You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is recommended to execute make format to standardize your code style before the code is submitted.
Code scan
golangci-lint run # Enable default rules with fewer rules
golangci-lint run --enable-all # Enable all rules, too many rules
Test requirements
Unit test requirements
Test Naming: Use clear and descriptive names for test functions to understand the purpose of the tests.
Test Coverage: Aim to cover various branches and boundary conditions in the code to ensure comprehensive test coverage.
Independence: Ensure that each test function is independent of others and does not impact each other.
Readability: Write test code that is easy to understand and maintain, using appropriate assertions and comments.
Fast Execution: Tests should execute as quickly as possible to avoid long testing times.
Performance testing requirements
Objective Setting: Clearly define the objectives of performance testing, such as response time, throughput, and other metrics.
Data Preparation: Prepare appropriate test data, including simulating realistic data volumes and workloads.
Testing Environment: Conduct performance testing in an environment that closely resembles the actual deployment environment to ensure more accurate and reliable results.
Testing Tools: Choose suitable performance testing tools and configure the test parameters correctly.
Test Reporting: Record and analyze the results of performance testing, including performance metrics, bottleneck analysis, and recommended optimization measures.
Execution of single test coverage command
go install github.com/axw/gocov/gocov@latest
go install github.com/AlekSi/gocov-xml@latest
# Perform compilation
go mod tidy
# Perform unit tests
go test ./... -v -coverprofile=cover.out
# Generate unit test report and coverage
go tool cover -html=cover.out -o coverage.html
gocov convert cover.out | gocov-xml > coverage.xml
Code fingerprint extension
Implement the PreProcessor interface for the parser. Preprocessors for different languages need to implement the PreProcessor interface, which includes the following methods:
Name: The name of the preprocessor, such as java, cpp, etc. This should be unique.
SupportedFileTypes: The file types supported by the preprocessor, represented as a list of file extensions, such as .cpp/.hpp/.c/.c.
ProcessContent: Processes the specified file and returns the processed content.
Classify according to the package manager description file, implement the corresponding file parser interface FileParser, and register it in the collector
Matcher: The framework matches corresponding scanned files according to different file matching methods in FileMatcher.
Parse: Parses the specified file and returns package information and dependency information.
Implement the document specification interfaces Spec and Format.
// Spec is a sbom specficationtypeSpecinterface {
Name() string// Name returns the spec nameVersion() string// Version returns the spec versionValidate() error// Validate validates the specFormats() []Format// Formats returns all formats of this specFromSBOM(*sbom.SBOM) // FromSBOM converts a sbom to specToSBOM() *sbom.SBOM// ToSBOM converts spec to a sbom
}
// Format is a sbom file formattypeFormatinterface {
Spec() Spec// Spec returns the spec of this formatType() string// Type returns the format typeLoad(reader io.Reader) error// Load loads a sbom from readerDump(writer io.Writer) error// Dump dumps a sbom to writer
}
In the init function of the parser, call RegisterPackageParser to register the parser instance to the global parser container.