fix linting errors

Signed-off-by: Vivek Kumar Sahu <vivekkumarsahu650@gmail.com>

Author: viveksahu26

golangci.yml

@@ -13,7 +13,6 @@ linters:
     - stylecheck
     - staticcheck
     - unconvert
-    - whitespace
 
 linters-settings:
   unparam:

pkg/compliance/common/common.go

@@ -218,7 +218,7 @@ func CheckSwid(swid []swid.SWID) (string, bool) {
 	results := []string{}
 	for _, s := range swid {
 		if s.GetTagID() != "" && s.GetName() != "" {
-			result := string(s.GetTagID()) + ", " + string(s.GetName())
+			result := s.GetTagID() + ", " + s.GetName()
 			results = append(results, result)
 		}
 	}

pkg/compliance/compliance.go

@@ -81,7 +81,7 @@ func ComplianceResult(ctx context.Context, doc sbom.Document, reportType, fileNa
 		octResult(ctx, doc, fileName, outFormat)
 
 	case reportType == FSCT_V3:
-		fsct.FsctResult(ctx, doc, fileName, outFormat)
+		fsct.Result(ctx, doc, fileName, outFormat)
 
 	default:
 		fmt.Println("No compliance type is provided")

pkg/compliance/fsct/fsct.go

@@ -25,20 +25,20 @@ import (
 	"github.com/samber/lo"
 )
 
-func FsctResult(ctx context.Context, doc sbom.Document, fileName string, outFormat string) {
+func Result(ctx context.Context, doc sbom.Document, fileName string, outFormat string) {
 	log := logger.FromContext(ctx)
 	log.Debug("fsct compliance")
 
 	dtb := db.NewDB()
 
 	// SBOM Level
-	dtb.AddRecord(FsctSbomAuthor(doc))
-	dtb.AddRecord(FsctSbomTimestamp(doc))
-	dtb.AddRecord(FsctSbomType(doc))
-	dtb.AddRecord(FsctSbomPrimaryComponent(doc))
+	dtb.AddRecord(SbomAuthor(doc))
+	dtb.AddRecord(SbomTimestamp(doc))
+	dtb.AddRecord(SbomType(doc))
+	dtb.AddRecord(SbomPrimaryComponent(doc))
 
 	// component Level
-	dtb.AddRecords(FsctComponents(doc))
+	dtb.AddRecords(Components(doc))
 
 	if outFormat == "json" {
 		fsctJSONReport(dtb, fileName)
@@ -53,7 +53,7 @@ func FsctResult(ctx context.Context, doc sbom.Document, fileName string, outForm
 	}
 }
 
-func FsctSbomPrimaryComponent(doc sbom.Document) *db.Record {
+func SbomPrimaryComponent(doc sbom.Document) *db.Record {
 	result, score, maturity := "", 0.0, "None"
 
 	// waiting for NTIA to get merged
@@ -67,7 +67,7 @@ func FsctSbomPrimaryComponent(doc sbom.Document) *db.Record {
 	return db.NewRecordStmt(SBOM_PRIMARY_COMPONENT, "doc", result, score, maturity)
 }
 
-func FsctSbomType(doc sbom.Document) *db.Record {
+func SbomType(doc sbom.Document) *db.Record {
 	result, score, maturity := "", 0.0, "None"
 
 	lifecycles := doc.Lifecycles()
@@ -82,7 +82,7 @@ func FsctSbomType(doc sbom.Document) *db.Record {
 	return db.NewRecordStmt(SBOM_TYPE, "doc", result, score, maturity)
 }
 
-func FsctSbomTimestamp(doc sbom.Document) *db.Record {
+func SbomTimestamp(doc sbom.Document) *db.Record {
 	result, score, maturity := "", 0.0, "None"
 
 	if result = doc.Spec().GetCreationTimestamp(); result != "" {
@@ -94,7 +94,7 @@ func FsctSbomTimestamp(doc sbom.Document) *db.Record {
 	return db.NewRecordStmt(SBOM_TIMESTAMP, "doc", result, score, maturity)
 }
 
-func FsctSbomAuthor(doc sbom.Document) *db.Record {
+func SbomAuthor(doc sbom.Document) *db.Record {
 	result, score, maturity := "", 0.0, ""
 	authorPresent, toolPresent := false, false
 	toolResult, authorResult := "", ""
@@ -161,7 +161,7 @@ func extractName(comp string) string {
 	return ""
 }
 
