Merge branch 'golang-1.14' into 'master'

Upgrade golang to 1.14 See merge request gitlab-org/security-products/license-management!143
author: Can Eldem <celdem@gitlab.com> 2020-05-15 09:29:10 +0000
committer: Can Eldem <celdem@gitlab.com> 2020-05-15 09:29:10 +0000
commit: e97cd3ea94883f487317bd1f8e6289448b9d7fe1 (patch)
tree: eb8c6cd63ce667d57fd503eaee882384221d83bc
parent: 005336379b28329c6a0432fb25bbfa704d1e3466 (diff)
parent: 3d09dd578c7f95261f32c8143c84de06494b937e (diff)
17 files changed, 240 insertions, 194 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index fbd719d..9bdefd6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # GitLab License management changelog
 
+## v3.9.0
+
+- Update go list command to be compatible with 1.14 (!143)
+
 ## v3.8.1
 
 - Exclude `devDependencies` from `yarn` scan report. (!147)
diff --git a/Gemfile.lock b/Gemfile.lock
index 25867a9..e8631b7 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    license-management (3.8.1)
+    license-management (3.9.0)
       license_finder (~> 6.0.0)
 
 GEM
diff --git a/config/.tool-versions b/config/.tool-versions
index adfbc82..b66d736 100644
--- a/config/.tool-versions
+++ b/config/.tool-versions
@@ -1,5 +1,5 @@
 elixir system
-golang system
+golang 1.14
 gradle 6.3
 java adopt-openjdk-8u242-b08 adopt-openjdk-11.0.7+10
 maven 3.6.3
diff --git a/config/install.sh b/config/install.sh
index 13167e0..39a3197 100644
--- a/config/install.sh
+++ b/config/install.sh
@@ -25,7 +25,6 @@ apt-get install -y --no-install-recommends \
   git \
   gnupg \
   gnupg2 \
-  golang \
   gpg \
   jq \
   libbz2-dev \
diff --git a/lib/license/finder/ext/go_modules.rb b/lib/license/finder/ext/go_modules.rb
index d86f21a..9fdd263 100644
--- a/lib/license/finder/ext/go_modules.rb
+++ b/lib/license/finder/ext/go_modules.rb
@@ -1,6 +1,9 @@
+# frozen_string_literal: true
+
 module LicenseFinder
   class GoModules
     def prepare
+      shell.execute([:go, :env])
       shell.execute([:go, :mod, :tidy, '-v', '&&', :go, :mod, :vendor, '-v'])
     end
 
@@ -10,13 +13,13 @@ module LicenseFinder
 
     def current_packages
       stdout, _stderr, status = shell.execute([
-        :go, :list, '-m', '-mod=vendor',
-        '-f', "'{{.Path}},{{.Version}},{{.Dir}}'", :all
+        :go, :list, '-m', '-f', "'{{.Path}},{{.Version}},{{.Dir}}'", :all
       ])
       return [] unless status.success?
 
-      stdout.lines.map do |line|
+      stdout.each_line.map do |line|
         name, version, dir = line.chomp.split(',')
+        next if dir.nil?
         next if Pathname(dir).cleanpath == absolute_project_path
 
         Package.new(name, version, install_path: dir)
diff --git a/lib/license/management/report/base.rb b/lib/license/management/report/base.rb
index 0155c15..3c1a6f7 100644
--- a/lib/license/management/report/base.rb
+++ b/lib/license/management/report/base.rb
@@ -7,6 +7,8 @@ module License
         include Loggable
         include Verifiable
 
+        CONTRIBUTION_URL = "https://gitlab.com/gitlab-org/security-products/license-management#contributing"
+
         attr_reader :dependencies, :repository
 
         def initialize(dependencies)
diff --git a/lib/license/management/report/v2.rb b/lib/license/management/report/v2.rb
index f8c96da..e0b4980 100644
--- a/lib/license/management/report/v2.rb
+++ b/lib/license/management/report/v2.rb
@@ -31,7 +31,7 @@ module License
 
         def map_from(dependency)
           licenses = dependency.licenses.map { |license| data_for(license)['id'] }.sort
-          logger.info [dependency.name, dependency.version, licenses].inspect
+          log(dependency, licenses)
 
