Upgrade to common v2.22.0

5c8e4185 · Lucas Charles · 5c4ddf44 · 5c8e4185 · 5c8e4185 · 5c8e4185
Commit 5c8e4185 authored Nov 24, 2020 by Lucas Charles
7 changed files
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
 # Secrets analyzer changelog

+## v3.13.0
+- Upgrade common to v2.22.0 (!87)
+- Update urfave/cli to v2.3.0 (!87)
+
 ## v3.12.0
 - Add disablement of rulesets (!86)


--- a/analyze.go
+++ b/analyze.go
@@ -6,7 +6,7 @@ import (
 	"time"

 	log "github.com/sirupsen/logrus"
-	"github.com/urfave/cli"
+	"github.com/urfave/cli/v2"

 	"gitlab.com/gitlab-org/security-products/analyzers/common/v2/issue"
 	"gitlab.com/gitlab-org/security-products/analyzers/common/v2/ruleset"
@@ -74,7 +74,7 @@ func analyze(c *cli.Context, path string, startTime issue.ScanTime) (*issue.Repo
 		issues = []issue.Issue{}
 	}
 	report := issue.NewReport()
-	report.Analyzer = "gitleaks"
+	report.Analyzer = metadata.AnalyzerID
 	report.Config.Path = ruleset.PathSecretDetection
 	report.Vulnerabilities = issues
 	report.Scan.Scanner = metadata.ReportScanner

--- a/gitleaks/gitleaks.go
+++ b/gitleaks/gitleaks.go
@@ -18,7 +18,7 @@ import (
 	"gitlab.com/gitlab-org/security-products/analyzers/secrets/v3/metadata"
 	"gitlab.com/gitlab-org/security-products/analyzers/secrets/v3/utils"

-	"github.com/urfave/cli"
+	"github.com/urfave/cli/v2"
 )

 const (
@@ -72,36 +72,36 @@ type Secret struct {
 // MakeFlags returns the cli flags.
 func MakeFlags() []cli.Flag {
 	return []cli.Flag{
-		cli.Float64Flag{
-			Name:   FlagEntropyLevel,
-			Usage:  "Gitleaks entropy level (0.0 to 8.0)",
-			EnvVar: envVarEntropy,
-			Value:  DefaultEntropy,
+		&cli.Float64Flag{
+			Name:    FlagEntropyLevel,
+			Usage:   "Gitleaks entropy level (0.0 to 8.0)",
+			EnvVars: []string{envVarEntropy},
+			Value:   DefaultEntropy,
 		},
-		cli.StringFlag{
-			Name:   CommitFrom,
-			Usage:  "Run a scan on a range of commits starting at this commit",
-			EnvVar: envVarCommitFrom,
+		&cli.StringFlag{
+			Name:    CommitFrom,
+			Usage:   "Run a scan on a range of commits starting at this commit",
+			EnvVars: []string{envVarCommitFrom},
 		},
-		cli.StringFlag{
-			Name:   CommitTo,
-			Usage:  "Run a scan on a range of commits stopping at this commit",
-			EnvVar: envVarCommitTo,
+		&cli.StringFlag{
+			Name:    CommitTo,
+			Usage:   "Run a scan on a range of commits stopping at this commit",
+			EnvVars: []string{envVarCommitTo},
 		},
-		cli.BoolFlag{
-			Name:   FlagHistoricScan,
-			Usage:  "Runs an historic (all commits) scan on the repository",
-			EnvVar: envVarFullScan,
+		&cli.BoolFlag{
+			Name:    FlagHistoricScan,
+			Usage:   "Runs an historic (all commits) scan on the repository",
+			EnvVars: []string{envVarFullScan},
 		},
-		cli.StringFlag{
-			Name:   Commits,
-			Usage:  "Commits is a list of comma separated commits for Gitleaks to scan",
-			EnvVar: envVarCommits,
+		&cli.StringFlag{
+			Name:    Commits,
+			Usage:   "Commits is a list of comma separated commits for Gitleaks to scan",
+			EnvVars: []string{envVarCommits},
 		},
-		cli.StringFlag{
-			Name:   CommitsFile,
-			Usage:  "CommitsFile is a file containing a list of commits delimited by newlines for Gitleaks to scan",
-			EnvVar: envVarCommitsFile,
+		&cli.StringFlag{
+			Name:    CommitsFile,
+			Usage:   "CommitsFile is a file containing a list of commits delimited by newlines for Gitleaks to scan",
+			EnvVars: []string{envVarCommitsFile},
 		},
 	}
 }

--- a/go.mod
+++ b/go.mod
@@ -6,8 +6,8 @@ require (
 	github.com/otiai10/copy v1.2.0
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/sirupsen/logrus v1.6.0
-	github.com/urfave/cli v1.22.4
-	gitlab.com/gitlab-org/security-products/analyzers/common/v2 v2.21.3
+	github.com/urfave/cli/v2 v2.3.0
+	gitlab.com/gitlab-org/security-products/analyzers/common/v2 v2.22.0
 	gopkg.in/src-d/go-git.v4 v4.13.1
 )


