diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index 77a6bb05e..5a4e3f869 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -50,4 +50,4 @@ dist: build
env:
- GO111MODULE=on
- CGO_ENABLED=0
- - LS_PROTOCOL_VERSION=15
+ - LS_PROTOCOL_VERSION=16
diff --git a/application/config/automatic_config.go b/application/config/automatic_config.go
index d2962ad04..4b11d2b17 100644
--- a/application/config/automatic_config.go
+++ b/application/config/automatic_config.go
@@ -23,13 +23,16 @@ import (
"os/exec"
"path/filepath"
"runtime"
+ "strings"
+
+ "github.com/snyk/go-application-framework/pkg/envvars"
)
func (c *Config) determineJavaHome() {
javaHome := os.Getenv("JAVA_HOME")
if javaHome != "" {
c.Logger().Debug().Str("method", "determineJavaHome").Msgf("using JAVA_HOME from env %s", javaHome)
- c.updatePath(javaHome + string(os.PathSeparator) + "bin")
+ envvars.UpdatePath(javaHome+string(os.PathSeparator)+"bin", false)
return
}
foundPath := c.FindBinaryInDirs(getJavaBinaryName())
@@ -43,7 +46,7 @@ func (c *Config) determineJavaHome() {
c.Logger().Debug().Str("method", "determineJavaHome").Msgf("detected java binary at %s", path)
binDir := filepath.Dir(path)
javaHome = filepath.Dir(binDir)
- c.updatePath(binDir)
+ envvars.UpdatePath(binDir, false)
c.Logger().Debug().Str("method", "determineJavaHome").Msgf("setting JAVA_HOME to %s", javaHome)
_ = os.Setenv("JAVA_HOME", javaHome)
}
@@ -65,12 +68,16 @@ func (c *Config) normalizePath(foundPath string) (string, bool) {
func (c *Config) mavenDefaults() {
// explicitly and always use headless mode
mavenOptsVarName := "MAVEN_OPTS"
- mavenOpts := fmt.Sprintf("%s %s", os.Getenv(mavenOptsVarName), "-Djava.awt.headless=true")
+ mavenOpts := os.Getenv(mavenOptsVarName)
+ headless := "-Djava.awt.headless=true"
+ if !strings.Contains(mavenOpts, headless) {
+ mavenOpts = fmt.Sprintf("%s %s", mavenOpts, headless)
+ }
_ = os.Setenv(mavenOptsVarName, mavenOpts)
mavenHome := os.Getenv("MAVEN_HOME")
if mavenHome != "" {
- c.updatePath(mavenHome + string(os.PathSeparator) + "bin")
+ envvars.UpdatePath(mavenHome+string(os.PathSeparator)+"bin", false)
return
}
foundPath := c.findBinary(getMavenBinaryName())
@@ -81,7 +88,7 @@ func (c *Config) mavenDefaults() {
if done {
return
}
- c.updatePath(filepath.Dir(path))
+ envvars.UpdatePath(filepath.Dir(path), false)
c.Logger().Debug().Str("method", "mavenDefaults").Msgf("detected maven binary at %s", path)
}
diff --git a/application/config/automatic_config_test.go b/application/config/automatic_config_test.go
index 36d37f1c8..d883e6322 100644
--- a/application/config/automatic_config_test.go
+++ b/application/config/automatic_config_test.go
@@ -20,6 +20,7 @@ import (
"os"
"path/filepath"
"runtime"
+ "strings"
"testing"
"github.com/adrg/xdg"
@@ -34,15 +35,6 @@ func Test_updatePathWithDefaults(t *testing.T) {
assert.Contains(t, c.Path(), pathFromEnv)
})
- t.Run("add to path from environment", func(t *testing.T) {
- pathFromEnv := "a"
- t.Setenv("PATH", pathFromEnv)
- c := New()
- c.updatePath("b")
- assert.Contains(t, c.path, pathListSeparator+"b")
- assert.Contains(t, c.path, pathFromEnv+pathListSeparator)
- })
-
t.Run("automatically add /usr/local/bin on linux and macOS", func(t *testing.T) {
if //goland:noinspection GoBoolExpressions
runtime.GOOS == windows {
@@ -73,8 +65,10 @@ func Test_updatePathWithDefaults(t *testing.T) {
t.Run("automatically add $JAVA_HOME/bin if set", func(t *testing.T) {
javaHome := "JAVA_HOME_DUMMY"
t.Setenv("JAVA_HOME", javaHome)
- c := New()
- assert.Contains(t, c.Path(), pathListSeparator+javaHome+string(os.PathSeparator)+"bin")
+ New()
+ actual := os.Getenv("PATH")
+ prefix := javaHome + string(os.PathSeparator) + "bin"
+ assert.True(t, strings.Contains(actual, prefix), actual+" does not contain "+prefix)
})
}
diff --git a/application/config/config.go b/application/config/config.go
index cc2fd1989..5085d6ab3 100644
--- a/application/config/config.go
+++ b/application/config/config.go
@@ -17,14 +17,12 @@
package config
import (
- "context"
"encoding/json"
"errors"
"fmt"
"io"
"net/url"
"os"
- "os/exec"
"path/filepath"
"regexp"
"runtime"
@@ -36,13 +34,13 @@ import (
"github.com/adrg/xdg"
"github.com/denisbrodbeck/machineid"
"github.com/rs/zerolog"
- "github.com/subosito/gotenv"
"github.com/xtgo/uuid"
"golang.org/x/oauth2"
"github.com/snyk/go-application-framework/pkg/app"
"github.com/snyk/go-application-framework/pkg/auth"
"github.com/snyk/go-application-framework/pkg/configuration"
+ "github.com/snyk/go-application-framework/pkg/envvars"
localworkflows "github.com/snyk/go-application-framework/pkg/local_workflows"
frameworkLogging "github.com/snyk/go-application-framework/pkg/logging"
"github.com/snyk/go-application-framework/pkg/runtimeinfo"
@@ -157,7 +155,6 @@ func (c *CliSettings) DefaultBinaryInstallPath() string {
type Config struct {
scrubbingDict frameworkLogging.ScrubbingDict
scrubbingWriter zerolog.LevelWriter
- configLoaded concurrency.AtomicBool
cliSettings *CliSettings
configFile string
format string
@@ -282,6 +279,7 @@ func initWorkFlowEngine(c *Config) {
conf.Set(cli_constants.EXECUTION_MODE_KEY, cli_constants.EXECUTION_MODE_VALUE_STANDALONE)
enableOAuth := c.authenticationMethod == types.OAuthAuthentication
conf.Set(configuration.FF_OAUTH_AUTH_FLOW_ENABLED, enableOAuth)
+ conf.Set("configfile", c.configFile)
c.engine = app.CreateAppEngineWithOptions(app.WithConfiguration(conf), app.WithZeroLogger(c.logger))
@@ -349,94 +347,6 @@ func (c *Config) SetTrustedFolderFeatureEnabled(enabled bool) {
c.trustedFoldersFeatureEnabled = enabled
}
-func (c *Config) Load() {
- c.LoadShellEnvironment()
-
- c.m.RLock()
- files := c.configFiles()
- c.m.RUnlock()
- for _, fileName := range files {
- c.loadFile(fileName)
- }
-
- c.m.Lock()
- c.configLoaded.Set(true)
- c.m.Unlock()
-}
-
-func (c *Config) LoadShellEnvironment() {
- if runtime.GOOS == "windows" {
- return
- }
- parsedEnv := getParsedEnvFromShell("bash")
- shell := parsedEnv["SHELL"]
- fromSpecificShell := getParsedEnvFromShell(shell)
-
- if len(fromSpecificShell) > 0 {
- c.setParsedVariablesToEnv(fromSpecificShell)
- } else {
- c.setParsedVariablesToEnv(parsedEnv)
- }
-}
-
-func getParsedEnvFromShell(shell string) gotenv.Env {
- // guard against command injection
- var shellWhiteList = map[string]bool{
- "bash": true,
- "/bin/zsh": true,
- "/bin/sh": true,
- "/bin/fish": true,
- "/bin/csh": true,
- "/bin/ksh": true,
- "/bin/bash": true,
- }
-
- if !shellWhiteList[shell] {
- return gotenv.Env{}
- }
-
- ctx, cancelFunc := context.WithTimeout(context.Background(), 2*time.Second)
- defer cancelFunc()
-
- // deepcode ignore CommandInjection: false positive
- env, err := exec.CommandContext(ctx, shell, "--login", "-i", "-c", "env && exit").Output()
- if err != nil {
- return gotenv.Env{}
- }
- parsedEnv := gotenv.Parse(strings.NewReader(string(env)))
- return parsedEnv
-}
-
-func (c *Config) loadFile(fileName string) {
- file, err := os.Open(fileName)
- if err != nil {
- c.Logger().Debug().Str("method", "loadFile").Msg("Couldn't load " + fileName)
- return
- }
- defer func(file *os.File) { _ = file.Close() }(file)
- env := gotenv.Parse(file)
- c.setParsedVariablesToEnv(env)
- c.updatePath(".")
