refactor: deduplicate "versions exist" functions

Signed-off-by: Gareth Jones <[email protected]>

Author: G-Rath

tools/osv-linter/internal/pkgchecker/version_check.go

@@ -15,6 +15,63 @@ import (
 	"golang.org/x/mod/semver"
 )
 
+// Confirm that all specified versions of a package exist in a registry
+func versionsExistInGeneric(
+	pkg string,
+	versions []string,
+	eco string,
+	packageInstanceURL string,
+	releasesPath string,
+	versionsPath string,
+) error {
+	resp, err := faulttolerant.Get(packageInstanceURL)
+	if err != nil {
+		return fmt.Errorf("unable to validate package: %v", err)
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode != http.StatusOK {
+		return fmt.Errorf("unable to validate package: %q for %s", resp.Status, packageInstanceURL)
+	}
+
+	// Parse the known versions from the JSON.
+	respJSON, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return fmt.Errorf("unable to retrieve JSON for %q: %v", pkg, err)
+	}
+	// Fetch all known versions of package.
+	versionsInRepository := []string{}
+	releases := gjson.GetBytes(respJSON, releasesPath)
+	releases.ForEach(func(key, value gjson.Result) bool {
+		versionsInRepository = append(versionsInRepository, value.Get(versionsPath).String())
+		return true // keep iterating.
+	})
+	// Determine which referenced versions are missing.
+	versionsMissing := []string{}
+	for _, versionToCheckFor := range versions {
+		versionFound := false
+		vc, err := semantic.Parse(versionToCheckFor, "npm")
+		if err != nil {
+			versionsMissing = append(versionsMissing, versionToCheckFor)
+			continue
+		}
+		for _, pkgversion := range versionsInRepository {
+			if r, err := vc.CompareStr(pkgversion); r == 0 && err == nil {
+				versionFound = true
+				break
+			}
+		}
+		if versionFound {
+			continue
+		}
+		versionsMissing = append(versionsMissing, versionToCheckFor)
+	}
+	if len(versionsMissing) > 0 {
+		return &MissingVersionsError{Package: pkg, Ecosystem: eco, Missing: versionsMissing, Known: versionsInRepository}
+	}
+
+	return nil
+}
+
 // Confirm that all specified versions of a package exist in Go.
 func versionsExistInGo(pkg string, versions []string) error {
 	if pkg == "stdlib" || pkg == "toolchain" {
@@ -133,52 +190,12 @@ func goVersionsExist(versions []string) error {
 func versionsExistInPackagist(pkg string, versions []string) error {
 	packageInstanceURL := fmt.Sprintf("%s/%s.json", EcosystemBaseURLs["Packagist"], pkg)
 
-	resp, err := faulttolerant.Get(packageInstanceURL)
-	if err != nil {
-		return fmt.Errorf("unable to validate package: %v", err)
-	}
-	defer resp.Body.Close()
-	if resp.StatusCode != http.StatusOK {
-		return fmt.Errorf("unable to validate package: %q for %s", resp.Status, packageInstanceURL)
-	}
-
-	// Parse the known versions from the JSON.
-	respJSON, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return fmt.Errorf("unable to retrieve JSON for %q: %v", pkg, err)
-	}
-	// Fetch all known versions of package.
-	versionsInRepository := []string{}
-	releases := gjson.GetBytes(respJSON, fmt.Sprintf("packages.%s", pkg))
-	releases.ForEach(func(key, value gjson.Result) bool {
-		versionsInRepository = append(versionsInRepository, value.Get("version").String())
-		return true // keep iterating.
-	})
-	// Determine which referenced versions are missing.
-	versionsMissing := []string{}
-	for _, versionToCheckFor := range versions {
-		versionFound := false
-		vc, err := semantic.Parse(versionToCheckFor, "Packagist")
-		if err != nil {
-			versionsMissing = append(versionsMissing, versionToCheckFor)
-			continue
-		}
-		for _, pkgversion := range versionsInRepository {
-			if r, err := vc.CompareStr(pkgversion); r == 0 && err == nil {
-				versionFound = true
-				break
-			}
-		}
-		if versionFound {
-			continue
-		}
-		versionsMissing = append(versionsMissing, versionToCheckFor)
-	}
-	if len(versionsMissing) > 0 {
-		return &MissingVersionsError{Package: pkg, Ecosystem: "Packagist", Missing: versionsMissing, Known: versionsInRepository}
-	}
-
-	return nil
+	return versionsExistInGeneric(
+		pkg, versions,
+		"Packagist",
+		packageInstanceURL,
+		fmt.Sprintf("packages.%s", pkg), "version",
+	)
 }
 
