diff --git a/apps/cnspec/cmd/scan.go b/apps/cnspec/cmd/scan.go index b19ffc6f..af4edf90 100644 --- a/apps/cnspec/cmd/scan.go +++ b/apps/cnspec/cmd/scan.go @@ -19,6 +19,7 @@ import ( "go.mondoo.com/cnquery/v9/cli/inventoryloader" "go.mondoo.com/cnquery/v9/cli/theme" "go.mondoo.com/cnquery/v9/logger" + "go.mondoo.com/cnquery/v9/mqlc" "go.mondoo.com/cnquery/v9/providers" "go.mondoo.com/cnquery/v9/providers-sdk/v1/inventory" "go.mondoo.com/cnquery/v9/providers-sdk/v1/plugin" @@ -347,9 +348,10 @@ func (c *scanConfig) loadPolicies(ctx context.Context) error { } bundle.ConvertQuerypacks() + conf := mqlc.NewConfig(c.runtime.Schema(), cnquery.DefaultFeatures) _, err = bundle.CompileExt(ctx, policy.BundleCompileConf{ - Schema: c.runtime.Schema(), + CompilerConfig: conf, // We don't care about failing queries for local runs. We may only // process a subset of all the queries in the bundle. When we receive // things from the server, upstream can filter things for us. But running diff --git a/go.mod b/go.mod index 913814ba..511681b7 100644 --- a/go.mod +++ b/go.mod @@ -32,7 +32,7 @@ require ( github.com/spf13/pflag v1.0.6-0.20201009195203-85dd5c8bc61c github.com/spf13/viper v1.18.2 github.com/stretchr/testify v1.8.4 - go.mondoo.com/cnquery/v9 v9.14.1-0.20240110175418-0e7903cd2b5a + go.mondoo.com/cnquery/v9 v9.14.1-0.20240112183847-ed5ecf03a6f9 go.mondoo.com/mondoo-go v0.0.0-20240103050411-fa7e920c6784 go.mondoo.com/ranger-rpc v0.5.3 go.opentelemetry.io/otel v1.21.0 @@ -65,13 +65,13 @@ require ( github.com/BurntSushi/toml v1.3.2 // indirect github.com/CycloneDX/cyclonedx-go v0.8.0 // indirect github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24 // indirect - github.com/GaijinEntertainment/go-exhaustruct/v3 v3.1.0 // indirect + github.com/GaijinEntertainment/go-exhaustruct/v3 v3.2.0 // indirect github.com/GoogleCloudPlatform/berglas v1.0.3 // indirect github.com/Microsoft/go-winio v0.6.1 // indirect github.com/OpenPeeDeeP/depguard/v2 v2.2.0 // indirect github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c // indirect github.com/StackExchange/wmi v1.2.1 // indirect - github.com/alecthomas/go-check-sumtype v0.1.3 // indirect + github.com/alecthomas/go-check-sumtype v0.1.4 // indirect github.com/alecthomas/participle v0.3.0 // indirect github.com/alecthomas/participle/v2 v2.1.1 // indirect github.com/alexkohler/nakedret/v2 v2.0.2 // indirect @@ -118,7 +118,7 @@ require ( github.com/butuzov/ireturn v0.2.2 // indirect github.com/butuzov/mirror v1.1.0 // indirect github.com/c-bata/go-prompt v0.2.6 // indirect - github.com/catenacyber/perfsprint v0.4.0 // indirect + github.com/catenacyber/perfsprint v0.5.0 // indirect github.com/ccojocar/zxcvbn-go v1.0.1 // indirect github.com/cenkalti/backoff/v3 v3.2.2 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect @@ -136,7 +136,7 @@ require ( github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf // indirect github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect github.com/curioswitch/go-reassign v0.2.0 // indirect - github.com/daixiang0/gci v0.11.2 // indirect + github.com/daixiang0/gci v0.12.1 // indirect github.com/danieljoos/wincred v1.2.1 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/denis-tingaikin/go-header v0.4.3 // indirect @@ -161,14 +161,14 @@ require ( github.com/getsentry/sentry-go v0.25.0 // indirect github.com/ghostiam/protogetter v0.3.3 // indirect github.com/glebarez/go-sqlite v1.22.0 // indirect - github.com/go-critic/go-critic v0.9.0 // indirect + github.com/go-critic/go-critic v0.11.0 // indirect github.com/go-jose/go-jose/v3 v3.0.1 // indirect github.com/go-logr/logr v1.4.1 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-ole/go-ole v1.3.0 // indirect github.com/go-toolsmith/astcast v1.1.0 // indirect github.com/go-toolsmith/astcopy v1.1.0 // indirect - github.com/go-toolsmith/astequal v1.1.0 // indirect + github.com/go-toolsmith/astequal v1.2.0 // indirect github.com/go-toolsmith/astfmt v1.1.0 // indirect github.com/go-toolsmith/astp v1.1.0 // indirect github.com/go-toolsmith/strparse v1.1.0 // indirect @@ -241,7 +241,7 @@ require ( github.com/kr/pretty v0.3.1 // indirect github.com/kr/text v0.2.0 // indirect github.com/kulti/thelper v0.6.3 // indirect - github.com/kunwardeep/paralleltest v1.0.8 // indirect + github.com/kunwardeep/paralleltest v1.0.9 // indirect github.com/kyoh86/exportloopref v0.1.11 // indirect github.com/ldez/gomoddirectives v0.2.3 // indirect github.com/ldez/tagliatelle v0.5.0 // indirect @@ -249,18 +249,17 @@ require ( github.com/lithammer/fuzzysearch v1.1.8 // indirect github.com/lucasb-eyer/go-colorful v1.2.0 // indirect github.com/lufeee/execinquery v1.2.1 // indirect - github.com/macabu/inamedparam v0.1.2 // indirect + github.com/macabu/inamedparam v0.1.3 // indirect github.com/magiconair/properties v1.8.7 // indirect github.com/maratori/testableexamples v1.0.0 // indirect github.com/maratori/testpackage v1.1.1 // indirect - github.com/matoous/godox v0.0.0-20230222163458-006bad1f9d26 // indirect + github.com/matoous/godox v0.0.0-20240105082147-c5b5e0e7c0c0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-localereader v0.0.1 // indirect github.com/mattn/go-runewidth v0.0.15 // indirect github.com/mattn/go-tty v0.0.5 // indirect - github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect github.com/mbilski/exhaustivestruct v1.2.0 // indirect - github.com/mgechev/revive v1.3.4 // indirect + github.com/mgechev/revive v1.3.6 // indirect github.com/miekg/dns v1.1.57 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect @@ -273,7 +272,7 @@ require ( github.com/nakabonne/nestif v0.3.1 // indirect github.com/nishanths/exhaustive v0.12.0 // indirect github.com/nishanths/predeclared v0.2.2 // indirect - github.com/nunnatsa/ginkgolinter v0.14.1 // indirect + github.com/nunnatsa/ginkgolinter v0.15.2 // indirect github.com/oklog/run v1.1.0 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0-rc5 // indirect @@ -283,10 +282,10 @@ require ( github.com/pkg/sftp v1.13.6 // indirect github.com/pkg/term v1.2.0-beta.2 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - github.com/polyfloyd/go-errorlint v1.4.5 // indirect - github.com/prometheus/client_golang v1.17.0 // indirect + github.com/polyfloyd/go-errorlint v1.4.7 // indirect + github.com/prometheus/client_golang v1.18.0 // indirect github.com/prometheus/client_model v0.5.0 // indirect - github.com/prometheus/common v0.45.0 // indirect + github.com/prometheus/common v0.46.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect github.com/quasilyte/go-ruleguard v0.4.0 // indirect github.com/quasilyte/gogrep v0.5.0 // indirect @@ -339,9 +338,9 @@ require ( github.com/xen0n/gosmopolitan v1.2.2 // indirect github.com/yagipy/maintidx v1.0.0 // indirect github.com/yeya24/promlinter v0.2.0 // indirect - github.com/ykadowak/zerologlint v0.1.4 // indirect + github.com/ykadowak/zerologlint v0.1.5 // indirect gitlab.com/bosi/decorder v0.4.1 // indirect - go-simpler.org/sloglint v0.3.0 // indirect + go-simpler.org/sloglint v0.4.0 // indirect go.opencensus.io v0.24.0 // indirect go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 // indirect @@ -351,8 +350,8 @@ require ( go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.26.0 // indirect golang.org/x/crypto v0.18.0 // indirect - golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc // indirect - golang.org/x/exp/typeparams v0.0.0-20231127185646-65229373498e // indirect + golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3 // indirect + golang.org/x/exp/typeparams v0.0.0-20240112132812-db7319d0e0e3 // indirect golang.org/x/mod v0.14.0 // indirect golang.org/x/net v0.20.0 // indirect golang.org/x/oauth2 v0.16.0 // indirect @@ -360,7 +359,7 @@ require ( golang.org/x/term v0.16.