13566620812

Committed 27 Feb 2025 12:41PM UTC coverage: 57.498%. First build

Build # 13566620812

Build Type

Pull #5467

github

Committed by

web-flow

Commit Message

Merge 212a43a46 into 507713f32

Pull Request Pull Request #5467: build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5

Run Details

18144 of 31556 relevant lines covered (57.5%)

37.64 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/internal/engine/eval/homoglyphs/application/homoglyphs_service.go

// SPDX-FileCopyrightText: Copyright 2023 The Minder Authors
// SPDX-License-Identifier: Apache-2.0

// Package application contains the application logic for the homoglyphs rule type
package application

import (
        "context"
        "fmt"
        "strings"

        "github.com/google/go-github/v63/github"

        "github.com/mindersec/minder/internal/engine/eval/homoglyphs/communication"
        "github.com/mindersec/minder/internal/engine/eval/homoglyphs/domain"
        eoptions "github.com/mindersec/minder/internal/engine/options"
        pbinternal "github.com/mindersec/minder/internal/proto"
        pb "github.com/mindersec/minder/pkg/api/protobuf/go/minder/v1"
        "github.com/mindersec/minder/pkg/engine/v1/interfaces"
        provifv1 "github.com/mindersec/minder/pkg/providers/v1"
)

const (
        // HomoglyphsEvalType is the type of the homoglyphs evaluator
        HomoglyphsEvalType = "homoglyphs"

        invisibleCharacters = "invisible_characters"
        mixedScript         = "mixed_scripts"
)

// NewHomoglyphsEvaluator creates a new homoglyphs evaluator
func NewHomoglyphsEvaluator(
        ctx context.Context,
        reh *pb.RuleType_Definition_Eval_Homoglyphs,
        ghClient provifv1.GitHub,
        opts ...eoptions.Option,
) (interfaces.Evaluator, error) {
        if ghClient == nil {
                return nil, fmt.Errorf("provider builder is nil")
        }
        if reh == nil {
                return nil, fmt.Errorf("homoglyphs configuration is nil")
        }

        switch reh.Type {
        case invisibleCharacters:
                return NewInvisibleCharactersEvaluator(ctx, ghClient, opts...)
        case mixedScript:
                return NewMixedScriptEvaluator(ctx, ghClient, opts...)
        default:
                return nil, fmt.Errorf("unsupported homoglyphs type: %s", reh.Type)
        }
}

// evaluateHomoglyphs is a helper function to evaluate the homoglyphs rule type
// Return parameters:
// - bool: whether the evaluation has found violations
// - error: an error if the evaluation failed
func evaluateHomoglyphs(
        ctx context.Context,
        processor domain.HomoglyphProcessor,
        res *interfaces.Result,
        reviewHandler *communication.GhReviewPrHandler,
) ([]*domain.Violation, error) {
        // create an empty list of violations
        var violationsList []*domain.Violation

        if res == nil {
                return violationsList, fmt.Errorf("result is nil")
        }

        //nolint:govet
        prContents, ok := res.Object.(*pbinternal.PrContents)
        if !ok {
                return violationsList, fmt.Errorf("invalid object type for homoglyphs evaluator")
        }

        if prContents.Pr == nil || prContents.Files == nil {
                return violationsList, fmt.Errorf("invalid prContents fields: %v, %v", prContents.Pr, prContents.Files)
        }

        if len(prContents.Files) == 0 {
                return violationsList, nil
        }

        // Note: This is a mandatory step to reassign certain fields in the handler.
        // This is a workaround to avoid recreating the object.
        reviewHandler.Hydrate(ctx, prContents.Pr)

        for _, file := range prContents.Files {
                for _, line := range file.PatchLines {
                        violations := processor.FindViolations(line.Content)
                        if len(violations) == 0 {
                                continue
                        }
                        violationsList = append(violationsList, violations...)

                        var commentBody strings.Builder
                        commentBody.WriteString(processor.GetSubCommentText())

                        for _, v := range violations {
                                commentBody.WriteString(processor.GetLineCommentText(v))
                        }

                        reviewComment := &github.DraftReviewComment{
                                Path: github.String(file.Name),
                                Body: github.String(commentBody.String()),
                                Line: github.Int(int(line.LineNumber)),
                        }

