formatting

Author: michaelkedar

go/cmd/importer/main.go

@@ -1,3 +1,4 @@
+// Package main for importer synchronizes vulnerability data from various sources into the OSV ecosystem.
 package main
 
 import (
@@ -22,7 +23,7 @@ func main() {
 	logger.InitGlobalLogger()
 
 	strictValidation := flag.Bool("strict-validation", false, "Fail to import entries that do not pass validation.")
-	delete := flag.Bool("delete", false, "Bypass importing and propagate record deletions from source to Datastore")
+	runDelete := flag.Bool("delete", false, "Bypass importing and propagate record deletions from source to Datastore")
 	deleteThresholdPct := flag.Float64("delete-threshold-pct", 10.0, "More than this percent of records for a given source being deleted triggers an error")
 	workDir := flag.String("work-dir", "/work", "Work directory for git repos")
 	numWorkers := flag.Int("num-workers", 50, "Number of workers to use for importing")
@@ -68,7 +69,7 @@ func main() {
 	}
 	config.GCSProvider = clients.NewGCSStorageProvider(storageClient)
 
-	if *delete {
+	if *runDelete {
 		if err := importer.RunDeletions(context.Background(), config); err != nil {
 			logger.Fatal("Importer-deleter failed", slog.Any("error", err))
 		}

go/internal/database/datastore/vulnerability.go

@@ -2,6 +2,7 @@ package datastore
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"iter"
 	"strings"
@@ -40,7 +41,7 @@ func (s *VulnerabilityStore) ListBySource(ctx context.Context, source string, sk
 		for {
 			var v Vulnerability
 			key, err := it.Next(&v)
-			if err == iterator.Done {
+			if errors.Is(err, iterator.Done) {
 				return
 			}
 			if err != nil {

go/internal/importer/bucket.go

@@ -37,6 +37,7 @@ func (b bucketSourceRecord) Open(ctx context.Context) (io.ReadCloser, error) {
 	if err != nil {
 		return nil, err
 	}
+
 	return io.NopCloser(bytes.NewReader(data)), nil
 }
 
@@ -157,7 +158,7 @@ func handleDeleteBucket(ctx context.Context, ch chan<- SourceRecord, config Conf
 	}
 
 	// Get all non-withdrawn vulnerabilities in Datastore for this source
-	var vulnsInDatastore []*models.VulnSourceRef
+	vulnsInDatastore := make([]*models.VulnSourceRef, 0, len(objectsInBucket))
 	for entry, err := range config.VulnerabilityStore.ListBySource(ctx, sourceRepo.Name, true) {
 		if err != nil {
 			return err
@@ -196,6 +197,7 @@ func handleDeleteBucket(ctx context.Context, ch chan<- SourceRecord, config Conf
 			slog.Int("total", len(vulnsInDatastore)),
 			slog.Float64("percentage", percentage),
 			slog.Float64("threshold", threshold))
+
 		return errors.New("deletion threshold exceeded")
 	}
 

go/internal/importer/bucket_test.go

@@ -69,7 +69,7 @@ func TestHandleImportBucket(t *testing.T) {
 	}
 
 	mockStore := &mockSourceRepositoryStore{
-		updates: make(map[string]interface{}),
+		updates: make(map[string]any),
 	}
 
 	config := Config{
@@ -97,7 +97,7 @@ func TestHandleImportBucket(t *testing.T) {
 	}
 
 	close(ch)
-	var records []bucketSourceRecord
+	records := make([]bucketSourceRecord, 0, 10)
 	for r := range ch {
 		records = append(records, r.(bucketSourceRecord))
 	}

go/internal/importer/deletion_test.go

@@ -59,7 +59,7 @@ func TestHandleDeleteBucket(t *testing.T) {
 	}
 	close(workCh)
 
-	var records []SourceRecord
+	records := make([]SourceRecord, 0, 10)
 	for r := range workCh {
 		records = append(records, r)
 	}
@@ -134,8 +134,10 @@ func TestHandleDeleteREST(t *testing.T) {
 	ctx := t.Context()
 