- c.Logger().Debug().Str("fileName", fileName).Msg("loaded.")
-}
-
-func (c *Config) setParsedVariablesToEnv(env gotenv.Env) {
- for k, v := range env {
- _, exists := os.LookupEnv(k)
- if !exists {
- err := os.Setenv(k, v)
- if err != nil {
- c.Logger().Warn().Str("method", "setParsedVariablesToEnv").Msg("Couldn't set environment variable " + k)
- }
- } else {
- // add to path, don't ignore additional paths
- if k == "PATH" {
- c.updatePath(v)
- }
- }
- }
-}
-
func (c *Config) NonEmptyToken() bool {
return c.Token() != ""
}
@@ -476,7 +386,7 @@ func (c *Config) SnykCodeApi() string {
return c.snykCodeApiUrl
}
-func (c *Config) SnykUi() string {
+func (c *Config) SnykUI() string {
c.m.RLock()
defer c.m.RUnlock()
@@ -520,13 +430,16 @@ func (c *Config) UpdateApiEndpoints(snykApiUrl string) bool {
snykApiUrl = DefaultSnykApiUrl
}
- c.engine.GetConfiguration().Set(configuration.API_URL, snykApiUrl)
-
if snykApiUrl != c.snykApiUrl {
c.m.Lock()
c.snykApiUrl = snykApiUrl
c.m.Unlock()
+ // update GAF
+ cfg := c.engine.GetConfiguration()
+ cfg.Set(configuration.API_URL, snykApiUrl)
+ cfg.Set(configuration.WEB_APP_URL, c.SnykUI())
+
// Update Code API endpoint
snykCodeApiUrl, err := getCodeApiUrlFromCustomEndpoint(snykApiUrl)
if err != nil {
@@ -765,39 +678,6 @@ func (c *Config) snykCodeAnalysisTimeoutFromEnv() time.Duration {
return snykCodeTimeout
}
-func (c *Config) updatePath(pathExtension string) {
- if pathExtension == "" {
- return
- }
- err := os.Setenv("PATH", os.Getenv("PATH")+pathListSeparator+pathExtension)
- c.m.Lock()
- c.path += pathListSeparator + pathExtension
- c.m.Unlock()
- c.Logger().Debug().Str("method", "updatePath").Msg("updated path with " + pathExtension)
- c.Logger().Debug().Str("method", "updatePath").Msgf("PATH = %s", os.Getenv("PATH"))
- if err != nil {
- c.Logger().Warn().Str("method", "loadFile").Msg("Couldn't update path ")
- }
-}
-
-// The order of the files is important - first file variable definitions win!
-func (c *Config) configFiles() []string {
- var files []string
- configFile := c.configFile
- if configFile != "" {
- files = append(files, configFile)
- }
- home := os.Getenv("HOME")
- if home == "" {
- home = xdg.Home
- }
- stdFiles := []string{
- ".snyk.env",
- home + "/.snyk.env",
- }
- return append(files, stdFiles...)
-}
-
func (c *Config) Organization() string {
return c.engine.GetConfiguration().GetString(configuration.ORGANIZATION)
}
@@ -878,9 +758,9 @@ func (c *Config) SetAutomaticScanning(value bool) {
func (c *Config) addDefaults() {
if //goland:noinspection GoBoolExpressions
runtime.GOOS != windows {
- c.updatePath("/usr/local/bin")
- c.updatePath("/bin")
- c.updatePath(xdg.Home + "/bin")
+ envvars.UpdatePath("/usr/local/bin", false)
+ envvars.UpdatePath("/bin", false)
+ envvars.UpdatePath(xdg.Home+"/bin", false)
}
c.determineJavaHome()
c.mavenDefaults()
diff --git a/application/config/config_test.go b/application/config/config_test.go
index e0d726f4c..949dd03c9 100644
--- a/application/config/config_test.go
+++ b/application/config/config_test.go
@@ -18,7 +18,6 @@ package config
import (
"encoding/json"
- "os"
"testing"
"time"
@@ -75,12 +74,6 @@ func TestConfigDefaults(t *testing.T) {
assert.Equal(t, types.TokenAuthentication, c.authenticationMethod)
}
-// this only tests that no error occurs on any os
-func TestConfig_LoadShellEnvironment(t *testing.T) {
- c := New()
- c.LoadShellEnvironment()
-}
-
func Test_TokenChanged_ChannelsInformed(t *testing.T) {
// Arrange
c := New()
@@ -132,44 +125,6 @@ func Test_SnykCodeAnalysisTimeoutReturnsDefaultIfNoEnvVariableFound(t *testing.T
assert.Equal(t, 12*time.Hour, c.snykCodeAnalysisTimeoutFromEnv())
}
-func Test_updatePath(t *testing.T) {
- t.Setenv("PATH", "a")
- c := New()
-
- c.updatePath("b")
-
- assert.Contains(t, c.path, string(os.PathListSeparator)+"b")
- assert.Contains(t, c.path, "a"+string(os.PathListSeparator))
-}
-
-func Test_loadFile(t *testing.T) {
- t.Setenv("A", "")
- t.Setenv("C", "")
- _ = os.Unsetenv("A")
- _ = os.Unsetenv("C")
- envData := []byte("A=B\nC=D")
- file, err := os.CreateTemp(".", "config_test_loadFile")
- if err != nil {
- assert.Fail(t, "Couldn't create temp file", err)
- }
- defer func(file *os.File) {
- _ = file.Close()
- _ = os.Remove(file.Name())
- }(file)
- if err != nil {
- assert.Fail(t, "Couldn't create test file")
- }
- _, _ = file.Write(envData)
- if err != nil {
- assert.Fail(t, "Couldn't write to test file")
- }
-
- CurrentConfig().loadFile(file.Name())
-
- assert.Equal(t, "B", os.Getenv("A"))
- assert.Equal(t, "D", os.Getenv("C"))
-}
-
func TestSnykCodeApi(t *testing.T) {
t.Run("endpoint not provided", func(t *testing.T) {
codeApiEndpoint, _ := getCodeApiUrlFromCustomEndpoint("")
@@ -296,56 +251,57 @@ func Test_IsAnalyticsPermitted(t *testing.T) {
func TestSnykUiEndpoint(t *testing.T) {
c := New()
t.Run("Default Api Endpoint with /api prefix", func(t *testing.T) {
- uiEndpoint := c.SnykUi()
+ uiEndpoint := c.SnykUI()
assert.Equal(t, "https://app.snyk.io", uiEndpoint)
})
t.Run("API endpoint provided without 'app' prefix", func(t *testing.T) {
apiEndpoint := "https://snyk.io/api/v1"
c.UpdateApiEndpoints(apiEndpoint)
- uiEndpoint := c.SnykUi()
+ uiEndpoint := c.SnykUI()
assert.Equal(t, "https://app.snyk.io", uiEndpoint)
})
t.Run("API endpoint provided with 'app' prefix with v1 suffix", func(t *testing.T) {
apiEndpoint := "https://app.snyk.io/api/v1"
c.UpdateApiEndpoints(apiEndpoint)
- uiEndpoint := c.SnykUi()
+ uiEndpoint := c.SnykUI()
assert.Equal(t, "https://app.snyk.io", uiEndpoint)
})
t.Run("endpoint provided with 'app' prefix without v1 suffix", func(t *testing.T) {
apiEndpoint := "https://app.snyk.io/api"
c.UpdateApiEndpoints(apiEndpoint)
- uiEndpoint := c.SnykUi()
+ uiEndpoint := c.SnykUI()
assert.Equal(t, "https://app.snyk.io", uiEndpoint)
