refactor: avoid :T syntax

src/attestation.nim

@@ -104,9 +104,9 @@ proc callTheSigningKeyBackupService(base:    string,
                                     mth:     HttpMethod): Option[Response] =
   let
     # Timeout asssociated with the signing key backup service
-    timeout:      int    = cast[int](chalkConfig.get[:Con4mDuration]("signing_key_backup_service_timeout"))
+    timeout:      int    = cast[int](get[Con4mDuration](chalkConfig, "signing_key_backup_service_timeout"))
     # Name of the auth config section to load from the config which contains the jwt
-    auth_config:  string = chalkConfig.get[:string]("signing_key_backup_service_auth_config_name")
+    auth_config:  string = get[string](chalkConfig, "signing_key_backup_service_auth_config_name")
 
   # This is the id that will be used to identify the secret in the API
   signingID = sha256Hex(attestationObfuscator & prkey)
@@ -156,7 +156,7 @@ proc backupSigningKeyToService*(content: string, prkey: string): bool =
     nonce:    string
 
   let
-    base  = chalkConfig.get[:string]("signing_key_backup_service_url")
+    base  = get[string](chalkConfig, "signing_key_backup_service_url")
     ct    = prp(attestationObfuscator, cosignPw, nonce)
 
   if len(base) == 0:
@@ -188,7 +188,7 @@ proc restoreSigningKeyFromService*(prkey: string): bool =
   if cosignPw != "":
     return true
 
-  let base: string = chalkConfig.get[:string]("signing_key_backup_service_url")
+  let base: string = get[string](chalkConfig, "signing_key_backup_service_url")
 
   if len(base) == 0 or prkey == "":
     return false
@@ -263,7 +263,7 @@ proc getCosignTempDir(): string =
 
 proc getKeyFileLoc*(): string =
   let
-    confLoc = chalkConfig.get[:string]("signing_key_location")
+    confLoc = get[string](chalkConfig, "signing_key_location")
 
   if confLoc.endswith(".key") or confLoc.endswith(".pub"):
     result = resolvePath(confLoc[0 ..< ^4])
@@ -298,7 +298,7 @@ proc generateKeyMaterial*(cosign: string): bool =
 
 proc commitPassword(pri: string, gen: bool) =
   var
-    storeIt = chalkConfig.get[:bool]("use_signing_key_backup_service")
+    storeIt = get[bool](chalkConfig, "use_signing_key_backup_service")
     printIt = not storeIt
 
   if storeIt:
@@ -337,7 +337,7 @@ proc acquirePassword(optfile = ""): bool {.discardable.} =
     delEnv("CHALK_PASSWORD")
     return true
 
-  if chalkConfig.get[:bool]("use_signing_key_backup_service") == false:
+  if get[bool](chalkConfig, "use_signing_key_backup_service") == false:
     return false
 
   if prikey == "":
@@ -416,7 +416,7 @@ proc saveSigningSetup(pubKey, priKey: string, gen: bool): bool =
   when false:
     # This is old code, but it might make a comeback at some point,
     # so I'm not removing it.
-    if chalkConfig.get[:bool]("use_internal_password"):
+    if get[bool](chalkConfig, "use_internal_password"):
       let pw = pack(encryptPassword(cosignPw))
       selfChalk.extract["$CHALK_ATTESTATION_TOKEN"] = pw
     else:
@@ -646,7 +646,7 @@ proc writeInToto(info:      DockerInvocation,
   #result  = unpack[bool](box)
 
   let
-    log  = $(chalkConfig.get[:bool]("use_transparency_log"))
+    log  = $(get[bool](chalkConfig, "use_transparency_log"))
     args = @["attest", ("--tlog-upload=" & log), "--yes", "--key",
              "chalk.key", "--type", "custom", "--predicate", path,
               digestStr]
@@ -698,7 +698,7 @@ proc coreVerify(pk: string, chalk: ChalkObj): bool =
   ## Used both for validation, and for downloading just the signature
   ## after we've signed.
   let
-    noTlog = not chalkConfig.get[:bool]("use_transparency_log")
+    noTlog = not get[bool](chalkConfig, "use_transparency_log")
     fName  = "chalk.pub"
 
   withWorkingDir(getNewTempDir()):
@@ -821,7 +821,7 @@ proc willSignNonContainer*(chalk: ChalkObj): string =
     return ""
 