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.5.0 // indirect - golang.org/x/tools v0.16.1 // indirect + golang.org/x/tools v0.17.0 // indirect golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect google.golang.org/api v0.155.0 // indirect google.golang.org/appengine v1.6.8 // indirect @@ -386,7 +385,7 @@ require ( mvdan.cc/gofumpt v0.5.0 // indirect mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed // indirect mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b // indirect - mvdan.cc/unparam v0.0.0-20230917202934-3ee2d22f45fb // indirect + mvdan.cc/unparam v0.0.0-20240104100049-c549a3470d14 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) diff --git a/go.sum b/go.sum index a007b7f3..b9088270 100644 --- a/go.sum +++ b/go.sum @@ -92,8 +92,8 @@ github.com/CycloneDX/cyclonedx-go v0.8.0/go.mod h1:K2bA+324+Og0X84fA8HhN2X066K7B github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24 h1:sHglBQTwgx+rWPdisA5ynNEsoARbiCBOyGcJM4/OzsM= github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24/go.mod h1:4UJr5HIiMZrwgkSPdsjy2uOQExX/WEILpIrO9UPGuXs= -github.com/GaijinEntertainment/go-exhaustruct/v3 v3.1.0 h1:3ZBs7LAezy8gh0uECsA6CGU43FF3zsx5f4eah5FxTMA= -github.com/GaijinEntertainment/go-exhaustruct/v3 v3.1.0/go.mod h1:rZLTje5A9kFBe0pzhpe2TdhRniBF++PRHQuRpR8esVc= +github.com/GaijinEntertainment/go-exhaustruct/v3 v3.2.0 h1:sATXp1x6/axKxz2Gjxv8MALP0bXaNRfQinEwyfMcx8c= +github.com/GaijinEntertainment/go-exhaustruct/v3 v3.2.0/go.mod h1:Nl76DrGNJTA1KJ0LePKBw/vznBX1EHbAZX8mwjR82nI= github.com/GoogleCloudPlatform/berglas v1.0.3 h1:NjJYDz13vWct7+joxkBkIZhD6Cmwf5XP5t0jGTvHyJk= github.com/GoogleCloudPlatform/berglas v1.0.3/go.mod h1:JBsGyi6Z5RwyHXMdEebok6MChukLE+dWXzPor2aeMtw= github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= @@ -109,8 +109,8 @@ github.com/StackExchange/wmi v1.2.1 h1:VIkavFPXSjcnS+O8yTq7NI32k0R5Aj+v39y29VYDO github.com/StackExchange/wmi v1.2.1/go.mod h1:rcmrprowKIVzvc+NUiLncP2uuArMWLCbu9SBzvHz7e8= github.com/alecthomas/assert/v2 v2.3.0 h1:mAsH2wmvjsuvyBvAmCtm7zFsBlb8mIHx5ySLVdDZXL0= github.com/alecthomas/assert/v2 v2.3.0/go.mod h1:pXcQ2Asjp247dahGEmsZ6ru0UVwnkhktn7S0bBDLxvQ= -github.com/alecthomas/go-check-sumtype v0.1.3 h1:M+tqMxB68hcgccRXBMVCPI4UJ+QUfdSx0xdbypKCqA8= -github.com/alecthomas/go-check-sumtype v0.1.3/go.mod h1:WyYPfhfkdhyrdaligV6svFopZV8Lqdzn5pyVBaV6jhQ= +github.com/alecthomas/go-check-sumtype v0.1.4 h1:WCvlB3l5Vq5dZQTFmodqL2g68uHiSwwlWcT5a2FGK0c= +github.com/alecthomas/go-check-sumtype v0.1.4/go.mod h1:WyYPfhfkdhyrdaligV6svFopZV8Lqdzn5pyVBaV6jhQ= github.com/alecthomas/participle v0.3.0 h1:e8vhrYR1nDjzDxyDwpLO27TWOYWilaT+glkwbPadj50= github.com/alecthomas/participle v0.3.0/go.mod h1:SW6HZGeZgSIpcUWX3fXpfZhuaWHnmoD5KCVaqSaNTkk= github.com/alecthomas/participle/v2 v2.1.1 h1:hrjKESvSqGHzRb4yW1ciisFJ4p3MGYih6icjJvbsmV8= @@ -230,8 +230,8 @@ github.com/butuzov/mirror v1.1.0/go.mod h1:8Q0BdQU6rC6WILDiBM60DBfvV78OLJmMmixe7 github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/c-bata/go-prompt v0.2.6 h1:POP+nrHE+DfLYx370bedwNhsqmpCUynWPxuHi0C5vZI= github.com/c-bata/go-prompt v0.2.6/go.mod h1:/LMAke8wD2FsNu9EXNdHxNLbd9MedkPnCdfpU9wwHfY= -github.com/catenacyber/perfsprint v0.4.0 h1:ZwECTVWzrJ4oW94r2OEiNEO+RKWXSibEZBPd6HkrGl4= -github.com/catenacyber/perfsprint v0.4.0/go.mod h1:/wclWYompEyjUD2FuIIDVKNkqz7IgBIWXIH3V0Zol50= +github.com/catenacyber/perfsprint v0.5.0 h1:FNBJRKm2Lar44u1s7DUfpbiY4iN2LmnK6THY3d5rL40= +github.com/catenacyber/perfsprint v0.5.0/go.mod h1:/wclWYompEyjUD2FuIIDVKNkqz7IgBIWXIH3V0Zol50= github.com/ccojocar/zxcvbn-go v1.0.1 h1:+sxrANSCj6CdadkcMnvde/GWU1vZiiXRbqYSCalV4/4= github.com/ccojocar/zxcvbn-go v1.0.1/go.mod h1:g1qkXtUSvHP8lhHp5GrSmTz6uWALGRMQdw6Qnz/hi60= github.com/cenkalti/backoff/v3 v3.2.2 h1:cfUAAO3yvKMYKPrvhDuHSwQnhZNk/RMHKdZqKTxfm6M= @@ -300,8 +300,8 @@ github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/curioswitch/go-reassign v0.2.0 h1:G9UZyOcpk/d7Gd6mqYgd8XYWFMw/znxwGDUstnC9DIo= github.com/curioswitch/go-reassign v0.2.0/go.mod h1:x6OpXuWvgfQaMGks2BZybTngWjT84hqJfKoO8Tt/Roc= -github.com/daixiang0/gci v0.11.2 h1:Oji+oPsp3bQ6bNNgX30NBAVT18P4uBH4sRZnlOlTj7Y= -github.com/daixiang0/gci v0.11.2/go.mod h1:xtHP9N7AHdNvtRNfcx9gwTDfw7FRJx4bZUsiEfiNNAI= +github.com/daixiang0/gci v0.12.1 h1:ugsG+KRYny1VK4oqrX4Vtj70bo4akYKa0tgT1DXMYiY= +github.com/daixiang0/gci v0.12.1/go.mod h1:xtHP9N7AHdNvtRNfcx9gwTDfw7FRJx4bZUsiEfiNNAI= github.com/danieljoos/wincred v1.2.1 h1:dl9cBrupW8+r5250DYkYxocLeZ1Y4vB1kxgtjxw8GQs= github.com/danieljoos/wincred v1.2.1/go.mod h1:uGaFL9fDn3OLTvzCGulzE+SzjEe5NGlh5FdCcyfPwps= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -374,8 +374,8 @@ github.com/ghostiam/protogetter v0.3.3 h1:EvOuzB/SEifg/c4aMnwcj033Qc1lHO7Yz4QnBD github.com/ghostiam/protogetter v0.3.3/go.mod h1:A0JgIhs0fgVnotGinjQiKaFVG3waItLJNwPmcMzDnvk= github.com/glebarez/go-sqlite v1.22.0 h1:uAcMJhaA6r3LHMTFgP0SifzgXg46yJkgxqyuyec+ruQ= github.com/glebarez/go-sqlite v1.22.0/go.mod h1:PlBIdHe0+aUEFn+r2/uthrWq4FxbzugL0L8Li6yQJbc= -github.com/go-critic/go-critic v0.9.0 h1:Pmys9qvU3pSML/3GEQ2Xd9RZ/ip+aXHKILuxczKGV/U= -github.com/go-critic/go-critic v0.9.0/go.mod h1:5P8tdXL7m/6qnyG6oRAlYLORvoXH0WDypYgAEmagT40= +github.com/go-critic/go-critic v0.11.0 h1:mARtIFX7jPtJ3SzxO9Isa5T2jd2dZxFmQHK3yNf0wrE= +github.com/go-critic/go-critic v0.11.0/go.mod h1:Cz6lr1PlkIu/0Y0U9KqJgcIJJECAF8mEwmzVjKnhbfI= github.com/go-errors/errors v1.5.0 h1:/EuijeGOu7ckFxzhkj4CXJ8JaenxK7bKUxpPYqeLHqQ= github.com/go-errors/errors v1.5.0/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -409,8 +409,9 @@ github.com/go-toolsmith/astcast v1.1.0/go.mod h1:qdcuFWeGGS2xX5bLM/c3U9lewg7+Zu4 github.com/go-toolsmith/astcopy v1.1.0 h1:YGwBN0WM+ekI/6SS6+52zLDEf8Yvp3n2seZITCUBt5s= github.com/go-toolsmith/astcopy v1.1.0/go.mod h1:hXM6gan18VA1T/daUEHCFcYiW8Ai1tIwIzHY6srfEAw= github.com/go-toolsmith/astequal v1.0.3/go.mod h1:9Ai4UglvtR+4up+bAD4+hCj7iTo4m/OXVTSLnCyTAx4= -github.com/go-toolsmith/astequal v1.1.0 h1:kHKm1AWqClYn15R0K1KKE4RG614D46n+nqUQ06E1dTw= github.com/go-toolsmith/astequal v1.1.0/go.mod h1:sedf7VIdCL22LD8qIvv7Nn9MuWJruQA/ysswh64lffQ= +github.com/go-toolsmith/astequal v1.2.0 h1:3Fs3CYZ1k9Vo4FzFhwwewC3CHISHDnVUPC4x0bI2+Cw= +github.com/go-toolsmith/astequal v1.2.0/go.mod h1:c8NZ3+kSFtFY/8lPso4v8LuJjdJiUFVnSuU3s0qrrDY= github.com/go-toolsmith/astfmt v1.1.0 h1:iJVPDPp6/7AaeLJEruMsBUlOYCmvg0MoCfJprsOmcco= github.com/go-toolsmith/astfmt v1.1.0/go.mod h1:OrcLlRwu0CuiIBp/8b5PYF9ktGVZUjlNMV634mhwuQ4= github.com/go-toolsmith/astp v1.1.0 h1:dXPuCl6u2llURjdPLLDxJeZInAeZ0/eZwFJmqZMnpQA= @@ -719,8 +720,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kulti/thelper v0.6.3 h1:ElhKf+AlItIu+xGnI990no4cE2+XaSu1ULymV2Yulxs= github.com/kulti/thelper v0.6.3/go.mod h1:DsqKShOvP40epevkFrvIwkCMNYxMeTNjdWL4dqWHZ6I= -github.com/kunwardeep/paralleltest v1.0.8 h1:Ul2KsqtzFxTlSU7IP0JusWlLiNqQaloB9vguyjbE558= -github.com/kunwardeep/paralleltest v1.0.8/go.mod h1:2C7s65hONVqY7Q5Efj5aLzRCNLjw2h4eMc9EcypGjcY= +github.com/kunwardeep/paralleltest v1.0.9 h1:3Sr2IfFNcsMmlqPk1cjTUbJ4zofKPGyHxenwPebgTug= +github.com/kunwardeep/paralleltest v1.0.9/go.mod h1:2C7s65hONVqY7Q5Efj5aLzRCNLjw2h4eMc9EcypGjcY= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/kyoh86/exportloopref v0.1.11 h1:1Z0bcmTypkL3Q4k+IDHMWTcnCliEZcaPiIe0/ymEyhQ= @@ -738,8 +739,8 @@ github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i github.com/lufeee/execinquery v1.2.1 h1:hf0Ems4SHcUGBxpGN7Jz78z1ppVkP/837ZlETPCEtOM= github.com/lufeee/execinquery v1.2.1/go.mod h1:EC7DrEKView09ocscGHC+apXMIaorh4xqSxS/dy8SbM= github.com/lyft/protoc-gen-star v0.5.3/go.mod h1:V0xaHgaf5oCCqmcxYcWiDfTiKsZsRc87/1qhoTACD8w= -github.com/macabu/inamedparam v0.1.2 h1:RR5cnayM6Q7cDhQol32DE2BGAPGMnffJ31LFE+UklaU= -github.com/macabu/inamedparam v0.1.2/go.mod h1:Xg25QvY7IBRl1KLPV9Rbml8JOMZtF/iAkNkmV7eQgjw= +github.com/macabu/inamedparam v0.1.3 h1:2tk/phHkMlEL/1GNe/Yf6kkR/hkcUdAEY3L0hjYV1Mk= +github.com/macabu/inamedparam v0.1.3/go.mod h1:93FLICAIk/quk7eaPPQvbzihUdn/QkGDwIZEoLtpH6I= github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= @@ -747,8 +748,8 @@ github.com/maratori/testableexamples v1.0.0 h1:dU5alXRrD8WKSjOUnmJZuzdxWOEQ57+7s github.com/maratori/testableexamples v1.0.0/go.mod h1:4rhjL1n20TUTT4vdh3RDqSizKLyXp7K2u6HgraZCGzE= github.com/maratori/testpackage v1.1.1 h1:S58XVV5AD7HADMmD0fNnziNHqKvSdDuEKdPD1rNTU04= github.com/maratori/testpackage v1.1.1/go.mod h1:s4gRK/ym6AMrqpOa/kEbQTV4Q4jb7WeLZzVhVVVOQMc= -github.com/matoous/godox v0.0.0-20230222163458-006bad1f9d26 h1:gWg6ZQ4JhDfJPqlo2srm/LN17lpybq15AryXIRcWYLE= -github.com/matoous/godox v0.0.0-20230222163458-006bad1f9d26/go.mod h1:1BELzlh859Sh1c6+90blK8lbYy0kwQf1bYlBhBysy1s= +github.com/matoous/godox v0.0.0-20240105082147-c5b5e0e7c0c0 h1:Ny7cm4KSWceJLYyI1sm+aFIVDWSGXLcOJ0O0UaS5wdU= +github.com/matoous/godox v0.0.0-20240105082147-c5b5e0e7c0c0/go.mod h1:jgE/3fUXiTurkdHOLT5WEkThTSuE7yxHv5iWPa80afs= github.com/matryer/is v1.4.0 h1:sosSmIWwkYITGrxZ25ULNDeKiMNzFSr4V/eqBQP0PeE= github.com/matryer/is v1.4.0/go.mod h1:8I/i5uYgLzgsgEloJE1U6xx5HkBQpAZvepWuujKwMRU= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= @@ -781,12 +782,10 @@ github.com/mattn/go-tty v0.0.3/go.mod h1:ihxohKRERHTVzN+aSVRwACLCeqIoZAWpoICkkvr github.com/mattn/go-tty v0.0.5 h1:s09uXI7yDbXzzTTfw3zonKFzwGkyYlgU3OMjqA0ddz4= github.com/mattn/go-tty v0.0.5/go.mod h1:u5GGXBtZU6RQoKV8gY5W6UhMudbR5vXnUe7j3pxse28= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= -github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= github.com/mbilski/exhaustivestruct v1.2.0 h1:wCBmUnSYufAHO6J4AVWY6ff+oxWxsVFrwgOdMUQePUo= github.com/mbilski/exhaustivestruct v1.2.0/go.mod h1:OeTBVxQWoEmB2J2JCHmXWPJ0aksxSUOUy+nvtVEfzXc= -github.com/mgechev/revive v1.3.4 h1:k/tO3XTaWY4DEHal9tWBkkUMJYO/dLDVyMmAQxmIMDc= -github.com/mgechev/revive v1.3.4/go.mod h1:W+pZCMu9qj8Uhfs1iJMQsEFLRozUfvwFwqVvRbSNLVw= +github.com/mgechev/revive v1.3.6 h1:ZNKZiHb/LciAqzwa/9HnwI8S/OJutYhMvaqgMT1Ylgo= +github.com/mgechev/revive v1.3.6/go.mod h1:75Je+5jKBgdgADNzGhsq7H5J6CmyXSzEk9eLOU4i8Pg= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= @@ -837,8 +836,8 @@ github.com/nishanths/exhaustive v0.12.0 h1:vIY9sALmw6T/yxiASewa4TQcFsVYZQQRUQJhK github.com/nishanths/exhaustive v0.12.0/go.mod h1:mEZ95wPIZW+x8kC4TgC+9YCUgiST7ecevsVDTgc2obs= github.com/nishanths/predeclared v0.2.2 h1:V2EPdZPliZymNAn79T8RkNApBjMmVKh5XRpLm/w98Vk= github.com/nishanths/predeclared v0.2.2/go.mod h1:RROzoN6TnGQupbC+lqggsOlcgysk3LMK/HI84Mp280c= -github.com/nunnatsa/ginkgolinter v0.14.1 h1:khx0CqR5U4ghsscjJ+lZVthp3zjIFytRXPTaQ/TMiyA= -github.com/nunnatsa/ginkgolinter v0.14.1/go.mod h1:nY0pafUSst7v7F637e7fymaMlQqI9c0Wka2fGsDkzWg= +github.com/nunnatsa/ginkgolinter v0.15.2 h1:N2ORxUxPU56R9gsfLIlVVvCv/V/VVou5qVI1oBKBNHg= +github.com/nunnatsa/ginkgolinter v0.15.2/go.mod h1:oYxE7dt1vZI8cK2rZOs3RgTaBN2vggkqnENmoJ8kVvc= github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA= github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= @@ -852,8 +851,8 @@ github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3I github.com/opencontainers/image-spec v1.1.0-rc5 h1:Ygwkfw9bpDvs+c9E34SdgGOj41dX/cbdlwvlWt0pnFI= github.com/opencontainers/image-spec v1.1.0-rc5/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8= github.com/otiai10/copy v1.2.0/go.mod h1:rrF5dJ5F0t/EWSYODDu4j9/vEeYHMkc8jt0zJChqQWw= -github.com/otiai10/copy v1.11.0 h1:OKBD80J/mLBrwnzXqGtFCzprFSGioo30JcmR4APsNwc= -github.com/otiai10/copy v1.11.0/go.mod h1:rSaLseMUsZFFbsFGc7wCJnnkTAvdc5L6VWxPE4308Ww= +github.com/otiai10/copy v1.14.0 h1:dCI/t1iTdYGtkvCuBG2BgR6KZa83PTclw4U5n2wAllU= +github.com/otiai10/copy v1.14.0/go.mod h1:ECfuL02W+/FkTWZWgQqXPWZgW9oeKCSQ5qVfSc4qc4w= github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE= github.com/otiai10/curr v1.0.0/go.mod h1:LskTG5wDwr8Rs+nNQ+1LlxRjAtTZZjtJW4rMXl6j4vs= github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT91xUo= @@ -885,8 +884,8 @@ github.com/pkg/term v1.2.0-beta.2/go.mod h1:E25nymQcrSllhX42Ok8MRm1+hyBdHY0dCeiK github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/polyfloyd/go-errorlint v1.4.5 h1:70YWmMy4FgRHehGNOUask3HtSFSOLKgmDn7ryNe7LqI= -github.com/polyfloyd/go-errorlint v1.4.5/go.mod h1:sIZEbFoDOCnTYYZoVkjc4hTnM459tuWA9H/EkdXwsKk= +github.com/polyfloyd/go-errorlint v1.4.7 h1:BI/hD59Rpapkj68yQsOF3ai9UkGDRrWgO47eqt38RKY= +github.com/polyfloyd/go-errorlint v1.4.7/go.mod h1:WGkLzUkLXGGr6BfD33l7yRidBa+T+8xB8TupCpId2ZE= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= @@ -895,8 +894,8 @@ github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3O github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= -github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q= -github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY= +github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk= +github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= @@ -908,8 +907,8 @@ github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8b github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= -github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= -github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= +github.com/prometheus/common v0.46.0 h1:doXzt5ybi1HBKpsZOL0sSkaNHJJqkyfEWZGGqqScV0Y= +github.com/prometheus/common v0.46.0/go.mod h1:Tp0qkxpb9Jsg54QMe+EAmqXkSV7Evdy1BTn+g2pa/hQ= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= @@ -1095,8 +1094,8 @@ github.com/yagipy/maintidx v1.0.0 h1:h5NvIsCz+nRDapQ0exNv4aJ0yXSI0420omVANTv3GJM github.com/yagipy/maintidx v1.0.0/go.mod h1:0qNf/I/CCZXSMhsRsrEPDZ+DkekpKLXAJfsTACwgXLk= github.com/yeya24/promlinter v0.2.0 h1:xFKDQ82orCU5jQujdaD8stOHiv8UN68BSdn2a8u8Y3o= github.com/yeya24/promlinter v0.2.0/go.mod h1:u54lkmBOZrpEbQQ6gox2zWKKLKu2SGe+2KOiextY+IA= -github.com/ykadowak/zerologlint v0.1.4 h1:Ukro8Cv8RL4QZJWHtz7J7u9veyI5t6s3jd+c6j0dSW0= -github.com/ykadowak/zerologlint v0.1.4/go.mod h1:KaUskqF3e/v59oPmdq1U1DnKcuHokl2/K1U4pmIELKg= +github.com/ykadowak/zerologlint v0.1.5 h1:Gy/fMz1dFQN9JZTPjv1hxEk+sRWm05row04Yoolgdiw= +github.com/ykadowak/zerologlint v0.1.5/go.mod h1:KaUskqF3e/v59oPmdq1U1DnKcuHokl2/K1U4pmIELKg= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -1109,13 +1108,13 @@ gitlab.com/bosi/decorder v0.4.1 h1:VdsdfxhstabyhZovHafFw+9eJ6eU0d2CkFNJcZz/NU4= gitlab.com/bosi/decorder v0.4.1/go.mod h1:jecSqWUew6Yle1pCr2eLWTensJMmsxHsBwt+PVbkAqA= go-simpler.org/assert v0.6.0 h1:QxSrXa4oRuo/1eHMXSBFHKvJIpWABayzKldqZyugG7E= go-simpler.org/assert v0.6.0/go.mod h1:74Eqh5eI6vCK6Y5l3PI8ZYFXG4Sa+tkr70OIPJAUr28= -go-simpler.org/sloglint v0.3.0 h1:E6TR0w4io+F1mkdvFaCRKEpf19S2+lnEYiDM2Z6bClk= -go-simpler.org/sloglint v0.3.0/go.mod h1:/RQr0TeTf89IyRjLJ9ogUbIp1Zs5zJJAj02pwQoDQdg= +go-simpler.org/sloglint v0.4.0 h1:UVJuUJo63iNQNFEOtZ6o1xAgagVg/giVLLvG9nNLobI= +go-simpler.org/sloglint v0.4.0/go.mod h1:v6zJ++j/thFPhefs2wEXoCKwT10yo5nkBDYRCXyqgNQ= go.etcd.io/etcd/api/v3 v3.5.1/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= go.etcd.io/etcd/client/pkg/v3 v3.5.1/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= go.etcd.io/etcd/client/v2 v2.305.1/go.mod h1:pMEacxZW7o8pg4CrFE7pquyCJJzZvkvdD2RibOCCCGs= -go.mondoo.com/cnquery/v9 v9.14.1-0.20240110175418-0e7903cd2b5a h1:8wQa4svzM3xY0R/jd4SIUYSfrYBj8xwHWKEmTlLQ/LE= -go.mondoo.com/cnquery/v9 v9.14.1-0.20240110175418-0e7903cd2b5a/go.mod h1:jmEIloJqP6cXYAci3rL2oq82QUgiDDyqngUDc4kldbc= +go.mondoo.com/cnquery/v9 v9.14.1-0.20240112183847-ed5ecf03a6f9 h1:pVBnmHKYHN9aMvcswmo1I9oLTgwR3HDLO2iUfoJFqxM= +go.mondoo.com/cnquery/v9 v9.14.1-0.20240112183847-ed5ecf03a6f9/go.mod h1:jmEIloJqP6cXYAci3rL2oq82QUgiDDyqngUDc4kldbc= go.mondoo.com/mondoo-go v0.0.0-20240103050411-fa7e920c6784 h1:k6Z9Fax2ELkspDozxy3Skkqe1eaHRSqRS16InEspMHg= go.mondoo.com/mondoo-go v0.0.0-20240103050411-fa7e920c6784/go.mod h1:elugDWMp6Tnk1tSpTf/7HHewkb0ORjMA2ubeFLI+FwQ= go.mondoo.com/ranger-rpc v0.5.3 h1:914JOFTrxWFtBu1qrvuTyTyMibuT7g1GAX3HaUcbFqI= @@ -1183,12 +1182,12 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc h1:ao2WRsKSzW6KuUY9IWPwWahcHCgR0s52IfwutMfEbdM= -golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI= +golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3 h1:hNQpMuAJe5CtcUqCXaWga3FHu+kQvCqcsoVaQgSV60o= +golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08= golang.org/x/exp/typeparams v0.0.0-20220428152302-39d4317da171/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= golang.org/x/exp/typeparams v0.0.0-20230203172020-98cc5a0785f9/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= -golang.org/x/exp/typeparams v0.0.0-20231127185646-65229373498e h1:Iel2aGgaO80fSb1N54L7SE6XMeVvYy6caKt8u/5LvR8= -golang.org/x/exp/typeparams v0.0.0-20231127185646-65229373498e/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= +golang.org/x/exp/typeparams v0.0.0-20240112132812-db7319d0e0e3 h1:cW4lNfFicb4kAracdjGpt2Vkbnqy07T/gvwWKBeXt74= +golang.org/x/exp/typeparams v0.0.0-20240112132812-db7319d0e0e3/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -1448,7 +1447,6 @@ golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190910044552-dd2b5c81c578/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -1506,8 +1504,8 @@ golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= golang.org/x/tools v0.5.0/go.mod h1:N+Kgy78s5I24c24dU8OfWNEotWjutIs8SnJvn5IDq+k= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA= -golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= +golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc= +golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1741,8 +1739,8 @@ mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed h1:WX1yoOaKQfddO/mLzdV4wp mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed/go.mod h1:Xkxe497xwlCKkIaQYRfC7CSLworTXY9RMqwhhCm+8Nc= mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b h1:DxJ5nJdkhDlLok9K6qO+5290kphDJbHOQO1DFFFTeBo= mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b/go.mod h1:2odslEg/xrtNQqCYg2/jCoyKnw3vv5biOc3JnIcYfL4= -mvdan.cc/unparam v0.0.0-20230917202934-3ee2d22f45fb h1:xiF91GJnDSbyPdiZB5d52N2VpZfGhjM4Ji75cjzuooQ= -mvdan.cc/unparam v0.0.0-20230917202934-3ee2d22f45fb/go.mod h1:ZzZjEpJDOmx8TdVU6umamY3Xy0UAQUI2DHbf05USVbI= +mvdan.cc/unparam v0.0.0-20240104100049-c549a3470d14 h1:zCr3iRRgdk5eIikZNDphGcM6KGVTx3Yu+/Uu9Es254w= +mvdan.cc/unparam v0.0.0-20240104100049-c549a3470d14/go.mod h1:ZzZjEpJDOmx8TdVU6umamY3Xy0UAQUI2DHbf05USVbI= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/internal/datalakes/inmemory/policyhub.go b/internal/datalakes/inmemory/policyhub.go index e7de7913..364de767 100644 --- a/internal/datalakes/inmemory/policyhub.go +++ b/internal/datalakes/inmemory/policyhub.go @@ -538,7 +538,7 @@ func (db *Db) fixInvalidatedPolicy(ctx context.Context, wrap *wrapPolicy) error func(ctx context.Context, mrn string) (*policy.Policy, error) { return db.GetValidatedPolicy(ctx, mrn) }, func(ctx context.Context, mrn string) (*explorer.Mquery, error) { return db.GetQuery(ctx, mrn) }, nil, - db.services.Schema(), + db.services.NewCompilerConfig(), ) ok := db.cache.Set(dbIDPolicy+wrap.Policy.Mrn, *wrap, 2) diff --git a/internal/datalakes/inmemory/policyresolver.go b/internal/datalakes/inmemory/policyresolver.go index 958672d9..83c5fbcf 100644 --- a/internal/datalakes/inmemory/policyresolver.go +++ b/internal/datalakes/inmemory/policyresolver.go @@ -188,7 +188,7 @@ func (db *Db) mutatePolicy(ctx context.Context, mrn string, actions map[string]e func(ctx context.Context, mrn string) (*policy.Policy, error) { return db.GetValidatedPolicy(ctx, mrn) }, func(ctx context.Context, mrn string) (*explorer.Mquery, error) { return db.GetQuery(ctx, mrn) }, nil, - db.services.Schema(), + db.services.NewCompilerConfig(), ) if err != nil { return policyw, true, err @@ -350,6 +350,8 @@ func (db *Db) refreshDependentAssetFilters(ctx context.Context, startPolicy wrap } for len(needsUpdate) > 0 { + conf := db.services.NewCompilerConfig() + for k, policyw := range needsUpdate { err := db.refreshAssetFilters(ctx, &policyw) if err != nil { @@ -361,7 +363,7 @@ func (db *Db) refreshDependentAssetFilters(ctx context.Context, startPolicy wrap func(ctx context.Context, mrn string) (*policy.Policy, error) { return db.GetValidatedPolicy(ctx, mrn) }, func(ctx context.Context, mrn string) (*explorer.Mquery, error) { return db.GetQuery(ctx, mrn) }, nil, - db.services.Schema(), + conf, ) if err != nil { return err @@ -861,7 +863,7 @@ func (db *Db) SetProps(ctx context.Context, req *explorer.PropsReq) error { func(ctx context.Context, mrn string) (*policy.Policy, error) { return db.GetValidatedPolicy(ctx, mrn) }, func(ctx context.Context, mrn string) (*explorer.Mquery, error) { return db.GetQuery(ctx, mrn) }, nil, - db.services.Schema(), + db.services.NewCompilerConfig(), ) if err != nil { return err diff --git a/policy/bundle.go b/policy/bundle.go index ce5f6c3d..586523f6 100644 --- a/policy/bundle.go +++ b/policy/bundle.go @@ -13,10 +13,12 @@ import ( "github.com/pkg/errors" "github.com/rs/zerolog/log" + "go.mondoo.com/cnquery/v9" "go.mondoo.com/cnquery/v9/checksums" "go.mondoo.com/cnquery/v9/explorer" "go.mondoo.com/cnquery/v9/llx" "go.mondoo.com/cnquery/v9/logger" + "go.mondoo.com/cnquery/v9/mqlc" "go.mondoo.com/cnquery/v9/mrn" "go.mondoo.com/cnquery/v9/utils/multierr" "sigs.k8s.io/yaml" @@ -712,13 +714,13 @@ func topologicalSortQueriesDFS(queryMrn string, queriesMap map[string]*explorer. // Compile a bundle. See CompileExt for a full description. func (p *Bundle) Compile(ctx context.Context, schema llx.Schema, library Library) (*PolicyBundleMap, error) { return p.CompileExt(ctx, BundleCompileConf{ - Schema: schema, - Library: library, + CompilerConfig: mqlc.NewConfig(schema, cnquery.DefaultFeatures), + Library: library, }) } type BundleCompileConf struct { - Schema llx.Schema + mqlc.CompilerConfig Library Library RemoveFailing bool } @@ -811,7 +813,7 @@ func (p *Bundle) CompileExt(ctx context.Context, conf BundleCompileConf) (*Polic if policy.ComputedFilters == nil || policy.ComputedFilters.Items == nil { policy.ComputedFilters = &explorer.Filters{Items: map[string]*explorer.Mquery{}} } - if err = policy.ComputedFilters.Compile(ownerMrn, cache.conf.Schema); err != nil { + if err = policy.ComputedFilters.Compile(ownerMrn, conf.CompilerConfig); err != nil { return nil, multierr.Wrap(err, "failed to compile policy filters") } @@ -820,7 +822,7 @@ func (p *Bundle) CompileExt(ctx context.Context, conf BundleCompileConf) (*Polic group := policy.Groups[i] // When filters are initially added they haven't been compiled - if err = group.Filters.Compile(ownerMrn, cache.conf.Schema); err != nil { + if err = group.Filters.Compile(ownerMrn, conf.CompilerConfig); err != nil { return nil, multierr.Wrap(err, "failed to compile policy group filters") } @@ -891,7 +893,7 @@ func (p *Bundle) CompileExt(ctx context.Context, conf BundleCompileConf) (*Polic return nil, errors.New("failed to validate policy: " + err.Error()) } - err = bundleMap.ValidatePolicy(ctx, policy, cache.conf.Schema) + err = bundleMap.ValidatePolicy(ctx, policy, cache.conf.CompilerConfig) if err != nil { return nil, errors.New("failed to validate policy: " + err.Error()) } @@ -1066,7 +1068,7 @@ func (c *bundleCache) precompileQuery(query *explorer.Mquery, policy *Policy) *e } // filters have no dependencies, so we can compile them early - if err := query.Filters.Compile(c.ownerMrn, c.conf.Schema); err != nil { + if err := query.Filters.Compile(c.ownerMrn, c.conf.CompilerConfig); err != nil { c.errors = append(c.errors, errors.New("failed to compile filters for query "+query.Mrn)) return nil } @@ -1100,7 +1102,7 @@ func (c *bundleCache) precompileQuery(query *explorer.Mquery, policy *Policy) *e // dependencies have been processed. Properties must be compiled. Connected // queries may not be ready yet, but we have to have precompiled them. func (c *bundleCache) compileQuery(query *explorer.Mquery) { - _, err := query.RefreshChecksumAndType(c.lookupQuery, c.lookupProp, c.conf.Schema) + _, err := query.RefreshChecksumAndType(c.lookupQuery, c.lookupProp, c.conf.CompilerConfig) if err != nil { if c.conf.RemoveFailing { c.removeQueries[query.Mrn] = struct{}{} @@ -1144,7 +1146,7 @@ func (c *bundleCache) compileProp(prop *explorer.Property) error { name = m.Basename() } - if _, err := prop.RefreshChecksumAndType(c.conf.Schema); err != nil { + if _, err := prop.RefreshChecksumAndType(c.conf.CompilerConfig); err != nil { return err } diff --git a/policy/bundle_map.go b/policy/bundle_map.go index d39277a9..6618a16d 100644 --- a/policy/bundle_map.go +++ b/policy/bundle_map.go @@ -11,6 +11,7 @@ import ( "github.com/pkg/errors" "go.mondoo.com/cnquery/v9/explorer" "go.mondoo.com/cnquery/v9/llx" + "go.mondoo.com/cnquery/v9/mqlc" "go.mondoo.com/cnquery/v9/mrn" "go.mondoo.com/cnquery/v9/utils/sortx" ) @@ -173,13 +174,13 @@ func sortPolicies(p *Policy, bundle *PolicyBundleMap, indexer map[string]struct{ } // ValidatePolicy against the given bundle -func (p *PolicyBundleMap) ValidatePolicy(ctx context.Context, policy *Policy, schema llx.Schema) error { +func (p *PolicyBundleMap) ValidatePolicy(ctx context.Context, policy *Policy, conf mqlc.CompilerConfig) error { if !mrn.IsValid(policy.Mrn) { return errors.New("policy MRN is not valid: " + policy.Mrn) } for i := range policy.Groups { - if err := p.validateGroup(ctx, policy.Groups[i], policy.Mrn, schema); err != nil { + if err := p.validateGroup(ctx, policy.Groups[i], policy.Mrn, conf); err != nil { return err } } @@ -195,7 +196,7 @@ func (p *PolicyBundleMap) ValidatePolicy(ctx context.Context, policy *Policy, sc return nil } -func (p *PolicyBundleMap) validateGroup(ctx context.Context, group *PolicyGroup, policyMrn string, schema llx.Schema) error { +func (p *PolicyBundleMap) validateGroup(ctx context.Context, group *PolicyGroup, policyMrn string, conf mqlc.CompilerConfig) error { if group == nil { return errors.New("spec cannot be nil") } @@ -204,7 +205,7 @@ func (p *PolicyBundleMap) validateGroup(ctx context.Context, group *PolicyGroup, // since asset filters are run beforehand and don't make it into the report // we don't store their code bundles separately for _, query := range group.Filters.Items { - _, err := query.RefreshAsFilter(policyMrn, schema) + _, err := query.RefreshAsFilter(policyMrn, conf) if err != nil { return err } diff --git a/policy/bundle_test.go b/policy/bundle_test.go index ce850404..512c35b5 100644 --- a/policy/bundle_test.go +++ b/policy/bundle_test.go @@ -17,7 +17,6 @@ import ( "github.com/stretchr/testify/require" "go.mondoo.com/cnquery/v9/explorer" "go.mondoo.com/cnquery/v9/providers" - "go.mondoo.com/cnquery/v9/providers-sdk/v1/testutils" "go.mondoo.com/cnspec/v9/internal/datalakes/inmemory" "go.mondoo.com/cnspec/v9/policy" ) @@ -232,7 +231,7 @@ func TestBundleCompile(t *testing.T) { require.NoError(t, err) require.NotNil(t, bundle) - bundlemap, err := bundle.Compile(context.Background(), schema, nil) + bundlemap, err := bundle.Compile(context.Background(), conf.Schema, nil) require.NoError(t, err) require.NotNil(t, bundlemap) @@ -357,13 +356,13 @@ func TestStableMqueryChecksum(t *testing.T) { require.NoError(t, err) require.NotNil(t, bundle) - bundlemap, err := bundle.Compile(context.Background(), schema, nil) + bundlemap, err := bundle.Compile(context.Background(), conf.Schema, nil) require.NoError(t, err) require.NotNil(t, bundlemap) for _, m := range bundlemap.Queries { initialChecksum := m.Checksum - err := m.RefreshChecksum(context.Background(), schema, explorer.QueryMap(bundlemap.Queries).GetQuery) + err := m.RefreshChecksum(context.Background(), conf, explorer.QueryMap(bundlemap.Queries).GetQuery) require.NoError(t, err) assert.Equal(t, initialChecksum, m.Checksum, "checksum for %s changed", m.Mrn) } @@ -380,22 +379,19 @@ func TestBundleCompile_RemoveFailingQueries(t *testing.T) { - uid: check-1 mql: 1 == 2 - uid: check-2 - mql: muser.name != "" + mql: failme.name != "" queries: - uid: query-1 mql: 1 == 1 - uid: query-2 - mql: muser.name` + mql: failme.name` bundle := parseBundle(t, bundleStr) require.NotNil(t, bundle) - runtime := testutils.Local() - s := runtime.Schema() - delete(s.AllResources(), "muser") bundlemap, err := bundle.CompileExt(context.Background(), policy.BundleCompileConf{ - Schema: s, - Library: nil, - RemoveFailing: true, + CompilerConfig: conf, + Library: nil, + RemoveFailing: true, }) require.NoError(t, err) require.NotNil(t, bundlemap) diff --git a/policy/hub.go b/policy/hub.go index c379c8f4..053c3871 100644 --- a/policy/hub.go +++ b/policy/hub.go @@ -96,7 +96,7 @@ func (s *LocalServices) PreparePolicy(ctx context.Context, policyObj *Policy, bu s.DataLake.GetValidatedPolicy, s.DataLake.GetQuery, bundle, - s.Runtime.Schema(), + s.NewCompilerConfig(), ) if err != nil { return nil, nil, err diff --git a/policy/mquery.go b/policy/mquery.go index 5ff5b0d1..a72ed0fa 100644 --- a/policy/mquery.go +++ b/policy/mquery.go @@ -4,12 +4,13 @@ package policy import ( + "sort" + "github.com/pkg/errors" "go.mondoo.com/cnquery/v9/checksums" "go.mondoo.com/cnquery/v9/explorer" - "go.mondoo.com/cnquery/v9/llx" + "go.mondoo.com/cnquery/v9/mqlc" "go.mondoo.com/cnquery/v9/mrn" - "sort" ) func RefreshMRN(ownerMRN string, existingMRN string, resource string, uid string) (string, error) { @@ -37,9 +38,9 @@ func RefreshMRN(ownerMRN string, existingMRN string, resource string, uid string return mrn.String(), nil } -func ChecksumAssetFilters(queries []*explorer.Mquery, schema llx.Schema) (string, error) { +func ChecksumAssetFilters(queries []*explorer.Mquery, conf mqlc.CompilerConfig) (string, error) { for i := range queries { - if _, err := queries[i].RefreshAsFilter("", schema); err != nil { + if _, err := queries[i].RefreshAsFilter("", conf); err != nil { return "", errors.New("failed to compile query: " + err.Error()) } } @@ -59,10 +60,10 @@ func ChecksumAssetFilters(queries []*explorer.Mquery, schema llx.Schema) (string // RefreshChecksums of all queries // Note: This method is used for testing purposes only. If you need it in other // places please make sure to implement the query lookup. -func (m *Mqueries) RefreshChecksums(schema llx.Schema, props map[string]explorer.PropertyRef) error { +func (m *Mqueries) RefreshChecksums(conf mqlc.CompilerConfig, props map[string]explorer.PropertyRef) error { queries := map[string]*explorer.Mquery{} for i := range m.Items { - if _, err := m.Items[i].RefreshChecksumAndType(queries, props, schema); err != nil { + if _, err := m.Items[i].RefreshChecksumAndType(queries, props, conf); err != nil { return err } } diff --git a/policy/mquery_test.go b/policy/mquery_test.go index a8823545..1b92f659 100644 --- a/policy/mquery_test.go +++ b/policy/mquery_test.go @@ -4,15 +4,18 @@ package policy import ( - "go.mondoo.com/cnquery/v9/explorer" - "go.mondoo.com/cnquery/v9/providers-sdk/v1/testutils" "testing" "github.com/stretchr/testify/assert" + "go.mondoo.com/cnquery/v9" + "go.mondoo.com/cnquery/v9/explorer" + "go.mondoo.com/cnquery/v9/mqlc" + "go.mondoo.com/cnquery/v9/providers-sdk/v1/testutils" ) func TestMquery_Whitespaces(t *testing.T) { coreSchema := testutils.MustLoadSchema(testutils.SchemaProvider{Provider: "core"}) + conf := mqlc.NewConfig(coreSchema, cnquery.DefaultFeatures) mq := &explorer.Mquery{ Mql: " mondoo { version \n} \t\n ", @@ -22,11 +25,11 @@ func TestMquery_Whitespaces(t *testing.T) { Mql: "mondoo { version \n}", } - bundle, err := mq.RefreshChecksumAndType(nil, nil, coreSchema) + bundle, err := mq.RefreshChecksumAndType(nil, nil, conf) assert.NoError(t, err) assert.NotNil(t, bundle) - bundle, err = mqexpect.RefreshChecksumAndType(nil, nil, coreSchema) + bundle, err = mqexpect.RefreshChecksumAndType(nil, nil, conf) assert.NoError(t, err) assert.NotNil(t, bundle) @@ -35,6 +38,8 @@ func TestMquery_Whitespaces(t *testing.T) { func TestMquery_CodeIDs(t *testing.T) { coreSchema := testutils.MustLoadSchema(testutils.SchemaProvider{Provider: "core"}) + conf := mqlc.NewConfig(coreSchema, cnquery.DefaultFeatures) + mqAssetFilter := &explorer.Mquery{ Mql: "mondoo { version \n}", } @@ -43,10 +48,10 @@ func TestMquery_CodeIDs(t *testing.T) { Mql: "mondoo { version \n}", } - _, err := mqAssetFilter.RefreshAsFilter("//some.mrn", coreSchema) + _, err := mqAssetFilter.RefreshAsFilter("//some.mrn", conf) assert.NoError(t, err) - _, err = mqReg.RefreshChecksumAndType(nil, nil, coreSchema) + _, err = mqReg.RefreshChecksumAndType(nil, nil, conf) assert.NoError(t, err) assert.Equal(t, mqReg.CodeId, mqAssetFilter.CodeId) diff --git a/policy/policy.go b/policy/policy.go index 6ca4ff79..dfc9b6fb 100644 --- a/policy/policy.go +++ b/policy/policy.go @@ -14,7 +14,7 @@ import ( "github.com/rs/zerolog/log" "go.mondoo.com/cnquery/v9/checksums" "go.mondoo.com/cnquery/v9/explorer" - "go.mondoo.com/cnquery/v9/llx" + "go.mondoo.com/cnquery/v9/mqlc" "go.mondoo.com/cnquery/v9/mrn" "go.mondoo.com/cnquery/v9/types" "google.golang.org/protobuf/proto" @@ -239,7 +239,7 @@ func (p *Policy) UpdateChecksums(ctx context.Context, getPolicy func(ctx context.Context, mrn string) (*Policy, error), getQuery func(ctx context.Context, mrn string) (*explorer.Mquery, error), bundle *PolicyBundleMap, - schema llx.Schema, + conf mqlc.CompilerConfig, ) error { // simplify the access if we don't have a bundle if bundle == nil { @@ -259,7 +259,7 @@ func (p *Policy) UpdateChecksums(ctx context.Context, // if we have local checksums set, we can take an optimized route; // if not, we have to update all checksums if p.LocalContentChecksum == "" || p.LocalExecutionChecksum == "" { - return p.updateAllChecksums(ctx, getPolicy, getQuery, bundle, schema) + return p.updateAllChecksums(ctx, getPolicy, getQuery, bundle, conf) } // otherwise we have local checksums and only need to recompute the @@ -292,7 +292,7 @@ func (p *Policy) UpdateChecksums(ctx context.Context, } if p.GraphContentChecksum == "" || p.GraphExecutionChecksum == "" { - err = p.UpdateChecksums(ctx, getPolicy, getQuery, bundle, schema) + err = p.UpdateChecksums(ctx, getPolicy, getQuery, bundle, conf) if err != nil { return err } @@ -313,7 +313,7 @@ func (p *Policy) updateAllChecksums(ctx context.Context, getPolicy func(ctx context.Context, mrn string) (*Policy, error), getQuery func(ctx context.Context, mrn string) (*explorer.Mquery, error), bundle *PolicyBundleMap, - schema llx.Schema, + conf mqlc.CompilerConfig, ) error { log.Trace().Str("policy", p.Mrn).Msg("update policy checksum") p.LocalContentChecksum = "" @@ -431,7 +431,7 @@ func (p *Policy) updateAllChecksums(ctx context.Context, if base, ok := bundle.Queries[check.Mrn]; ok { check = check.Merge(base) - if err := check.RefreshChecksum(ctx, schema, getQuery); err != nil { + if err := check.RefreshChecksum(ctx, conf, getQuery); err != nil { return err } } else if check.Checksum == "" { @@ -440,7 +440,7 @@ func (p *Policy) updateAllChecksums(ctx context.Context, } if x, err := getQuery(ctx, check.Mrn); err == nil { check = check.Merge(x) - if err := check.RefreshChecksum(ctx, schema, getQuery); err != nil { + if err := check.RefreshChecksum(ctx, conf, getQuery); err != nil { return err } } @@ -472,7 +472,7 @@ func (p *Policy) updateAllChecksums(ctx context.Context, if base, ok := bundle.Queries[query.Mrn]; ok { query = query.Merge(base) - if err := query.RefreshChecksum(ctx, schema, getQuery); err != nil { + if err := query.RefreshChecksum(ctx, conf, getQuery); err != nil { return err } } else if query.Checksum == "" { @@ -481,7 +481,7 @@ func (p *Policy) updateAllChecksums(ctx context.Context, } if x, err := getQuery(ctx, query.Mrn); err == nil { query = query.Merge(x) - if err := query.RefreshChecksum(ctx, schema, getQuery); err != nil { + if err := query.RefreshChecksum(ctx, conf, getQuery); err != nil { return err } } diff --git a/policy/policy_test.go b/policy/policy_test.go index fac52d08..8dd8cd4f 100644 --- a/policy/policy_test.go +++ b/policy/policy_test.go @@ -10,18 +10,20 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "go.mondoo.com/cnquery/v9" "go.mondoo.com/cnquery/v9/explorer" - "go.mondoo.com/cnquery/v9/llx" + "go.mondoo.com/cnquery/v9/mqlc" "go.mondoo.com/cnquery/v9/mrn" "go.mondoo.com/cnquery/v9/providers-sdk/v1/testutils" "go.mondoo.com/cnspec/v9/policy" ) -var schema llx.Schema +var conf mqlc.CompilerConfig func init() { runtime := testutils.Local() - schema = runtime.Schema() + schema := runtime.Schema() + conf = mqlc.NewConfig(schema, cnquery.DefaultFeatures) } func getChecksums(p *policy.Policy) map[string]string { @@ -95,12 +97,12 @@ func TestPolicyChecksums(t *testing.T) { ctx := context.Background() p := b.Policies[0] - _, err = b.Compile(ctx, schema, nil) + _, err = b.Compile(ctx, conf.Schema, nil) require.NoError(t, err) // regular checksum tests - err = p.UpdateChecksums(ctx, nil, nil, b.ToMap(), schema) + err = p.UpdateChecksums(ctx, nil, nil, b.ToMap(), conf) require.NoError(t, err, "computing initial checksums works") checksums := getChecksums(p) @@ -109,7 +111,7 @@ func TestPolicyChecksums(t *testing.T) { } p.InvalidateLocalChecksums() - err = p.UpdateChecksums(ctx, nil, nil, b.ToMap(), schema) + err = p.UpdateChecksums(ctx, nil, nil, b.ToMap(), conf) assert.NoError(t, err, "computing checksums again") assert.Equal(t, checksums, getChecksums(p), "recomputing yields same checksums") @@ -138,7 +140,7 @@ func TestPolicyChecksums(t *testing.T) { checksums = getChecksums(p) f(p) p.InvalidateLocalChecksums() - err = p.UpdateChecksums(ctx, nil, nil, b.ToMap(), schema) + err = p.UpdateChecksums(ctx, nil, nil, b.ToMap(), conf) assert.NoError(t, err, "computing checksums") testChecksums(t, []bool{false, true, false, true}, checksums, getChecksums(p)) }) @@ -158,8 +160,10 @@ func TestPolicyChecksums(t *testing.T) { Name: assetMrn.String(), } assetBundle := &policy.Bundle{Policies: []*policy.Policy{assetPolicy}} - assetBundle.Compile(ctx, schema, nil) - assetPolicy.UpdateChecksums(ctx, nil, nil, assetBundle.ToMap(), schema) + _, err = assetBundle.Compile(ctx, conf.Schema, nil) + require.NoError(t, err) + err = assetPolicy.UpdateChecksums(ctx, nil, nil, assetBundle.ToMap(), conf) + require.NoError(t, err) runContentTest(assetPolicy, "changing asset policy mrn", func(p *policy.Policy) { p.Mrn += "bling" @@ -192,7 +196,7 @@ func TestPolicyChecksums(t *testing.T) { checksums = getChecksums(p) f() p.InvalidateLocalChecksums() - err = p.UpdateChecksums(ctx, nil, nil, b.ToMap(), schema) + err = p.UpdateChecksums(ctx, nil, nil, b.ToMap(), conf) assert.NoError(t, err, "computing checksums") updated := getChecksums(p) testChecksums(t, []bool{false, false, false, false}, checksums, updated) @@ -229,9 +233,9 @@ queries: require.NoError(t, err) pInitial := bundleInitial.Policies[0] pInitial.InvalidateLocalChecksums() - initialBundleMap, err := bundleInitial.Compile(context.Background(), schema, nil) + initialBundleMap, err := bundleInitial.Compile(context.Background(), conf.Schema, nil) require.NoError(t, err) - err = pInitial.UpdateChecksums(context.Background(), nil, explorer.QueryMap(initialBundleMap.Queries).GetQuery, initialBundleMap, schema) + err = pInitial.UpdateChecksums(context.Background(), nil, explorer.QueryMap(initialBundleMap.Queries).GetQuery, initialBundleMap, conf) assert.NoError(t, err, "computing checksums") bundleUpdated, err := policy.BundleFromYAML([]byte(` @@ -260,9 +264,9 @@ queries: require.NoError(t, err) pUpdated := bundleUpdated.Policies[0] pUpdated.InvalidateLocalChecksums() - updatedBundleMap, err := bundleUpdated.Compile(context.Background(), schema, nil) + updatedBundleMap, err := bundleUpdated.Compile(context.Background(), conf.Schema, nil) require.NoError(t, err) - err = pUpdated.UpdateChecksums(context.Background(), nil, explorer.QueryMap(updatedBundleMap.Queries).GetQuery, updatedBundleMap, schema) + err = pUpdated.UpdateChecksums(context.Background(), nil, explorer.QueryMap(updatedBundleMap.Queries).GetQuery, updatedBundleMap, conf) assert.NoError(t, err, "computing checksums") require.NotEqual(t, pInitial.GraphExecutionChecksum, pUpdated.LocalContentChecksum) @@ -298,9 +302,9 @@ queries: require.NoError(t, err) pInitial := bundleInitial.Policies[0] pInitial.InvalidateLocalChecksums() - initialBundleMap, err := bundleInitial.Compile(context.Background(), schema, nil) + initialBundleMap, err := bundleInitial.Compile(context.Background(), conf.Schema, nil) require.NoError(t, err) - err = pInitial.UpdateChecksums(context.Background(), nil, explorer.QueryMap(initialBundleMap.Queries).GetQuery, initialBundleMap, schema) + err = pInitial.UpdateChecksums(context.Background(), nil, explorer.QueryMap(initialBundleMap.Queries).GetQuery, initialBundleMap, conf) assert.NoError(t, err, "computing checksums") bundleUpdated, err := policy.BundleFromYAML([]byte(` @@ -329,9 +333,9 @@ queries: require.NoError(t, err) pUpdated := bundleUpdated.Policies[0] pUpdated.InvalidateLocalChecksums() - updatedBundleMap, err := bundleUpdated.Compile(context.Background(), schema, nil) + updatedBundleMap, err := bundleUpdated.Compile(context.Background(), conf.Schema, nil) require.NoError(t, err) - err = pUpdated.UpdateChecksums(context.Background(), nil, explorer.QueryMap(updatedBundleMap.Queries).GetQuery, updatedBundleMap, schema) + err = pUpdated.UpdateChecksums(context.Background(), nil, explorer.QueryMap(updatedBundleMap.Queries).GetQuery, updatedBundleMap, conf) assert.NoError(t, err, "computing checksums") require.NotEqual(t, pInitial.GraphExecutionChecksum, pUpdated.LocalContentChecksum) @@ -369,7 +373,7 @@ queries: require.NoError(t, err) pInitial := bundleInitial.Policies[0] pInitial.InvalidateLocalChecksums() - _, err = bundleInitial.Compile(context.Background(), schema, nil) + _, err = bundleInitial.Compile(context.Background(), conf.Schema, nil) require.Contains(t, err.Error(), "variant cycle detected") } @@ -401,7 +405,7 @@ queries: require.NoError(t, err) pInitial := bundleInitial.Policies[0] pInitial.InvalidateLocalChecksums() - _, err = bundleInitial.Compile(context.Background(), schema, nil) + _, err = bundleInitial.Compile(context.Background(), conf.Schema, nil) require.Contains(t, err.Error(), "variant cycle detected") } } diff --git a/policy/resolver.go b/policy/resolver.go index a7681b1d..c277ac4b 100644 --- a/policy/resolver.go +++ b/policy/resolver.go @@ -18,6 +18,7 @@ import ( "go.mondoo.com/cnquery/v9/explorer" "go.mondoo.com/cnquery/v9/llx" "go.mondoo.com/cnquery/v9/logger" + "go.mondoo.com/cnquery/v9/mqlc" "go.mondoo.com/cnquery/v9/mrn" "go.mondoo.com/cnquery/v9/utils/sortx" "go.mondoo.com/ranger-rpc/codes" @@ -121,9 +122,10 @@ func (s *LocalServices) Unassign(ctx context.Context, assignment *PolicyAssignme func (s *LocalServices) SetProps(ctx context.Context, req *explorer.PropsReq) (*explorer.Empty, error) { // validate that the queries compile and fill in checksums + conf := s.NewCompilerConfig() for i := range req.Props { prop := req.Props[i] - code, err := prop.RefreshChecksumAndType(s.Runtime.Schema()) + code, err := prop.RefreshChecksumAndType(conf) if err != nil { return nil, err } @@ -359,6 +361,8 @@ type resolverCache struct { reportingJobsActive map[string]bool errors []*policyResolutionError bundleMap *PolicyBundleMap + + compilerConfig mqlc.CompilerConfig } type policyResolverCache struct { @@ -443,10 +447,11 @@ func (s *LocalServices) resolve(ctx context.Context, policyMrn string, assetFilt func (s *LocalServices) tryResolve(ctx context.Context, bundleMrn string, assetFilters []*explorer.Mquery) (*ResolvedPolicy, error) { logCtx := logger.FromContext(ctx) now := time.Now() + conf := s.NewCompilerConfig() // phase 1: resolve asset filters and see if we can find a cached policy // trying first with all asset filters - allFiltersChecksum, err := ChecksumAssetFilters(assetFilters, s.Runtime.Schema()) + allFiltersChecksum, err := ChecksumAssetFilters(assetFilters, conf) if err != nil { return nil, err } @@ -484,7 +489,7 @@ func (s *LocalServices) tryResolve(ctx context.Context, bundleMrn string, assetF assetFiltersMap[matchingFilters[i].CodeId] = struct{}{} } - assetFiltersChecksum, err := ChecksumAssetFilters(matchingFilters, s.Runtime.Schema()) + assetFiltersChecksum, err := ChecksumAssetFilters(matchingFilters, conf) if err != nil { return nil, err } @@ -519,6 +524,7 @@ func (s *LocalServices) tryResolve(ctx context.Context, bundleMrn string, assetF reportingJobsByMsum: map[string][]*ReportingJob{}, reportingJobsActive: map[string]bool{}, bundleMap: bundleMap, + compilerConfig: conf, } rjUUID := cache.relativeChecksum(policyObj.GraphExecutionChecksum) @@ -904,7 +910,7 @@ func (s *LocalServices) policyGroupToJobs(ctx context.Context, group *PolicyGrou if base, ok := cache.global.bundleMap.Queries[check.Mrn]; ok { check = check.Merge(base) err := check.RefreshChecksum(ctx, - s.Runtime.Schema(), + cache.global.compilerConfig, explorer.QueryMap(cache.global.bundleMap.Queries).GetQuery, ) if err != nil { @@ -963,7 +969,7 @@ func (s *LocalServices) policyGroupToJobs(ctx context.Context, group *PolicyGrou if base, ok := cache.global.bundleMap.Queries[query.Mrn]; ok { query = query.Merge(base) err := query.RefreshChecksum(ctx, - s.Runtime.Schema(), + cache.global.compilerConfig, explorer.QueryMap(cache.global.bundleMap.Queries).GetQuery, ) if err != nil { @@ -1209,7 +1215,7 @@ func (s *LocalServices) jobsToQueries(ctx context.Context, policyMrn string, cac } } - executionQuery, dataChecksum, err := mquery2executionQuery(prop, nil, map[string]string{}, collectorJob, false, s.Runtime.Schema()) + executionQuery, dataChecksum, err := mquery2executionQuery(prop, nil, map[string]string{}, collectorJob, false, cache.compilerConfig) if err != nil { return nil, nil, errors.New("resolver> failed to compile query for MRN " + prop.Mrn + ": " + err.Error()) } @@ -1224,7 +1230,7 @@ func (s *LocalServices) jobsToQueries(ctx context.Context, policyMrn string, cac } } - executionQuery, _, err := mquery2executionQuery(query, propTypes, propToChecksums, collectorJob, !isDataQuery, s.Runtime.Schema()) + executionQuery, _, err := mquery2executionQuery(query, propTypes, propToChecksums, collectorJob, !isDataQuery, cache.compilerConfig) if err != nil { return nil, nil, errors.New("resolver> failed to compile query for MRN " + query.Mrn + ": " + err.Error()) } @@ -1327,13 +1333,13 @@ func connectDatapointsToReportingJob(query *ExecutionQuery, job *ReportingJob, d } type queryLike interface { - Compile(props map[string]*llx.Primitive, schema llx.Schema) (*llx.CodeBundle, error) + Compile(props map[string]*llx.Primitive, conf mqlc.CompilerConfig) (*llx.CodeBundle, error) GetChecksum() string GetMql() string } -func mquery2executionQuery(query queryLike, props map[string]*llx.Primitive, propsToChecksums map[string]string, collectorJob *CollectorJob, isScoring bool, schema llx.Schema) (*ExecutionQuery, string, error) { - bundle, err := query.Compile(props, schema) +func mquery2executionQuery(query queryLike, props map[string]*llx.Primitive, propsToChecksums map[string]string, collectorJob *CollectorJob, isScoring bool, conf mqlc.CompilerConfig) (*ExecutionQuery, string, error) { + bundle, err := query.Compile(props, conf) if err != nil { return nil, "", err } diff --git a/policy/resolver_test.go b/policy/resolver_test.go index b44b2b25..31b4dded 100644 --- a/policy/resolver_test.go +++ b/policy/resolver_test.go @@ -297,7 +297,7 @@ policies: _, err = srv.SetBundle(ctx, b) require.NoError(t, err) - bundleMap, err := b.Compile(context.Background(), schema, nil) + bundleMap, err := b.Compile(context.Background(), conf.Schema, nil) require.NoError(t, err) rp, err := srv.Resolve(context.Background(), &policy.ResolveReq{ @@ -405,7 +405,8 @@ policies: // Recompute the checksums so that the resolved policy is invalidated assetPolicy.InvalidateAllChecksums() - assetPolicy.UpdateChecksums(context.Background(), srv.DataLake.GetRawPolicy, srv.DataLake.GetQuery, nil, schema) + err = assetPolicy.UpdateChecksums(context.Background(), srv.DataLake.GetRawPolicy, srv.DataLake.GetQuery, nil, conf) + require.NoError(t, err) // Set the asset policy err = srv.DataLake.SetPolicy(context.Background(), assetPolicy, filters.Items) @@ -425,7 +426,8 @@ policies: // Recompute the checksums so that the resolved policy is invalidated assetPolicy.InvalidateAllChecksums() - assetPolicy.UpdateChecksums(context.Background(), srv.DataLake.GetRawPolicy, srv.DataLake.GetQuery, nil, schema) + err = assetPolicy.UpdateChecksums(context.Background(), srv.DataLake.GetRawPolicy, srv.DataLake.GetQuery, nil, conf) + require.NoError(t, err) // Set the asset policy err = srv.DataLake.SetPolicy(context.Background(), assetPolicy, filters.Items) @@ -549,7 +551,7 @@ framework_maps: bundle, err := srv.GetBundle(context.Background(), &policy.Mrn{Mrn: "asset1"}) require.NoError(t, err) - bundleMap, err := bundle.Compile(context.Background(), schema, nil) + bundleMap, err := bundle.Compile(context.Background(), conf.Schema, nil) require.NoError(t, err) mrnToQueryId := map[string]string{} @@ -688,7 +690,7 @@ framework_maps: bundle, err := srv.GetBundle(context.Background(), &policy.Mrn{Mrn: "asset1"}) require.NoError(t, err) - bundleMap, err := bundle.Compile(context.Background(), schema, nil) + bundleMap, err := bundle.Compile(context.Background(), conf.Schema, nil) require.NoError(t, err) mrnToQueryId := map[string]string{} @@ -801,7 +803,7 @@ framework_maps: bundle, err := srv.GetBundle(context.Background(), &policy.Mrn{Mrn: "asset1"}) require.NoError(t, err) - bundleMap, err := bundle.Compile(context.Background(), schema, nil) + bundleMap, err := bundle.Compile(context.Background(), conf.Schema, nil) require.NoError(t, err) mrnToQueryId := map[string]string{} diff --git a/policy/scan/fetcher.go b/policy/scan/fetcher.go index 839d34d9..a9143d5d 100644 --- a/policy/scan/fetcher.go +++ b/policy/scan/fetcher.go @@ -9,7 +9,7 @@ import ( "net/http" "github.com/pkg/errors" - "go.mondoo.com/cnquery/v9/llx" + "go.mondoo.com/cnquery/v9/mqlc" "go.mondoo.com/cnspec/v9" "go.mondoo.com/cnspec/v9/policy" ) @@ -24,7 +24,7 @@ func newFetcher() *fetcher { } } -func (f *fetcher) fetchBundles(ctx context.Context, schema llx.Schema, urls ...string) (*policy.Bundle, error) { +func (f *fetcher) fetchBundles(ctx context.Context, conf mqlc.CompilerConfig, urls ...string) (*policy.Bundle, error) { var res *policy.Bundle = &policy.Bundle{} for i := range urls { @@ -41,9 +41,9 @@ func (f *fetcher) fetchBundles(ctx context.Context, schema llx.Schema, urls ...s // need to generate MRNs for everything if _, err := cur.CompileExt(ctx, policy.BundleCompileConf{ - Schema: schema, - Library: nil, - RemoveFailing: true, + CompilerConfig: conf, + Library: nil, + RemoveFailing: true, }); err != nil { return nil, errors.Wrap(err, "failed to compile fetched bundle") } diff --git a/policy/scan/local_scanner.go b/policy/scan/local_scanner.go index 14cb5f40..54c57574 100644 --- a/policy/scan/local_scanner.go +++ b/policy/scan/local_scanner.go @@ -994,7 +994,8 @@ func (s *localAssetScanner) ensureBundle() error { return errors.New("cannot find any default policies for this asset (" + platform + ")") } - s.job.Bundle, err = s.fetcher.fetchBundles(s.job.Ctx, s.Runtime.Schema(), urls.Urls...) + conf := s.services.NewCompilerConfig() + s.job.Bundle, err = s.fetcher.fetchBundles(s.job.Ctx, conf, urls.Urls...) return err } diff --git a/policy/scan/local_scanner_test.go b/policy/scan/local_scanner_test.go index d591cbcf..be16bb50 100644 --- a/policy/scan/local_scanner_test.go +++ b/policy/scan/local_scanner_test.go @@ -11,8 +11,9 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/stretchr/testify/suite" + "go.mondoo.com/cnquery/v9" "go.mondoo.com/cnquery/v9/explorer" - "go.mondoo.com/cnquery/v9/llx" + "go.mondoo.com/cnquery/v9/mqlc" "go.mondoo.com/cnquery/v9/providers" "go.mondoo.com/cnquery/v9/providers-sdk/v1/inventory" "go.mondoo.com/cnquery/v9/providers-sdk/v1/testutils" @@ -117,15 +118,15 @@ func TestDefaultConfig(t *testing.T) { type LocalScannerSuite struct { suite.Suite - ctx context.Context - schema llx.Schema - job *Job + ctx context.Context + conf mqlc.CompilerConfig + job *Job } func (s *LocalScannerSuite) SetupSuite() { s.ctx = context.Background() runtime := testutils.Local() - s.schema = runtime.Schema() + s.conf = mqlc.NewConfig(runtime.Schema(), cnquery.DefaultFeatures) } func (s *LocalScannerSuite) BeforeTest(suiteName, testName string) { @@ -158,8 +159,8 @@ func (s *LocalScannerSuite) TestRunIncognito_SharedQuery() { s.Require().NoError(err) _, err = bundle.CompileExt(context.Background(), policy.BundleCompileConf{ - Schema: s.schema, - RemoveFailing: true, + CompilerConfig: s.conf, + RemoveFailing: true, }) s.Require().NoError(err) @@ -202,8 +203,8 @@ func (s *LocalScannerSuite) TestRunIncognito_ExceptionGroups() { s.Require().NoError(err) _, err = bundle.CompileExt(context.Background(), policy.BundleCompileConf{ - Schema: s.schema, - RemoveFailing: true, + CompilerConfig: s.conf, + RemoveFailing: true, }) s.Require().NoError(err) @@ -267,8 +268,8 @@ func (s *LocalScannerSuite) TestRunIncognito_ExceptionGroups_RejectedReview() { bundle.Policies[1].Groups[1].ReviewStatus = policy.ReviewStatus_REJECTED _, err = bundle.CompileExt(context.Background(), policy.BundleCompileConf{ - Schema: s.schema, - RemoveFailing: true, + CompilerConfig: s.conf, + RemoveFailing: true, }) s.Require().NoError(err) @@ -330,8 +331,8 @@ func (s *LocalScannerSuite) TestRunIncognito_QueryExceptions() { s.Require().NoError(err) _, err = bundle.CompileExt(context.Background(), policy.BundleCompileConf{ - Schema: s.schema, - RemoveFailing: true, + CompilerConfig: s.conf, + RemoveFailing: true, }) s.Require().NoError(err) @@ -392,8 +393,8 @@ func (s *LocalScannerSuite) TestRunIncognito_QueryExceptions_MultipleGroups() { s.Require().NoError(err) _, err = bundle.CompileExt(context.Background(), policy.BundleCompileConf{ - Schema: s.schema, - RemoveFailing: true, + CompilerConfig: s.conf, + RemoveFailing: true, }) s.Require().NoError(err) @@ -454,8 +455,8 @@ func (s *LocalScannerSuite) TestRunIncognito_Frameworks() { s.Require().NoError(err) _, err = bundle.CompileExt(context.Background(), policy.BundleCompileConf{ - Schema: s.schema, - RemoveFailing: true, + CompilerConfig: s.conf, + RemoveFailing: true, }) s.Require().NoError(err) @@ -494,8 +495,8 @@ func (s *LocalScannerSuite) TestRunIncognito_Frameworks_Exceptions_Deactivate() }) _, err = bundle.CompileExt(context.Background(), policy.BundleCompileConf{ - Schema: s.schema, - RemoveFailing: true, + CompilerConfig: s.conf, + RemoveFailing: true, }) s.Require().NoError(err) @@ -534,8 +535,8 @@ func (s *LocalScannerSuite) TestRunIncognito_Frameworks_Exceptions_OutOfScope() }) _, err = bundle.CompileExt(context.Background(), policy.BundleCompileConf{ - Schema: s.schema, - RemoveFailing: true, + CompilerConfig: s.conf, + RemoveFailing: true, }) s.Require().NoError(err) diff --git a/policy/services.go b/policy/services.go index af5e51e8..6f3de4bb 100644 --- a/policy/services.go +++ b/policy/services.go @@ -7,8 +7,10 @@ import ( "context" "net/http" + "go.mondoo.com/cnquery/v9" "go.mondoo.com/cnquery/v9/explorer" "go.mondoo.com/cnquery/v9/llx" + "go.mondoo.com/cnquery/v9/mqlc" "go.mondoo.com/ranger-rpc" ) @@ -82,3 +84,7 @@ func NewRemoteServices(addr string, auth []ranger.ClientPlugin, httpClient *http func (l *LocalServices) Schema() llx.Schema { return l.Runtime.Schema() } + +func (l *LocalServices) NewCompilerConfig() mqlc.CompilerConfig { + return mqlc.NewConfig(l.Schema(), cnquery.DefaultFeatures) +}