Refresh generated neovim config
This commit is contained in:
@ -128,6 +128,7 @@ Other dedicated linters that are built-in are:
|
||||
| [Flake8][13] | `flake8` |
|
||||
| [flawfinder][35] | `flawfinder` |
|
||||
| [gdlint (gdtoolkit)][gdlint] | `gdlint` |
|
||||
| [GHDL][ghdl] | `ghdl` |
|
||||
| [gitlint][gitlint] | `gitlint` |
|
||||
| [glslc][glslc] | `glslc` |
|
||||
| [Golangci-lint][16] | `golangcilint` |
|
||||
@ -165,6 +166,7 @@ Other dedicated linters that are built-in are:
|
||||
| [ponyc][ponyc] | `pony` |
|
||||
| [prisma-lint][prisma-lint] | `prisma-lint` |
|
||||
| [proselint][proselint] | `proselint` |
|
||||
| [protolint][protolint] | `protolint` |
|
||||
| [psalm][psalm] | `psalm` |
|
||||
| [puppet-lint][puppet-lint] | `puppet-lint` |
|
||||
| [pycodestyle][pcs-docs] | `pycodestyle` |
|
||||
@ -449,6 +451,7 @@ busted tests/
|
||||
[yamllint]: https://github.com/adrienverge/yamllint
|
||||
[cpplint]: https://github.com/cpplint/cpplint
|
||||
[proselint]: https://github.com/amperser/proselint
|
||||
[protolint]: https://github.com/yoheimuta/protolint
|
||||
[cmakelint]: https://github.com/cmake-lint/cmake-lint
|
||||
[rstcheck]: https://github.com/myint/rstcheck
|
||||
[rstlint]: https://github.com/twolfson/restructuredtext-lint
|
||||
@ -461,6 +464,7 @@ busted tests/
|
||||
[psalm]: https://psalm.dev/
|
||||
[lacheck]: https://www.ctan.org/tex-archive/support/lacheck
|
||||
[credo]: https://github.com/rrrene/credo
|
||||
[ghdl]: https://github.com/ghdl/ghdl
|
||||
[glslc]: https://github.com/google/shaderc
|
||||
[rubocop]: https://github.com/rubocop/rubocop
|
||||
[dxc]: https://github.com/microsoft/DirectXShaderCompiler
|
||||
|
||||
@ -1,11 +1,15 @@
|
||||
-- stdout output in the form "63: resourcs ==> resources, resource"
|
||||
local pattern = "(%d+): (.*)"
|
||||
local groups = { "lnum", "message" }
|
||||
local severities = nil -- none provided
|
||||
|
||||
return {
|
||||
cmd = 'codespell',
|
||||
stdin = false,
|
||||
args = { '--stdin-single-line', "-" },
|
||||
stdin = true,
|
||||
ignore_exitcode = true,
|
||||
parser = require('lint.parser').from_errorformat(
|
||||
'%f:%l:%m',
|
||||
{ severity = vim.diagnostic.severity.INFO,
|
||||
source = 'codespell'}
|
||||
)
|
||||
parser = require('lint.parser').from_pattern(pattern, groups, severities, {
|
||||
source = 'codespell',
|
||||
severity = vim.diagnostic.severity.INFO,
|
||||
}),
|
||||
}
|
||||
|
||||
@ -22,7 +22,7 @@ return {
|
||||
return vim.fn.expand("%:p")
|
||||
end,
|
||||
},
|
||||
stream = "stdout",
|
||||
stream = "both",
|
||||
ignore_exitcode = true,
|
||||
parser = function (output)
|
||||
local status, decoded = pcall(vim.json.decode, output)
|
||||
|
||||
@ -4,34 +4,59 @@ local severity_map = {
|
||||
["HIGH"] = vim.diagnostic.severity.ERROR,
|
||||
}
|
||||
|
||||
|
||||
return {
|
||||
cmd = "trivy",
|
||||
stdin = false,
|
||||
append_fname = true,
|
||||
args = { "--scanners", "config", "--format", "json", "fs" },
|
||||
args = { "--scanners", "misconfig", "--format", "json", "fs" },
|
||||
stream = "stdout",
|
||||
ignore_exitcode = false,
|
||||
parser = function(output, bufnr)
|
||||
local diagnostics = {}
|
||||
local ok, decoded = pcall(vim.json.decode, output)
|
||||
if not ok then
|
||||
return diagnostics
|
||||
end
|
||||
|
||||
-- example output:
|
||||
-- {
|
||||
-- "Results": [
|
||||
-- "Target": "<file path>",
|
||||
-- "Misconfigurations": [
|
||||
-- {
|
||||
-- "ID": "<nvim-lint code>",
|
||||
-- "Title": "<title>",
|
||||
-- "Description": "<description>",
|
||||
-- "Severity": "<LOW|MEDIUM|HIGH>",
|
||||
-- "CauseMetadata": {
|
||||
-- "StartLine": <line number>,
|
||||
-- "EndLine": <line number>,
|
||||
-- }
|
||||
-- }
|
||||
-- ]
|
||||
-- ]
|
||||
-- }
|
||||
local decoded = vim.json.decode(output)
|
||||
local fpath = vim.fn.fnamemodify(vim.api.nvim_buf_get_name(bufnr), ":t")
|
||||
|
||||
for _, result in ipairs(decoded and decoded.Results or {}) do
|
||||
-- trivy can return Results for other files; only report for current buffer
|
||||
--
|
||||
if result.Target == fpath then
|
||||
for _, misconfig in ipairs(result.Misconfigurations or {}) do
|
||||
local err = {
|
||||
local title = misconfig.Title or "<No Title>"
|
||||
local description = misconfig.Description or "<No Description>"
|
||||
local id = misconfig.ID or "<No ID>"
|
||||
local md = misconfig.CauseMetadata or {}
|
||||
local lnum = md.StartLine and md.StartLine - 1 or 0
|
||||
local end_lnum = md.EndLine and md.EndLine - 1 or 0
|
||||
table.insert(diagnostics, {
|
||||
source = "trivy",
|
||||
message = string.format("%s %s", misconfig.Title, misconfig.Description),
|
||||
col = misconfig.CauseMetadata.StartLine,
|
||||
end_col = misconfig.CauseMetadata.EndLine,
|
||||
lnum = misconfig.CauseMetadata.StartLine - 1,
|
||||
end_lnum = misconfig.CauseMetadata.EndLine - 1,
|
||||
code = misconfig.ID,
|
||||
severity = severity_map[misconfig.Severity],
|
||||
}
|
||||
table.insert(diagnostics, err)
|
||||
message = string.format("%s: %s", title, description),
|
||||
col = 0,
|
||||
end_col = 0,
|
||||
lnum = lnum,
|
||||
end_lnum = end_lnum,
|
||||
code = id,
|
||||
severity = severity_map[misconfig.Severity] or vim.diagnostic.severity.WARN,
|
||||
})
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
@ -87,11 +87,11 @@ describe("linter.trivy", function()
|
||||
local expected = {
|
||||
{
|
||||
source = "trivy",
|
||||
message = "A KMS key is not configured to auto-rotate. You should configure your KMS keys to auto rotate to maintain security and defend against compromise.",
|
||||
message = "A KMS key is not configured to auto-rotate.: You should configure your KMS keys to auto rotate to maintain security and defend against compromise.",
|
||||
lnum = 14,
|
||||
end_lnum = 14,
|
||||
col = 15,
|
||||
end_col = 15,
|
||||
col = 0,
|
||||
end_col = 0,
|
||||
severity = vim.diagnostic.severity.WARN,
|
||||
code = "AVD-AWS-0065",
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user