--- a/go.sum
+++ b/go.sum
@@ -82,12 +82,12 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/urfave/cli v1.22.4 h1:u7tSpNPPswAFymm8IehJhy4uJMlUuU/GmqSkvJ1InXA=
-github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+github.com/urfave/cli/v2 v2.3.0 h1:qph92Y649prgesehzOrQjdWyxFOp/QVM+6imKHad91M=
+github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
 github.com/xanzy/ssh-agent v0.2.1 h1:TCbipTQL2JiiCprBWx9frJ2eJlCYT00NmctrHxVAr70=
 github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4=
-gitlab.com/gitlab-org/security-products/analyzers/common/v2 v2.21.3 h1:pwUYIL1bTiCs32N6s+lcMZRu+crkBlB4STQq4PS025A=
-gitlab.com/gitlab-org/security-products/analyzers/common/v2 v2.21.3/go.mod h1:QC173T50ehSiRMHDrUR6hgmp2NVlGrwa2D4HXYzucRs=
+gitlab.com/gitlab-org/security-products/analyzers/common/v2 v2.22.0 h1:g9hQzAQoms0t2TRyejrN+CUHUIieuUyy0zhXwsAYSt4=
+gitlab.com/gitlab-org/security-products/analyzers/common/v2 v2.22.0/go.mod h1:+Ey1+fecsSv8Ayuj0d6dKf0h1uWEVOyd5yj4AntXl9s=
 golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc=
@@ -123,7 +123,7 @@ gopkg.in/src-d/go-git.v4 v4.13.1 h1:SRtFyV8Kxc0UP7aCHcijOMQGPxHSmMOPrzulQWolkYE=
 gopkg.in/src-d/go-git.v4 v4.13.1/go.mod h1:nx5NYcxdKxq5fpltdHnPa2Exj4Sx0EclMWZQbYDu2z8=
 gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
 gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 h1:tQIYjPdBoyREyB9XMu+nnTclpTYkz2zFM+lzLJFO4gQ=
 gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/main.go
+++ b/main.go
@@ -10,7 +10,7 @@ import (
 	"time"

 	log "github.com/sirupsen/logrus"
-	"github.com/urfave/cli"
+	"github.com/urfave/cli/v2"

 	"gitlab.com/gitlab-org/security-products/analyzers/common/v2/cacert"
 	"gitlab.com/gitlab-org/security-products/analyzers/common/v2/command"
@@ -32,42 +32,42 @@ func main() {
 	app := cli.NewApp()
 	app.Name = "analyzer"
 	app.Version = metadata.AnalyzerVersion
-	app.Author = metadata.AnalyzerVendor
+	app.Authors = []*cli.Author{{Name: metadata.AnalyzerVendor}}
 	app.Usage = metadata.AnalyzerUsage

 	log.SetFormatter(&logutil.Formatter{Project: metadata.AnalyzerName})
 	log.Info(metadata.AnalyzerUsage)

-	app.Commands = []cli.Command{runCommand()}
+	app.Commands = []*cli.Command{runCommand()}

 	if err := app.Run(os.Args); err != nil {
 		log.Fatal(err)
 	}
 }

-func runCommand() cli.Command {
+func runCommand() *cli.Command {
 	flags := []cli.Flag{
-		cli.StringFlag{
-			Name:   flagTargetDir,
-			Usage:  "Target directory",
-			EnvVar: command.EnvVarTargetDir + "," + command.EnvVarCIProjectDir,
+		&cli.StringFlag{
+			Name:    flagTargetDir,
+			Usage:   "Target directory",
+			EnvVars: []string{command.EnvVarTargetDir, command.EnvVarCIProjectDir},
 		},
-		cli.StringFlag{
-			Name:   flagArtifactDir,
-			Usage:  "Artifact directory",
-			EnvVar: command.EnvVarArtifactDir + "," + command.EnvVarCIProjectDir,
+		&cli.StringFlag{
+			Name:    flagArtifactDir,
+			Usage:   "Artifact directory",
+			EnvVars: []string{command.EnvVarArtifactDir, command.EnvVarCIProjectDir},
 		},
-		cli.StringSliceFlag{
-			Name:   flagExcludedPaths,
-			EnvVar: "SECRET_DETECTION_EXCLUDED_PATHS",
-			Usage:  "Comma-separated list of paths (globs supported) to be excluded from the output.",
+		&cli.StringSliceFlag{
+			Name:    flagExcludedPaths,
+			EnvVars: []string{"SECRET_DETECTION_EXCLUDED_PATHS"},
+			Usage:   "Comma-separated list of paths (globs supported) to be excluded from the output.",
 		},
 	}

 	flags = append(flags, cacert.NewFlags()...)
 	flags = append(flags, gitleaks.MakeFlags()...)

-	return cli.Command{
+	return &cli.Command{
 		Name:    "run",
 		Aliases: []string{"r"},
 		Usage:   "Run the analyzer on detected project and generate a compatible artifact",

--- a/metadata/metadata.go
+++ b/metadata/metadata.go
@@ -11,9 +11,11 @@ const (
 	// AnalyzerVendor is the vendor/maintainer of the analyzer
 	AnalyzerVendor = "GitLab"

+	// AnalyzerID identifies the analyzer
+	AnalyzerID = AnalyzerName
+
 	// AnalyzerName is the name of the analyzer
 	AnalyzerName = "secrets"
-	analyzerID   = AnalyzerName

 	scannerVendor = AnalyzerVendor
 	scannerURL    = "https://github.com/zricethezav/gitleaks"