Merge experimental / refactor #146
Conversation
Initial commit to change GAS to process packages rather than standalone files. This is to address issues with type resolution for external dependencies. Uses golang.org/x/tools/go/loader to prepare analyzer input rather than finding the individual files.
The analyzer now only handles packages rather than one off files. This simplifies the CLI functionality significantly.
- Get rid of 'core' and move CLI to cmd/gas directory - Migrate (most) tests to use Ginkgo and testutils framework - GAS now expects package to reside in $GOPATH - GAS now can resolve dependencies for better type checking (if package on GOPATH) - Simplified public API
output/formatter: Issue.Line was already a string
cmd/gas/main.go
Outdated
| } | ||
|
|
||
| func loadRules(include, exclude string) rules.RuleList { | ||
| filters := make([]rules.RuleFilter, 0) |
There was a problem hiding this comment.
can probably use "var filters []rules.RuleFilter" instead
import_tracker.go
Outdated
| } | ||
| } | ||
|
|
||
| func (t *ImportTracker) TrackImport(n ast.Node) { |
There was a problem hiding this comment.
exported method ImportTracker.TrackImport should have comment or be unexported
import_tracker.go
Outdated
| } | ||
| } | ||
|
|
||
| func (t *ImportTracker) TrackPackages(pkgs ...*types.Package) { |
There was a problem hiding this comment.
exported method ImportTracker.TrackPackages should have comment or be unexported
import_tracker.go
Outdated
| InitOnly map[string]bool | ||
| } | ||
|
|
||
| func NewImportTracker() *ImportTracker { |
There was a problem hiding this comment.
exported function NewImportTracker should have comment or be unexported
import_tracker.go
Outdated
| "strings" | ||
| ) | ||
|
|
||
| type ImportTracker struct { |
There was a problem hiding this comment.
exported type ImportTracker should have comment or be unexported
rules/tls.go
Outdated
| @@ -162,12 +169,12 @@ func NewIntermediateTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) | |||
| }, []ast.Node{(*ast.CompositeLit)(nil)} | |||
| } | |||
|
|
|||
| func NewCompatTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) { | |||
| func NewCompatTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) { | |||
There was a problem hiding this comment.
exported function NewCompatTlsCheck should have comment or be unexported
func NewCompatTlsCheck should be NewCompatTLSCheck
rules/tls.go
Outdated
| @@ -136,12 +143,12 @@ func NewModernTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) { | |||
| }, []ast.Node{(*ast.CompositeLit)(nil)} | |||
| } | |||
|
|
|||
| func NewIntermediateTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) { | |||
| func NewIntermediateTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) { | |||
There was a problem hiding this comment.
exported function NewIntermediateTlsCheck should have comment or be unexported
func NewIntermediateTlsCheck should be NewIntermediateTLSCheck
rules/tls.go
Outdated
| @@ -121,12 +128,12 @@ func (t *InsecureConfigTLS) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, er | |||
| return | |||
| } | |||
|
|
|||
| func NewModernTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) { | |||
| func NewModernTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) { | |||
There was a problem hiding this comment.
exported function NewModernTlsCheck should have comment or be unexported
func NewModernTlsCheck should be NewModernTLSCheck
rules/templates.go
Outdated
| @@ -37,9 +36,10 @@ func (t *TemplateCheck) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err er | |||
| return nil, nil | |||
| } | |||
|
|
|||
| func NewTemplateCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) { | |||
| func NewTemplateCheck(conf gas.Config) (gas.Rule, []ast.Node) { | |||
There was a problem hiding this comment.
exported function NewTemplateCheck should have comment or be unexported
rules/templates.go
Outdated
| } | ||
|
|
||
| func (t *TemplateCheck) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error) { | ||
| if node := gas.MatchCall(n, t.call); node != nil { | ||
| func (t *TemplateCheck) Match(n ast.Node, c *gas.Context) (*gas.Issue, error) { |
There was a problem hiding this comment.
exported method TemplateCheck.Match should have comment or be unexported
cmd/gas/main.go
Outdated
| } | ||
|
|
||
| func loadRules(include, exclude string) rules.RuleList { | ||
| filters := make([]rules.RuleFilter, 0) |
There was a problem hiding this comment.