                        reviewHandler.AddComment(reviewComment)
                }
        }

        if len(reviewHandler.GetComments()) > 0 {
                return violationsList, reviewHandler.SubmitReview(ctx, processor.GetFailedReviewText())
        }

        return violationsList, nil
}

1	// SPDX-FileCopyrightText: Copyright 2023 The Minder Authors
2	// SPDX-License-Identifier: Apache-2.0
3
4	// Package application contains the application logic for the homoglyphs rule type
5	package application
6
7	import (
8	"context"
9	"fmt"
10	"strings"
11
12	"github.com/google/go-github/v63/github"
13
14	"github.com/mindersec/minder/internal/engine/eval/homoglyphs/communication"
15	"github.com/mindersec/minder/internal/engine/eval/homoglyphs/domain"
16	eoptions "github.com/mindersec/minder/internal/engine/options"
17	pbinternal "github.com/mindersec/minder/internal/proto"
18	pb "github.com/mindersec/minder/pkg/api/protobuf/go/minder/v1"
19	"github.com/mindersec/minder/pkg/engine/v1/interfaces"
20	provifv1 "github.com/mindersec/minder/pkg/providers/v1"
21	)
22
23	const (
24	// HomoglyphsEvalType is the type of the homoglyphs evaluator
25	HomoglyphsEvalType = "homoglyphs"
26
27	invisibleCharacters = "invisible_characters"
28	mixedScript = "mixed_scripts"
29	)
30
31	// NewHomoglyphsEvaluator creates a new homoglyphs evaluator
32	func NewHomoglyphsEvaluator(
33	ctx context.Context,
34	reh *pb.RuleType_Definition_Eval_Homoglyphs,
35	ghClient provifv1.GitHub,
36	opts ...eoptions.Option,
37	) (interfaces.Evaluator, error) {	×
38	if ghClient == nil {	×
39	return nil, fmt.Errorf("provider builder is nil")	×
40	}	×
41	if reh == nil {	×
42	return nil, fmt.Errorf("homoglyphs configuration is nil")	×
43	}	×
44
45	switch reh.Type {	×
46	case invisibleCharacters:	×
47	return NewInvisibleCharactersEvaluator(ctx, ghClient, opts...)	×
48	case mixedScript:	×
49	return NewMixedScriptEvaluator(ctx, ghClient, opts...)	×
50	default:	×
51	return nil, fmt.Errorf("unsupported homoglyphs type: %s", reh.Type)	×
52	}
53	}
54
55	// evaluateHomoglyphs is a helper function to evaluate the homoglyphs rule type
56	// Return parameters:
57	// - bool: whether the evaluation has found violations
58	// - error: an error if the evaluation failed
59	func evaluateHomoglyphs(
60	ctx context.Context,
61	processor domain.HomoglyphProcessor,
62	res *interfaces.Result,
63	reviewHandler *communication.GhReviewPrHandler,
64	) ([]*domain.Violation, error) {	×
65	// create an empty list of violations	×
66	var violationsList []*domain.Violation	×
67		×
68	if res == nil {	×
69	return violationsList, fmt.Errorf("result is nil")	×
70	}	×
71
72	//nolint:govet
73	prContents, ok := res.Object.(*pbinternal.PrContents)	×
74	if !ok {	×
75	return violationsList, fmt.Errorf("invalid object type for homoglyphs evaluator")	×
76	}	×
77
78	if prContents.Pr == nil \|\| prContents.Files == nil {	×
79	return violationsList, fmt.Errorf("invalid prContents fields: %v, %v", prContents.Pr, prContents.Files)	×
80	}	×
81
82	if len(prContents.Files) == 0 {	×
83	return violationsList, nil	×
84	}	×
85
86	// Note: This is a mandatory step to reassign certain fields in the handler.
87	// This is a workaround to avoid recreating the object.
88	reviewHandler.Hydrate(ctx, prContents.Pr)	×
89		×
90	for _, file := range prContents.Files {	×
91	for _, line := range file.PatchLines {	×
92	violations := processor.FindViolations(line.Content)	×
93	if len(violations) == 0 {	×
94	continue	×
95	}
96	violationsList = append(violationsList, violations...)	×
97		×
98	var commentBody strings.Builder	×
99	commentBody.WriteString(processor.GetSubCommentText())	×
100		×
101	for _, v := range violations {	×
102	commentBody.WriteString(processor.GetLineCommentText(v))	×
103	}	×
104
105	reviewComment := &github.DraftReviewComment{	×
106	Path: github.String(file.Name),	×
107	Body: github.String(commentBody.String()),	×
108	Line: github.Int(int(line.LineNumber)),	×
109	}	×
110		×
111	reviewHandler.AddComment(reviewComment)	×
112	}
113	}
114
115	if len(reviewHandler.GetComments()) > 0 {	×
116	return violationsList, reviewHandler.SubmitReview(ctx, processor.GetFailedReviewText())	×
117	}	×
118
119	return violationsList, nil	×
120	}

mindersec / minder / 13566620812

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous