vendeps

package
v0.0.0-...-0effba1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 20, 2023 License: BSD-3-Clause Imports: 30 Imported by: 0

Documentation

Overview

Package vendeps provides functionality for managing vendored external dependencies.

Index

Constants

This section is empty.

Variables

View Source 
var Licenses = map[string]string{
	"0BSD":         "BSD Zero Clause License",
	"Apache-2.0":   "Apache License 2.0",
	"BSD-2-Clause": "BSD 2-Clause \"Simplified\" License",
	"BSD-3-Clause": "BSD 3-Clause \"New\" or \"Revised\" License",
	"MIT":          "MIT License",
}

Licenses is the set of acceptable software licenses, referenced by their SPDX id.

Functions

func AcceptableLicense 

func AcceptableLicense(options string) (license string, ok bool)

AcceptableLicense determines whether the given set of licenses includes at least one acceptable license as described above.

func ApplyPatches 

func ApplyPatches(dir string, patchArgs []string, patches []string) error

ApplyPatches applies the given set of patch files to the directory specified.

func CheckDependencies 

func CheckDependencies(fsys fs.FS) error

CheckDependencies assesses the dependency set for unused dependencies.

func DigestDirectory 

func DigestDirectory(fsys fs.FS, dir string, ignore ...string) (string, error)

DigestDirectory produces the digest for a directory and its contents in a filesystem. This is performed by hashing one line of text for each file, with the files sorted into lexographical order. Each line consists of the hexadecimal digest of the file's contents, two spaces (\x20), the relative filename, and a newline (\x0a).

Filenames containing a newline (\x0a) are not allowed.

Any filenames listed in ignore are not included in the hashing process.

The final digest is formatted as the hash algorithm name, a colon (\x3a), and the hexadecimal digest.

func DigestFiles 

func DigestFiles(fsys fs.FS, filenames []string) (string, error)

DigestFiles produces the digest for a set of named files and their contents in a filesystem. This is performed by hashing one line of text for each file, with the files sorted into lexographical order. Each line consists of the hexadecimal digest of the file's contents, two spaces (\x20), the relative filename, and a newline (\x0a).

Filenames containing a newline (\x0a) are not allowed.

The final digest is formatted as the hash algorithm name, a colon (\x3a), and the hexadecimal digest.

func FetchGoModule 

func FetchGoModule(ctx context.Context, mod *GoModule, dir string) error

FetchGoModule downloads a Go module using the proxy.golang.org Go module proxy API.

func FetchRustCrate 

func FetchRustCrate(ctx context.Context, crate *RustCrate, dir string) error

FetchRustCrate downloads a Rust crate using the crates.io API.

func MajorUpdate 

func MajorUpdate(current, next string) bool

MajorUpdate returns true if the newer version has a different major number, or if both have major version 0 and the newer version has a different minor version.

func RenderGoPackageBuildFile 

func RenderGoPackageBuildFile(name string, pkg *GoPackage) ([]byte, error)

RenderGoPackageBuildFile generates a build file for the given Go package.

func RenderManifest 

func RenderManifest(name string, manifest *Deps) ([]byte, error)

RenderManifest generates a dependency manifest from the given set of dependencies.

func RenderRustCrateBuildFile 

func RenderRustCrateBuildFile(name string, crate *RustCrate) ([]byte, error)

RenderRustCrateBuildFile generates a build file for the given Rust crate.

func UpdateDependencies 

func UpdateDependencies(name string) error

UpdateDependencies parses the given set of dependencies and checks each for an update, updating the document if possible.

Note that UpdateDependencies does not modify the set of vendored dependencies, only the dependency specification.

func UpdateGoModule 

func UpdateGoModule(ctx context.Context, mod *UpdateDep) (updated bool, err error)

UpdateGoModule checks a Go module for updates, using the proxy.golang.org Go module proxy API.

func UpdateRustCrate 

func UpdateRustCrate(ctx context.Context, crate *UpdateDep) (updated bool, err error)

UpdateRustCrate checks a Rust crate for updates, using the crates.io API.