           {
             name: dependency.name,
@@ -41,6 +41,15 @@ module License
             licenses: licenses
           }
         end
+
+        def log(dependency, licenses)
+          logger.info { [dependency.name, dependency.version, licenses].flatten.join(' ') }
+          return unless licenses == ['unknown']
+
+          logger.warn do
+            "Contribute #{dependency.name} #{dependency.version} to #{CONTRIBUTION_URL}"
+          end
+        end
       end
     end
   end
diff --git a/lib/license/management/repository.rb b/lib/license/management/repository.rb
index 026f26b..4b6e8a5 100644
--- a/lib/license/management/repository.rb
+++ b/lib/license/management/repository.rb
@@ -60,7 +60,6 @@ module License
       end
 
       def generate_item_for(license)
-        logger.warn("Detected unknown license `#{license.short_name}`. Contribute to https://gitlab.com/gitlab-org/security-products/license-management#contributing.")
         name = take_first_line_from(license.name)
         {
           'id' => name.downcase,
diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb
index 22818e9..b5d5bc9 100644
--- a/lib/license/management/version.rb
+++ b/lib/license/management/version.rb
@@ -2,6 +2,6 @@
 
 module License
   module Management
-    VERSION = '3.8.1'
+    VERSION = '3.9.0'
   end
 end
diff --git a/spec/fixtures/expected/go/modules/v1.0.json b/spec/fixtures/expected/go/modules/v1.0.json
index 800e31f..83fdbdd 100644
--- a/spec/fixtures/expected/go/modules/v1.0.json
+++ b/spec/fixtures/expected/go/modules/v1.0.json
@@ -1,17 +1,38 @@
 {
   "licenses": [
     {
-      "count": 2,
+      "count": 3,
       "name": "MIT"
     },
     {
       "count": 1,
+      "name": "ISC"
+    },
+    {
+      "count": 1,
       "name": "New BSD"
+    },
+    {
+      "count": 1,
+      "name": "unknown"
     }
   ],
   "dependencies": [
     {
       "license": {
+        "name": "ISC",
+        "url": "http://en.wikipedia.org/wiki/ISC_license"
+      },
+      "dependency": {
+        "name": "github.com/davecgh/go-spew",
+        "description": "",
+        "pathes": [
+          "."
+        ]
+      }
+    },
+    {
+      "license": {
         "name": "MIT",
         "url": "http://opensource.org/licenses/mit-license"
       },
@@ -25,6 +46,18 @@
     },
     {
       "license": {
+        "name": "unknown"
+      },
+      "dependency": {
+        "name": "github.com/pmezard/go-difflib",
+        "description": "",
+        "pathes": [
+          "."
+        ]
+      }
+    },
+    {
+      "license": {
         "name": "MIT",
         "url": "http://opensource.org/licenses/mit-license"
       },
@@ -38,6 +71,19 @@
     },
     {
       "license": {
+        "name": "MIT",
+        "url": "http://opensource.org/licenses/mit-license"
+      },
+      "dependency": {
+        "name": "github.com/stretchr/testify",
+        "description": "",
+        "pathes": [
+          "."
+        ]
+      }
+    },
+    {
+      "license": {
         "name": "New BSD",
         "url": "http://opensource.org/licenses/BSD-3-Clause"
       },
@@ -50,4 +96,4 @@
       }
     }
   ]
-}
+}
+\ No newline at end of file
diff --git a/spec/fixtures/expected/go/modules/v1.1.json b/spec/fixtures/expected/go/modules/v1.1.json
index 08636c0..3e0b543 100644
--- a/spec/fixtures/expected/go/modules/v1.1.json
+++ b/spec/fixtures/expected/go/modules/v1.1.json
@@ -2,18 +2,45 @@
   "version": "1.1",
   "licenses": [
     {
-      "count": 2,
+      "count": 3,
       "name": "MIT"
     },
     {
       "count": 1,
+      "name": "ISC"
+    },
+    {
+      "count": 1,
       "name": "New BSD"
+    },
+    {
+      "count": 1,
+      "name": "unknown"
     }
   ],
   "dependencies": [
     {
       "licenses": [