 // Confirm that all specified versions of a package exist in PyPI.
@@ -188,103 +205,22 @@ func versionsExistInPyPI(pkg string, versions []string) error {
 	pkgNormalized := strings.ToLower(pythonNormalizationRegex.ReplaceAllString(pkg, "-"))
 	packageInstanceURL := fmt.Sprintf("%s/%s/json", EcosystemBaseURLs["PyPI"], pkgNormalized)
 
-	// This 404's for non-existent packages.
-	resp, err := faulttolerant.Get(packageInstanceURL)
-	if err != nil {
-		return fmt.Errorf("unable to validate package: %v", err)
-	}
-	defer resp.Body.Close()
-	if resp.StatusCode != http.StatusOK {
-		return fmt.Errorf("unable to validate package: %q for %s", resp.Status, packageInstanceURL)
-	}
-
-	// Parse the known versions from the JSON.
-	respJSON, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return fmt.Errorf("unable to retrieve JSON for %q: %v", pkg, err)
-	}
-	// Fetch all known versions of package.
-	versionsInPyPy := []string{}
-	releases := gjson.GetBytes(respJSON, "releases.@keys")
-	releases.ForEach(func(key, value gjson.Result) bool {
-		versionsInPyPy = append(versionsInPyPy, value.String())
-		return true // keep iterating.
-	})
-	// Determine which referenced versions are missing.
-	versionsMissing := []string{}
-	for _, versionToCheckFor := range versions {
-		versionFound := false
-		vc, err := semantic.Parse(versionToCheckFor, "PyPI")
-		if err != nil {
-			versionsMissing = append(versionsMissing, versionToCheckFor)
-			continue
-		}
-		for _, pkgversion := range versionsInPyPy {
-			if r, err := vc.CompareStr(pkgversion); r == 0 && err == nil {
-				versionFound = true
-				break
-			}
-		}
-		if versionFound {
-			continue
-		}
-		versionsMissing = append(versionsMissing, versionToCheckFor)
-	}
-	if len(versionsMissing) > 0 {
-		return &MissingVersionsError{Package: pkg, Ecosystem: "PyPI", Missing: versionsMissing, Known: versionsInPyPy}
-	}
-
-	return nil
+	return versionsExistInGeneric(
+		pkg, versions,
+		"PyPI",
+		packageInstanceURL,
+		"releases.@keys", "@this",
+	)
 }
 
 // Confirm that all specified versions of a package exist in RubyGems.
 func versionsExistInRubyGems(pkg string, versions []string) error {
 	packageInstanceURL := fmt.Sprintf("%s/versions/%s.json", EcosystemBaseURLs["RubyGems"], pkg)
 
-	resp, err := faulttolerant.Get(packageInstanceURL)
-	if err != nil {
-		return fmt.Errorf("unable to validate package: %v", err)
-	}
-	defer resp.Body.Close()
-	if resp.StatusCode != http.StatusOK {
-		return fmt.Errorf("unable to validate package: %q for %s", resp.Status, packageInstanceURL)
-	}
-
-	// Parse the known versions from the JSON.
-	respJSON, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return fmt.Errorf("unable to retrieve JSON for %q: %v", pkg, err)
-	}
-	// Fetch all known versions of package.
-	versionsInRepository := []string{}
-	releases := gjson.GetBytes(respJSON, "@this")
-	releases.ForEach(func(key, value gjson.Result) bool {
-		versionsInRepository = append(versionsInRepository, value.Get("number").String())
-		return true // keep iterating.
-	})
-	// Determine which referenced versions are missing.
-	versionsMissing := []string{}
-	for _, versionToCheckFor := range versions {
-		versionFound := false
-		vc, err := semantic.Parse(versionToCheckFor, "RubyGems")
-		if err != nil {
-			versionsMissing = append(versionsMissing, versionToCheckFor)
-			continue
-		}
-		for _, pkgversion := range versionsInRepository {
-			if r, err := vc.CompareStr(pkgversion); r == 0 && err == nil {
-				versionFound = true
-				break
-			}
-		}
-		if versionFound {
-			continue
-		}
-		versionsMissing = append(versionsMissing, versionToCheckFor)
-	}
-	if len(versionsMissing) > 0 {
-		return &MissingVersionsError{Package: pkg, Ecosystem: "RubyGems", Missing: versionsMissing, Known: versionsInRepository}
-	}
-
-	return nil
+	return versionsExistInGeneric(
+		pkg, versions,
+		"RubyGems",
+		packageInstanceURL,
+		"@this", "number",
+	)
 }