-
Notifications
You must be signed in to change notification settings - Fork 85
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(linter): expand package checks across multiple ecosystems #322
base: main
Are you sure you want to change the base?
Conversation
93867dc
to
8d88472
Compare
Signed-off-by: Holly Gong <gongh@google.com>
Signed-off-by: Holly Gong <gongh@google.com>
Signed-off-by: Holly Gong <gongh@google.com>
Signed-off-by: Holly Gong <gongh@google.com>
730f1e5
to
b91e4e3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks!
} | ||
|
||
// EcosystemBaseURLs maps ecosystems to their base API URLs. | ||
var EcosystemBaseURLs = map[string]string{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's an opportunity to DRY this out a bit, and we can use the keys of EcosystemBaseURLs
to infer what is now duplicated into SupportedEcosystems
.
return true | ||
} | ||
|
||
// Needs to use GET instead of HEAD for Maven |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please also add why to this comment
// Needs to use GET instead of HEAD for Maven | |
// Needs to use GET instead of HEAD for Maven. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's a lot of (understandably valid) inconsistency to the implementation of the functions in this package. To assist with contributions, please add a package docstring that explains the goals of functions in this package and provides a canonical example that contributors can crib from, to avoid getting cargo-culted contributions from a non-canonical function implementation.
This PR enhances the linter by adding package existence checks for a variety of ecosystems:
To accommodate these additions, the
ecosystems.go
file has been refactored, with code related to package existence checks moved topackage_check.go
and version checks moved toversion_check.go
.A current limitation is that malicious package record validation may fail, as these packages are often removed from package registries and are no longer queryable via API.