   # We sign non-container artifacts if either condition is true.
-  if not (isSubscribedKey("SIGNATURE") or chalkConfig.get[:bool]("always_try_to_sign")):
+  if not (isSubscribedKey("SIGNATURE") or get[bool](chalkConfig, "always_try_to_sign")):
     trace("File artifact signing not configured.")
     return ""
 
@@ -839,7 +839,7 @@ proc willSignNonContainer*(chalk: ChalkObj): string =
 proc signNonContainer*(chalk: ChalkObj, unchalkedMD, metadataMD : string):
                      string =
   let
-    log    = $(chalkConfig.get[:bool]("use_transparency_log"))
+    log    = $(get[bool](chalkConfig, "use_transparency_log"))
     args   = @["sign-blob", ("--tlog-upload=" & log), "--yes", "--key",
                "chalk.key", "-"]
     blob   = unchalkedMD & metadataMD
@@ -860,7 +860,7 @@ proc cosignNonContainerVerify*(chalk: ChalkObj,
                                artHash, mdHash, sig, pk: string):
                              ValidateResult =
   let
-    log    = $(not chalkConfig.get[:bool]("use_transparency_log"))
+    log    = $(not get[bool](chalkConfig, "use_transparency_log"))
     args   = @["verify-blob", ("--insecure-ignore-tlog=" & log),
                "--key=chalk.pub", ("--signature=" & sig),
                "--insecure-ignore-sct=true", "-"]

src/chalk.nim

@@ -27,12 +27,12 @@ when isMainModule:
   setupDefaultLogConfigs() # src/sinks.nim
   checkSetupStatus()       # attestation.nim
   case getCommandName()    # config.nim
-  of "extract":            runCmdExtract(chalkConfig.get[:seq[string]]("artifact_search_path"))
+  of "extract":            runCmdExtract(get[seq[string]](chalkConfig, "artifact_search_path"))
   of "extract.containers": runCmdExtractContainers()
   of "extract.images":     runCmdExtractImages()
-  of "extract.all":        runCmdExtractAll(chalkConfig.get[:seq[string]]("artifact_search_path"))
-  of "insert":             runCmdInsert(chalkConfig.get[:seq[string]]("artifact_search_path"))
-  of "delete":             runCmdDelete(chalkConfig.get[:seq[string]]("artifact_search_path"))
+  of "extract.all":        runCmdExtractAll(get[seq[string]](chalkConfig, "artifact_search_path"))
+  of "insert":             runCmdInsert(get[seq[string]](chalkConfig, "artifact_search_path"))
+  of "delete":             runCmdDelete(get[seq[string]](chalkConfig, "artifact_search_path"))
   of "env":                runCmdEnv()
   of "dump":               runCmdConfDump()
   of "dump.params":        runCmdConfDumpParams()

src/chalk_common.nim

@@ -396,7 +396,7 @@ var
   sshKeyscanExeLocation*: string = ""
 
 template dumpExOnDebug*() =
-  if chalkConfig != nil and chalkConfig.get[:bool]("chalk_debug"):
+  if chalkConfig != nil and get[bool](chalkConfig, "chalk_debug"):
     let
       msg = "" # "Handling exception (msg = " & getCurrentExceptionMsg() & ")\n"
       tb  = "Traceback (most recent call last)\n" &

src/collect.nim

@@ -244,7 +244,7 @@ proc ignoreArtifact(path: string, regexps: seq[Regex]): bool {.inline.} =
   for i, item in regexps:
     if path.match(item):
       trace(path & ": returned artifact ignored due to matching: " &
-        chalkConfig.get[:seq[string]]("ignore_patterns")[i])
+        get[seq[string]](chalkConfig, "ignore_patterns")[i])
       trace("Developers: codecs should not be returning ignored artifacts.")
       return true
 