})
t.Run("Api endpoint provided with 'api' prefix", func(t *testing.T) {
apiEndpoint := "https://api.snyk.io"
c.UpdateApiEndpoints(apiEndpoint)
- uiEndpoint := c.SnykUi()
+ uiEndpoint := c.SnykUI()
assert.Equal(t, "https://app.snyk.io", uiEndpoint)
})
t.Run("Api endpoint provided with 'api' and 'eu' prefix", func(t *testing.T) {
apiEndpoint := "https://api.eu.snyk.io"
c.UpdateApiEndpoints(apiEndpoint)
- uiEndpoint := c.SnykUi()
+ uiEndpoint := c.SnykUI()
assert.Equal(t, "https://app.eu.snyk.io", uiEndpoint)
+ assert.Equal(t, c.SnykUI(), c.engine.GetConfiguration().Get(configuration.WEB_APP_URL))
})
- t.Run("Empty Api Endpoint should fall back to default and return default SnykUi Url", func(t *testing.T) {
+ t.Run("Empty Api Endpoint should fall back to default and return default SnykUI Url", func(t *testing.T) {
apiEndpoint := ""
c.UpdateApiEndpoints(apiEndpoint)
- uiEndpoint := c.SnykUi()
+ uiEndpoint := c.SnykUI()
assert.Equal(t, "https://app.snyk.io", uiEndpoint)
})
t.Run("Fedramp API Endpoint provided with 'api' prefix", func(t *testing.T) {
apiEndpoint := "https://api.fedramp.snykgov.io"
c.UpdateApiEndpoints(apiEndpoint)
- uiEndpoint := c.SnykUi()
+ uiEndpoint := c.SnykUI()
assert.Equal(t, "https://app.fedramp.snykgov.io", uiEndpoint)
})
}
diff --git a/application/server/notification.go b/application/server/notification.go
index 687ecb1d3..793cb329d 100644
--- a/application/server/notification.go
+++ b/application/server/notification.go
@@ -19,6 +19,7 @@ package server
import (
"context"
"reflect"
+ "time"
"github.com/rs/zerolog"
sglsp "github.com/sourcegraph/go-lsp"
@@ -27,6 +28,7 @@ import (
"github.com/snyk/snyk-ls/application/di"
"github.com/snyk/snyk-ls/domain/ide/command"
"github.com/snyk/snyk-ls/internal/types"
+ "github.com/snyk/snyk-ls/internal/uri"
)
func notifier(c *config.Config, srv types.Server, method string, params any) {
@@ -84,6 +86,8 @@ func registerNotifier(c *config.Config, srv types.Server) {
logger := c.Logger().With().Str("method", "registerNotifier").Logger()
callbackFunction := func(params any) {
switch params := params.(type) {
+ case types.GetSdk:
+ handleGetSdks(params, logger, srv)
case types.FolderConfigsParam:
notifier(c, srv, "$/snyk.folderConfigs", params)
logger.Debug().Any("folderConfig", params).Msg("sending folderConfig to client")
@@ -148,6 +152,33 @@ func registerNotifier(c *config.Config, srv types.Server) {
logger.Debug().Str("method", "registerNotifier").Msg("registered notifier")
}
+func handleGetSdks(params types.GetSdk, logger zerolog.Logger, srv types.Server) {
+ folder := types.WorkspaceFolder{Uri: uri.PathToUri(params.FolderPath)}
+ logger.Debug().Str("folderPath", params.FolderPath).Msg("retrieving sdk")
+
+ sdks := []types.LsSdk{}
+ defer func([]types.LsSdk) {
+ params.Result <- sdks
+ close(params.Result)
+ }(sdks)
+
+ ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
+ defer cancel()
+
+ callback, err := srv.Callback(ctx, "workspace/snyk.sdks", folder)
+ if err != nil {
+ logger.Warn().Err(err).Str("folderPath", params.FolderPath).Msg("could not retrieve sdk")
+ return
+ }
+
+ // unmarshall into array that is transferred back via the channel on exit
+ err = callback.UnmarshalResult(&sdks)
+ if err != nil {
+ logger.Warn().Err(err).Str("resultString", callback.ResultString()).Msg("could not unmarshal sdk response")
+ return
+ }
+}
+
func handleInlineValueRefresh(srv types.Server, logger *zerolog.Logger) {
method := "handleInlineValueRefresh"
if !config.CurrentConfig().ClientCapabilities().Workspace.InlineValue.RefreshSupport {
diff --git a/go.mod b/go.mod
index f8dbba800..816e27805 100644
--- a/go.mod
+++ b/go.mod
@@ -28,7 +28,7 @@ require (
github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06
github.com/shirou/gopsutil v3.21.11+incompatible
github.com/snyk/code-client-go v1.10.0
- github.com/snyk/go-application-framework v0.0.0-20240925082317-bae184c4f01a
+ github.com/snyk/go-application-framework v0.0.0-20241009095349-dc0fb55f3eb3
github.com/sourcegraph/go-lsp v0.0.0-20240223163137-f80c5dd31dfd
github.com/spf13/pflag v1.0.5
github.com/stretchr/testify v1.9.0
@@ -46,6 +46,8 @@ require (
)
require (
+ cuelabs.dev/go/oci/ociregistry v0.0.0-20240807094312-a32ad29eed79 // indirect
+ cuelang.org/go v0.10.0 // indirect
dario.cat/mergo v1.0.1 // indirect
github.com/Microsoft/go-winio v0.6.2 // indirect
github.com/ProtonMail/go-crypto v1.0.0 // indirect
@@ -54,10 +56,12 @@ require (
github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
github.com/charmbracelet/lipgloss v0.10.0 // indirect
github.com/cloudflare/circl v1.3.8 // indirect
+ github.com/cockroachdb/apd/v3 v3.2.1 // indirect
github.com/creachadair/mds v0.16.0 // indirect
github.com/cyphar/filepath-securejoin v0.2.5 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/deepmap/oapi-codegen v1.16.3 // indirect
+ github.com/emicklei/proto v1.13.2 // indirect
github.com/emirpasic/gods v1.18.1 // indirect
github.com/fsnotify/fsnotify v1.5.4 // indirect
github.com/getkin/kin-openapi v0.124.0 // indirect
@@ -89,18 +93,23 @@ require (
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mattn/go-runewidth v0.0.15 // indirect
+ github.com/mitchellh/go-wordwrap v1.0.1 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
github.com/muesli/reflow v0.3.0 // indirect
github.com/muesli/termenv v0.15.2 // indirect
github.com/oapi-codegen/runtime v1.1.1 // indirect
+ github.com/opencontainers/go-digest v1.0.0 // indirect
+ github.com/opencontainers/image-spec v1.1.0 // indirect
github.com/pact-foundation/pact-go/v2 v2.0.5 // indirect
github.com/pelletier/go-toml v1.9.5 // indirect
github.com/pelletier/go-toml/v2 v2.2.2 // indirect
github.com/perimeterx/marshmallow v1.1.5 // indirect
github.com/pjbgf/sha1cd v0.3.0 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
