naveensrinivasan · October 10, 2022 23:52
diff --git a/main.go b/main.go
 package main

 import (
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"net/http"
 	"sync"
 	"sync/atomic"
 )

 type Scorecard struct {
 	Date string `json:"date"`
 	Repo struct {
 		Name   string `json:"name"`
 		Commit string `json:"commit"`
 	} `json:"repo"`
 	Scorecard struct {
 		Version string `json:"version"`
 		Commit  string `json:"commit"`
 	} `json:"scorecard"`
 	Score  float64 `json:"score"`
 	Checks []struct {
 		Name          string   `json:"name"`
 		Score         int      `json:"score,omitempty"`
 		Reason        string   `json:"reason"`
 		Details       []string `json:"details"`
 		Documentation struct {
 			Short string `json:"short"`
 			Url   string `json:"url"`
 		} `json:"documentation"`
 	} `json:"checks"`
 }

 func main() {
 	dependencies := []string{
 		"github.com/containerd/containerd",
 		"github.com/docker/docker",
 		"github.com/docker/libnetwork",
 		"github.com/docker/libtrust",
 		"github.com/docker/swarmkit",
 		"github.com/golang/protobuf",
 		"github.com/google/cadvisor",
 		"github.com/google/gofuzz"}
 	fmt.Println("Projects that are being maintained:")
 	var ops uint64
 	var wg sync.WaitGroup

 	for _, dep := range dependencies {
 		dependency := dep
 		wg.Add(1)
 		go func(dep string) {
 			defer wg.Done()
 			maintained, score, err := maintained(dependency)
 			if err != nil {
 				return
 			}
 			if maintained && score >= 7 {
 				atomic.AddUint64(&ops, 1)
 				fmt.Println(dependency, score)
 			}
 		}(dep)
 	}
 	wg.Wait()
 }

 // maintained checks if the dependency is maintained by checking the scorecard API
 func maintained(repo string) (bool, int, error) {
 	req, err := http.NewRequest("GET", fmt.Sprintf("https://api.securityscorecards.dev/projects/%s", repo), nil)
 	if err != nil {
 		return false, 0, err
 	}
 	req.Header.Set("Accept", "application/json")

 	resp, err := http.DefaultClient.Do(req)
 	if err != nil {
 		return false, 0, err
 	}
 	defer resp.Body.Close()
 	result, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
 		return false, 0, err
 	}
 	var scorecard Scorecard
 	err = json.Unmarshal(result, &scorecard)
 	if err != nil {
 		return true, 0, err
 	}
 	for _, check := range scorecard.Checks {
 		if check.Name == "Maintained" {
 			if check.Score >= 7 || check.Score < 0 {
 				return true, check.Score, nil
 			}
 			return false, 0, nil
 		}
 	}
 	return false, 0, nil
 }
	package main

	import (
	"encoding/json"
	"fmt"
	"io/ioutil"
	"net/http"
	"sync"
	"sync/atomic"
	)

	type Scorecard struct {
	Date string `json:"date"`
	Repo struct {
	Name string `json:"name"`
	Commit string `json:"commit"`
	} `json:"repo"`
	Scorecard struct {
	Version string `json:"version"`
	Commit string `json:"commit"`
	} `json:"scorecard"`
	Score float64 `json:"score"`
	Checks []struct {
	Name string `json:"name"`
	Score int `json:"score,omitempty"`
	Reason string `json:"reason"`
	Details []string `json:"details"`
	Documentation struct {
	Short string `json:"short"`
	Url string `json:"url"`
	} `json:"documentation"`
	} `json:"checks"`
	}

	func main() {
	dependencies := []string{
	"github.com/containerd/containerd",
	"github.com/docker/docker",
	"github.com/docker/libnetwork",
	"github.com/docker/libtrust",
	"github.com/docker/swarmkit",
	"github.com/golang/protobuf",
	"github.com/google/cadvisor",
	"github.com/google/gofuzz"}
	fmt.Println("Projects that are being maintained:")
	var ops uint64
	var wg sync.WaitGroup

	for _, dep := range dependencies {
	dependency := dep
	wg.Add(1)
	go func(dep string) {
	defer wg.Done()
	maintained, score, err := maintained(dependency)
	if err != nil {
	return
	}
	if maintained && score >= 7 {
	atomic.AddUint64(&ops, 1)
	fmt.Println(dependency, score)
	}
	}(dep)
	}
	wg.Wait()
	}

	// maintained checks if the dependency is maintained by checking the scorecard API
	func maintained(repo string) (bool, int, error) {
	req, err := http.NewRequest("GET", fmt.Sprintf("https://api.securityscorecards.dev/projects/%s", repo), nil)
	if err != nil {
	return false, 0, err
	}
	req.Header.Set("Accept", "application/json")

	resp, err := http.DefaultClient.Do(req)
	if err != nil {
	return false, 0, err
	}
	defer resp.Body.Close()
	result, err := ioutil.ReadAll(resp.Body)
	if err != nil {
	return false, 0, err
	}
	var scorecard Scorecard
	err = json.Unmarshal(result, &scorecard)
	if err != nil {
	return true, 0, err
	}
	for _, check := range scorecard.Checks {
	if check.Name == "Maintained" {
	if check.Score >= 7 \|\| check.Score < 0 {
	return true, check.Score, nil
	}
	return false, 0, nil
	}
	}
	return false, 0, nil
	}