         {
+          "name": "ISC",
+          "url": "http://en.wikipedia.org/wiki/ISC_license"
+        }
+      ],
+      "license": {
+        "name": "ISC",
+        "url": "http://en.wikipedia.org/wiki/ISC_license"
+      },
+      "dependency": {
+        "name": "github.com/davecgh/go-spew",
+        "description": "",
+        "pathes": [
+          "."
+        ]
+      }
+    },
+    {
+      "licenses": [
+        {
           "name": "MIT",
           "url": "http://opensource.org/licenses/mit-license"
         }
@@ -33,6 +60,24 @@
     {
       "licenses": [
         {
+          "name": "unknown",
+          "url": ""
+        }
+      ],
+      "license": {
+        "name": "unknown"
+      },
+      "dependency": {
+        "name": "github.com/pmezard/go-difflib",
+        "description": "",
+        "pathes": [
+          "."
+        ]
+      }
+    },
+    {
+      "licenses": [
+        {
           "name": "MIT",
           "url": "http://opensource.org/licenses/mit-license"
         }
@@ -52,6 +97,25 @@
     {
       "licenses": [
         {
+          "name": "MIT",
+          "url": "http://opensource.org/licenses/mit-license"
+        }
+      ],
+      "license": {
+        "name": "MIT",
+        "url": "http://opensource.org/licenses/mit-license"
+      },
+      "dependency": {
+        "name": "github.com/stretchr/testify",
+        "description": "",
+        "pathes": [
+          "."
+        ]
+      }
+    },
+    {
+      "licenses": [
+        {
           "name": "New BSD",
           "url": "http://opensource.org/licenses/BSD-3-Clause"
         }
@@ -69,4 +133,4 @@
       }
     }
   ]
-}
+}
+\ No newline at end of file
diff --git a/spec/fixtures/expected/go/modules/v2.0.json b/spec/fixtures/expected/go/modules/v2.0.json
index c1da7e4..b7dfe00 100644
--- a/spec/fixtures/expected/go/modules/v2.0.json
+++ b/spec/fixtures/expected/go/modules/v2.0.json
@@ -5,17 +5,40 @@
       "id": "MIT",
       "name": "MIT License",
       "url": "https://opensource.org/licenses/MIT",
-      "count": 2
+      "count": 3
     },
     {
       "id": "BSD-3-Clause",
       "name": "BSD 3-Clause \"New\" or \"Revised\" License",
       "url": "https://opensource.org/licenses/BSD-3-Clause",
       "count": 1
+    },
+    {
+      "id": "ISC",
+      "name": "ISC License",
+      "url": "https://opensource.org/licenses/ISC",
+      "count": 1
+    },
+    {
+      "id": "unknown",
+      "name": "unknown",
+      "url": "",
+      "count": 1
     }
   ],
   "dependencies": [
     {
+      "name": "github.com/davecgh/go-spew",
+      "url": "",
+      "description": "",
+      "paths": [
+        "."
+      ],
+      "licenses": [
+        "ISC"
+      ]
+    },
+    {
       "name": "github.com/konsorten/go-windows-terminal-sequences",
       "url": "",
       "description": "",
@@ -27,6 +50,17 @@
       ]
     },
     {
+      "name": "github.com/pmezard/go-difflib",
+      "url": "",
+      "description": "",
+      "paths": [
+        "."
+      ],
+      "licenses": [
+        "unknown"
+      ]
+    },
+    {
       "name": "github.com/sirupsen/logrus",
       "url": "",
       "description": "",
@@ -38,6 +72,17 @@
       ]
     },
     {
+      "name": "github.com/stretchr/testify",
+      "url": "",
+      "description": "",
+      "paths": [
+        "."
+      ],
+      "licenses": [
+        "MIT"
+      ]
+    },
+    {
       "name": "golang.org/x/sys",
       "url": "",
       "description": "",
@@ -49,4 +94,4 @@
       ]
     }
   ]
-}
+}
+\ No newline at end of file
diff --git a/spec/fixtures/go/go.mod b/spec/fixtures/go/go.mod
index 4733ed8..59a39fe 100644
--- a/spec/fixtures/go/go.mod
+++ b/spec/fixtures/go/go.mod
@@ -4,7 +4,6 @@ go 1.12
 