@@ -256,7 +256,7 @@ proc artSetupForExtract(argv: seq[string]): ArtifactIterationInfo =
   let selfPath = resolvePath(getMyAppPath())
 
   result.fileExclusions = @[selfPath]
-  result.recurse        = chalkConfig.get[:bool]("recursive")
+  result.recurse        = get[bool](chalkConfig, "recursive")
 
   for item in argv:
     let maybe = resolvePath(item)
@@ -273,10 +273,10 @@ proc artSetupForInsertAndDelete(argv: seq[string]): ArtifactIterationInfo =
 
   let
     selfPath = resolvePath(getMyAppPath())
-    skipList = chalkConfig.get[:seq[string]]("ignore_patterns")
+    skipList = get[seq[string]](chalkConfig, "ignore_patterns")
 
   result.fileExclusions = @[selfPath]
-  result.recurse        = chalkConfig.get[:bool]("recursive")
+  result.recurse        = get[bool](chalkConfig, "recursive")
 
   for item in skipList:
     result.skips.add(re(item))

src/commands/cmd_docker.nim

@@ -547,7 +547,7 @@ proc runBuild(ctx: DockerInvocation): int =
     ctx.addBackBuildWithoutPushFlags()
   else:
     ctx.addBackBuildWithPushFlags()
-  if chalkConfig.get[:bool]("chalk_contained_items"):
+  if get[bool](chalkConfig, "chalk_contained_items"):
     info("Docker is starting a recursive chalk of context directories.")
     var contexts: seq[string] = @[ctx.foundContext]
 
@@ -572,7 +572,7 @@ proc runBuild(ctx: DockerInvocation): int =
   trace("Creating chalk mark.")
   let chalkMark = chalk.getChalkMarkAsStr()
 
-  if chalkConfig.get[:bool]("virtual_chalk"):
+  if get[bool](chalkConfig, "virtual_chalk"):
     ctx.prepVirtualInsertion()
   else:
     ctx.handleTrueInsertion(chalkMark)
@@ -581,7 +581,7 @@ proc runBuild(ctx: DockerInvocation): int =
 
   result = ctx.runMungedDockerInvocation()
 
-  if chalkConfig.get[:bool]("virtual_chalk") and result == 0:
+  if get[bool](chalkConfig, "virtual_chalk") and result == 0:
     publish("virtual", chalkMark)
 
   chalk.marked = true

src/commands/cmd_help.nim

@@ -483,7 +483,7 @@ proc runChalkHelp*(cmdName = "help") {.noreturn.} =
     # see if the command was explicitly passed, or if it was implicit.
     # If it was implicit, give the help overview instead of the command
     # overview.
-    let defaultCmd = chalkConfig.getOpt[:string]("default_command").get("")
+    let defaultCmd = getOpt[string](chalkConfig, "default_command").get("")
     if defaultCmd != "" and defaultCmd notin commandLineParams():
       toOut = con4mRuntime.getHelpOverview()
     else:
@@ -545,7 +545,7 @@ proc runChalkHelp*(cmdName = "help") {.noreturn.} =
           toOut = con4mRuntime.fullTextSearch(args)
           break
 
-  if chalkConfig.get[:bool]("use_pager"):
+  if get[bool](chalkConfig, "use_pager"):
     runPager($(toOut))
   else:
     print(toOut)
@@ -645,11 +645,11 @@ proc getConfigValues(): Rope =
 
 proc showConfigValues*(force = false) =
   once:
-    if not (chalkConfig.get[:bool]("show_config") or force): return
+    if not (get[bool](chalkConfig, "show_config") or force): return
 
     let toOut = getConfigValues()
 
-    if chalkConfig.get[:bool]("use_pager"):
+    if get[bool](chalkConfig, "use_pager"):
       runPager($(toOut))
     else:
       print(toOut)

src/commands/cmd_insert.nim

@@ -13,7 +13,7 @@ import ".."/[config, collect, reporting, chalkjson, plugin_api]
 proc runCmdInsert*(path: seq[string]) {.exportc,cdecl.} =
   setContextDirectories(path)
   initCollection()
-  let virtual = chalkConfig.get[:bool]("virtual_chalk")
+  let virtual = get[bool](chalkConfig, "virtual_chalk")
 
   for item in artifacts(path):
     trace(item.name & ": begin chalking")

src/confload.nim

@@ -222,12 +222,12 @@ proc loadAllConfigs*() =
   # The embedded config has already been validated.
   let configFile = getEmbeddedConfig()
 
-  if chalkConfig.get[:bool]("load_embedded_config"):
+  if get[bool](chalkConfig, "load_embedded_config"):
     stack.addConfLoad(embeddedConfName, toStream(configFile)).
           addCallback(loadLocalStructs)
     doRun()
 