Types

type Action 

type Action interface {
	Do(fs.FS) error
	fmt.Stringer
}

Action represents a logical action that should be taken to progress the vendoring of a set of software dependencies.

An action should contain any context necessary to perform its tasks.

func StripCachedActions 

func StripCachedActions(fsys fs.FS, actions []Action) []Action

StripCachedActions processes the action sequence, removing any actions that the cache can prove are unnecessary, returning the resulting action sequence.

If no actions can be cached, or if there is no cache, the unmodified action sequence is returned.

func Vendor 

func Vendor(fsys fs.FS) (actions []Action, err error)

Vendor takes a filesystem, parses the set of software dependencies in deps.bzl, then produces the sequence of actions necessary to vendor those dependencies into the vendor directory.

Note that Vendor does not perform any of these actions; it only reads data from fsys.

type BuildCacheManifest 

type BuildCacheManifest struct {
	Deps *Deps
	Path string
}

BuildCacheManifest indicates that the cache subsystem should scan the vendor filesystem, producing the information necessary to avoid unnecessary future work, writing it to the given path.

func (BuildCacheManifest) Do 

func (c BuildCacheManifest) Do(fsys fs.FS) error

func (BuildCacheManifest) String 

func (c BuildCacheManifest) String() string

type CopyBUILD 

type CopyBUILD struct {
	Source string
	Path   string
}

CopyBUILD indicates that the named BUILD file should be copied to the given path.

func (CopyBUILD) Do 

func (c CopyBUILD) Do(fsys fs.FS) error

func (CopyBUILD) String 

func (c CopyBUILD) String() string

type Deps 

type Deps struct {
	Rust []*RustCrate `bzl:"rust/crate"`
	Go   []*GoModule  `bzl:"go/module"`
}

Deps describes a set of software dependencies.

func GenerateCacheManifest 

func GenerateCacheManifest(fsys fs.FS, deps *Deps) (*Deps, error)

GenerateCacheManifest produces the cache manifest, which describes the set of data cached in the vendor directly.

type DownloadGoModule 

type DownloadGoModule struct {
	Module *GoModule
	Path   string
}

DownloadModule indicates that the named module should be downloaded from the module proxy and extracted into the given path.

func (DownloadGoModule) Do 

func (c DownloadGoModule) Do(fsys fs.FS) error

func (DownloadGoModule) String 

func (c DownloadGoModule) String() string

type DownloadRustCrate 

type DownloadRustCrate struct {
	Crate *RustCrate
	Path  string
}

DownloadCrate indicates that the named crate should be downloaded from crates.io and extracted into the given path.

func (DownloadRustCrate) Do 

func (c DownloadRustCrate) Do(fsys fs.FS) error

func (DownloadRustCrate) String 

func (c DownloadRustCrate) String() string

type GenerateGoPackageBUILD 

type GenerateGoPackageBUILD struct {
	Package *GoPackage
	Path    string
}

GeneratePackageBUILD indicates that the named package should have its BUILD file generated and written to the given path.

func (GenerateGoPackageBUILD) Do 

func (c GenerateGoPackageBUILD) Do(fsys fs.FS) error

func (GenerateGoPackageBUILD) String 

func (c GenerateGoPackageBUILD) String() string

type GenerateRustCrateBUILD 

type GenerateRustCrateBUILD struct {
	Crate *RustCrate
	Path  string
}

GenerateCrateBUILD indicates that the named crate should have its BUILD file generated and written to the given path.

func (GenerateRustCrateBUILD) Do 

func (c GenerateRustCrateBUILD) Do(fsys fs.FS) error

func (GenerateRustCrateBUILD) String 

func (c GenerateRustCrateBUILD) String() string

type GoModule 

type GoModule struct {
	// Dependency details.
	Name    string `bzl:"name"`
	Version string `bzl:"version"`

