Skip to content

Commit

Permalink
chore: update Go to version 1.22.7 (#1233)
Browse files Browse the repository at this point in the history
A few Go vulnerabilities are reported so this PR updates Go to the fixed
version 1.22.7.

Also `golang.org/x/[email protected]` requires Go 1.22.0 as mentioned in
#1204.

Due to this version update, there are two new lint checks:
[copyloopvar](https://github.com/karamaru-alpha/copyloopvar) and
[intrange](https://github.com/ckaznocha/intrange).
  • Loading branch information
cuixq authored Sep 10, 2024
1 parent 0cd2051 commit 07619c0
Show file tree
Hide file tree
Showing 68 changed files with 17 additions and 96 deletions.
1 change: 0 additions & 1 deletion cmd/osv-reporter/main_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ func Test_splitLastArg(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
if got := splitLastArg(tt.args); !reflect.DeepEqual(got, tt.want) {
Expand Down
1 change: 0 additions & 1 deletion cmd/osv-scanner/fix/main_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,6 @@ func TestParseUpgradeConfig(t *testing.T) {
}

for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
ctx, err := parseFlags(t, flags, tt.args)
Expand Down
1 change: 0 additions & 1 deletion cmd/osv-scanner/fix_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,6 @@ func TestRun_Fix(t *testing.T) {
// TODO: add tests with the cli flags
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down
10 changes: 0 additions & 10 deletions cmd/osv-scanner/main_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -320,7 +320,6 @@ func TestRun(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand All @@ -346,7 +345,6 @@ func TestRunCallAnalysis(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -479,7 +477,6 @@ func TestRun_LockfileWithExplicitParseAs(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand All @@ -505,7 +502,6 @@ func TestRun_GithubActions(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -598,7 +594,6 @@ func TestRun_LocalDatabases(t *testing.T) {
}

for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -667,7 +662,6 @@ func TestRun_Licenses(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -724,7 +718,6 @@ func TestRun_OCIImage(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -767,7 +760,6 @@ func TestRun_SubCommands(t *testing.T) {
// TODO: add tests for other future subcommands
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -824,7 +816,6 @@ func TestRun_InsertDefaultCommand(t *testing.T) {
}

for _, tt := range tests {
tt := tt
stdout := &bytes.Buffer{}
stderr := &bytes.Buffer{}
argsActual := insertDefaultCommand(tt.originalArgs, commands, defaultCommand, stdout, stderr)
Expand Down Expand Up @@ -860,7 +851,6 @@ func TestRun_MavenTransitive(t *testing.T) {
}

for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
testCli(t, tt)
Expand Down
1 change: 0 additions & 1 deletion cmd/osv-scanner/update_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ func TestRun_Update(t *testing.T) {
}

