diff --git a/.github/workflows/on_push.yml b/.github/workflows/on_push.yml index 6f1d2ab4..110baacf 100644 --- a/.github/workflows/on_push.yml +++ b/.github/workflows/on_push.yml @@ -21,25 +21,29 @@ jobs: name: Checkout uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Pull dependencies run: make install-go-modules - name: Unit tests run: make test - - + - name: Linter - run: make lint + uses: golangci/golangci-lint-action@v3 + with: + version: latest + skip-cache: true - name: Vulnerability scan run: make vulncheck - name: Coverage - uses: codecov/codecov-action@v2 + uses: codecov/codecov-action@v3 with: token: ${{ secrets.CODECOV_TOKEN }} flags: unittests @@ -52,10 +56,11 @@ jobs: name: Checkout uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Pull dependencies run: make install-go-modules @@ -76,19 +81,23 @@ jobs: name: Checkout uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Pull dependencies run: make install-go-modules - name: Unit tests run: make test - - + - name: Linter - run: make lint + uses: golangci/golangci-lint-action@v3 + with: + version: latest + skip-cache: true test-integration-windows: name: Integration Tests Windows @@ -98,10 +107,11 @@ jobs: name: Checkout uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Pull dependencies run: make install-go-modules @@ -122,16 +132,23 @@ jobs: name: Checkout uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Pull dependencies run: make install-go-modules - name: Unit tests run: make test + - + name: Linter + uses: golangci/golangci-lint-action@v3 + with: + version: latest + skip-cache: true test-integration-macos: name: Integration Tests macOS @@ -141,10 +158,11 @@ jobs: name: Checkout uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Pull dependencies run: make install-go-modules @@ -171,6 +189,7 @@ jobs: uses: ludeeus/action-shellcheck@master with: ignore_paths: 'bin/tests/libs' + ignore_names: govulncheck-with-excludes.sh - name: Setup bats uses: mig4/setup-bats@v1 @@ -233,10 +252,11 @@ jobs: uses: actions/checkout@v3 - name: Setup go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Build binaries env: @@ -273,10 +293,11 @@ jobs: uses: actions/checkout@v3 - name: Setup go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Build binaries env: @@ -313,10 +334,11 @@ jobs: uses: actions/checkout@v3 - name: Setup go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Build binaries env: @@ -353,10 +375,11 @@ jobs: uses: actions/checkout@v3 - name: Setup go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Build binaries env: @@ -393,10 +416,11 @@ jobs: uses: actions/checkout@v3 - name: Setup go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Build binaries env: @@ -433,10 +457,11 @@ jobs: uses: actions/checkout@v3 - name: Setup go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version-file: ${{ env.GO_VERSION_FILE }} check-latest: ${{ env.CHECK_LATEST }} + cache: false - name: Build binaries env: diff --git a/Makefile b/Makefile index 20f790b8..05688c24 100644 --- a/Makefile +++ b/Makefile @@ -144,7 +144,7 @@ lint: install-linter .PHONY: vulncheck vulncheck: go install golang.org/x/vuln/cmd/govulncheck@latest - govulncheck ./... + ./bin/govulncheck-with-excludes.sh ./... .PHONY: test test: diff --git a/USAGE.md b/USAGE.md index fb783474..96f6186b 100644 --- a/USAGE.md +++ b/USAGE.md @@ -38,6 +38,7 @@ ssl_certs_file = timeout = 30 hostname = machinename log_file = +import_cfg = /path/to/another/wakatime.cfg [projectmap] projects/foo = new project name @@ -82,6 +83,7 @@ some/submodule/name = new project name | timeout | Connection timeout in seconds when communicating with the api. | _int_ | `120` | | hostname | Optional name of local machine. By default, auto-detects the local machine’s hostname. | _string_ | | | log_file | Optional log file path. | _filepath_ | `~/.wakatime/wakatime.log` | +| import_cfg | Optional path to another wakatime.cfg file to import. If set it will overwrite values loaded from $WAKATIME_HOME/.wakatime.cfg file. | _filepath_ | | ### Project Map Section diff --git a/bin/govulncheck-with-excludes.sh b/bin/govulncheck-with-excludes.sh new file mode 100755 index 00000000..b0a8e4b0 --- /dev/null +++ b/bin/govulncheck-with-excludes.sh @@ -0,0 +1,67 @@ +#!