 require (
 	github.com/dimfeld/httptreemux/v5 v5.0.2
-	github.com/go-kit/kit v0.9.0
 	github.com/go-logfmt/logfmt v0.5.0
 	github.com/google/uuid v1.1.1
 	github.com/stretchr/testify v1.4.0
diff --git a/spec/fixtures/go/go.sum b/spec/fixtures/go/go.sum
index 8fc291d..2d3a344 100644
--- a/spec/fixtures/go/go.sum
+++ b/spec/fixtures/go/go.sum
@@ -1,158 +1,31 @@
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-github.com/DATA-DOG/go-sqlmock v1.2.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM=
-github.com/DATA-DOG/go-sqlmock v1.4.1 h1:ThlnYciV1iM/V0OSF/dtkqWb6xo5qITT1TJBG1MRDJM=
-github.com/DATA-DOG/go-sqlmock v1.4.1/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM=
-github.com/DataDog/datadog-go v3.1.0+incompatible h1:pWtiFe/oFu7z0Of01jhH8QLhbF8zAA96rZaK6KM1Fog=
-github.com/DataDog/datadog-go v3.1.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
-github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
-github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
-github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
-github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
-github.com/aws/aws-sdk-go v1.17.12/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
-github.com/aws/aws-sdk-go v1.29.8 h1:Kma1ikL7MHs/XH5Q4Aqj53AAhgttW6UFykc8Qj16HGo=
-github.com/aws/aws-sdk-go v1.29.8/go.mod h1:1KvfttTE3SPKMpo8g2c6jL3ZKfXtFvKscTgahTma5Xg=
-github.com/aws/aws-xray-sdk-go v1.0.0-rc.14 h1:cxRNHoaVNiGhCddLe7A20nVFJsoWhs1jADm/1M97Ytw=
-github.com/aws/aws-xray-sdk-go v1.0.0-rc.14/go.mod h1:NCf+n91lACeo8klrI7RsKqDaAEXt321d/cfaJk4YuDM=
-github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
-github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
-github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
-github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
-github.com/cespare/xxhash/v2 v2.1.0 h1:yTUvW7Vhb89inJ+8irsUqiWjh8iT6sQPZiQzI6ReGkA=
-github.com/cespare/xxhash/v2 v2.1.0/go.mod h1:dgIUBU3pDso/gPgZ1osOZ0iQf77oPR28Tjxl5dIMyVM=
-github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd h1:qMd81Ts1T2OTKmB4acZcyKaMtRnY5Y44NuXGX2GFJ1w=
-github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
-github.com/davecgh/go-spew v0.0.0-20160907170601-6d212800a42e/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
-github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/dghubble/oauth1 v0.6.0/go.mod h1:8pFdfPkv/jr8mkChVbNVuJ0suiHe278BtWI4Tk1ujxk=
-github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
-github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dimfeld/httptreemux/v5 v5.0.2 h1:q+c+zKVpQocXT2OGa7dsXCX9wdeDq2TO5INqqDfKRLE=
 github.com/dimfeld/httptreemux/v5 v5.0.2/go.mod h1:QeEylH57C0v3VO0tkKraVz9oD3Uu93CKPnTLbsidvSw=
-github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
-github.com/go-kit/kit v0.9.0 h1:wDJmvq38kDhkVxi50ni9ykkdUr1PKgqKOoi01fa0Mdk=
-github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
-github.com/go-kit/kit v0.10.0 h1:dXFJfIHVvUcpSgDOV+Ne6t7jXri8Tfv2uOLHUZ2XNuo=
-github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
-github.com/go-logfmt/logfmt v0.4.0 h1:MP4Eh7ZCb31lleYCFuwm0oe4/YGak+5l1vA2NOE80nA=
-github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
 github.com/go-logfmt/logfmt v0.5.0 h1:TrB8swr/68K7m9CcGut2g3UOihhbcbiMAYiuTXdEih4=
 github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
-github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
-github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=
-github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
-github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
+github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs=
-github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.3 h1:gyjaxf+svBWX08ZjK86iN9geUJF0H6gp2IRKX6Nf6/I=
-github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
-github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY=
-github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
 github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5imkbgOkpRUYLnmbU7UEFbjtDA2hxJ1ichM=
-github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
-github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
-github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
-github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
-github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
-github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515 h1:T+h1c/A9Gawja4Y9mFVWj2vyii2bbUNDw3kt9VxK2EY=
