Skip to content

Commit

Permalink
Refactor package comparison in a separate routine.
Browse files Browse the repository at this point in the history
  • Loading branch information
blkt committed Nov 22, 2024
1 parent 1a465a4 commit 026b68d
Showing 1 changed file with 20 additions and 2 deletions.
22 changes: 20 additions & 2 deletions internal/engine/eval/trusty/actions.go
Original file line number Diff line number Diff line change
Expand Up @@ -323,8 +323,9 @@ func (sph *summaryPrHandler) generateSummary() (string, error) {
// Since (1) we don't have score anymore, and
// (2) we don't suggest malicious packages, I
// suggest getting rid of this check
// altogether.
if altData.Score != nil && *altData.Score != 0 && *altData.Score <= lowScorePackages[alternative.Dependency.Name].Score {
// altogether and always report all available
// alternatives.
if comparePackages(altData, lowScorePackages[alternative.Dependency.Name]) == worse {
continue
}

Expand All @@ -348,6 +349,23 @@ func (sph *summaryPrHandler) generateSummary() (string, error) {
return sph.compileTemplate(malicious, lowScorePackages)
}

type packageComparison int

const (
better packageComparison = iota
worse
)

// comparePackages compares two packages to determine whether the
// first argument is better or worse than the second one. It does so
// by checking Trusty scores.
func comparePackages(alt alternative, examined templatePackage) packageComparison {
if alt.Score != nil && *alt.Score != 0 && *alt.Score <= examined.Score {
return worse
}
return better
}

// buildProvenanceStruct builds the provenance data structure for the PR template
func buildProvenanceStruct(r *trustyReport) *templateProvenance {
if r == nil || r.Provenance == nil {
Expand Down

0 comments on commit 026b68d

Please sign in to comment.