Append the package load errors to analyser's errors

Signed-off-by: Cosmin Cojocar <[email protected]>

Author: ccojocar

analyzer.go

@@ -107,7 +107,7 @@ func (gosec *Analyzer) Process(buildTags []string, packagePaths ...string) error
 	for _, pkgPath := range packagePaths {
 		pkgs, err := gosec.load(pkgPath, config)
 		if err != nil {
-			return fmt.Errorf("loading pkg dir %q: %v", pkgPath, err)
+			gosec.AppendError(pkgPath, err)
 		}
 		for _, pkg := range pkgs {
 			if pkg.Name != "" {
@@ -124,10 +124,14 @@ func (gosec *Analyzer) Process(buildTags []string, packagePaths ...string) error
 }
 
 func (gosec *Analyzer) pkgConfig(buildTags []string) *packages.Config {
-	tagsFlag := "-tags=" + strings.Join(buildTags, " ")
+	flags := []string{}
+	if len(buildTags) > 0 {
+		tagsFlag := "-tags=" + strings.Join(buildTags, " ")
+		flags = append(flags, tagsFlag)
+	}
 	return &packages.Config{
 		Mode:       packages.LoadSyntax,
-		BuildFlags: []string{tagsFlag},
+		BuildFlags: flags,
 		Tests:      gosec.tests,
 	}
 }
@@ -142,7 +146,7 @@ func (gosec *Analyzer) load(pkgPath string, conf *packages.Config) ([]*packages.
 	gosec.logger.Println("Import directory:", abspath)
 	basePackage, err := build.Default.ImportDir(pkgPath, build.ImportComment)
 	if err != nil {
-		return []*packages.Package{}, err
+		return []*packages.Package{}, fmt.Errorf("importing dir %q: %v", pkgPath, err)
 	}
 
 	var packageFiles []string
@@ -161,7 +165,7 @@ func (gosec *Analyzer) load(pkgPath string, conf *packages.Config) ([]*packages.
 
 	pkgs, err := packages.Load(conf, packageFiles...)
 	if err != nil {
-		return []*packages.Package{}, err
+		return []*packages.Package{}, fmt.Errorf("loading files from package %q: %v", pkgPath, err)
 	}
 	return pkgs, nil
 }
@@ -218,6 +222,22 @@ func (gosec *Analyzer) ParseErrors(pkg *packages.Package) error {
 	return nil
 }
 
+// AppendError appends an error to the file errors
+func (gosec *Analyzer) AppendError(file string, err error) {
+	// Do not report the error for empty packages (e.g. files excluded from build with a tag
+	r := regexp.MustCompile(`no buildable Go source files in`)
+	if r.MatchString(err.Error()) {
+		return
+	}
+	errors := []Error{}
+	if ferrs, ok := gosec.errors[file]; ok {
+		errors = ferrs
+	}
+	ferr := NewError(0, 0, err.Error())
+	errors = append(errors, *ferr)
+	gosec.errors[file] = errors
+}
+
 // ignore a node (and sub-tree) if it is tagged with a "#nosec" comment
 func (gosec *Analyzer) ignore(n ast.Node) ([]string, bool) {
 	if groups, ok := gosec.context.Comments[n]; ok && !gosec.ignoreNosec {

analyzer_test.go

@@ -1,6 +1,7 @@
 package gosec_test
 
 import (
+	"errors"
 	"io/ioutil"
 	"log"
 	"os"
@@ -30,27 +31,31 @@ var _ = Describe("Analyzer", func() {
 
 	Context("when processing a package", func() {
 
-		It("should return an error if the package contains no Go files", func() {
+		It("should not report an error if the package contains no Go files", func() {
 			analyzer.LoadRules(rules.Generate().Builders())
 			dir, err := ioutil.TempDir("", "empty")
 			defer os.RemoveAll(dir)
 			Expect(err).ShouldNot(HaveOccurred())
 			err = analyzer.Process(buildTags, dir)
-			Expect(err).Should(HaveOccurred())
-			Expect(err.Error()).Should(MatchRegexp("no buildable Go source files"))
+			Expect(err).ShouldNot(HaveOccurred())
+			_, _, errors := analyzer.Report()
+			Expect(len(errors)).To(Equal(0))
 		})
 