-func FsctComponents(doc sbom.Document) []*db.Record {
+func Components(doc sbom.Document) []*db.Record {
 	records := []*db.Record{}
 
 	if len(doc.Components()) == 0 {
@@ -182,7 +182,6 @@ func FsctComponents(doc sbom.Document) []*db.Record {
 				}
 			}
 		} else if doc.Spec().GetSpecType() == "cyclonedx" {
-
 			CompIDWithName[component.GetID()] = component.GetName()
 			ComponentList[component.GetID()] = true
 			if component.GetPrimaryCompInfo().IsPresent() {
@@ -214,7 +213,6 @@ func FsctComponents(doc sbom.Document) []*db.Record {
 					IsMinimimRequirementFulfilled = true
 					GetAllPrimaryDepenciesByName = allDepByName
 				}
-
 			}
 		} else if doc.Spec().GetSpecType() == "cyclonedx" {
 			// strings.Contains(s.PrimaryComponent.ID, string(sc.PackageSPDXIdentifier))
@@ -242,11 +240,9 @@ func FsctComponents(doc sbom.Document) []*db.Record {
 					IsMinimimRequirementFulfilled = true
 					GetAllPrimaryDepenciesByName = allDepByName
 				}
-
 			}
 		}
 	}
-
 	for _, component := range doc.Components() {
 		records = append(records, fsctPackageName(component))
 		records = append(records, fsctPackageVersion(component))
@@ -343,7 +339,6 @@ func fsctPackageUniqIDs(component sbom.GetComponent) *db.Record {
 		score = 10.0
 		maturity = "Minimum"
 		result = strings.Join(uniqIDResults, ", ")
-
 	}
 	return db.NewRecordStmt(COMP_UNIQ_ID, component.GetName(), result, score, maturity)
 }
@@ -391,15 +386,14 @@ func IsComponentPartOfPrimaryDependency(id string) bool {
 }
 
 func fsctPackageDependencies(doc sbom.Document, component sbom.GetComponent) *db.Record {
-	result, score, maturity := "no-relationships", 0.0, "None"
+	result, score, maturity := "", 0.0, ""
 	var dependencies []string
 	compWithIncludedRel := false
 	var compWithNoRel bool
 	var compWithRel bool
 	var compWithRelAndIncluded bool
 	var allDepByName []string
 	if doc.Spec().GetSpecType() == "spdx" {
-
 		if component.GetPrimaryCompInfo().IsPresent() {
 			result = strings.Join(GetAllPrimaryDepenciesByName, ", ")
 			score = 10.0
@@ -427,7 +421,6 @@ func fsctPackageDependencies(doc sbom.Document, component sbom.GetComponent) *db
 				// no dependency
 				compWithRel = true
 			}
-
 		}
 	} else if doc.Spec().GetSpecType() == "cyclonedx" {
 		if component.GetPrimaryCompInfo().IsPresent() {
@@ -452,13 +445,10 @@ func fsctPackageDependencies(doc sbom.Document, component sbom.GetComponent) *db
 			if PrimaryDependencies[component.GetID()] {
 				compWithRelAndIncluded = true
 				allDepByName = append([]string{"included-in"}, allDepByName...)
-				// allDepByName = append(allDepByName, "included-in")
 			}
 			compWithRel = true
-
 		}
 	}
-
 	switch {
 	case IsMinimimRequirementFulfilled && compWithIncludedRel:
 		score = 12.0

pkg/compliance/fsct/fsct_report.go

@@ -27,6 +27,7 @@ import (
 	"sigs.k8s.io/release-utils/version"
 )
 