+ github.com/protocolbuffers/txtpbfmt v0.0.0-20230328191034-3462fbc510c0 // indirect
github.com/rivo/uniseg v0.4.7 // indirect
+ github.com/rogpeppe/go-internal v1.12.1-0.20240709150035-ccf4b4329d21 // indirect
github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
github.com/skeema/knownhosts v1.2.2 // indirect
github.com/snyk/error-catalog-golang-public v0.0.0-20240809094525-c48d19c27edb // indirect
diff --git a/go.sum b/go.sum
index 6db482902..3129a54af 100644
--- a/go.sum
+++ b/go.sum
@@ -1,4 +1,8 @@
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cuelabs.dev/go/oci/ociregistry v0.0.0-20240807094312-a32ad29eed79 h1:EceZITBGET3qHneD5xowSTY/YHbNybvMWGh62K2fG/M=
+cuelabs.dev/go/oci/ociregistry v0.0.0-20240807094312-a32ad29eed79/go.mod h1:5A4xfTzHTXfeVJBU6RAUf+QrlfTCW+017q/QiW+sMLg=
+cuelang.org/go v0.10.0 h1:Y1Pu4wwga5HkXfLFK1sWAYaSWIBdcsr5Cb5AWj2pOuE=
+cuelang.org/go v0.10.0/go.mod h1:HzlaqqqInHNiqE6slTP6+UtxT9hN6DAzgJgdbNxXvX8=
dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s=
dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
@@ -33,6 +37,8 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk
github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
github.com/cloudflare/circl v1.3.8 h1:j+V8jJt09PoeMFIu2uh5JUyEaIHTXVOHslFoLNAKqwI=
github.com/cloudflare/circl v1.3.8/go.mod h1:PDRU+oXvdD7KCtgKxW95M5Z8BpSCJXQORiZFnBQS5QU=
+github.com/cockroachdb/apd/v3 v3.2.1 h1:U+8j7t0axsIgvQUqthuNm82HIrYXodOV2iWLWtEaIwg=
+github.com/cockroachdb/apd/v3 v3.2.1/go.mod h1:klXJcjp+FffLTHlhIG69tezTDvdP065naDsHzKhYSqc=
github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
@@ -52,6 +58,8 @@ github.com/denisbrodbeck/machineid v1.0.1 h1:geKr9qtkB876mXguW2X6TU4ZynleN6ezuMS
github.com/denisbrodbeck/machineid v1.0.1/go.mod h1:dJUwb7PTidGDeYyUBmXZ2GphQBbjJCrnectwCyxcUSI=
github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a h1:mATvB/9r/3gvcejNsXKSkQ6lcIaNec2nyfOdlTBR2lU=
github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
+github.com/emicklei/proto v1.13.2 h1:z/etSFO3uyXeuEsVPzfl56WNgzcvIr42aQazXaQmFZY=
+github.com/emicklei/proto v1.13.2/go.mod h1:rn1FgRS/FANiZdD2djyH7TMA9jdRDcYQ9IEN9yvjX0A=
github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ=
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
@@ -103,6 +111,8 @@ github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTM
github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA=
github.com/go-playground/validator/v10 v10.2.0/go.mod h1:uOYAAleCW8F/7oMFd6aG0GOhaH6EGOAJShg8Id5JGkI=
github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4=
+github.com/go-quicktest/qt v1.101.0 h1:O1K29Txy5P2OK0dGo59b7b0LR6wKfIhttaAhHUyn7eI=
+github.com/go-quicktest/qt v1.101.0/go.mod h1:14Bz/f7NwaXPtdYEgzsx46kqSxVwTbzVZsDC26tQJow=
github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM=
github.com/go-test/deep v1.0.8/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo=
@@ -198,7 +208,11 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
+github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII=
+github.com/lib/pq v1.10.7 h1:p7ZhMD+KsSRozJr34udlUrhboJwWAgCg34+/ZZNvZZw=
+github.com/lib/pq v1.10.7/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
github.com/magiconair/properties v1.8.6 h1:5ibWZ6iY0NctNGWo87LalDlEZ6R41TqbbDamhfG/Qzo=
@@ -217,6 +231,8 @@ github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D
github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk=
github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
+github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0=
+github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0=
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -233,6 +249,10 @@ github.com/oapi-codegen/runtime v1.1.1 h1:EXLHh0DXIJnWhdRPN2w4MXAzFyE4CskzhNLUmt
github.com/oapi-codegen/runtime v1.1.1/go.mod h1:SK9X900oXmPWilYR5/WKPzt3Kqxn/uS/+lbpREv+eCg=
github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI=
github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M=
+github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
+github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
+github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=
+github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM=
github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc=
github.com/otiai10/copy v1.14.0 h1:dCI/t1iTdYGtkvCuBG2BgR6KZa83PTclw4U5n2wAllU=
github.com/otiai10/copy v1.14.0/go.mod h1:ECfuL02W+/FkTWZWgQqXPWZgW9oeKCSQ5qVfSc4qc4w=
@@ -260,6 +280,8 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/protocolbuffers/txtpbfmt v0.0.0-20230328191034-3462fbc510c0 h1:sadMIsgmHpEOGbUs6VtHBXRR1OHevnj7hLx9ZcdNGW4=
+github.com/protocolbuffers/txtpbfmt v0.0.0-20230328191034-3462fbc510c0/go.mod h1:jgxiZysxFPM+iWKwQwPR+y+Jvo54ARd4EisXxKYpB5c=
github.com/puzpuzpuz/xsync v1.5.2 h1:yRAP4wqSOZG+/4pxJ08fPTwrfL0IzE/LKQ/cw509qGY=
github.com/puzpuzpuz/xsync v1.5.2/go.mod h1:K98BYhX3k1dQ2M63t1YNVDanbwUPmBCAhNmVrrxfiGg=
github.com/puzpuzpuz/xsync/v3 v3.4.0 h1:DuVBAdXuGFHv8adVXjWWZ63pJq+NRXOWVXlKDBZ+mJ4=
@@ -287,8 +309,8 @@ github.com/snyk/code-client-go v1.10.0 h1:t/hBINxj4lKvoo681uGhxHBpMued/j68p2sHbB
github.com/snyk/code-client-go v1.10.0/go.mod h1:orU911flV1kJQOlxxx0InUQkAfpBrcERsb2olfnlI8s=
github.com/snyk/error-catalog-golang-public v0.0.0-20240809094525-c48d19c27edb h1:w9tJhpTFxWqAhLeraGsMExDjGK9x5Dwj1NRFwb+t+QE=
github.com/snyk/error-catalog-golang-public v0.0.0-20240809094525-c48d19c27edb/go.mod h1:Ytttq7Pw4vOCu9NtRQaOeDU2dhBYUyNBe6kX4+nIIQ4=
-github.com/snyk/go-application-framework v0.0.0-20240925082317-bae184c4f01a h1:9UNDG8FgDpdPwWxInsGD2VmsIfv9Ka9//h7M2u5bzTk=
-github.com/snyk/go-application-framework v0.0.0-20240925082317-bae184c4f01a/go.mod h1:LeMsRM1FxIfO/8QpOs9V/dI46ie/RAQl02ulAh6aKys=
