refactor: order ecosystem stuff alphabetically (#390)

This should hopefully make it a bit easier to find stuff especially as
support for more ecosystems is added

Signed-off-by: Gareth Jones <[email protected]>

Author: G-Rath

tools/osv-linter/internal/pkgchecker/ecosystems.go

@@ -6,30 +6,30 @@ import (
 
 // Ecosystem support is a work in progress.
 var SupportedEcosystems = []string{
-	"Go",
-	"PyPI",
 	"crates.io",
+	"Go",
+	"Hackage",
+	"Maven",
 	"npm",
 	"NuGet",
-	"RubyGems",
 	"Packagist",
 	"Pub",
-	"Hackage",
-	"Maven",
+	"PyPI",
+	"RubyGems",
 }
 
 // EcosystemBaseURLs maps ecosystems to their base API URLs.
 var EcosystemBaseURLs = map[string]string{
-	"Go":        "https://proxy.golang.org",
-	"PyPI":      "https://pypi.org/pypi",
 	"crates.io": "https://crates.io/api/v1/crates",
+	"Go":        "https://proxy.golang.org",
+	"Hackage":   "https://hackage.haskell.org/package",
+	"Maven":     "https://search.maven.org/solrsearch/select",
 	"npm":       "https://registry.npmjs.org",
 	"NuGet":     "https://api.nuget.org/v3-flatcontainer",
-	"RubyGems":  "https://rubygems.org/api/v1",
 	"Packagist": "https://repo.packagist.org/p2",
 	"Pub":       "https://pub.dev/api/packages",
-	"Hackage":   "https://hackage.haskell.org/package",
-	"Maven":     "https://search.maven.org/solrsearch/select",
+	"PyPI":      "https://pypi.org/pypi",
+	"RubyGems":  "https://rubygems.org/api/v1",
 }
 
 // Dispatcher for ecosystem-specific package existence checking.

tools/osv-linter/internal/pkgchecker/ecosystems_test.go

@@ -2,9 +2,7 @@ package pkgchecker
 
 import "testing"
 
-func Test_versionsExistInRubyGems(t *testing.T) {
-	t.Parallel()
-
+func Test_versionsExistInGo(t *testing.T) {
 	type args struct {
 		pkg      string
 		versions []string
@@ -15,44 +13,26 @@ func Test_versionsExistInRubyGems(t *testing.T) {
 		wantErr bool
 	}{
 		{
-			name: "multiple_versions_which_all_exist",
+			name: "an unreleased package",
 			args: args{
-				pkg:      "capistrano",
-				versions: []string{"2.5.7", "3.0.0.pre4", "3.11.1"},
+				pkg:      "github.com/nanobox-io/golang-nanoauth",
+				versions: nil,
 			},
 			wantErr: false,
 		},
 		{
-			name: "multiple_versions_with_one_that_does_not_exist",
-			args: args{
-				pkg:      "capistrano",
-				versions: []string{"1.1.1", "2.3rc9", "3.1.5", "5.1rc1"},
-			},
-			wantErr: true,
-		},
-		{
-			name: "an_invalid_version",
-			args: args{
-				pkg:      "capistrano",
-				versions: []string{"!"},
-			},
-			wantErr: true,
-		},
-		{
-			name: "a_package_that_does_not_exit",
+			name: "a released package",
 			args: args{
-				pkg:      "not-a-real-package",
-				versions: []string{"1.0.0"},
+				pkg:      "github.com/oauth2-proxy/oauth2-proxy",
+				versions: []string{"1.1.1"},
 			},
-			wantErr: true,
+			wantErr: false,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			t.Parallel()
-
-			if err := versionsExistInRubyGems(tt.args.pkg, tt.args.versions); (err != nil) != tt.wantErr {
-				t.Errorf("versionsExistInRubyGems() error = %v, wantErr %v", err, tt.wantErr)
+			if err := versionsExistInGo(tt.args.pkg, tt.args.versions); (err != nil) != tt.wantErr {
+				t.Errorf("versionsExistInGo() error = %v, wantErr %v", err, tt.wantErr)
 			}
 		})
 	}
@@ -186,7 +166,9 @@ func Test_versionsExistInPyPI(t *testing.T) {
 	}
 }
 
-func Test_versionsExistInGo(t *testing.T) {
+func Test_versionsExistInRubyGems(t *testing.T) {
+	t.Parallel()
+
 	type args struct {
 		pkg      string
 		versions []string
@@ -197,26 +179,44 @@ func Test_versionsExistInGo(t *testing.T) {
 		wantErr bool
 	}{
 		{
-			name: "an unreleased package",
+			name: "multiple_versions_which_all_exist",
 			args: args{
-				pkg:      "github.com/nanobox-io/golang-nanoauth",
-				versions: nil,
+				pkg:      "capistrano",
+				versions: []string{"2.5.7", "3.0.0.pre4", "3.11.1"},
 			},
 			wantErr: false,
 		},
 		{
-			name: "a released package",
+			name: "multiple_versions_with_one_that_does_not_exist",
 			args: args{
-				pkg:      "github.com/oauth2-proxy/oauth2-proxy",
-				versions: []string{"1.1.1"},
+				pkg:      "capistrano",
+				versions: []string{"1.1.1", "2.3rc9", "3.1.5", "5.1rc1"},
 			},
-			wantErr: false,
+			wantErr: true,
+		},
+		{
+			name: "an_invalid_version",
+			args: args{
+				pkg:      "capistrano",
+				versions: []string{"!"},
+			},
+			wantErr: true,
+		},
+		{
+			name: "a_package_that_does_not_exit",
+			args: args{
+				pkg:      "not-a-real-package",
+				versions: []string{"1.0.0"},
+			},
+			wantErr: true,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if err := versionsExistInGo(tt.args.pkg, tt.args.versions); (err != nil) != tt.wantErr {
-				t.Errorf("versionsExistInGo() error = %v, wantErr %v", err, tt.wantErr)
+			t.Parallel()
+
+			if err := versionsExistInRubyGems(tt.args.pkg, tt.args.versions); (err != nil) != tt.wantErr {
+				t.Errorf("versionsExistInRubyGems() error = %v, wantErr %v", err, tt.wantErr)
 			}
 		})
 	}

