Merge pull request #92 from ossf/b1

Improve fuzzing check.
ossf · Dec 10, 2020 · 87d6954 · 87d6954
2 parents 983e406 + 0bcd8ea
commit 87d6954
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 396 deletions.
diff --git a/checks/fuzzing.go b/checks/fuzzing.go
@@ -16,39 +16,33 @@ package checks
 
 import (
 	"fmt"
-	"strings"
 
+	"github.com/google/go-github/v32/github"
 	"github.com/ossf/scorecard/checker"
 )
 
-//go:generate ../gen_github.sh
-
-var ossFuzzRepos map[string]struct{}
-
 func init() {
-	ossFuzzRepos = map[string]struct{}{}
-	for _, r := range strings.Split(fuzzRepos, "\n") {
-		if r == "" {
-			continue
-		}
-		r = strings.TrimSuffix(r, ".git")
-		ossFuzzRepos[r] = struct{}{}
-	}
-
 	registerCheck("Fuzzing", Fuzzing)
 }
 
 func Fuzzing(c checker.Checker) checker.CheckResult {
 	url := fmt.Sprintf("github.com/%s/%s", c.Owner, c.Repo)
-	if _, ok := ossFuzzRepos[url]; ok {
+	searchString := url + " repo:google/oss-fuzz in:file filename:project.yaml"
+	results, _, err := c.Client.Search.Code(c.Ctx, searchString, &github.SearchOptions{})
+	if err != nil {
+		return checker.RetryResult(err)
+	}
+
+	if *results.Total > 0 {
 		c.Logf("found project in OSS-Fuzz")
 		return checker.CheckResult{
 			Pass:       true,
 			Confidence: 10,
 		}
 	}
+
 	return checker.CheckResult{
 		Pass:       false,
-		Confidence: 3,
+		Confidence: 10,
 	}
 }