+// nolint
 const (
 	SBOM_AUTHOR = iota
 	SBOM_TIMESTAMP

pkg/compliance/fsct/fsct_test.go

@@ -139,7 +139,7 @@ func TestFsctCDXSbomAuthorFields(t *testing.T) {
 	}{
 		{
 			name:   "CDX SBOM with author name only",
-			actual: FsctSbomAuthor(cdxDocWithSbomAuthorName()),
+			actual: SbomAuthor(cdxDocWithSbomAuthorName()),
 			expected: desired{
 				score:    10.0,
 				result:   "Samantha Wright",
@@ -150,7 +150,7 @@ func TestFsctCDXSbomAuthorFields(t *testing.T) {
 		},
 		{
 			name:   "CDX SBOM with author name and email",
-			actual: FsctSbomAuthor(cdxDocWithSbomAuthorNameAndEmail()),
+			actual: SbomAuthor(cdxDocWithSbomAuthorNameAndEmail()),
 			expected: desired{
 				score:    10.0,
 				result:   "Samantha Wright (samantha.wright@example.com)",
@@ -161,7 +161,7 @@ func TestFsctCDXSbomAuthorFields(t *testing.T) {
 		},
 		{
 			name:   "CDX SBOM with author name and contact",
-			actual: FsctSbomAuthor(cdxDocWithSbomAuthorNameAndContact()),
+			actual: SbomAuthor(cdxDocWithSbomAuthorNameAndContact()),
 			expected: desired{
 				score:    10.0,
 				result:   "Samantha Wright (800-555-1212)",
@@ -172,7 +172,7 @@ func TestFsctCDXSbomAuthorFields(t *testing.T) {
 		},
 		{
 			name:   "CDX SBOM with author name, email and contact",
-			actual: FsctSbomAuthor(cdxDocWithSbomAuthorNameEmailAndContact()),
+			actual: SbomAuthor(cdxDocWithSbomAuthorNameEmailAndContact()),
 			expected: desired{
 				score:    10.0,
 				result:   "Samantha Wright (samantha.wright@example.com, 800-555-1212)",
@@ -183,7 +183,7 @@ func TestFsctCDXSbomAuthorFields(t *testing.T) {
 		},
 		{
 			name:   "CDX SBOM with a tool",
-			actual: FsctSbomAuthor(cdxDocWithTool()),
+			actual: SbomAuthor(cdxDocWithTool()),
 			expected: desired{
 				score:    0.0,
 				result:   "sbom-tool-9.1.2",
@@ -194,7 +194,7 @@ func TestFsctCDXSbomAuthorFields(t *testing.T) {
 		},
 		{
 			name:   "CDX SBOM with multiple tools",
-			actual: FsctSbomAuthor(cdxDocWithMultipleTools()),
+			actual: SbomAuthor(cdxDocWithMultipleTools()),
 			expected: desired{
 				score:    0.0,
 				result:   "sbom-tool-9.1.2, syft-1.1.2",
@@ -205,7 +205,7 @@ func TestFsctCDXSbomAuthorFields(t *testing.T) {
 		},
 		{
 			name:   "CDX SBOM with a Author and tool",
-			actual: FsctSbomAuthor(cdxDocWithAuthorAndTools()),
+			actual: SbomAuthor(cdxDocWithAuthorAndTools()),
 			expected: desired{
 				score:    12.0,
 				result:   "Samantha Wright (samantha.wright@example.com, 800-555-1212), sbom-tool-9.1.2",
@@ -270,7 +270,7 @@ func TestFsctCDXOtherSbomLevelFields(t *testing.T) {
 	}{
 		{
 			name:   "CDX SBOM with timestamp",
-			actual: FsctSbomTimestamp(cdxDocWithTimestamp()),
+			actual: SbomTimestamp(cdxDocWithTimestamp()),
 			expected: desired{
 				score:    10.0,
 				result:   "2020-04-13T20:20:39+00:00",
@@ -281,7 +281,7 @@ func TestFsctCDXOtherSbomLevelFields(t *testing.T) {
 		},
 		{
 			name:   "CDX SBOM with custom phase lifecycle",
-			actual: FsctSbomType(cdxDocWithCustomPhaseLifecycles()),
+			actual: SbomType(cdxDocWithCustomPhaseLifecycles()),
 			expected: desired{
 				score:    15.0,
 				result:   "platform-integration-testing",
@@ -292,7 +292,7 @@ func TestFsctCDXOtherSbomLevelFields(t *testing.T) {
 		},
 		{
 			name:   "CDX SBOM with pre-defined phase lifecycle",
-			actual: FsctSbomType(cdxDocWithPreDefinedPhaseLifecycles()),
+			actual: SbomType(cdxDocWithPreDefinedPhaseLifecycles()),
 			expected: desired{
 				score:    15.0,
 				result:   "build",
@@ -303,7 +303,7 @@ func TestFsctCDXOtherSbomLevelFields(t *testing.T) {
 		},
 		{
 			name:   "CDX SBOM with primary component",
-			actual: FsctSbomPrimaryComponent(cdxDocWithPrimaryComponent()),
+			actual: SbomPrimaryComponent(cdxDocWithPrimaryComponent()),
 			expected: desired{
 				score:    10.0,
 				result:   "git@github.com:interlynk/sbomqs.git",
@@ -402,7 +402,7 @@ func TestFsctSPDXSbomLevelFields(t *testing.T) {
 	}{
 		{
 			name:   "SPDX SBOM with lifecycle",
-			actual: FsctSbomType(spdxDocWithLifecycles()),
+			actual: SbomType(spdxDocWithLifecycles()),
 			expected: desired{
 				score:    15.0,
 				result:   "hellow, this is sbom build phase",
@@ -413,7 +413,7 @@ func TestFsctSPDXSbomLevelFields(t *testing.T) {
 		},
 		{
 			name:   "SPDX SBOM with primary component",
-			actual: FsctSbomPrimaryComponent(spdxDocWithPrimaryComponent()),
+			actual: SbomPrimaryComponent(spdxDocWithPrimaryComponent()),
 			expected: desired{
 				score:    10.0,
 				result:   "SPDXRef-DocumentRoot-File-sbomqs-linux-amd64",
@@ -424,7 +424,7 @@ func TestFsctSPDXSbomLevelFields(t *testing.T) {
 		},
 		{
 			name:   "SPDX SBOM with author name only",
-			actual: FsctSbomAuthor(spdxDocWithSbomAuthor()),
+			actual: SbomAuthor(spdxDocWithSbomAuthor()),
 			expected: desired{
 				score:    10.0,
 				result:   "Jane Doe",
@@ -435,7 +435,7 @@ func TestFsctSPDXSbomLevelFields(t *testing.T) {
 		},
 		{
 			name:   "SPDX SBOM with tool only",
-			actual: FsctSbomAuthor(spdxDocWithSbomTool()),
+			actual: SbomAuthor(spdxDocWithSbomTool()),
 			expected: desired{
 				score:    0.0,
 				result:   "syft-1.9.0",
@@ -446,7 +446,7 @@ func TestFsctSPDXSbomLevelFields(t *testing.T) {
 		},
 		{
 			name:   "SPDX SBOM with Author and tool both",
-			actual: FsctSbomAuthor(spdxDocWithSbomAuthorAndTool()),
+			actual: SbomAuthor(spdxDocWithSbomAuthorAndTool()),
 			expected: desired{
 				score:    12.0,
 				result:   "Jane Doe, syft-1.9.0",
@@ -766,21 +766,6 @@ func TestFsctComponentLevelOnSpdxAndCdx(t *testing.T) {
 	}
 }
 
