internal/report: add lint check for source

Add a lint check to ensure that original reports created by the Go team are always marked REVIEWED. Change-Id: I5d72998be1597e42ec5ae5e05d4a5d9a4324cb40 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/590276 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com>
golang · Jun 5, 2024 · a75c727 · a75c727
1 parent a460ba8
commit a75c727
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/internal/report/lint.go b/internal/report/lint.go
@@ -259,6 +259,15 @@ func (r *Report) lintReviewStatus(l *linter) {
 	}
 }
 
+func (r *Report) lintSource(l *linter) {
+	if r.SourceMeta == nil {
+		return
+	}
+	if !r.IsReviewed() && r.SourceMeta.ID == sourceGoTeam {
+		l.Errorf("source: if id=%s, report must be %s", sourceGoTeam, Reviewed)
+	}
+}
+
 func (r *Report) countAdvisories() int {
 	advisoryCount := 0
 	for _, ref := range r.References {
@@ -496,6 +505,7 @@ func (r *Report) lint(pc *proxy.Client) []string {
 
 	r.lintReferences(l)
 	r.lintReviewStatus(l)
+	r.lintSource(l)
 
 	if r.hasTODOs() {
 		l.Error("contains one or more TODOs")