for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
tc := cliTestCase{
Expand Down
2 changes: 1 addition & 1 deletion docs/installation.md
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ Alternatively, you can install this from source by running:
go install github.com/google/osv-scanner/cmd/osv-scanner@v1
```

This requires Go 1.21.12+ to be installed.
This requires Go 1.22.7+ to be installed.

## Build from source

Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/google/osv-scanner

go 1.21.12
go 1.22.7

require (
deps.dev/api/v3 v3.0.0-20240807013505-16da96fe8b66
Expand Down
2 changes: 0 additions & 2 deletions internal/ci/vulnerability_result_diff_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,6 @@ func TestDiffVulnerabilityResults(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
got := ci.DiffVulnerabilityResults(tt.args.oldRes, tt.args.newRes)
Expand Down Expand Up @@ -123,7 +122,6 @@ func TestDiffVulnerabilityByUniqueVulnCountResults(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
got := ci.DiffVulnerabilityResultsByOccurrences(tt.args.oldRes, tt.args.newRes)
Expand Down
1 change: 0 additions & 1 deletion internal/image/image_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,6 @@ func TestScanImage(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down
1 change: 0 additions & 1 deletion internal/manifest/maven_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,6 @@ func TestMavenResolverExtractor_ShouldExtract(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
e := manifest.MavenResolverExtractor{}
Expand Down
1 change: 0 additions & 1 deletion internal/output/form_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,6 @@ func TestForm(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down
3 changes: 0 additions & 3 deletions internal/output/helpers_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1019,7 +1019,6 @@ func testOutputWithVulnerabilities(t *testing.T, run outputTestRunner) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -1619,7 +1618,6 @@ func testOutputWithLicenseViolations(t *testing.T, run outputTestRunner) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -1999,7 +1997,6 @@ func testOutputWithMixedIssues(t *testing.T, run outputTestRunner) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down
2 changes: 0 additions & 2 deletions internal/output/identifiers_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@ func Test_idSortFunc(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -68,7 +67,6 @@ func Test_idSortFuncUsage(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down
3 changes: 0 additions & 3 deletions internal/output/result_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,6 @@ func Test_groupFixedVersions(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
got := groupFixedVersions(tt.args)
Expand Down Expand Up @@ -72,8 +71,6 @@ func Test_mapIDsToGroupedSARIFFinding(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt

t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down
1 change: 0 additions & 1 deletion internal/output/sarif_internal_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@ func Test_createSARIFHelpText(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
got := createSARIFHelpText(&tt.args)
Expand Down
2 changes: 0 additions & 2 deletions internal/output/sarif_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,6 @@ func TestGroupFixedVersions(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
got := output.GroupFixedVersions(tt.args)
Expand Down Expand Up @@ -73,7 +72,6 @@ func TestPrintSARIFReport(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down
1 change: 0 additions & 1 deletion internal/remediation/in_place_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,6 @@ func TestComputeInPlacePatches(t *testing.T) {
}

for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
g, cl := parseInPlaceFixture(t, tt.universePath, tt.lockfilePath)
Expand Down
1 change: 0 additions & 1 deletion internal/remediation/override_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,6 @@ func TestComputeOverridePatches(t *testing.T) {
}

for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
res, cl := parseRemediationFixture(t, tt.universePath, tt.manifestPath)
Expand Down
1 change: 0 additions & 1 deletion internal/remediation/relax/npm_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,6 @@ func TestRelaxNpm(t *testing.T) {
}

for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
cl := resolve.NewLocalClient()
Expand Down
1 change: 0 additions & 1 deletion internal/remediation/relax_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ func TestComputeRelaxPatches(t *testing.T) {
}

for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
res, cl := parseRemediationFixture(t, tt.universePath, tt.manifestPath)
Expand Down
1 change: 0 additions & 1 deletion internal/remediation/remediation_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -198,7 +198,6 @@ func TestMatchVuln(t *testing.T) {
}

for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down
1 change: 0 additions & 1 deletion internal/resolution/datasource/npmrc_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -283,7 +283,6 @@ func TestNpmRegistryAuthOpts(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
header := make(http.Header)
Expand Down
2 changes: 1 addition & 1 deletion internal/resolution/manifest/maven.go
Original file line number Diff line number Diff line change
Expand Up @@ -294,7 +294,7 @@ func (MavenManifestIO) Write(df lockfile.DepFile, w io.Writer, patch ManifestPat
currentPath := df.Path()
parent := specific.Parent
visited := make(map[maven.ProjectKey]bool, mavenutil.MaxParent)
for n := 0; n < mavenutil.MaxParent; n++ {
for range mavenutil.MaxParent {
if parent.GroupID == "" || parent.ArtifactID == "" || parent.Version == "" {
break
}
Expand Down
1 change: 0 additions & 1 deletion internal/resolution/resolve_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,6 @@ func TestResolve(t *testing.T) {
}

for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
cl := clienttest.NewMockResolutionClient(t, tt.universe)
Expand Down
1 change: 0 additions & 1 deletion internal/semantic/compare_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -236,7 +236,6 @@ func TestVersion_Compare_Ecosystems(t *testing.T) {
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

Expand Down
4 changes: 2 additions & 2 deletions internal/semantic/version-alpine.go
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ type AlpineVersion struct {
func (v AlpineVersion) compareComponents(w AlpineVersion) int {
numberOfComponents := max(len(v.components), len(w.components))

for i := 0; i < numberOfComponents; i++ {
for i := range numberOfComponents {
diff := v.components.Fetch(i).Cmp(w.components.Fetch(i))

if diff != 0 {
Expand Down Expand Up @@ -150,7 +150,7 @@ func (as alpineSuffix) Cmp(bs alpineSuffix) int {
func (v AlpineVersion) compareSuffixes(w AlpineVersion) int {
numberOfSuffixes := max(len(v.suffixes), len(w.suffixes))

for i := 0; i < numberOfSuffixes; i++ {
for i := range numberOfSuffixes {
diff := v.fetchSuffix(i).Cmp(w.fetchSuffix(i))

if diff != 0 {
Expand Down
2 changes: 1 addition & 1 deletion internal/semantic/version-debian.go
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ func compareDebianVersions(a, b string) int {
apSplit := strings.Split(ap, "")
bpSplit := strings.Split(bp, "")

for i := 0; i < max(len(ap), len(bp)); i++ {
for i := range max(len(ap), len(bp)) {
aw := weighDebianChar(fetch(apSplit, i, ""))
bw := weighDebianChar(fetch(bpSplit, i, ""))

Expand Down
4 changes: 2 additions & 2 deletions internal/semantic/version-maven.go
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ func (mv MavenVersion) equal(mw MavenVersion) bool {
return false
}

for i := 0; i < len(mv.tokens); i++ {
for i := range len(mv.tokens) {
if !mv.tokens[i].equal(mw.tokens[i]) {
return false
}
Expand Down Expand Up @@ -141,7 +141,7 @@ func (mv MavenVersion) lessThan(mw MavenVersion) bool {
var left mavenVersionToken
var right mavenVersionToken

for i := 0; i < numberOfTokens; i++ {
for i := range numberOfTokens {
// the shorter one padded with enough "null" values with matching prefix to
// have the same length as the longer one. Padded "null" values depend on
// the prefix of the other version: 0 for '.', "" for '-'
Expand Down
2 changes: 1 addition & 1 deletion internal/semantic/version-packagist.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ func comparePackagistComponents(a, b []string) int {

var compare int

for i := 0; i < minLength; i++ {
for i := range minLength {
ai, aIsNumber := convertToBigInt(a[i])
bi, bIsNumber := convertToBigInt(b[i])

Expand Down
2 changes: 1 addition & 1 deletion internal/semantic/version-pypi.go
Original file line number Diff line number Diff line change
Expand Up @@ -286,7 +286,7 @@ func (pv PyPIVersion) compareLocal(pw PyPIVersion) int {

var compare int

for i := 0; i < minVersionLength; i++ {
for i := range minVersionLength {
ai, aIsNumber := convertToBigInt(pv.local[i])
bi, bIsNumber := convertToBigInt(pw.local[i])

Expand Down
2 changes: 1 addition & 1 deletion internal/semantic/version-rubygems.go
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ func compareRubyGemsComponents(a, b []string) int {

var compare int

for i := 0; i < numberOfComponents; i++ {
for i := range numberOfComponents {
as := fetch(a, i, "0")
bs := fetch(b, i, "0")

Expand Down
Loading

0 comments on commit 07619c0

Please sign in to comment.