func()

in internal/report/lint.go [169:283]

• 105 lines of code
• 46 McCabe index (conditional complexity)

func (r *Report) Lint() []string {
	var issues []string

	addIssue := func(iss string) {
		issues = append(issues, iss)
	}

	var importPath string
	if !stdlib.Contains(r.Module) {
		if r.Module == "" {
			addIssue("missing module")
		}
		if r.Module != "" && r.Package == r.Module {
			addIssue("package is redundant and can be removed")
		}
		if r.Package != "" && !strings.HasPrefix(r.Package, r.Module) {
			addIssue("module must be a prefix of package")
		}
		if r.Package == "" {
			importPath = r.Module
		} else {
			importPath = r.Package
		}
		if r.Module != "" && importPath != "" {
			if err := checkModVersions(r.Module, r.Versions); err != nil {
				addIssue(err.Error())
			}

			if err := module.CheckImportPath(importPath); err != nil {
				addIssue(err.Error())
			}
		}
		for _, v := range r.Versions {
			if v.Introduced != "" && !strings.HasPrefix(v.Introduced, "v") {
				addIssue(fmt.Sprintf("invalid semantic version: %q", v.Introduced))
			}
			if v.Fixed != "" && !strings.HasPrefix(v.Fixed, "v") {
				addIssue(fmt.Sprintf("invalid semantic version: %q", v.Fixed))
			}
		}
	} else {
		if r.Package == "" {
			addIssue("missing package")
		}
		for _, v := range r.Versions {
			if v.Introduced != "" && !strings.HasPrefix(v.Introduced, "go") {
				addIssue(fmt.Sprintf("invalid Go version: %q", v.Introduced))
			}
			if v.Fixed != "" && !strings.HasPrefix(v.Fixed, "go") {
				addIssue(fmt.Sprintf("invalid Go version: %q", v.Fixed))
			}
		}
	}

	for _, additionalPackage := range r.AdditionalPackages {
		var additionalImportPath string
		if additionalPackage.Module == "" {
			addIssue("missing additional_package.module")
		}
		if additionalPackage.Package == additionalPackage.Module {
			addIssue("package is redundant and can be removed")
		}
		if !stdlib.Contains(additionalPackage.Module) && additionalPackage.Package != "" && !strings.HasPrefix(additionalPackage.Package, additionalPackage.Module) {
			addIssue("additional_package.module must be a prefix of additional_package.package")
		}
		if additionalPackage.Package == "" {
			additionalImportPath = additionalPackage.Module
		} else {
			additionalImportPath = additionalPackage.Package
		}
		if err := module.CheckImportPath(additionalImportPath); err != nil {
			addIssue(err.Error())
		}
		if !stdlib.Contains(r.Module) {
			if err := checkModVersions(additionalPackage.Module, additionalPackage.Versions); err != nil {
				addIssue(err.Error())
			}
		}
	}

	if r.Description == "" {
		addIssue("missing description")
	}

	if r.LastModified != nil && r.LastModified.Before(r.Published) {
		addIssue("last_modified is before published")
	}

	if len(r.CVEs) > 0 && r.CVEMetadata != nil && r.CVEMetadata.ID != "" {
		// TODO: may just want to use one of these? :shrug:
		addIssue("only one of cve and cve_metadata.id should be present")
	}

	for _, cve := range r.CVEs {
		if !cveRegex.MatchString(cve) {
			addIssue("malformed cve identifier")
		}
	}

	if r.CVEMetadata != nil {
		if r.CVEMetadata.ID == "" {
			addIssue("cve_metadata.id is required")
		}
		if !cveRegex.MatchString(r.CVEMetadata.ID) {
			addIssue("malformed cve_metadata.id identifier")
		}
	}
	links := append(r.Links.Context, r.Links.Commit, r.Links.PR)
	for _, l := range links {
		if !isValidURL(l) {
			addIssue(fmt.Sprintf("%q should be %q", l, fixURL(l)))
		}
	}
	return issues
}