 	// Mock Server returns 1 remaining ID
-	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Write([]byte(`[{"id": "STILL-THERE"}]`))
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
+		if _, err := w.Write([]byte(`[{"id": "STILL-THERE"}]`)); err != nil {
+			t.Fatalf("Failed to write response: %v", err)
+		}
 	}))
 	defer ts.Close()
 
@@ -174,7 +176,7 @@ func TestHandleDeleteREST(t *testing.T) {
 	}
 	close(workCh)
 
-	var records []SourceRecord
+	records := make([]SourceRecord, 0, 10)
 	for r := range workCh {
 		records = append(records, r)
 	}

go/internal/importer/filter.go

@@ -20,6 +20,7 @@ func negatedPrefix(regex string) (string, bool) {
 	if strings.HasPrefix(regex, prefix) && strings.HasSuffix(regex, suffix) {
 		return strings.TrimSuffix(strings.TrimPrefix(regex, prefix), suffix), true
 	}
+
 	return "", false
 }
 
@@ -39,10 +40,13 @@ func compileIgnorePatterns(sourceRepo *models.SourceRepository) []*regexp.Regexp
 				slog.String("source", sourceRepo.Name),
 				slog.String("pattern", pattern),
 				slog.Any("error", err))
+
 			continue
 		}
+
 		compiledIgnorePatterns = append(compiledIgnorePatterns, compiledPattern)
 	}
+
 	return compiledIgnorePatterns
 }
 
@@ -66,5 +70,6 @@ func shouldIgnore(name string, idPrefixes []string, ignorePatterns []*regexp.Reg
 			return true
 		}
 	}
+
 	return false
 }

go/internal/importer/git.go

@@ -38,7 +38,7 @@ type gitSourceRecord struct {
 
 var _ SourceRecord = gitSourceRecord{}
 
-func (g gitSourceRecord) Open(ctx context.Context) (io.ReadCloser, error) {
+func (g gitSourceRecord) Open(_ context.Context) (io.ReadCloser, error) {
 	if g.isDeleted {
 		return nil, errors.New("cannot open a deleted record")
 	}
@@ -57,6 +57,7 @@ func (g gitSourceRecord) Open(ctx context.Context) (io.ReadCloser, error) {
 	if err != nil {
 		return nil, err
 	}
+
 	return io.NopCloser(bytes.NewReader(content)), nil
 }
 
@@ -98,6 +99,7 @@ var repoGroup singleflight.Group
 
 type sharedRepo struct {
 	*git.Repository
+
 	mu *sync.Mutex
 }
 
@@ -109,7 +111,7 @@ func handleImportGit(ctx context.Context, ch chan<- SourceRecord, config Config,
 		slog.String("source", sourceRepo.Name), slog.String("url", sourceRepo.Git.URL))
 
 	compiledIgnorePatterns := compileIgnorePatterns(sourceRepo)
-	repoInterface, err, _ := repoGroup.Do(sourceRepo.Git.URL, func() (interface{}, error) {
+	repoInterface, err, _ := repoGroup.Do(sourceRepo.Git.URL, func() (any, error) {
 		// Temporary migration from Python to Go
 		// If the sha name of the repo doesn't exist, check if the source repo name exists from python.
 		// If it does, move it and use it.
@@ -127,6 +129,7 @@ func handleImportGit(ctx context.Context, ch chan<- SourceRecord, config Config,
 		if err != nil {
 			return nil, err
 		}
+
 		return sharedRepo{
 			Repository: repo,
 			mu:         &sync.Mutex{},
@@ -166,6 +169,7 @@ func handleImportGit(ctx context.Context, ch chan<- SourceRecord, config Config,
 		if shouldIgnore(path.Base(p), sourceRepo.IDPrefixes, compiledIgnorePatterns) {
 			return ""
 		}
+
 		return p
 	}
 	for _, fileChange := range changedFiles {
@@ -183,6 +187,7 @@ func handleImportGit(ctx context.Context, ch chan<- SourceRecord, config Config,
 				isDeleted:        true,
 				strict:           sourceRepo.Strictness,
 			}
+
 			continue
 		}
 		// object created/modified - send to channel
@@ -206,6 +211,7 @@ func handleImportGit(ctx context.Context, ch chan<- SourceRecord, config Config,
 	logger.Info("Finished importing git source repository",
 		slog.String("source", sourceRepo.Name),
 		slog.String("url", sourceRepo.Git.URL))
+
 	return nil
 }
 