/usr/bin/env bash +set -Eeuo pipefail + +# a wrapper / replacement for "govulncheck" which allows for excluding vulnerabilities +# (https://github.com/golang/go/issues/59507) + +excludeVulns="$(jq -nc '[ + + # https://pkg.go.dev/vuln/GO-2023-1987 + "GO-2023-1987", + + empty # trailing comma hack (makes diffs smaller) +]')" +export excludeVulns + +if ! command -v govulncheck > /dev/null; then + govulncheck() { + local user; user="$(id -u):$(id -g)" + local args=( + --rm --interactive --init + --user "$user" + --env HOME=/tmp + --env GOPATH=/tmp/go + --volume govulncheck:/tmp + --env CGO_ENABLED=0 + --mount "type=bind,src=$PWD,dst=/wd,ro" + --workdir /wd + "${GOLANG_IMAGE:-golang:latest}" + sh -euc ' + go install golang.org/x/vuln/cmd/govulncheck@latest > /dev/null + exec "$GOPATH/bin/govulncheck" "$@" + ' -- + ) + docker run "${args[@]}" "$@" + } +fi + +if out="$(govulncheck "$@")"; then + printf '%s\n' "$out" + exit 0 +fi + +json="$(govulncheck -json "$@")" + +vulns="$(jq <<<"$json" -cs 'map(select(has("osv")) | .osv)')" +if [ "$(jq <<<"$vulns" -r 'length')" -le 0 ]; then + printf '%s\n' "$out" + exit 1 +fi + +filtered="$(jq <<<"$vulns" -c ' + (env.excludeVulns | fromjson) as $exclude + | map(select( + .id as $id + | $exclude | index($id) | not + )) +')" + +text="$(jq <<<"$filtered" -r 'map("- \(.id) (aka \(.aliases | join(", ")))\n\n\t\(.details | gsub("\n"; "\n\t"))") | join("\n\n")')" + +if [ -z "$text" ]; then + printf 'No vulnerabilities found.\n' + exit 0 +else + printf '%s\n' "$text" + exit 1 +fi diff --git a/cmd/heartbeat/heartbeat_test.go b/cmd/heartbeat/heartbeat_test.go index a6eb1368..04b90102 100644 --- a/cmd/heartbeat/heartbeat_test.go +++ b/cmd/heartbeat/heartbeat_test.go @@ -23,8 +23,8 @@ import ( "github.com/wakatime/wakatime-cli/pkg/project" "github.com/wakatime/wakatime-cli/pkg/version" "github.com/wakatime/wakatime-cli/pkg/windows" - "github.com/yookoala/realpath" + "github.com/gandarez/go-realpath" "github.com/matishsiao/goInfo" "github.com/spf13/viper" "github.com/stretchr/testify/assert" diff --git a/cmd/root.go b/cmd/root.go index 31b863e7..c554c682 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -57,7 +57,7 @@ func setFlags(cmd *cobra.Command, v *viper.Viper) { "Category of this heartbeat activity. Can be \"coding\","+ " \"building\", \"indexing\", \"debugging\", \"running tests\","+ " \"writing tests\", \"manual testing\", \"code reviewing\","+ - " \"browsing\", or \"designing\". Defaults to \"coding\".", + " \"browsing\", \"translating\", or \"designing\". Defaults to \"coding\".", ) flags.String("config", "", "Optional config file. Defaults to '~/.wakatime.cfg'.") flags.String("internal-config", "", "Optional internal config file. Defaults to '~/.wakatime/wakatime-internal.cfg'.") diff --git a/cmd/testdata/.wakatime.cfg b/cmd/testdata/.wakatime.cfg index ea804760..1f7cb866 100644 --- a/cmd/testdata/.wakatime.cfg +++ b/cmd/testdata/.wakatime.cfg @@ -1,3 +1,4 @@ [settings] +api_key = 00000000-0000-4000-8000-000000000002 debug = true import_cfg = "testdata/.import.cfg" diff --git a/go.mod b/go.mod index 7209f077..bc3462c0 100644 --- a/go.mod +++ b/go.mod @@ -8,6 +8,7 @@ require ( github.com/danwakefield/fnmatch v0.0.0-20160403171240-cbb64ac3d964 github.com/dlclark/regexp2 v1.8.1 github.com/gandarez/go-olson-timezone v0.1.0 + github.com/gandarez/go-realpath v1.0.0 github.com/juju/mutex v0.0.0-20180619145857-d21b13acf4bf github.com/kevinburke/ssh_config v1.2.1-0.20220605204831-a56e914e7283 github.com/matishsiao/goInfo v0.0.0-20210923090445-da2e3fa8d45f @@ -18,8 +19,7 @@ require ( github.com/spf13/cobra v1.6.1 github.com/spf13/jwalterweatherman v1.1.0 github.com/spf13/viper v1.15.0 - github.com/stretchr/testify v1.8.1 - github.com/yookoala/realpath v1.0.0 + github.com/stretchr/testify v1.8.4 go.etcd.io/bbolt v1.3.7 golang.org/x/crypto v0.6.0 golang.org/x/net v0.7.0 @@ -45,6 +45,7 @@ require ( github.com/spf13/cast v1.5.0 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/subosito/gotenv v1.4.2 // indirect + github.com/yookoala/realpath v1.0.0 // indirect golang.org/x/sys v0.5.