+github.com/snyk/go-application-framework v0.0.0-20241009095349-dc0fb55f3eb3 h1:aUFtOsdCHfiwb7LJV8jh+xjich9VpAczNtuMtij7CtM=
+github.com/snyk/go-application-framework v0.0.0-20241009095349-dc0fb55f3eb3/go.mod h1:LeMsRM1FxIfO/8QpOs9V/dI46ie/RAQl02ulAh6aKys=
github.com/snyk/go-httpauth v0.0.0-20231117135515-eb445fea7530 h1:s9PHNkL6ueYRiAKNfd8OVxlUOqU3qY0VDbgCD1f6WQY=
github.com/snyk/go-httpauth v0.0.0-20231117135515-eb445fea7530/go.mod h1:88KbbvGYlmLgee4OcQ19yr0bNpXpOr2kciOthaSzCAg=
github.com/sourcegraph/go-lsp v0.0.0-20240223163137-f80c5dd31dfd h1:Dq5WSzWsP1TbVi10zPWBI5LKEBDg4Y1OhWEph1wr5WQ=
diff --git a/infrastructure/cli/cli.go b/infrastructure/cli/cli.go
index 9ad517f01..b86f20691 100644
--- a/infrastructure/cli/cli.go
+++ b/infrastructure/cli/cli.go
@@ -29,6 +29,8 @@ import (
"github.com/rs/zerolog"
"golang.org/x/sync/semaphore"
+ "github.com/snyk/go-application-framework/pkg/configuration"
+ "github.com/snyk/go-application-framework/pkg/envvars"
"github.com/snyk/snyk-ls/application/config"
noti "github.com/snyk/snyk-ls/internal/notification"
"github.com/snyk/snyk-ls/internal/observability/error_reporting"
@@ -92,9 +94,14 @@ func (c *SnykCli) getCommand(cmd []string, workingDir string, ctx context.Contex
if c.c.Logger().GetLevel() < zerolog.InfoLevel {
cmd = append(cmd, "-d")
}
+
+ cloneConfig := c.c.Engine().GetConfiguration().Clone()
+ cloneConfig.Set(configuration.WORKING_DIRECTORY, workingDir)
+ envvars.LoadConfiguredEnvironment(cloneConfig.GetStringSlice(configuration.CUSTOM_CONFIG_FILES), workingDir)
+ cliEnv := AppendCliEnvironmentVariables(os.Environ(), c.c.NonEmptyToken())
+
command := exec.CommandContext(ctx, cmd[0], cmd[1:]...)
command.Dir = workingDir
- cliEnv := AppendCliEnvironmentVariables(os.Environ(), c.c.NonEmptyToken())
command.Env = cliEnv
c.c.Logger().Trace().Str("method", "getCommand").Interface("command.Args", command.Args).Send()
c.c.Logger().Trace().Str("method", "getCommand").Interface("command.Env", command.Env).Send()
diff --git a/infrastructure/cli/cli_extension_executor.go b/infrastructure/cli/cli_extension_executor.go
index 31b453162..85c723a7f 100644
--- a/infrastructure/cli/cli_extension_executor.go
+++ b/infrastructure/cli/cli_extension_executor.go
@@ -22,6 +22,7 @@ import (
"time"
"github.com/snyk/go-application-framework/pkg/configuration"
+ "github.com/snyk/go-application-framework/pkg/envvars"
"github.com/snyk/go-application-framework/pkg/workflow"
"github.com/snyk/snyk-ls/application/config"
@@ -65,19 +66,23 @@ func (c ExtensionExecutor) Execute(ctx context.Context, cmd []string, workingDir
return output, err
}
-func (c ExtensionExecutor) doExecute(ctx context.Context, cmd []string, workingDir string) ([]byte, error) {
- output := []byte{}
-
+func (c ExtensionExecutor) doExecute(_ context.Context, cmd []string, workingDir string) ([]byte, error) {
engine := config.CurrentConfig().Engine()
+ engine.GetConfiguration().Set(configuration.TIMEOUT, c.cliTimeout.Seconds())
+
legacyCLI := workflow.NewWorkflowIdentifier("legacycli")
legacyCLIConfig := config.CurrentConfig().Engine().GetConfiguration().Clone()
+ legacyCLIConfig.Set(configuration.WORKING_DIRECTORY, workingDir)
legacyCLIConfig.Set(configuration.RAW_CMD_ARGS, cmd[1:])
legacyCLIConfig.Set(configuration.WORKFLOW_USE_STDIO, false)
- legacyCLIConfig.Set(configuration.WORKING_DIRECTORY, workingDir)
+ envvars.LoadConfiguredEnvironment(legacyCLIConfig.GetStringSlice(configuration.CUSTOM_CONFIG_FILES), workingDir)
data, err := engine.InvokeWithConfig(legacyCLI, legacyCLIConfig)
+ var output []byte
if len(data) > 0 {
output = data[0].GetPayload().([]byte)
+ } else {
+ output = []byte{}
}
return output, err
diff --git a/infrastructure/code/code_html.go b/infrastructure/code/code_html.go
index e9816f1be..0ca90e1dc 100644
--- a/infrastructure/code/code_html.go
+++ b/infrastructure/code/code_html.go
@@ -102,7 +102,7 @@ func getCodeDetailsHtml(issue snyk.Issue, folderPath string) string {
"ExampleCommitFixes": exampleCommits,
"CommitFixes": commitFixes,
"PriorityScore": additionalData.PriorityScore,
- "SnykWebUrl": config.CurrentConfig().SnykUi(),
+ "SnykWebUrl": config.CurrentConfig().SnykUI(),
"LessonUrl": issue.LessonUrl,
"LessonIcon": html.LessonIcon(),
"IgnoreLineAction": getLineToIgnoreAction(issue),
diff --git a/infrastructure/code/settings.go b/infrastructure/code/settings.go
index a3263f9b5..fb232c974 100644
--- a/infrastructure/code/settings.go
+++ b/infrastructure/code/settings.go
@@ -68,5 +68,5 @@ func (cs *codeSettings) SetAutofixEnabled(enabled bool) {
func getCodeEnablementUrl() string {
c := config.CurrentConfig()
integrationName := c.IntegrationName()
- return c.SnykUi() + "/manage/snyk-code?from=" + integrationName
+ return c.SnykUI() + "/manage/snyk-code?from=" + integrationName
}
diff --git a/infrastructure/oss/cli_scanner.go b/infrastructure/oss/cli_scanner.go
index 7fdc8773f..5c249d3d5 100644
--- a/infrastructure/oss/cli_scanner.go
+++ b/infrastructure/oss/cli_scanner.go
@@ -40,6 +40,7 @@ import (
"github.com/snyk/snyk-ls/internal/product"
"github.com/snyk/snyk-ls/internal/progress"
"github.com/snyk/snyk-ls/internal/scans"
+ "github.com/snyk/snyk-ls/internal/sdk"
"github.com/snyk/snyk-ls/internal/types"
"github.com/snyk/snyk-ls/internal/uri"
)
@@ -206,7 +207,16 @@ func (cliScanner *CLIScanner) scanInternal(ctx context.Context, path string, com
cliScanner.runningScans[workDir] = newScan
cliScanner.mutex.Unlock()
- cmd := commandFunc([]string{workDir}, map[string]bool{"": true}, workDir)
+ // this asks the client for the current SDK and blocks on it
+ additionalParameters := cliScanner.updateSDKs(workDir)
+
+ // if the sdk needs additional parameters, add them (Python plugin, I look at you. Yes, you)
+ args := []string{workDir}
+ if len(additionalParameters) > 0 {
+ args = append(args, additionalParameters...)