-func cdxCompWithUniqID() sbom.GetComponent {
-	name := "cobra"
-	p := []purl.PURL{}
-	npurl := purl.NewPURL("pkg:github/spf13/cobra@e94f6d0dd9a5e5738dca6bce03c4b1207ffbc0ec")
-	if npurl.Valid() {
-		p = append(p, npurl)
-	}
-
-	comp := sbom.Component{
-		Name:  name,
-		Purls: p,
-	}
-	return comp
-}
-
 func primaryCompWithHigherChecksum() (sbom.Document, sbom.GetComponent) {
 	primary := sbom.PrimaryComp{}
 
@@ -1384,17 +1369,6 @@ func cdxCompWithOmniBorID() sbom.GetComponent {
 	return comp
 }
 
-func cdxCompWithCPE() sbom.GetComponent {
-	comp := sbom.NewComponent()
-	comp.Name = "packageurl-go"
-	PackageURL := "pkg:github/package-url/packageurl-go@7cb81af9593b9512bb946c55c85609948c48aab9"
-
-	prl := purl.NewPURL(PackageURL)
-	comp.Purls = []purl.PURL{prl}
-
-	return comp
-}
-
 func cdxCompWithPurlOmniSwhidAndSwid() sbom.GetComponent {
 	comp := sbom.NewComponent()
 	comp.Name = "acme"

pkg/engine/compliance.go

@@ -86,7 +86,6 @@ func getSbomDocument(ctx context.Context, ep *Params) (*sbom.Document, error) {
 
 	if IsURL(path) {
 		log.Debugf("Processing Git URL path :%s\n", path)
-
 		url, sbomFilePath := path, path
 		var err error
 

pkg/sbom/spdx.go

@@ -344,7 +344,6 @@ func (s *SpdxDoc) parsePrimaryCompAndRelationships() {
 				continue
 			}
 			s.Dependencies[CleanKey(string(aBytes))] = append(s.Dependencies[CleanKey(string(aBytes))], CleanKey(string(bBytes)))
-
 		}
 	}
 	s.PrimaryComponent.Dependecies = totalDependencies