	// Patches to be applied to the
	// downloaded module, before the
	// BUILD file is copied/generated.
	PatchArgs []string `bzl:"patch_args"`
	Patches   []string `bzl:"patches"`

	// Packages that should be used.
	Packages []*GoPackage `bzl:"packages/package"`

	// Generation details.
	Digest      string `bzl:"digest"`
	PatchDigest string `bzl:"patch_digest"`
}

GoModule contains the information necessary to vendor a Go module, specifying the set of packages within the module that are used.

type GoPackage 

type GoPackage struct {
	// Dependency details.
	Name string `bzl:"name"`

	// Manually-managed BUILD file.
	BuildFile string `bzl:"build_file"`

	// Build configuration
	Deps       []string `bzl:"deps"`
	Embed      []string `bzl:"embed"`
	EmbedGlobs []string `bzl:"embed_globs"`

	// Test configuration.
	NoTests       bool     `bzl:"no_tests"`
	TestSize      string   `bzl:"test_size"`
	TestData      []string `bzl:"test_data"`
	TestDataGlobs []string `bzl:"test_data_globs"`
	TestDeps      []string `bzl:"test_deps"`
}

GoPackage describes a package within a Go module.

type RemoveAll 

type RemoveAll string

RemoveAll deletes a directory, along with any child nodes that exist. If the path does not exist, there is no effect.

func (RemoveAll) Do 

func (r RemoveAll) Do(fsys fs.FS) error

func (RemoveAll) String 

func (r RemoveAll) String() string

type RustCrate 

type RustCrate struct {
	// Dependency details.
	Name    string `bzl:"name"`
	Version string `bzl:"version"`

	// Patches to be applied to the
	// downloaded crate, before the
	// BUILD file is copied/generated.
	PatchArgs []string `bzl:"patch_args"`
	Patches   []string `bzl:"patches"`

	// Manually-managed BUILD file.
	BuildFile string `bzl:"build_file"`

	// Build configuration
	Edition       string            `bzl:"edition"`
	Features      []string          `bzl:"features"`
	Deps          []string          `bzl:"deps"`
	ProcMacroDeps []string          `bzl:"proc_macro_deps"`
	RustcEnv      map[string]string `bzl:"rustc_env"`

	// Whether to create rustdocs.
	NoDocs bool `bzl:"no_docs"`

	// Whether the crate is a library or
	// a procedural macro library.
	ProcMacro bool `bzl:"proc_macro"`

	// Build script configuration.
	BuildScript     string   `bzl:"build_script"`
	BuildScriptDeps []string `bzl:"build_script_deps"`

	// Test configuration.
	NoTests       bool              `bzl:"no_tests"`
	TestData      []string          `bzl:"test_data"`
	TestDataGlobs []string          `bzl:"test_data_globs"`
	TestDeps      []string          `bzl:"test_deps"`
	TestEnv       map[string]string `bzl:"test_env"`

	// Generation details.
	Digest      string `bzl:"digest"`
	PatchDigest string `bzl:"patch_digest"`
}

RustCrate contains the dependency information for a Rust crate.

type UpdateDep 

type UpdateDep struct {
	Name    string
	Version *string
}

UpdateDep describes the least information necessary to determine a third-party software library. This is used when determining whether updates are available.

type UpdateDeps 

type UpdateDeps struct {
	Rust []*UpdateDep
	Go   []*UpdateDep
}

UpdateDeps includes a set of dependencies for the purposes of updating them.

func ParseUpdateDeps 

func ParseUpdateDeps(filename string, f *build.File) (*UpdateDeps, error)

ParseUpdateDeps parses a deps.bzl file for the set of dependencies so they can be checked for updates.

type Vulns 

type Vulns struct {
	Rust []*osv.Entry
	Go   []*osv.Entry
}

Vulns describes the set of vulnerability advisory data for a set of software dependencies.

func FetchVulns 

func FetchVulns() (*Vulns, error)

fetchVulns fetches/updates the set of vulnerability advisories, then parses them into structured vuln data in OSV format.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.