-		It("should return an error if the package fails to build", func() {
+		It("should report an error if the package fails to build", func() {
 			analyzer.LoadRules(rules.Generate().Builders())
 			pkg := testutils.NewTestPackage()
 			defer pkg.Close()
 			pkg.AddFile("wonky.go", `func main(){ println("forgot the package")}`)
 			err := pkg.Build()
 			Expect(err).Should(HaveOccurred())
 			err = analyzer.Process(buildTags, pkg.Path)
-			Expect(err).Should(HaveOccurred())
-			Expect(err.Error()).Should(MatchRegexp(`expected 'package'`))
-
+			Expect(err).ShouldNot(HaveOccurred())
+			_, _, errors := analyzer.Report()
+			Expect(len(errors)).To(Equal(1))
+			for _, ferr := range errors {
+				Expect(len(ferr)).To(Equal(1))
+			}
 		})
 
 		It("should be able to analyze multiple Go files", func() {
@@ -216,9 +221,9 @@ var _ = Describe("Analyzer", func() {
 			pkg := testutils.NewTestPackage()
 			defer pkg.Close()
 			pkg.AddFile("tags.go", source)
-			buildTags = append(buildTags, "test")
-			err := analyzer.Process(buildTags, pkg.Path)
-			Expect(err).Should(HaveOccurred())
+			tags := []string{"tag"}
+			err := analyzer.Process(tags, pkg.Path)
+			Expect(err).ShouldNot(HaveOccurred())
 		})
 
 		It("should process an empty package with test file", func() {
@@ -236,14 +241,6 @@ var _ = Describe("Analyzer", func() {
 			Expect(err).ShouldNot(HaveOccurred())
 		})
 
-		It("should report an error when the package is empty", func() {
-			analyzer.LoadRules(rules.Generate().Builders())
-			pkg := testutils.NewTestPackage()
-			defer pkg.Close()
-			err := analyzer.Process(buildTags, pkg.Path)
-			Expect(err).Should(HaveOccurred())
-		})
-
 		It("should be possible to overwrite nosec comments, and report issues", func() {
 			// Rule for MD5 weak crypto usage
 			sample := testutils.SampleCodeG401[0]
@@ -416,4 +413,31 @@ var _ = Describe("Analyzer", func() {
 			}
 		})
 	})
+
+	Context("when appending errors", func() {
+		It("should skip error for non-buildable packages", func() {
+			analyzer.AppendError("test", errors.New(`loading file from package "pkg/test": no buildable Go source files in pkg/test`))
+			_, _, errors := analyzer.Report()
+			Expect(len(errors)).To(Equal(0))
+		})
+
+		It("should add a new error", func() {
+			pkg := &packages.Package{
+				Errors: []packages.Error{
+					packages.Error{
+						Pos: "file:1:2",
+						Msg: "build error",
+					},
+				},
+			}
+			err := analyzer.ParseErrors(pkg)
+			Expect(err).ShouldNot(HaveOccurred())
+			analyzer.AppendError("file", errors.New("file build error"))
+			_, _, errors := analyzer.Report()
+			Expect(len(errors)).To(Equal(1))
+			for _, ferr := range errors {
+				Expect(len(ferr)).To(Equal(2))
+			}
+		})
+	})
 })

testutils/source.go

@@ -1135,7 +1135,7 @@ func main() {
 }`}, 1}}
 	// SampleCode601 - Go build tags
 	SampleCode601 = []CodeSample{{[]string{`
-// +build test
+// +build tag
 
 package main
 func main() {