-github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
-github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
-github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
-github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
-github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
-github.com/lestrrat-go/jwx v0.9.0 h1:Fnd0EWzTm0kFrBPzE/PEPp9nzllES5buMkksPMjEKpM=
-github.com/lestrrat-go/jwx v0.9.0/go.mod h1:iEoxlYfZjvoGpuWwxUz+eR5e6KTJGsaRcy/YNA/UnBk=
-github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
-github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
-github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
-github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
-github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
-github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
-github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
-github.com/opentracing/opentracing-go v1.1.0 h1:pWlfV3Bxv7k65HYwkikxat0+s3pV4bsqf19k25Ur8rU=
-github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
-github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
-github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
-github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
-github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
-github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
-github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
-github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
-github.com/prometheus/client_golang v1.2.1 h1:JnMpQc6ppsNgw9QPAGF6Dod479itz7lvlsMzzNayLOI=
-github.com/prometheus/client_golang v1.2.1/go.mod h1:XMU6Z2MjaRKVu/dC1qupJI9SiNkDYzz3xecMgSW/F+U=
-github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
-github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4 h1:gQz4mCbXsO+nc9n1hCxHcGA3Zx3Eo+UHZoInFGUIXNM=
-github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
-github.com/prometheus/common v0.7.0 h1:L+1lyG48J1zAQXA3RBX/nG/B3gjlHq0zTt2tlbJLyCY=
-github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA=
-github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
-github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
-github.com/prometheus/procfs v0.0.5 h1:3+auTFlqw+ZaQYJARz6ArODtkaIwtvBTx3N2NehQlL8=
-github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ=
-github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
-github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
 github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A=
-github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.1.4/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
-github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
-github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
-github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/uber/jaeger-client-go v2.22.1+incompatible h1:NHcubEkVbahf9t3p75TOCR83gdUHXjRJvjoBh1yACsM=
-github.com/uber/jaeger-client-go v2.22.1+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
-github.com/uber/jaeger-lib v2.2.0+incompatible h1:MxZXOiR2JuoANZ3J6DE/U0kSFv/eJ/GfSYVCjK7dyaw=
-github.com/uber/jaeger-lib v2.2.0+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
-go.uber.org/atomic v1.4.0 h1:cxzIVoETapQEqDhQu3QfnvXAV4AlzcvUCxkVUFw3+EU=
-go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
-go.uber.org/multierr v1.2.0 h1:6I+W7f5VwC5SV9dNrZ3qXrDB9mD0dyGOi/ZJmYw03T4=
-go.uber.org/multierr v1.2.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
-go.uber.org/zap v1.11.0 h1:gSmpCfs+R47a4yQPAI4xJ0IPDLTRGXskm6UelqNXpqE=
-go.uber.org/zap v1.11.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
-golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e h1:bRhVy7zSSasaqNksaRZiA5EEI+Ei4I1nO5Jh72wfHlg=
 golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190613194153-d28f0bde5980 h1:dfGZHvZk057jK2MCeWus/TowKpJ8y4AmooUzdBSR9GU=
-golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200202094626-16171245cfb2 h1:CCH4IOTTfewWjGOlSp+zGcjutRKlBEZQ6wTn8ozI/nI=
-golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d h1:TzXSXBo42m9gQenoE3b9BGiEpg5IG2JkU5FkPIawgtw=
 golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191010194322-b09406accb47 h1:/XfQ9z7ib8eEJX2hdgFTZJ/ntt0swNk5oYBziWeTCvY=
-golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
diff --git a/spec/fixtures/go/main.go b/spec/fixtures/go/main.go
index 3d0aef4..c6ebe78 100644
--- a/spec/fixtures/go/main.go
+++ b/spec/fixtures/go/main.go
@@ -1,13 +1,14 @@
 package main
 
