47 lines
1.1 KiB
Go
47 lines
1.1 KiB
Go
// Copyright 2022 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package checks
|
|
|
|
import (
|
|
"strings"
|
|
|
|
"golang.org/x/tools/go/analysis"
|
|
)
|
|
|
|
var (
|
|
deniedImports = []string{"io/ioutil", "encoding/json", "gitea.com/gitea/go-crypto"}
|
|
DenylistImports = &analysis.Analyzer{
|
|
Name: "denylist_imports",
|
|
Doc: "check for denied imports",
|
|
Run: runDenylistImports,
|
|
}
|
|
)
|
|
|
|
func runDenylistImports(pass *analysis.Pass) (interface{}, error) {
|
|
for _, file := range pass.Files {
|
|
for _, im := range file.Imports {
|
|
val := im.Path.Value
|
|
val = strings.TrimPrefix(val, `"`)
|
|
val = strings.TrimSuffix(val, `"`)
|
|
for _, deniedImport := range deniedImports {
|
|
if strings.HasPrefix(val, deniedImport) {
|
|
// Allow a exemption when there is a comment 'Allow "package_name" import'
|
|
allowed := false
|
|
for _, comment := range file.Comments {
|
|
if strings.Contains(comment.Text(), "Allow \""+val+"\" import") {
|
|
allowed = true
|
|
break
|
|
}
|
|
}
|
|
|
|
if !allowed {
|
|
pass.Reportf(im.Path.Pos(), `"`+val+"\" is not allowed to be imported")
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
return nil, nil
|
|
}
|