+ }
+
+ cmd := commandFunc(args, map[string]bool{"": true}, workDir)
res, scanErr := cliScanner.cli.Execute(ctx, cmd, workDir)
noCancellation := ctx.Err() == nil
if scanErr != nil {
@@ -233,6 +243,18 @@ func (cliScanner *CLIScanner) scanInternal(ctx context.Context, path string, com
return issues, nil
}
+func (cliScanner *CLIScanner) updateSDKs(workDir string) []string {
+ logger := cliScanner.config.Logger().With().Str("method", "updateSDKs").Logger()
+ sdkChan := make(chan []types.LsSdk)
+ getSdk := types.GetSdk{FolderPath: workDir, Result: sdkChan}
+ logger.Debug().Msg("asking IDE for SDKS")
+ cliScanner.notifier.Send(getSdk)
+ // wait for sdk info
+ sdks := <-sdkChan
+ logger.Debug().Msg("received SDKs")
+ return sdk.UpdateEnvironmentAndReturnAdditionalParams(sdks, logger)
+}
+
func (cliScanner *CLIScanner) prepareScanCommand(args []string, parameterBlacklist map[string]bool, path string) []string {
c := config.CurrentConfig()
allProjectsParamAllowed := true
@@ -253,13 +275,20 @@ func (cliScanner *CLIScanner) prepareScanCommand(args []string, parameterBlackli
// now add all additional parameters, skipping blacklisted ones
for _, parameter := range additionalParams {
+ if slices.Contains(cmd, parameter) {
+ continue
+ }
+
p := strings.Split(parameter, "=")[0]
+
if parameterBlacklist[p] {
continue
}
+
if allProjectsParamBlacklist[p] {
allProjectsParamAllowed = false
}
+
if parameter != allProjectsParam {
cmd = append(cmd, parameter)
}
diff --git a/infrastructure/oss/issue_html.go b/infrastructure/oss/issue_html.go
index a04f67eaa..ccf033e82 100644
--- a/infrastructure/oss/issue_html.go
+++ b/infrastructure/oss/issue_html.go
@@ -88,13 +88,13 @@ func getDetailsHtml(issue snyk.Issue) string {
"Policy": buildPolicyMap(additionalData),
}
- var html bytes.Buffer
- if err := globalTemplate.Execute(&html, data); err != nil {
+ var htmlBuffer bytes.Buffer
+ if err := globalTemplate.Execute(&htmlBuffer, data); err != nil {
config.CurrentConfig().Logger().Error().Msgf("Failed to execute main details template: %v", err)
return ""
}
- return html.String()
+ return htmlBuffer.String()
}
func buildPolicyMap(additionalData snyk.OssIssueData) map[string]interface{} {
@@ -155,7 +155,7 @@ type IntroducedThrough struct {
func getIntroducedThroughs(issue snyk.OssIssueData) []IntroducedThrough {
var introducedThroughs []IntroducedThrough
- snykUi := config.CurrentConfig().SnykUi()
+ snykUi := config.CurrentConfig().SnykUI()
if len(issue.From) > 0 {
for _, v := range issue.MatchingIssues {
if len(v.From) > 1 {
diff --git a/infrastructure/oss/oss_test.go b/infrastructure/oss/oss_test.go
index 487b4f4c5..a13bcf53d 100644
--- a/infrastructure/oss/oss_test.go
+++ b/infrastructure/oss/oss_test.go
@@ -191,7 +191,7 @@ func Test_introducingPackageAndVersionJava(t *testing.T) {
func Test_ContextCanceled_Scan_DoesNotScan(t *testing.T) {
c := testutil.UnitTest(t)
cliMock := cli.NewTestExecutor()
- scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), cliMock, getLearnMock(t), notification.NewNotifier())
+ scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), cliMock, getLearnMock(t), notification.NewMockNotifier())
ctx, cancel := context.WithCancel(context.Background())
cancel()
@@ -219,7 +219,7 @@ func mavenTestIssue() ossIssue {
func TestUnmarshalOssJsonSingle(t *testing.T) {
c := testutil.UnitTest(t)
- scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), cli.NewTestExecutor(), getLearnMock(t), notification.NewNotifier()).(*CLIScanner)
+ scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), cli.NewTestExecutor(), getLearnMock(t), notification.NewMockNotifier()).(*CLIScanner)
dir, err := os.Getwd()
if err != nil {
@@ -237,7 +237,7 @@ func TestUnmarshalOssJsonSingle(t *testing.T) {
func TestUnmarshalOssJsonArray(t *testing.T) {
c := testutil.UnitTest(t)
- scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), cli.NewTestExecutor(), getLearnMock(t), notification.NewNotifier()).(*CLIScanner)
+ scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), cli.NewTestExecutor(), getLearnMock(t), notification.NewMockNotifier()).(*CLIScanner)
dir, err := os.Getwd()
if err != nil {
@@ -255,7 +255,7 @@ func TestUnmarshalOssJsonArray(t *testing.T) {
func TestUnmarshalOssErroneousJson(t *testing.T) {
c := testutil.UnitTest(t)
- scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), cli.NewTestExecutor(), getLearnMock(t), notification.NewNotifier()).(*CLIScanner)
+ scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), cli.NewTestExecutor(), getLearnMock(t), notification.NewMockNotifier()).(*CLIScanner)
dir, err := os.Getwd()
if err != nil {
@@ -309,7 +309,7 @@ func Test_SeveralScansOnSameFolder_DoNotRunAtOnce(t *testing.T) {
folderPath := workingDir
fakeCli := cli.NewTestExecutor()
fakeCli.ExecuteDuration = time.Second
- scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewNotifier())
+ scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewMockNotifier())
wg := sync.WaitGroup{}
p, _ := filepath.Abs(workingDir + testDataPackageJson)
@@ -349,7 +349,7 @@ func sampleIssue() ossIssue {
func Test_prepareScanCommand(t *testing.T) {
c := testutil.UnitTest(t)
- scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), cli.NewTestExecutor(), getLearnMock(t), notification.NewNotifier()).(*CLIScanner)
+ scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), cli.NewTestExecutor(), getLearnMock(t), notification.NewMockNotifier()).(*CLIScanner)
t.Run("Expands parameters", func(t *testing.T) {
settings := config.CliSettings{