-import "fmt"
-import "github.com/dimfeld/httptreemux/v5"
-import "github.com/go-kit/kit"
-import "github.com/go-logfmt/logfmt"
-import "github.com/google/uuid"
-import "github.com/stretchr/testify"
-import "golang.org/x/oauth2"
+import (
+	"fmt"
+	_ "github.com/dimfeld/httptreemux/v5"
+	_ "github.com/go-logfmt/logfmt"
+	_ "github.com/google/uuid"
+	_ "github.com/stretchr/testify"
+	_ "golang.org/x/oauth2"
+)
 
 func main() {
-	fmt.Println("vim-go")
+	fmt.Println("Hello, World!")
 }
diff --git a/spec/fixtures/schema/v2.0.json b/spec/fixtures/schema/v2.0.json
index 6ade7ad..d5903ad 100644
--- a/spec/fixtures/schema/v2.0.json
+++ b/spec/fixtures/schema/v2.0.json
@@ -39,9 +39,6 @@
         "type": "object",
         "required": [
           "name",
-          "url",
-          "description",
-          "paths",
           "licenses"
         ],
         "properties": {
diff --git a/spec/integration/go/modules_spec.rb b/spec/integration/go/modules_spec.rb
index 143d8ea..d8e4e48 100644
--- a/spec/integration/go/modules_spec.rb
+++ b/spec/integration/go/modules_spec.rb
@@ -3,51 +3,56 @@ require 'spec_helper'
 RSpec.describe "modules" do
   include_examples "each report version", "go", "modules"
 