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index dd4425db..bc98e520 100644 --- a/go.sum +++ b/go.sum @@ -76,6 +76,8 @@ github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/gandarez/go-olson-timezone v0.1.0 h1:cDRlHKQE0uC3mJNZyKoQIpAuvQtV8KXwIVj8bDEEyuo= github.com/gandarez/go-olson-timezone v0.1.0/go.mod h1:+yV/cYNjgs2JqdGShznAD4R13r8lKMGR2XlWAJqa5Yo= +github.com/gandarez/go-realpath v1.0.0 h1:fhQBRDshH/MZNmDLWM9vbBameK2fxyLr+ctqkRwbHEU= +github.com/gandarez/go-realpath v1.0.0/go.mod h1:B5MPsYoZD8dUhGtNbTlOZGuaRD/jM0CnbBWXXD1rSk8= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -258,8 +260,9 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/subosito/gotenv v1.4.2 h1:X1TuBLAMDFbaTAChgCBLu3DU3UPyELpnF2jjJ2cz/S8= github.com/subosito/gotenv v1.4.2/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= github.com/wakatime/chroma v0.10.0-wakatime.1 h1:S3XwuOsibZY0hQlUyoJ9mak7K2kbrrfTh1X6XD2DK4c= diff --git a/main_test.go b/main_test.go index df6d85c2..81de77b7 100644 --- a/main_test.go +++ b/main_test.go @@ -24,8 +24,8 @@ import ( "github.com/wakatime/wakatime-cli/pkg/project" "github.com/wakatime/wakatime-cli/pkg/version" "github.com/wakatime/wakatime-cli/pkg/windows" - "github.com/yookoala/realpath" + "github.com/gandarez/go-realpath" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) diff --git a/pkg/api/transport.go b/pkg/api/transport.go index e6f3774a..1ec3f7c7 100644 --- a/pkg/api/transport.go +++ b/pkg/api/transport.go @@ -9,43 +9,8 @@ import ( "github.com/wakatime/wakatime-cli/pkg/log" ) -const serverName = "api.wakatime.com" - -// NewTransport initializes a new http.Transport. -func NewTransport() *http.Transport { - return &http.Transport{ - ForceAttemptHTTP2: true, - MaxConnsPerHost: 1, - MaxIdleConns: 1, - MaxIdleConnsPerHost: 1, - Proxy: nil, - TLSHandshakeTimeout: DefaultTimeoutSecs * time.Second, - } -} - -// NewTransportWithHostVerificationDisabled initializes a new http.Transport with disabled host verification. -func NewTransportWithHostVerificationDisabled() *http.Transport { - t := NewTransport() - - t.TLSClientConfig = &tls.Config{ - MinVersion: tls.VersionTLS12, - RootCAs: CACerts(), - ServerName: serverName, - } - - return t -} - -// LazyCreateNewTransport uses the client's Transport if exists, or creates a new one. -func LazyCreateNewTransport(c *Client) *http.Transport { - if c != nil && c.client != nil && c.client.Transport != nil { - return c.client.Transport.(*http.Transport).Clone() - } - - return NewTransport() -} - -const letsencryptCerts string = ` +const ( + letsencryptCerts = ` -----BEGIN CERTIFICATE----- MIIEYDCCAkigAwIBAgIQB55JKIY3b9QISMI/xjHkYzANBgkqhkiG9w0BAQsFADBP MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy @@ -118,6 +83,42 @@ mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= -----END CERTIFICATE----- ` + serverName = "api.wakatime.com" +) + +// NewTransport initializes a new http.Transport. +func NewTransport() *http.Transport { + return &http.Transport{ + ForceAttemptHTTP2: true, + MaxConnsPerHost: 1, + MaxIdleConns: 1, + MaxIdleConnsPerHost: 1, + Proxy: nil, + TLSHandshakeTimeout: DefaultTimeoutSecs * time.Second, + } +} + +// NewTransportWithHostVerificationDisabled initializes a new http.Transport with disabled host verification. +func NewTransportWithHostVerificationDisabled() *http.Transport { + t := NewTransport() + + t.TLSClientConfig = &tls.Config{ + MinVersion: tls.VersionTLS12, + RootCAs: CACerts(), + ServerName: serverName, + } + + return t +} + +// LazyCreateNewTransport uses the client's Transport if exists, or creates a new one. +func LazyCreateNewTransport(c *Client) *http.Transport { + if c != nil && c.client != nil && c.client.Transport != nil { + return c.client.Transport.