@@ -255,13 +261,14 @@ func changedFiles(ctx context.Context, repo sharedRepo, sourceRepo *models.Sourc
 	if err != nil {
 		return nil, nil, err
 	}
-	var changedFiles []fileChange
+	changedFiles := make([]fileChange, 0, len(diff))
 	for _, d := range diff {
 		// Note: since we're doing child.Diff(parent), to/from are reversed from what you might expect.
 		changedFiles = append(changedFiles, fileChange{
 			from: d.To.Name,
 			to:   d.From.Name,
 		})
 	}
+
 	return changedFiles, currentCommit, nil
 }

go/internal/importer/git_test.go

@@ -15,12 +15,7 @@ import (
 
 func TestGitSourceRecord_Open(t *testing.T) {
 	// Setup a temporary git repo
-	dir, err := os.MkdirTemp("", "osv-git-test-*")
-	if err != nil {
-		t.Fatalf("Failed to create temp dir: %v", err)
-	}
-	defer os.RemoveAll(dir)
-
+	dir := t.TempDir()
 	repo, err := git.PlainInit(dir, false)
 	if err != nil {
 		t.Fatalf("Failed to init git repo: %v", err)
@@ -32,7 +27,7 @@ func TestGitSourceRecord_Open(t *testing.T) {
 
 	// Create a file
 	filePath := filepath.Join(dir, "test.json")
-	if err := os.WriteFile(filePath, []byte("data"), 0644); err != nil {
+	if err := os.WriteFile(filePath, []byte("data"), 0600); err != nil {
 		t.Fatalf("Failed to write file: %v", err)
 	}
 	if _, err := wt.Add("test.json"); err != nil {
@@ -79,12 +74,7 @@ func TestGitSourceRecord_Open(t *testing.T) {
 
 func TestHandleImportGit(t *testing.T) {
 	// Setup a temporary git repo acting as the remote source
-	remoteDir, err := os.MkdirTemp("", "osv-git-remote-*")
-	if err != nil {
-		t.Fatalf("Failed to create temp dir: %v", err)
-	}
-	defer os.RemoveAll(remoteDir)
-
+	remoteDir := t.TempDir()
 	remoteRepo, err := git.PlainInit(remoteDir, false)
 	if err != nil {
 		t.Fatalf("Failed to init remote repo: %v", err)
@@ -95,28 +85,43 @@ func TestHandleImportGit(t *testing.T) {
 	}
 
 	// Initial commit: ignored file and old file
-	os.WriteFile(filepath.Join(remoteDir, "ignore.json"), []byte("{}"), 0644)
-	os.WriteFile(filepath.Join(remoteDir, "CVE-A.json"), []byte("{}"), 0644)
-	remoteWt.Add("ignore.json")
-	remoteWt.Add("CVE-A.json")
+	if err := os.WriteFile(filepath.Join(remoteDir, "ignore.json"), []byte("{}"), 0600); err != nil {
+		t.Fatalf("Failed to write file: %v", err)
+	}
+	if err := os.WriteFile(filepath.Join(remoteDir, "CVE-A.json"), []byte("{}"), 0600); err != nil {
+		t.Fatalf("Failed to write file: %v", err)
+	}
+	if _, err := remoteWt.Add("ignore.json"); err != nil {
+		t.Fatalf("Failed to add file: %v", err)
+	}
+	if _, err := remoteWt.Add("CVE-A.json"); err != nil {
+		t.Fatalf("Failed to add file: %v", err)
+	}
 	commitA, _ := remoteWt.Commit("Initial", &git.CommitOptions{
 		Author: &object.Signature{Name: "Test", Email: "test@example.com", When: time.Now()},
 	})
 