-  if chalkConfig.get[:bool]("load_external_config"):
+  if get[bool](chalkConfig, "load_external_config"):
     let optConf = stack.configState.findOptionalConf()
     if optConf.isSome():
       let fName = optConf.get()

src/docker_base.nim

@@ -33,7 +33,7 @@ proc setDockerExeLocation*() =
   once:
     trace("Searching PATH for 'docker'")
     let
-      dockerConfigPath = chalkConfig.getOpt[:string]("docker_exe")
+      dockerConfigPath = getOpt[string](chalkConfig, "docker_exe")
       dockerExeOpt     = findExePath("docker",
                                      configPath = dockerConfigPath,
                                      ignoreChalkExes = true)

src/normalize.nim

@@ -82,7 +82,7 @@ proc normalizeChalk*(dict: ChalkDict): string =
   # and SIGN_PARAMS.
 
   var fieldCount = 0
-  let ignoreList = chalkConfig.get[:seq[string]]("ignore_when_normalizing")
+  let ignoreList = get[seq[string]](chalkConfig, "ignore_when_normalizing")
 
   # Count how many fields we will write.
   for key, _ in dict:

src/plugin_api.nim

@@ -404,7 +404,7 @@ proc mustIgnore(path: string, regexes: seq[Regex]): bool {.inline.} =
     if path.match(item):
       once:
         trace(path & ": ignored due to matching ignore pattern: " &
-          chalkConfig.get[:seq[string]]("ignore_patterns")[i])
+          get[seq[string]](chalkConfig, "ignore_patterns")[i])
         trace("We will NOT report additional path skips.")
       return true
 
@@ -429,7 +429,7 @@ proc scanArtifactLocations*(self: Plugin, state: ArtifactIterationInfo):
     followFLinks = false
 
   if isChalkingOp():
-    let symLinkBehavior = chalkConfig.get[:string]("symlink_behavior")
+    let symLinkBehavior = get[string](chalkConfig, "symlink_behavior")
     if symLinkBehavior == "skip":
       skipLinks = true
     elif symLinkBehavior == "clobber":

src/plugins/codecPythonPyc.nim

@@ -18,7 +18,7 @@ proc pycScan*(self: Plugin, loc: string): Option[ChalkObj] {.cdecl.} =
   # if so chalk it, else skip
   #TODO validate PYC header / magic ?
 
-  if not ext.startsWith(".") or ext[1..^1] notin chalkConfig.get[:seq[string]]("pyc_extensions"):
+  if not ext.startsWith(".") or ext[1..^1] notin get[seq[string]](chalkConfig, "pyc_extensions"):
     return none(ChalkObj)
 
   withFileStream(loc, mode = fmRead, strict = false):

src/plugins/codecZip.nim

@@ -74,7 +74,7 @@ proc zipScan*(self: Plugin, loc: string): Option[ChalkObj] {.cdecl.} =
     ext = loc.splitFile().ext.strip()
     extractCtx: CollectionCtx
 
-  if not ext.startsWith(".") or ext[1..^1] notin chalkConfig.get[:seq[string]]("zip_extensions"):
+  if not ext.startsWith(".") or ext[1..^1] notin get[seq[string]](chalkConfig, "zip_extensions"):
     return none(ChalkObj)
 
   withFileStream(loc, mode = fmRead, strict = false):
@@ -93,7 +93,7 @@ proc zipScan*(self: Plugin, loc: string): Option[ChalkObj] {.cdecl.} =
       cache    = ZipCache()
       origD    = tmpDir.joinPath("contents")
       hashD    = tmpDir.joinPath("hash")
-      subscans = chalkConfig.get[:bool]("chalk_contained_items")
+      subscans = get[bool](chalkConfig, "chalk_contained_items")
       chalk    = newChalk(name   = loc,
                           cache  = cache,
                           fsRef  = loc,
@@ -109,10 +109,10 @@ proc zipScan*(self: Plugin, loc: string): Option[ChalkObj] {.cdecl.} =
         cache.onDisk.extractAll(hashD)
 