tools/osv-linter/internal/pkgchecker/package_check.go

@@ -48,6 +48,37 @@ func existsInGo(pkg string) bool {
 	return checkPackageExists(packageInstanceURL)
 }
 
+// Validate the existence of a package in Hackage.
+func existsInHackage(pkg string) bool {
+	packageInstanceURL := fmt.Sprintf("%s/%s", EcosystemBaseURLs["Hackage"], pkg)
+
+	return checkPackageExists(packageInstanceURL)
+}
+
+// Validate the existence of a package in Maven.
+func existsInMaven(pkg string) bool {
+	if !strings.Contains(pkg, ":") {
+		return false
+	}
+	group_id := strings.Split(pkg, ":")[0]
+	artifact_id := strings.Split(pkg, ":")[1]
+
+	ecosystem := "Maven"
+	packageInstanceURL := fmt.Sprintf("%s/?q=g:%s%%20AND%%20a:%s", EcosystemBaseURLs[ecosystem], group_id, artifact_id)
+
+	if isPackageInDepsDev(ecosystem, pkg) {
+		return true
+	}
+
+	// Needs to use GET instead of HEAD for Maven
+	resp, err := faulttolerant.Get(packageInstanceURL)
+	if err != nil {
+		return false
+	}
+
+	return resp.StatusCode == http.StatusOK
+}
+
 // Validate the existence of a package in npm.
 func existsInNpm(pkg string) bool {
 	ecosystem := "npm"
@@ -72,16 +103,16 @@ func existsInNuget(pkg string) bool {
 	return checkPackageExists(packageInstanceURL)
 }
 
-// Validate the existence of a package in RubyGems.
-func existsInRubyGems(pkg string) bool {
-	packageInstanceURL := fmt.Sprintf("%s/gems/%s.json", EcosystemBaseURLs["RubyGems"], pkg)
+// Validate the existence of a package in Packagist.
+func existsInPackagist(pkg string) bool {
+	packageInstanceURL := fmt.Sprintf("%s/%s.json", EcosystemBaseURLs["Packagist"], pkg)
 
 	return checkPackageExists(packageInstanceURL)
 }
 
-// Validate the existence of a package in Packagist.
-func existsInPackagist(pkg string) bool {
-	packageInstanceURL := fmt.Sprintf("%s/%s.json", EcosystemBaseURLs["Packagist"], pkg)
+// Validate the existence of a package in Pub.
+func existsInPub(pkg string) bool {
+	packageInstanceURL := fmt.Sprintf("%s/%s", EcosystemBaseURLs["Pub"], pkg)
 
 	return checkPackageExists(packageInstanceURL)
 }
@@ -98,44 +129,13 @@ func existsInPyPI(pkg string) bool {
 	return checkPackageExists(packageInstanceURL)
 }
 
-// Validate the existence of a package in Pub.
-func existsInPub(pkg string) bool {
-	packageInstanceURL := fmt.Sprintf("%s/%s", EcosystemBaseURLs["Pub"], pkg)
-
-	return checkPackageExists(packageInstanceURL)
-}
-
-// Validate the existence of a package in Hackage.
-func existsInHackage(pkg string) bool {
-	packageInstanceURL := fmt.Sprintf("%s/%s", EcosystemBaseURLs["Hackage"], pkg)
+// Validate the existence of a package in RubyGems.
+func existsInRubyGems(pkg string) bool {
+	packageInstanceURL := fmt.Sprintf("%s/gems/%s.json", EcosystemBaseURLs["RubyGems"], pkg)
 
 	return checkPackageExists(packageInstanceURL)
 }
 
-// Validate the existence of a package in Maven.
-func existsInMaven(pkg string) bool {
-	if !strings.Contains(pkg, ":") {
-		return false
-	}
-	group_id := strings.Split(pkg, ":")[0]
-	artifact_id := strings.Split(pkg, ":")[1]
-
-	ecosystem := "Maven"
-	packageInstanceURL := fmt.Sprintf("%s/?q=g:%s%%20AND%%20a:%s", EcosystemBaseURLs[ecosystem], group_id, artifact_id)
-
-	if isPackageInDepsDev(ecosystem, pkg) {
-		return true
-	}
-
-	// Needs to use GET instead of HEAD for Maven
-	resp, err := faulttolerant.Get(packageInstanceURL)
-	if err != nil {
-		return false
-	}
-
-	return resp.StatusCode == http.StatusOK
-}
-
 // Makes an HTTP GET request to check package existance, with fault tolerance.
 func checkPackageExists(packageInstanceURL string) bool {
 	// This 404's for non-existent packages.