 	// Second commit: Modify old file, add new file
-	os.WriteFile(filepath.Join(remoteDir, "CVE-A.json"), []byte(`{"modified": true}`), 0644)
-	os.WriteFile(filepath.Join(remoteDir, "CVE-B.json"), []byte("{}"), 0644)
-	remoteWt.Add("CVE-A.json")
-	remoteWt.Add("CVE-B.json")
+	if err := os.WriteFile(filepath.Join(remoteDir, "CVE-A.json"), []byte(`{"modified": true}`), 0600); err != nil {
+		t.Fatalf("Failed to write file: %v", err)
+	}
+	if err := os.WriteFile(filepath.Join(remoteDir, "CVE-B.json"), []byte("{}"), 0600); err != nil {
+		t.Fatalf("Failed to write file: %v", err)
+	}
+	if _, err := remoteWt.Add("CVE-A.json"); err != nil {
+		t.Fatalf("Failed to add file: %v", err)
+	}
+	if _, err := remoteWt.Add("CVE-B.json"); err != nil {
+		t.Fatalf("Failed to add file: %v", err)
+	}
 	commitB, _ := remoteWt.Commit("Second", &git.CommitOptions{
 		Author: &object.Signature{Name: "Test", Email: "test@example.com", When: time.Now()},
 	})
 
 	mockStore := &mockSourceRepositoryStore{
-		updates: make(map[string]interface{}),
+		updates: make(map[string]any),
 	}
-	workDir, _ := os.MkdirTemp("", "osv-git-work-*")
-	defer os.RemoveAll(workDir)
+	workDir := t.TempDir()
 
 	config := Config{
 		SourceRepoStore: mockStore,
@@ -141,7 +146,7 @@ func TestHandleImportGit(t *testing.T) {
 	}
 	close(ch)
 
-	var records []gitSourceRecord
+	records := make([]gitSourceRecord, 0, 10)
 	for r := range ch {
 		records = append(records, r.(gitSourceRecord))
 	}
@@ -172,11 +177,7 @@ func TestHandleImportGit(t *testing.T) {
 
 func TestHandleImportGit_Deletion(t *testing.T) {
 	// Setup a temporary git repo acting as the remote source
-	remoteDir, err := os.MkdirTemp("", "osv-git-remote-del-*")
-	if err != nil {
-		t.Fatalf("Failed to create temp dir: %v", err)
-	}
-	defer os.RemoveAll(remoteDir)
+	remoteDir := t.TempDir()
 
 	remoteRepo, err := git.PlainInit(remoteDir, false)
 	if err != nil {
@@ -188,8 +189,12 @@ func TestHandleImportGit_Deletion(t *testing.T) {
 	}
 
 	// Initial commit: one file
-	os.WriteFile(filepath.Join(remoteDir, "CVE-A.json"), []byte("{}"), 0644)
-	remoteWt.Add("CVE-A.json")
+	if err := os.WriteFile(filepath.Join(remoteDir, "CVE-A.json"), []byte("{}"), 0600); err != nil {
+		t.Fatalf("Failed to write file: %v", err)
+	}
+	if _, err := remoteWt.Add("CVE-A.json"); err != nil {
+		t.Fatalf("Failed to add file: %v", err)
+	}
 	commitA, _ := remoteWt.Commit("Initial", &git.CommitOptions{
 		Author: &object.Signature{Name: "Test", Email: "test@example.com", When: time.Now()},
 	})
@@ -201,10 +206,9 @@ func TestHandleImportGit_Deletion(t *testing.T) {
 	})
 
 	mockStore := &mockSourceRepositoryStore{
-		updates: make(map[string]interface{}),
+		updates: make(map[string]any),
 	}
-	workDir, _ := os.MkdirTemp("", "osv-git-work-del-*")
-	defer os.RemoveAll(workDir)
+	workDir := t.TempDir()
 
 	config := Config{
 		SourceRepoStore: mockStore,
@@ -228,7 +232,7 @@ func TestHandleImportGit_Deletion(t *testing.T) {
 	}
 	close(ch)
 
-	var records []gitSourceRecord
+	records := make([]gitSourceRecord, 0, 10)
 	for r := range ch {
 		records = append(records, r.(gitSourceRecord))
 	}