MCPcopy
hub / github.com/ossf/scorecard / rootCmd

Function rootCmd

cmd/root.go:129–220  ·  view source on GitHub ↗

rootCmd runs scorecard checks given a set of arguments.

(o *options.Options)

Source from the content-addressed store, hash-verified

127
128// rootCmd runs scorecard checks given a set of arguments.
129func rootCmd(o *options.Options) error {
130 ctx := context.Background()
131
132 // Build the list of repos (only split this logic out)
133 repoURLs, err := buildRepoURLs(ctx, o)
134 if err != nil {
135 return err
136 }
137
138 // Shared setup
139 pol, err := policy.ParseFromFile(o.PolicyFile)
140 if err != nil {
141 return fmt.Errorf("readPolicy: %w", err)
142 }
143
144 // Read docs.
145 checkDocs, err := docs.Read()
146 if err != nil {
147 return fmt.Errorf("cannot read yaml file: %w", err)
148 }
149
150 var requiredRequestTypes []checker.RequestType
151 // if local option not set add file based
152 if o.Local != "" {
153 requiredRequestTypes = append(requiredRequestTypes, checker.FileBased)
154 }
155 // if commit option set to anything other than HEAD add commit based
156 if !strings.EqualFold(o.Commit, clients.HeadSHA) {
157 requiredRequestTypes = append(requiredRequestTypes, checker.CommitBased)
158 }
159
160 // this call to policy is different from the one in scorecard.Run
161 // this one is concerned with a policy file, while the scorecard.Run call is
162 // more concerned with the supported request types
163 enabledChecks, err := policy.GetEnabled(pol, o.Checks(), requiredRequestTypes, "")
164 if err != nil {
165 return fmt.Errorf("GetEnabled: %w", err)
166 }
167 checks := make([]string, 0, len(enabledChecks))
168 for c := range enabledChecks {
169 checks = append(checks, c)
170 }
171
172 enabledProbes := o.Probes()
173
174 info := version.GetVersionInfo()
175 actions := osvscanner.ExperimentalScannerActions{}
176 config := clients.OSVConfig{}
177 actions.RequestUserAgent = fmt.Sprintf("scorecard-cli/%s", info.GitVersion)
178 config.UserAgent = actions.RequestUserAgent
179
180 opts := []scorecard.Option{
181 scorecard.WithLogLevel(sclog.ParseLevel(o.LogLevel)),
182 scorecard.WithCommitSHA(o.Commit),
183 scorecard.WithCommitDepth(o.CommitDepth),
184 scorecard.WithProbes(enabledProbes),
185 scorecard.WithChecks(checks),
186 scorecard.WithVulnerabilitiesClient(clients.NewOSVClient(&config)),

Callers 1

NewFunction · 0.85

Calls 15

ParseFromFileFunction · 0.92
GetEnabledFunction · 0.92
WithLogLevelFunction · 0.92
WithCommitSHAFunction · 0.92
WithCommitDepthFunction · 0.92
WithProbesFunction · 0.92
WithChecksFunction · 0.92
NewOSVClientFunction · 0.92
WithFileModeGitFunction · 0.92
buildRepoURLsFunction · 0.85
processRepoFunction · 0.85

Tested by

no test coverage detected