cli

package
v3.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 1, 2026 License: MIT Imports: 30 Imported by: 0

Documentation

Overview

-- internal/cli/audit.go --

-- internal/cli/check.go --

-- internal/cli/diff_logic.go --

-- internal/cli/index.go --

-- internal/cli/interfaces.go --

-- internal/cli/migrate.go --

-- internal/cli/sandbox_adapter.go --

-- internal/cli/scan.go --

-- internal/cli/stats.go --

-- internal/cli/utils.go --

Index

Constants

View Source 
const (
	MaxSourceFileSize = 10 * 1024 * 1024
)

Variables

This section is empty.

Functions

func CalculateTopologyDelta 

func CalculateTopologyDelta(oldT, newT *topology.FunctionTopology) (string, int)

func CollectFiles 

func CollectFiles(fsys FileSystem, target string) ([]string, error)

Recursively finds Go files using the provided FileSystem.

func CompareFunctions 

func CompareFunctions(funcName string, oldResult, newResult diff.FingerprintResult) models.FunctionDiff

func ComputeDiff 

func ComputeDiff(fsys FileSystem, oldFile, newFile string) (*models.DiffOutput, error)

func ExitError 

func ExitError(err error)

func GetPathSize 

func GetPathSize(fsys FileSystem, path string) (int64, error)

Calculates the size of a file or recursively sums the size of a directory.

func HumanizeBytes 

func HumanizeBytes(bytes int64) string

func IsJSON 

func IsJSON(path string) bool

func LoadAndFingerprint 

func LoadAndFingerprint(fsys FileSystem, filename string) ([]diff.FingerprintResult, error)

This reads a file and generates semantic fingerprints using the provided FS.

func PrepareSandboxDB added in v3.2.0 

func PrepareSandboxDB(originalPath string) (string, func(), error)

PrepareSandboxDB ensures a database is usable inside the sandbox. If running sandboxed (where mounts are typically ReadOnly), PebbleDB fails to lock. This copies the DB to a secure, writable temp directory. Returns: newPath, cleanupFunc, error

func ProcessFile 

func ProcessFile(fsys FileSystem, filename string, strictMode bool, scanner SignatureScanner) models.FileOutput

func ProcessFilesParallel added in v3.2.0 

func ProcessFilesParallel(fsys FileSystem, files []string, strictMode bool, scanner SignatureScanner) ([]models.FileOutput, bool, error)

func ResolveDBPath 

func ResolveDBPath(path string) string

func RunAudit 

func RunAudit(w io.Writer, oldFile, newFile, commitMsg, apiKey, model, apiBase string) (int, error)

func RunCheck 

func RunCheck(target string, strictMode bool, enableScan bool, dbPath string, noSandbox bool) error

func RunCheckLogic 

func RunCheckLogic(fsys FileSystem, target string, strictMode bool, enableScan bool, dbPath string) error

func RunDiff 

func RunDiff(oldFile, newFile string, noSandbox bool) error

func RunDiffLogic 

func RunDiffLogic(fsys FileSystem, oldFile, newFile string) error

func RunIndex 

func RunIndex(target, name, severity, category, dbPath string) error

func RunIndexJSON 

func RunIndexJSON(target string, results []diff.FingerprintResult, name, severity, category, dbPath string) ([]detection.Signature, int, error)

func RunIndexPebble 

func RunIndexPebble(target string, results []diff.FingerprintResult, name, severity, category, dbPath string) ([]detection.Signature, int, error)

func RunMigrate 

func RunMigrate(fromPath, toPath string) error

func RunScan 

func RunScan(target string, opts models.ScanOptions, noSandbox bool) error

func RunScanDeps 

func RunScanDeps(pkgLoader PackageLoader, target string, opts models.ScanOptions, scanner SignatureScanner) ([]detection.ScanResult, int, []string, error)

func RunScanLogic 

func RunScanLogic(fsys FileSystem, pkgLoader PackageLoader, target string, opts models.ScanOptions) error

func RunScanParallel 

func RunScanParallel(fsys FileSystem, files []string, scanner SignatureScanner, exactOnly bool) ([]detection.ScanResult, int, error)

func RunStats 

func RunStats(dbPath string) error

func SandboxExec 

func SandboxExec(sb Sandboxer, stdout, stderr io.Writer, command string, args []string, inputs ...string) error

elegates the current command to the sandbox with explicit mount points.

func ShortFunctionName 

func ShortFunctionName(fullName string) string

func SuggestCommand 

func SuggestCommand(cmd string) string

Types

type FileSystem 

type FileSystem interface {
	Stat(name string) (os.FileInfo, error)
	Open(name string) (fs.File, error)
	Getwd() (string, error)
	Abs(path string) (string, error)
	WalkDir(root string, fn fs.WalkDirFunc) error
	ReadFile(name string) ([]byte, error)
}

FileSystem abstracts OS file operations to enable hermetic testing.

type PackageLoader 

type PackageLoader interface {
	Load(cfg *packages.Config, patterns ...string) ([]*packages.Package, error)
}

PackageLoader abstracts the go/packages loading for dependency scanning.

type RealFileSystem 

type RealFileSystem struct{}

RealFileSystem implements FileSystem using the actual OS.

func (RealFileSystem) Abs 

func (fs RealFileSystem) Abs(path string) (string, error)

func (RealFileSystem) Getwd 

func (fs RealFileSystem) Getwd() (string, error)

func (RealFileSystem) Open 

func (fs RealFileSystem) Open(name string) (fs.File, error)

func (RealFileSystem) ReadFile 

func (fs RealFileSystem) ReadFile(name string) ([]byte, error)

func (RealFileSystem) Stat 

func (fs RealFileSystem) Stat(name string) (os.FileInfo, error)

func (RealFileSystem) WalkDir 

func (fs RealFileSystem) WalkDir(root string, fn fs.WalkDirFunc) error

type RealPackageLoader 

type RealPackageLoader struct{}

RealPackageLoader wraps packages.Load

func (RealPackageLoader) Load 

func (p RealPackageLoader) Load(cfg *packages.Config, patterns ...string) ([]*packages.Package, error)

type RealSandboxer 

type RealSandboxer struct{}

Implements the Sandboxer interface using the internal sandbox package.

func (RealSandboxer) IsSandboxed 

func (rs RealSandboxer) IsSandboxed() bool

func (RealSandboxer) Run 

func (rs RealSandboxer) Run(ctx context.Context, cfg sandbox.Config, stdout, stderr io.Writer) error

type Sandboxer 

type Sandboxer interface {
	IsSandboxed() bool
	Run(ctx context.Context, cfg sandbox.Config, stdout, stderr io.Writer) error
}

Sandboxer abstracts the process isolation mechanism.

type SignatureScanner 

type SignatureScanner interface {
	ScanTopology(topo *topology.FunctionTopology, funcName string) ([]detection.ScanResult, error)
	ScanTopologyExact(topo *topology.FunctionTopology, funcName string) (*detection.ScanResult, error)
	Close() error
}

SignatureScanner abstracts the underlying database backend (PebbleDB or JSON).

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.