-  context "when scanning a customers go.mod and go.sum files" do
-    let(:report) { runner.scan }
-
-    before do
-      runner.add_file('main.go', fixture_file_content('go/main.go'))
-      runner.add_file('go.mod', fixture_file_content('go/go.mod'))
-      runner.add_file('go.sum', fixture_file_content('go/go.sum'))
+  ['1.11', '1.12', '1.13', '1.14'].each do |version|
+    context "when scanning a go.mod and go.sum files with v#{version}" do
+      subject { runner.scan }
+
+      before do
+        runner.add_file('main.go', fixture_file_content('go/main.go'))
+        runner.add_file('go.mod', fixture_file_content('go/go.mod'))
+        runner.add_file('go.sum', fixture_file_content('go/go.sum'))
+        runner.add_file('.tool-versions', "golang #{version}")
+      end
+
+      specify { expect(subject).to match_schema(version: '2.0') }
+      specify { expect(subject[:licenses]).not_to be_empty }
+
+      specify do
+        expect(subject.dependency_names).to match_array([
+          "github.com/davecgh/go-spew",
+          "github.com/dimfeld/httptreemux/v5",
+          "github.com/golang/protobuf",
+          "github.com/go-logfmt/logfmt",
+          "github.com/google/uuid",
+          "github.com/pmezard/go-difflib",
+          "github.com/stretchr/objx",
+          "github.com/stretchr/testify",
+          "golang.org/x/net",
+          "golang.org/x/oauth2",
+          "golang.org/x/sync",
+          "google.golang.org/appengine",
+          "gopkg.in/check.v1",
+          "gopkg.in/yaml.v2"
+        ])
+      end
+
+      specify { expect(subject.licenses_for('github.com/dimfeld/httptreemux/v5')).to match_array(['MIT']) }
+      specify { expect(subject.licenses_for('github.com/go-logfmt/logfmt')).to match_array(['MIT']) }
+      specify { expect(subject.licenses_for('github.com/google/uuid')).to match_array(['BSD-3-Clause']) }
+      specify { expect(subject.licenses_for('github.com/stretchr/testify')).to match_array(['MIT']) }
+      specify { expect(subject.licenses_for('golang.org/x/oauth2')).to match_array(['BSD-3-Clause']) }
     end
-
-    specify { expect(report).to match_schema(version: '2.0') }
-    specify { expect(report[:licenses]).not_to be_empty }
-
-    specify do
-      expect(report.dependency_names).to match_array([
-        "github.com/davecgh/go-spew",
-        "github.com/dimfeld/httptreemux/v5",
-        "github.com/go-logfmt/logfmt",
-        "github.com/golang/protobuf",
-        "github.com/google/uuid",
-        "github.com/pmezard/go-difflib",
-        "github.com/stretchr/objx",
-        "golang.org/x/net",
-        "golang.org/x/oauth2",
-        "google.golang.org/appengine",
-        "gopkg.in/yaml.v2",
-        'github.com/stretchr/testify'
-      ])
-    end
-
-    specify { expect(report.licenses_for('github.com/dimfeld/httptreemux/v5')).to match_array(['MIT']) }
-    specify { expect(report.licenses_for('github.com/go-logfmt/logfmt')).to match_array(['MIT']) }
-    specify { expect(report.licenses_for('github.com/google/uuid')).to match_array(['BSD-3-Clause']) }
-    specify { expect(report.licenses_for('github.com/stretchr/testify')).to match_array(['MIT']) }
-    specify { expect(report.licenses_for('golang.org/x/oauth2')).to match_array(['BSD-3-Clause']) }
   end
 
   context "when scanning the `gitaly` project" do
-    let(:report) { runner.scan }
+    subject { runner.scan }
 
     before do
       runner.clone('https://gitlab.com/gitlab-org/gitaly.git')
     end
 
-    specify { expect(report).to match_schema(version: '2.0') }
-    specify { expect(report[:licenses]).not_to be_empty }
-    specify { expect(report[:dependencies]).not_to be_empty }
+    specify { expect(subject).to match_schema(version: '2.0') }
+    specify { expect(subject[:licenses]).not_to be_empty }
+    specify { expect(subject[:dependencies]).not_to be_empty }
   end
 end
author	Can Eldem <celdem@gitlab.com>	2020-05-15 09:29:10 +0000
committer	Can Eldem <celdem@gitlab.com>	2020-05-15 09:29:10 +0000
commit	e97cd3ea94883f487317bd1f8e6289448b9d7fe1 (patch)
tree	eb8c6cd63ce667d57fd503eaee882384221d83bc
parent	005336379b28329c6a0432fb25bbfa704d1e3466 (diff)
parent	3d09dd578c7f95261f32c8143c84de06494b937e (diff)