ossf · spencerschrock · Oct 24, 2023 · Oct 24, 2023 · Oct 24, 2023
@@ -91,9 +91,7 @@ var languageFuzzSpecs = map[clients.LanguageName]languageFuzzConfig{
 		// or their indirect imports through the higher-level Hspec or Tasty testing frameworks.
 		funcPattern: `import\s+(qualified\s+)?Test\.((Hspec|Tasty)\.)?(QuickCheck|Hedgehog|Validity|SmallCheck)`,
 		Name:        fuzzerPropertyBasedHaskell,
-		Desc: asPointer(
-			"Property-based testing in Haskell generates test instances randomly or exhaustively " +
-				"and test that specific properties are satisfied."),
+		Desc:        propertyBasedDescription("Haskell"),
 	},
 	// Fuzz patterns for JavaScript and TypeScript based on property-based testing.
 	//
@@ -110,19 +108,15 @@ var languageFuzzSpecs = map[clients.LanguageName]languageFuzzConfig{
 		funcPattern: `(from\s+['"](fast-check|@fast-check/(ava|jest|vitest))['"]|` +
 			`require\(\s*['"](fast-check|@fast-check/(ava|jest|vitest))['"]\s*\))`,
 		Name: fuzzerPropertyBasedJavaScript,
-		Desc: asPointer(
-			"Property-based testing in JavaScript generates test instances randomly or exhaustively " +
-				"and test that specific properties are satisfied."),
+		Desc: propertyBasedDescription("JavaScript"),
 	},
 	clients.TypeScript: {
 		filePatterns: []string{"*.ts"},
 		// Look for direct imports of fast-check and its test runners integrations.
 		funcPattern: `(from\s+['"](fast-check|@fast-check/(ava|jest|vitest))['"]|` +
 			`require\(\s*['"](fast-check|@fast-check/(ava|jest|vitest))['"]\s*\))`,
 		Name: fuzzerPropertyBasedTypeScript,
-		Desc: asPointer(
-			"Property-based testing in TypeScript generates test instances randomly or exhaustively " +
-				"and test that specific properties are satisfied."),
+		Desc: propertyBasedDescription("TypeScript"),
 	},
 	clients.Python: {
 		filePatterns: []string{"*.py"},
@@ -387,3 +381,9 @@ func getProminentLanguages(langs []clients.Language) []clients.LanguageName {
 	}
 	return ret
 }
+
+func propertyBasedDescription(language string) *string {
+	s := fmt.Sprintf("Property-based testing in %s generates test instances randomly or exhaustively "+
+		"and test that specific properties are satisfied.", language)
+	return &s
+}
@@ -103,6 +103,7 @@ func localFiles(filenames []string) (data.Iterator, error) {
 	return iter, nil
 }
 
+//nolint:protogetter // this is a false positive https://github.com/ghostiam/protogetter/issues/4
 func main() {
 	ctx := context.Background()
 	t := time.Now().UTC()

@@ -93,7 +93,7 @@ func (subscriber *gcsSubscriber) SynchronousPull() (*data.ScorecardBatchRequest,
 			log.Printf("error during Recieive: %v", err)
 			return nil, nil
 		}
-		numReceivedMessages = len(result.ReceivedMessages)
+		numReceivedMessages = len(result.GetReceivedMessages())
 		if numReceivedMessages > 0 {
 			msgToProcess = result.GetReceivedMessages()[0]
 		} else {
@@ -107,7 +107,7 @@ func (subscriber *gcsSubscriber) SynchronousPull() (*data.ScorecardBatchRequest,
 		log.Fatalf("expected to receive max %d messages, got %d", maxMessagesToPull, numReceivedMessages)
 	}
 
-	subscriber.recvdAckID = msgToProcess.AckId
+	subscriber.recvdAckID = msgToProcess.GetAckId()
 	// Continuously notify the server that processing is still happening on this message.
 	go subscriber.extendAckDeadline()
 

@@ -174,25 +174,25 @@ func processRequest(ctx context.Context,
 	var rawBuffer bytes.Buffer
 	// TODO: run Scorecard for each repo in a separate thread.
 	for _, repoReq := range batchRequest.GetRepos() {
-		logger.Info(fmt.Sprintf("Running Scorecard for repo: %s", *repoReq.Url))
+		logger.Info(fmt.Sprintf("Running Scorecard for repo: %s", repoReq.GetUrl()))
 		var repo clients.Repo
 		var err error
 		repoClient := githubClient
 		disabledChecks := blacklistedChecks
-		if repo, err = gitlabrepo.MakeGitlabRepo(*repoReq.Url); err == nil { // repo is a gitlab url
+		if repo, err = gitlabrepo.MakeGitlabRepo(repoReq.GetUrl()); err == nil { // repo is a gitlab url
 			repoClient = gitlabClient
 			disabledChecks = gitlabDisabledChecks
-		} else if repo, err = githubrepo.MakeGithubRepo(*repoReq.Url); err != nil {
+		} else if repo, err = githubrepo.MakeGithubRepo(repoReq.GetUrl()); err != nil {
 			// TODO(log): Previously Warn. Consider logging an error here.
 			logger.Info(fmt.Sprintf("URL was neither valid GitLab nor GitHub: %v", err))
 			continue
 		}
-		repo.AppendMetadata(repoReq.Metadata...)
+		repo.AppendMetadata(repoReq.GetMetadata()...)
 
 		commitSHA := clients.HeadSHA
 		requiredRequestType := []checker.RequestType{}
-		if repoReq.Commit != nil && *repoReq.Commit != clients.HeadSHA {
-			commitSHA = *repoReq.Commit
+		if repoReq.GetCommit() != clients.HeadSHA {
+			commitSHA = repoReq.GetCommit()
 			requiredRequestType = append(requiredRequestType, checker.CommitBased)
 		}
 		checksToRun, err := policy.GetEnabled(nil /*policy*/, nil /*checks*/, requiredRequestType)

@@ -200,7 +200,7 @@ func GetEnabled(
 
 func checksHavePolicies(sp *ScorecardPolicy, enabledChecks checker.CheckNameToFnMap) bool {
 	for checkName := range enabledChecks {
-		_, exists := sp.Policies[checkName]
+		_, exists := sp.GetPolicies()[checkName]
 		if !exists {
 			log.Printf("check %s has no policy declared", checkName)
 			return false

@@ -160,7 +160,7 @@ func TestChecksHavePolicies(t *testing.T) {
 		t.Error("Expected checks to have policies")
 	}
 
-	delete(sp.Policies, "Binary-Artifacts")
+	delete(sp.GetPolicies(), "Binary-Artifacts")
 	// Call the function being tested
 	result = checksHavePolicies(sp, check)
 
@@ -246,8 +246,8 @@ func TestParseFromFile(t *testing.T) {
 	if err != nil {
 		t.Errorf("Unexpected error: %v", err)
 	}
-	if len(sp.Policies) != 3 {
-		t.Errorf("Unexpected number of policies: got %v, want %v", len(sp.Policies), 3)
+	if len(sp.GetPolicies()) != 3 {
+		t.Errorf("Unexpected number of policies: got %v, want %v", len(sp.GetPolicies()), 3)
 	}
 	invalidPolicy := "testdata/policy-invalid-score-0.yaml"
 	_, err = ParseFromFile(invalidPolicy)