can probably use "var filters []rules.RuleFilter" instead
import_tracker.go
Outdated
| } | ||
| } | ||
|
|
||
| func (t *ImportTracker) TrackImport(n ast.Node) { |
There was a problem hiding this comment.
exported method ImportTracker.TrackImport should have comment or be unexported
import_tracker.go
Outdated
| } | ||
| } | ||
|
|
||
| func (t *ImportTracker) TrackPackages(pkgs ...*types.Package) { |
There was a problem hiding this comment.
exported method ImportTracker.TrackPackages should have comment or be unexported
import_tracker.go
Outdated
| InitOnly map[string]bool | ||
| } | ||
|
|
||
| func NewImportTracker() *ImportTracker { |
There was a problem hiding this comment.
exported function NewImportTracker should have comment or be unexported
import_tracker.go
Outdated
| "strings" | ||
| ) | ||
|
|
||
| type ImportTracker struct { |
There was a problem hiding this comment.
exported type ImportTracker should have comment or be unexported
rules/tls.go
Outdated
| @@ -162,12 +169,12 @@ func NewIntermediateTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) | |||
| }, []ast.Node{(*ast.CompositeLit)(nil)} | |||
| } | |||
|
|
|||
| func NewCompatTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) { | |||
| func NewCompatTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) { | |||
There was a problem hiding this comment.
exported function NewCompatTlsCheck should have comment or be unexported
func NewCompatTlsCheck should be NewCompatTLSCheck
rules/tls.go
Outdated
| @@ -136,12 +143,12 @@ func NewModernTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) { | |||
| }, []ast.Node{(*ast.CompositeLit)(nil)} | |||
| } | |||
|
|
|||
| func NewIntermediateTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) { | |||
| func NewIntermediateTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) { | |||
There was a problem hiding this comment.
exported function NewIntermediateTlsCheck should have comment or be unexported
func NewIntermediateTlsCheck should be NewIntermediateTLSCheck
rules/tls.go
Outdated
| @@ -121,12 +128,12 @@ func (t *InsecureConfigTLS) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, er | |||
| return | |||
| } | |||
|
|
|||
| func NewModernTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) { | |||
| func NewModernTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) { | |||
There was a problem hiding this comment.
exported function NewModernTlsCheck should have comment or be unexported
func NewModernTlsCheck should be NewModernTLSCheck
rules/templates.go
Outdated
| @@ -37,9 +36,10 @@ func (t *TemplateCheck) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err er | |||
| return nil, nil | |||
| } | |||
|
|
|||
| func NewTemplateCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) { | |||
| func NewTemplateCheck(conf gas.Config) (gas.Rule, []ast.Node) { | |||
There was a problem hiding this comment.
exported function NewTemplateCheck should have comment or be unexported
rules/templates.go
Outdated
| } | ||
|
|
||
| func (t *TemplateCheck) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error) { | ||
| if node := gas.MatchCall(n, t.call); node != nil { | ||
| func (t *TemplateCheck) Match(n ast.Node, c *gas.Context) (*gas.Issue, error) { |
There was a problem hiding this comment.
exported method TemplateCheck.Match should have comment or be unexported
| gas.logger.Println("Checking package:", pkg.String()) | ||
| for _, file := range pkg.Files { | ||
| gas.logger.Println("Checking file:", builtPackage.Fset.File(file.Pos()).Name()) | ||
| gas.context.FileSet = builtPackage.Fset |
There was a problem hiding this comment.
It would be nice in future to build the context locally instead of providing it into a global shared state. In this way the processing can be done in parallel.
There was a problem hiding this comment.
I think this is something that we can look at, although some of the context like type information is relevant between files in a package I think. Parallel processing is something I'd like to work towards.
| }) | ||
|
|
||
| Context("when processing a package", func() { | ||
|
|
There was a problem hiding this comment.
I would add a test for a package consisting of multiple files.
cmd/gas/main.go
Outdated
| flag.PrintDefaults() | ||
| fmt.Fprint(os.Stderr, "\n\nRULES:\n\n") | ||
|
|
||
| // sorted rule list for eas of reading |
| } | ||
|
|
||
| // Load enabled rule definitions | ||
| ruleDefinitions := loadRules(*flagRulesInclude, *flagRulesExclude) |
There was a problem hiding this comment.
Are all rules included if both flags are empty? If all are included, I would print a info messages here. If all are excluded, I would print an error.
| analyzer := gas.NewAnalyzer(config, logger) | ||
| analyzer.LoadRules(ruleDefinitions.Builders()...) | ||
|
|
||
| vendor := regexp.MustCompile(`[\\/]vendor([\\/]|$)`) |
There was a problem hiding this comment.
Maybe is worth make it this configurable. I think we can get a list of folders which could be potentially excluded. I would add vendor folder by defualt to this list.
There was a problem hiding this comment.
The file inclusion / exclusion logic in the past has been a major source of bugs and confusion. The aim here was to basically make gas work as simply as possible.
However I agree it would make sense to be able to configure package directories in the recursive case. Do you think we should fix this as a separate PR or try to sneak it in with change?
There was a problem hiding this comment.
In my opinion the vendor folder exclusion is enough. A more complex logic can be added after the merge.
| abspath, _ := filepath.Abs(pkg) | ||
| logger.Println("Searching directory:", abspath) | ||
| if err := analyzer.Process(pkg); err != nil { | ||
| logger.Fatal(err) |
There was a problem hiding this comment.
Maybe it is worth continuing the processing if only one package fails.
There was a problem hiding this comment.
I think the causes of errors here are:
- It is a valid go package but it doesn't compile
- It is not a valid go package
I think I was trying to mimic the compiler behaviour here. For the purposes of a mass scan I
could see how this would be useful to continue processing.
However I would typically do something like to scan everything in my workspace:
# (mac osx)
$ cd $GOPATH/src && go list ./... | xargs -I {} gas $GOPATH/src/{}/...There was a problem hiding this comment.
Agreed. The workaround is fair enough.
config.go
Outdated
|
|
||
| // GetGlobal returns value associated with global configuration option | ||
| func (c Config) GetGlobal(option string) (string, error) { | ||
| if globals, ok := c["global"]; ok { |
There was a problem hiding this comment.
I would extract this string into a constant.
config.go
Outdated
|
|
||
| // SetGlobal associates a value with a global configuration ooption | ||
| func (c Config) SetGlobal(option, value string) { | ||
| if globals, ok := c["global"]; ok { |
rules/rulelist.go
Outdated
|
|
||
| func NewRuleFilter(action bool, ruleIDs ...string) RuleFilter { | ||
| rulelist := make(map[string]bool) | ||
| for _, rule := range ruleIDs { |
There was a problem hiding this comment.
I would validate if the ruleID is really defined in the list. If not, I will skip it.
| Errors int | ||
| } | ||
|
|
||
| var ( |
There was a problem hiding this comment.
Do you plan to add more code samples here to cover all the rules? I am asking this because the tests of each rule were removed.
There was a problem hiding this comment.
Yes. This is something I need to finish doing. There are also some placeholder tests that I need to get finished also (currently skipping).
analyzer.go
Outdated
| } | ||
|
|
||
| packageConfig := loader.Config{Build: &build.Default, ParserMode: parser.ParseComments} | ||
| packageFiles := make([]string, 0) |
There was a problem hiding this comment.
can probably use "var packageFiles []string" instead
testutils/source.go
Outdated
| } | ||
| }`, 1}} | ||
|
|
||
| // SampleCode502 - Blacklisted import DES |
There was a problem hiding this comment.
comment on exported var SampleCodeG502 should be of the form "SampleCodeG502 ..."
testutils/source.go
Outdated
| println(i) | ||
| }`, 0}} | ||
|
|
||
| // SampleCode501 - Blacklisted import MD5 |
There was a problem hiding this comment.
comment on exported var SampleCodeG501 should be of the form "SampleCodeG501 ..."
The tests are running extremely slow at the moment, and these extra options add to the problem.
| @@ -2,13 +2,13 @@ package gas_test | |||
|
|
|||
| import ( | |||
There was a problem hiding this comment.
ben hiç bir şey anlamadım işe geç kalacağım yardım
I've had a number of changes that I've been sitting on for a while that I think need to get merged to move forward.
The most notable:
There is still much to do but this change is getting too big, and am getting pinged with issues & PR's that won't be relevant under this model.