessFiles takes a string slice with file names (full paths) // and lints them. func (p *Processor) ProcessFiles(filenames []string) []Result { - pluralModuleMsg := "s" - if len(p.blockedModulesFromModFile) == 1 { - pluralModuleMsg = "" - } - - blockedModules := make([]string, 0, len(p.blockedModulesFromModFile)) - for blockedModuleName := range p.blockedModulesFromModFile { - blockedModules = append(blockedModules, blockedModuleName) - } - - p.Logger.Printf("info: found %d blocked module%s in %s: %+v", - len(p.blockedModulesFromModFile), pluralModuleMsg, goModFilename, blockedModules) - for _, filename := range filenames { data, err := ioutil.ReadFile(filename) if err != nil { @@ -396,16 +356,20 @@ func (p *Processor) addError(fileset *token.FileSet, pos token.Pos, reason strin }) } -// SetBlockedModulesFromModFile determines which modules are blocked by reading -// the go.mod file and comparing the require modules to the allowed modules. -func (p *Processor) SetBlockedModulesFromModFile() { +// SetBlockedModules determines and sets which modules are blocked by reading +// the go.mod file of the module that is being linted. +// +// It works by iterating over the dependant modules specified in the require +// directive, checking if the module domain or full name is in the allowed list. +func (p *Processor) SetBlockedModules() { //nolint:gocognit blockedModules := make(map[string][]string, len(p.Modfile.Require)) currentModuleName := p.Modfile.Module.Mod.Path lintedModules := p.Modfile.Require + replacedModules := p.Modfile.Replace for i := range lintedModules { if lintedModules[i].Indirect { - continue + continue // Do not lint indirect modules. } lintedModuleName := strings.TrimSpace(lintedModules[i].Mod.Path) @@ -424,20 +388,35 @@ func (p *Processor) SetBlockedModulesFromModFile() { isAllowed = false } - blockModuleReason := p.Config.Blocked.Modules.GetBlockReason(currentModuleName, lintedModuleName) - blockVersionReason := p.Config.Blocked.Versions.GetBlockReason(lintedModuleName, lintedModuleVersion) + blockModuleReason := p.Config.Blocked.Modules.GetBlockReason(lintedModuleName) + blockVersionReason := p.Config.Blocked.Versions.GetBlockReason(lintedModuleName) if !isAllowed && blockModuleReason == nil && blockVersionReason == nil { blockedModules[lintedModuleName] = append(blockedModules[lintedModuleName], blockReasonNotInAllowedList) continue } - if blockModuleReason != nil && !blockModuleReason.IsAllowed() { + if blockModuleReason != nil && !blockModuleReason.IsCurrentModuleARecommendation(currentModuleName) { blockedModules[lintedModuleName] = append(blockedModules[lintedModuleName], fmt.Sprintf("%s %s", blockReasonInBlockedList, blockModuleReason.Message())) } - if blockVersionReason != nil && !blockVersionReason.IsAllowed() { - blockedModules[lintedModuleName] = append(blockedModules[lintedModuleName], fmt.Sprintf("%s %s", blockReasonInBlockedList, blockVersionReason.Message())) + if blockVersionReason != nil && blockVersionReason.IsLintedModuleVersionBlocked(lintedModuleVersion) { + blockedModules[lintedModuleName] = append(blockedModules[lintedModuleName], fmt.Sprintf("%s %s", blockReasonInBlockedList, blockVersionReason.Message(lintedModuleVersion))) + } + } + + // Replace directives with local paths are blocked. + // Filesystem paths found in "replace" directives are represented by a path with an empty version. + // https://github.com/golang/mod/blob/bc388b264a244501debfb9caea700c6dcaff10e2/module/module.go#L122-L124 + if p.Config.Blocked.LocalReplaceDirectives { + for i := range replacedModules { + replacedModuleOldName := strings.TrimSpace(replacedModules[i].Old.Path) + replacedModuleNewName := strings.TrimSpace(replacedModules[i].New.Path) + replacedModuleNewVersion := strings.TrimSpace(replacedModules[i].New.Version) + + if replacedModuleNewName != "" && replacedModuleNewVersion == "" { + blockedModules[replacedModuleOldName] = append(blockedModules[replacedModuleOldName], blockReasonHasLocalReplaceDirective) + } } } -- cgit mrf-deployment