     # Even if subscans are off, we do this delete for the purposes of hashing.
-    if not chalkConfig.get[:bool]("chalk_debug"):
+    if not get[bool](chalkConfig, "chalk_debug"):
       toggleLoggingEnabled()
     discard runChalkSubScan(hashD, "delete")
-    if not chalkConfig.get[:bool]("chalk_debug"):
+    if not get[bool](chalkConfig, "chalk_debug"):
       toggleLoggingEnabled()
 
     if zipChalkFile in cache.onDisk.contents:
@@ -215,7 +215,7 @@ proc zipGetChalkTimeArtifactInfo*(self: Plugin, obj: ChalkObj):
   let cache = ZipCache(obj.cache)
   result    = ChalkDict()
 
-  if chalkConfig.get[:bool]("chalk_contained_items") and cache.embeddedChalk.kind != MkObj:
+  if get[bool](chalkConfig, "chalk_contained_items") and cache.embeddedChalk.kind != MkObj:
     result["EMBEDDED_CHALK"]  = cache.embeddedChalk
     result["EMBEDDED_TMPDIR"] = pack(cache.tmpDir)
 

src/plugins/externalTool.nim

@@ -100,8 +100,8 @@ template toolBase(s: string) {.dirty.} =
   var
     toolInfo: Table[string, seq[(int, PIInfo)]]
   let
-    runSbom = chalkConfig.get[:bool]("run_sbom_tools")
-    runSast = chalkConfig.get[:bool]("run_sast_tools")
+    runSbom = get[bool](chalkConfig, "run_sbom_tools")
+    runSast = get[bool](chalkConfig, "run_sast_tools")
 
   # tools should only run during insert operations
   if getCommandName() notin @["build", "insert"]:

src/plugins/system.nim

@@ -143,7 +143,7 @@ proc sysGetRunTimeArtifactInfo*(self: Plugin, obj: ChalkObj, ins: bool):
   if isChalkingOp():
     obj.applySubstitutions()
     result.setIfNeeded("_OP_CHALKED_KEYS", toSeq(obj.getChalkMark().keys))
-    result.setIfNeeded("_VIRTUAL", chalkConfig.get[:bool]("virtual_chalk"))
+    result.setIfNeeded("_VIRTUAL", get[bool](chalkConfig, "virtual_chalk"))
   else:
     case obj.validateMetaData()
     of vOk:
@@ -196,10 +196,10 @@ proc getEnvDict(): Box =
   once:
     envdict = Con4mDict[string, string]()
     let
-      always = chalkConfig.get[:seq[string]]("env_always_show")
-      never  = chalkConfig.get[:seq[string]]("env_never_show")
-      redact = chalkConfig.get[:seq[string]]("env_redact")
-      def    = chalkConfig.get[:string]("env_default_action")[0]
+      always = get[seq[string]](chalkConfig, "env_always_show")
+      never  = get[seq[string]](chalkConfig, "env_never_show")
+      redact = get[seq[string]](chalkConfig, "env_redact")
+      def    = get[string](chalkConfig, "env_default_action")[0]
 
     for (k, v) in envPairs():
       # TODO: could add some con4m to warn on overlap across these 3. For now,

src/plugins/techStackGeneric.nim

@@ -205,7 +205,7 @@ proc getLanguages(directory: string, langs: var HashSet[string]) =
 proc detectLanguages(): HashSet[string] =
   result = initHashSet[string]()
 
-  let canLoad = chalkConfig.get[:bool]("use_tech_stack_detection")
+  let canLoad = get[bool](chalkConfig, "use_tech_stack_detection")
   if not canLoad:
     return result
 
@@ -313,7 +313,7 @@ proc loadState() =
 
 proc techStackRuntime*(self: Plugin, objs: seq[ChalkObj]): ChalkDict {.cdecl.} =
   result = ChalkDict()
-  let canLoad = chalkConfig.get[:bool]("use_tech_stack_detection")
+  let canLoad = get[bool](chalkConfig, "use_tech_stack_detection")
   if not canLoad:
     trace("Skipping tech stack runtime detection plugin")
     return result
@@ -341,7 +341,7 @@ proc techStackRuntime*(self: Plugin, objs: seq[ChalkObj]): ChalkDict {.cdecl.} =
 
 proc techStackArtifact*(self: Plugin, objs: ChalkObj): ChalkDict {.cdecl.} =
   result = ChalkDict()
-  let canLoad = chalkConfig.get[:bool]("use_tech_stack_detection")
+  let canLoad = get[bool](chalkConfig, "use_tech_stack_detection")
   if not canLoad:
     trace("Skipping tech stack detection plugin for artifacts")
     return result