@@ -407,7 +407,7 @@ func Test_Scan_SchedulesNewScan(t *testing.T) {
workingDir, _ := os.Getwd()
fakeCli := cli.NewTestExecutorWithResponseFromFile(path.Join(workingDir, "testdata/oss-result.json"), c.Logger())
fakeCli.ExecuteDuration = time.Millisecond
- scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewNotifier()).(*CLIScanner)
+ scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewMockNotifier()).(*CLIScanner)
scanner.refreshScanWaitDuration = 50 * time.Millisecond
ctx, cancel := context.WithCancel(context.Background())
@@ -431,7 +431,7 @@ func Test_scheduleNewScanWithProductDisabled_NoScanRun(t *testing.T) {
config.CurrentConfig().SetSnykOssEnabled(false)
fakeCli := cli.NewTestExecutor()
fakeCli.ExecuteDuration = time.Millisecond
- scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewNotifier()).(*CLIScanner)
+ scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewMockNotifier()).(*CLIScanner)
scanner.refreshScanWaitDuration = 50 * time.Millisecond
workingDir, _ := os.Getwd()
@@ -453,7 +453,7 @@ func Test_scheduleNewScanTwice_RunsOnlyOnce(t *testing.T) {
// Arrange
fakeCli := cli.NewTestExecutor()
fakeCli.ExecuteDuration = time.Millisecond
- scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewNotifier()).(*CLIScanner)
+ scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewMockNotifier()).(*CLIScanner)
scanner.refreshScanWaitDuration = 50 * time.Millisecond
workingDir, _ := os.Getwd()
@@ -478,7 +478,7 @@ func Test_scheduleNewScan_ContextCancelledAfterScanScheduled_NoScanRun(t *testin
// Arrange
fakeCli := cli.NewTestExecutor()
fakeCli.ExecuteDuration = time.Millisecond
- scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewNotifier()).(*CLIScanner)
+ scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewMockNotifier()).(*CLIScanner)
scanner.refreshScanWaitDuration = 2 * time.Second
workingDir, _ := os.Getwd()
@@ -503,7 +503,7 @@ func Test_Scan_missingDisplayTargetFileDoesNotBreakAnalysis(t *testing.T) {
fakeCli := cli.NewTestExecutorWithResponseFromFile(path.Join(workingDir,
"testdata/oss-result-without-targetFile.json"), c.Logger())
fakeCli.ExecuteDuration = time.Millisecond
- scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewNotifier())
+ scanner := NewCLIScanner(c, performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(), fakeCli, getLearnMock(t), notification.NewMockNotifier())
filePath, _ := filepath.Abs(workingDir + testDataPackageJson)
// Act
diff --git a/infrastructure/oss/template/details.html b/infrastructure/oss/template/details.html
index f85d3ac2e..e321988dc 100644
--- a/infrastructure/oss/template/details.html
+++ b/infrastructure/oss/template/details.html
@@ -176,7 +176,7 @@
{{range $index, $cve := .CVEs}}
{{$cve}}
+ href="https://cve.mitre.org/cgi-bin/cvename.cgi?name={{$cve}}">{{$cve}}
{{if ne $index (idxMinusOne (len $.CVEs))}}{{end}}
{{end}}
{{end}}
diff --git a/internal/notification/notifier_mock.go b/internal/notification/notifier_mock.go
index b55520b6d..16e45d5aa 100644
--- a/internal/notification/notifier_mock.go
+++ b/internal/notification/notifier_mock.go
@@ -55,6 +55,12 @@ func (m *MockNotifier) Send(msg any) {
defer m.mutex.Unlock()
m.sendCounter++
m.sentMessages = append(m.sentMessages, msg)
+ if getSDK, ok := msg.(types.GetSdk); ok {
+ go func() {
+ getSDK.Result <- []types.LsSdk{}
+ close(getSDK.Result)
+ }()
+ }
}
func (m *MockNotifier) SendError(err error) {
diff --git a/internal/sdk/sdk.go b/internal/sdk/sdk.go
new file mode 100644
index 000000000..a760c80f1
--- /dev/null
+++ b/internal/sdk/sdk.go
@@ -0,0 +1,63 @@
+/*
+ * © 2024 Snyk Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sdk
+
+import (
+ "os"
+ "path/filepath"
+ "strings"
+
+ "github.com/rs/zerolog"
+ "github.com/subosito/gotenv"
+
+ "github.com/snyk/go-application-framework/pkg/envvars"
+ "github.com/snyk/snyk-ls/internal/types"
+)
+
+func UpdateEnvironmentAndReturnAdditionalParams(sdks []types.LsSdk, logger zerolog.Logger) []string {
+ logger = logger.With().Str("method", "UpdateEnvironmentAndReturnAdditionalParams").Logger()
+ var additionalParameters []string
+ for i := 0; i < len(sdks); i++ {
+ sdk := sdks[i]
+ path := sdk.Path
+ pathExt := filepath.Join(path, "bin")
+ env := gotenv.Env{}
+ switch {
+ case strings.Contains(strings.ToLower(sdk.Type), "java"):
+ env["JAVA_HOME"] = path
+ case strings.Contains(strings.ToLower(sdk.Type), "python"):
+ symlinks, err := filepath.EvalSymlinks(path)
+ if err != nil {
+ symlinks = path
+ }
+ env["PYTHONPATH"] = symlinks
+ env["PYTHONHOME"] = filepath.Dir(symlinks)
+ pathExt = filepath.Dir(symlinks)
+ additionalParameters = append(additionalParameters, "--command="+symlinks)
+ case strings.Contains(strings.ToLower(sdk.Type), "go"):
+ env["GOROOT"] = path
+ }
+
+ envvars.UpdatePath(pathExt, true)
+ logger.Debug().Msg("prepended " + pathExt)
+ for k, v := range env {
+ _ = os.Setenv(k, v)
+ logger.Debug().Any("env", env).Msg("added")
+ }
+ }
+ return additionalParameters
+}
diff --git a/internal/types/lsp.go b/internal/types/lsp.go
index f03d59ab7..c4dda6e5c 100644
--- a/internal/types/lsp.go
+++ b/internal/types/lsp.go
@@ -504,6 +504,16 @@ type WorkspaceFolder struct {
Name string `json:"name,omitempty"`
}
+type LsSdk struct {
+ Type string `json:"type,omitempty"`
+ Path string `json:"path,omitempty"`
+}
+
+type GetSdk struct {
+ FolderPath string `json:"folder,omitempty"`
+ Result chan []LsSdk `json:"-"`
+}
+
type DidChangeWorkspaceFoldersParams struct {
// The actual workspace folder change Event.