(*http.Transport).Clone() + } + + return NewTransport() +} // CACerts returns a root cert pool with the system's cacerts and LetsEncrypt's root certs. func CACerts() *x509.CertPool { diff --git a/pkg/api/transport_windows.go b/pkg/api/transport_windows.go index 6f04892a..01ef90a4 100644 --- a/pkg/api/transport_windows.go +++ b/pkg/api/transport_windows.go @@ -4,11 +4,20 @@ package api import ( "crypto/x509" + "runtime/debug" "syscall" "unsafe" + + "github.com/wakatime/wakatime-cli/pkg/log" ) func loadSystemRoots() (*x509.CertPool, error) { + defer func() { + if err := recover(); err != nil { + log.Errorf("failed to load system roots on Windows. panicked: %v. Stack: %s", err, string(debug.Stack())) + } + }() + const cryptENotFound = 0x80092004 rootPtr, err := syscall.UTF16PtrFromString("ROOT") diff --git a/pkg/apikey/apikey_test.go b/pkg/apikey/apikey_test.go index fd7e2aed..14b4abc5 100644 --- a/pkg/apikey/apikey_test.go +++ b/pkg/apikey/apikey_test.go @@ -11,9 +11,9 @@ import ( "github.com/wakatime/wakatime-cli/pkg/apikey" "github.com/wakatime/wakatime-cli/pkg/heartbeat" + "github.com/gandarez/go-realpath" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "github.com/yookoala/realpath" ) func TestWithReplacing(t *testing.T) { diff --git a/pkg/heartbeat/format.go b/pkg/heartbeat/format.go index 17ebdc1e..8e9aa8b3 100644 --- a/pkg/heartbeat/format.go +++ b/pkg/heartbeat/format.go @@ -7,7 +7,7 @@ import ( "github.com/wakatime/wakatime-cli/pkg/log" "github.com/wakatime/wakatime-cli/pkg/windows" - "github.com/yookoala/realpath" + "github.com/gandarez/go-realpath" ) // WithFormatting initializes and returns a heartbeat handle option, which diff --git a/pkg/heartbeat/format_test.go b/pkg/heartbeat/format_test.go index d49ce50c..f1a3f33f 100644 --- a/pkg/heartbeat/format_test.go +++ b/pkg/heartbeat/format_test.go @@ -5,11 +5,12 @@ import ( "runtime" "testing" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" "github.com/wakatime/wakatime-cli/pkg/heartbeat" "github.com/wakatime/wakatime-cli/pkg/windows" - "github.com/yookoala/realpath" + + "github.com/gandarez/go-realpath" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" ) func TestWithFormatting(t *testing.T) { diff --git a/pkg/project/file_test.go b/pkg/project/file_test.go index 454800d9..d214b3fb 100644 --- a/pkg/project/file_test.go +++ b/pkg/project/file_test.go @@ -6,8 +6,8 @@ import ( "testing" "github.com/wakatime/wakatime-cli/pkg/project" - "github.com/yookoala/realpath" + "github.com/gandarez/go-realpath" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) diff --git a/pkg/project/git_test.go b/pkg/project/git_test.go index ea75f666..b67d263d 100644 --- a/pkg/project/git_test.go +++ b/pkg/project/git_test.go @@ -11,8 +11,8 @@ import ( "github.com/wakatime/wakatime-cli/pkg/project" "github.com/wakatime/wakatime-cli/pkg/regex" "github.com/wakatime/wakatime-cli/pkg/windows" - "github.com/yookoala/realpath" + "github.com/gandarez/go-realpath" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) diff --git a/pkg/project/map_test.go b/pkg/project/map_test.go index e52d4cae..931dbc49 100644 --- a/pkg/project/map_test.go +++ b/pkg/project/map_test.go @@ -7,8 +7,8 @@ import ( "testing" "github.com/wakatime/wakatime-cli/pkg/project" - "github.com/yookoala/realpath" + "github.com/gandarez/go-realpath" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) diff --git a/pkg/project/project.go b/pkg/project/project.go index 33cb69a9..7160535b 100644 --- a/pkg/project/project.go +++ b/pkg/project/project.go @@ -15,8 +15,8 @@ import ( "github.com/wakatime/wakatime-cli/pkg/log" "github.com/wakatime/wakatime-cli/pkg/regex" "github.com/wakatime/wakatime-cli/pkg/windows" - "github.com/yookoala/realpath" + "github.com/gandarez/go-realpath" "golang.org/x/text/cases" "golang.org/x/text/language" ) diff --git a/pkg/project/project_test.go b/pkg/project/project_test.go index 4b90a7c0..2ec442b8 100644 --- a/pkg/project/project_test.go +++ b/pkg/project/project_test.go @@ -11,8 +11,8 @@ import ( "github.com/wakatime/wakatime-cli/pkg/project" "github.com/wakatime/wakatime-cli/pkg/regex" "github.com/wakatime/wakatime-cli/pkg/windows" - "github.com/yookoala/realpath" + "github.com/gandarez/go-realpath" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" )