Event WorkspaceFoldersChangeEvent `json:"Event,omitempty"`
diff --git a/licenses/cuelabs.dev/go/oci/ociregistry/LICENSE b/licenses/cuelabs.dev/go/oci/ociregistry/LICENSE
new file mode 100644
index 000000000..7a4a3ea24
--- /dev/null
+++ b/licenses/cuelabs.dev/go/oci/ociregistry/LICENSE
@@ -0,0 +1,202 @@
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
\ No newline at end of file
diff --git a/licenses/cuelang.org/go/LICENSE b/licenses/cuelang.org/go/LICENSE
new file mode 100644
index 000000000..d64569567
--- /dev/null
+++ b/licenses/cuelang.org/go/LICENSE
@@ -0,0 +1,202 @@
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/licenses/cuelang.org/go/internal/third_party/yaml/LICENSE b/licenses/cuelang.org/go/internal/third_party/yaml/LICENSE
new file mode 100644
index 000000000..8dada3eda
--- /dev/null
+++ b/licenses/cuelang.org/go/internal/third_party/yaml/LICENSE
@@ -0,0 +1,201 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "{}"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright {yyyy} {name of copyright owner}
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/licenses/cuelang.org/go/internal/third_party/yaml/NOTICE b/licenses/cuelang.org/go/internal/third_party/yaml/NOTICE
new file mode 100644
index 000000000..866d74a7a
--- /dev/null
+++ b/licenses/cuelang.org/go/internal/third_party/yaml/NOTICE
@@ -0,0 +1,13 @@
+Copyright 2011-2016 Canonical Ltd.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/licenses/github.com/cockroachdb/apd/v3/LICENSE b/licenses/github.com/cockroachdb/apd/v3/LICENSE
new file mode 100644
index 000000000..829ea336d
--- /dev/null
+++ b/licenses/github.com/cockroachdb/apd/v3/LICENSE
@@ -0,0 +1,202 @@
+Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "{}"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright {}
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
diff --git a/licenses/github.com/emicklei/proto/LICENSE b/licenses/github.com/emicklei/proto/LICENSE
new file mode 100644
index 000000000..aeab5b440
--- /dev/null
+++ b/licenses/github.com/emicklei/proto/LICENSE
@@ -0,0 +1,22 @@
+Copyright (c) 2017 Ernest Micklei
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
\ No newline at end of file
diff --git a/licenses/github.com/mitchellh/go-wordwrap/LICENSE.md b/licenses/github.com/mitchellh/go-wordwrap/LICENSE.md
new file mode 100644
index 000000000..229851590
--- /dev/null
+++ b/licenses/github.com/mitchellh/go-wordwrap/LICENSE.md
@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Mitchell Hashimoto
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
diff --git a/licenses/github.com/opencontainers/go-digest/LICENSE b/licenses/github.com/opencontainers/go-digest/LICENSE
new file mode 100644
index 000000000..3ac8ab648
--- /dev/null
+++ b/licenses/github.com/opencontainers/go-digest/LICENSE
@@ -0,0 +1,192 @@
+
+ Apache License
+ Version 2.0, January 2004
+ https://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ Copyright 2019, 2020 OCI Contributors
+ Copyright 2016 Docker, Inc.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ https://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/licenses/github.com/opencontainers/image-spec/specs-go/LICENSE b/licenses/github.com/opencontainers/image-spec/specs-go/LICENSE
new file mode 100644
index 000000000..9fdc20fdb
--- /dev/null
+++ b/licenses/github.com/opencontainers/image-spec/specs-go/LICENSE
@@ -0,0 +1,191 @@
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ Copyright 2016 The Linux Foundation.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/licenses/github.com/protocolbuffers/txtpbfmt/LICENSE b/licenses/github.com/protocolbuffers/txtpbfmt/LICENSE
new file mode 100644
index 000000000..d64569567
--- /dev/null
+++ b/licenses/github.com/protocolbuffers/txtpbfmt/LICENSE
@@ -0,0 +1,202 @@
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/licenses/github.com/rogpeppe/go-internal/LICENSE b/licenses/github.com/rogpeppe/go-internal/LICENSE
new file mode 100644
index 000000000..49ea0f928
--- /dev/null
+++ b/licenses/github.com/rogpeppe/go-internal/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2018 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+ * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+ * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/licenses/golang.org/x/mod/semver/LICENSE b/licenses/golang.org/x/mod/LICENSE
similarity index 100%
rename from licenses/golang.org/x/mod/semver/LICENSE
rename to licenses/golang.org/x/mod/LICENSE
diff --git a/ls_extension/main.go b/ls_extension/main.go
index e1ca06873..bd0c8be89 100644
--- a/ls_extension/main.go
+++ b/ls_extension/main.go
@@ -51,14 +51,14 @@ func Init(engine workflow.Engine) error {
"configfile",
"c",
"",
- "provide the full path of a config file to use. format VARIABLENAME=VARIABLEVALUE")
+ "provide the full path of a cfg file to use. format VARIABLENAME=VARIABLEVALUE")
flags.Bool(
"licenses",
false,
"displays license information")
- config := workflow.ConfigurationOptionsFromFlagset(flags)
- entry, _ := engine.Register(WORKFLOWID_LS, config, lsWorkflow)
+ cfg := workflow.ConfigurationOptionsFromFlagset(flags)
+ entry, _ := engine.Register(WORKFLOWID_LS, cfg, lsWorkflow)
entry.SetVisibility(false)
return nil
@@ -83,7 +83,6 @@ func lsWorkflow(
c := config.NewFromExtension(invocation.GetEngine())
c.SetConfigFile(extensionConfig.GetString("configfile"))
- c.Load()
c.SetLogLevel(extensionConfig.GetString("logLevelFlag"))
c.SetLogPath(extensionConfig.GetString("logPathFlag"))
c.SetFormat(extensionConfig.GetString("formatFlag"))
diff --git a/main.go b/main.go
index 9706840d8..bbf78e5f3 100644
--- a/main.go
+++ b/main.go
@@ -100,7 +100,6 @@ func parseFlags(args []string, c *config.Config) (string, error) {
}
c.SetConfigFile(*configFlag)
- c.Load()
c.SetLogLevel(*logLevelFlag)
c.SetLogPath(*logPathFlag)
c.SetFormat(*formatFlag)
diff --git a/main_test.go b/main_test.go
index 064cf6d9f..d57637b30 100644
--- a/main_test.go
+++ b/main_test.go
@@ -72,28 +72,6 @@ func Test_shouldReturnErrorWithVersionStringOnFlag(t *testing.T) {
assert.Equal(t, config.Version, err.Error())
}
-func Test_shouldSetLoadConfigFromFlag(t *testing.T) {
- file, err := os.CreateTemp(".", "configFlagTest")
- if err != nil {
- assert.Fail(t, "Couldn't create test file")
- }
- defer func(file *os.File) {
- _ = file.Close()
- _ = os.Remove(file.Name())
- }(file)
-
- _, err = file.Write([]byte("AA=Bb"))
- if err != nil {
- assert.Fail(t, "Couldn't write to test file")
- }
- args := []string{"snyk-ls", "-c", file.Name()}
-
- t.Setenv("Bb", "")
-
- _, _ = parseFlags(args, config.New())
- assert.Equal(t, "Bb", os.Getenv("AA"))
-}
-
func Test_shouldSetReportErrorsViaFlag(t *testing.T) {
testutil.UnitTest(t)
args := []string{"snyk-ls"}