🐛 Dependency-Pinning: only score detected ecosystems

checker/check_result.go

@@ -16,6 +16,7 @@
 package checker
 
 import (
+	"errors"
 	"fmt"
 	"math"
 
@@ -50,6 +51,10 @@ const (
 	DetailDebug
 )
 
+// errSuccessTotal indicates a runtime error because number of success cases should
+// be smaller than the total cases to create a proportional score.
+var errSuccessTotal = errors.New("unexpected number of success is higher than total")
+
 // CheckResult captures result from a check run.
 //
 //nolint:govet
@@ -88,6 +93,14 @@ type LogMessage struct {
 	Remediation *rule.Remediation // Remediation information, if any.
 }
 
+// ProportionalScoreWeighted is a structure that contains
+// the fields to calculate weighted proportional scores.
+type ProportionalScoreWeighted struct {
+	Success int
+	Total   int
+	Weight  int
+}
+
 // CreateProportionalScore creates a proportional score.
 func CreateProportionalScore(success, total int) int {
 	if total == 0 {
@@ -97,6 +110,40 @@ func CreateProportionalScore(success, total int) int {
 	return int(math.Min(float64(MaxResultScore*success/total), float64(MaxResultScore)))
 }
 
+// CreateProportionalScoreWeighted creates the proportional score
+// between multiple successes over the total, but some proportions
+// are worth more.
+func CreateProportionalScoreWeighted(scores ...ProportionalScoreWeighted) (int, error) {
+	var ws, wt int
+	allWeightsZero := true
+	noScoreGroups := true
+	for _, score := range scores {
+		if score.Success > score.Total {
+			return InconclusiveResultScore, fmt.Errorf("%w: %d, %d", errSuccessTotal, score.Success, score.Total)
+		}
+		if score.Total == 0 {
+			continue // Group with 0 total, does not count for score
+		}
+		noScoreGroups = false
+		if score.Weight != 0 {
+			allWeightsZero = false
+		}
+		// Group with zero weight, adds nothing to the score
+
+		ws += score.Success * score.Weight
+		wt += score.Total * score.Weight
+	}
+	if noScoreGroups {
+		return InconclusiveResultScore, nil
+	}
+	// If has score groups but no groups matter to the score, result in max score
+	if allWeightsZero {
+		return MaxResultScore, nil
+	}
+
+	return int(math.Min(float64(MaxResultScore*ws/wt), float64(MaxResultScore))), nil
+}
+
 // AggregateScores adds up all scores
 // and normalizes the result.
 // Each score contributes equally.

checker/check_result_test.go

@@ -139,6 +139,273 @@ func TestCreateProportionalScore(t *testing.T) {
 	}
 }
 
+func TestCreateProportionalScoreWeighted(t *testing.T) {
+	t.Parallel()
+	type want struct {
+		score int
+		err   bool
+	}
+	tests := []struct {
+		name   string
+		scores []ProportionalScoreWeighted
+		want   want
+	}{
+		{
+			name: "max result with 1 group and normal weight",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 1,
+					Total:   1,
+					Weight:  10,
+				},
+			},
+			want: want{
+				score: 10,
+			},
+		},
+		{
+			name: "min result with 1 group and normal weight",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 0,
+					Total:   1,
+					Weight:  10,
+				},
+			},
+			want: want{
+				score: 0,
+			},
+		},
+		{
+			name: "partial result with 1 group and normal weight",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 2,
+					Total:   10,
+					Weight:  10,
+				},
+			},
+			want: want{
+				score: 2,
+			},
+		},
+		{
+			name: "partial result with 2 groups and normal weights",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 2,
+					Total:   10,
+					Weight:  10,
+				},
+				{
+					Success: 8,
+					Total:   10,
+					Weight:  10,
+				},
+			},
+			want: want{
+				score: 5,
+			},
+		},
+		{
+			name: "partial result with 2 groups and odd weights",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 2,
+					Total:   10,
+					Weight:  8,
+				},
+				{
+					Success: 8,
+					Total:   10,
+					Weight:  2,
+				},
+			},
+			want: want{
+				score: 3,
+			},
+		},
+		{
+			name: "all groups with 0 weight, no groups matter for the score, results in max score",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 1,
+					Total:   1,
+					Weight:  0,
+				},
+				{
+					Success: 1,
+					Total:   1,
+					Weight:  0,
+				},
+			},
+			want: want{
+				score: 10,
+			},
+		},
+		{
+			name: "not all groups with 0 weight, only groups with weight matter to the score",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 1,
+					Total:   1,
+					Weight:  0,
+				},
+				{
+					Success: 2,
+					Total:   10,
+					Weight:  8,
+				},
+				{
+					Success: 8,
+					Total:   10,
+					Weight:  2,
+				},
+			},
+			want: want{
+				score: 3,
+			},
+		},
+		{
+			name: "no total, results in inconclusive score",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 0,
+					Total:   0,
+					Weight:  10,
+				},
+			},
+			want: want{
+				score: -1,
+			},
+		},
+		{
+			name: "some groups with 0 total, only groups with total matter to the score",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 0,
+					Total:   0,
+					Weight:  10,
+				},
+				{
+					Success: 2,
+					Total:   10,
+					Weight:  10,
+				},
+			},
+			want: want{
+				score: 2,
+			},
+		},
+		{
+			name: "any group with number of successes higher than total, results in inconclusive score and error",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 1,
+					Total:   0,
+					Weight:  10,
+				},
+			},
+			want: want{
+				score: -1,
+				err:   true,
+			},
+		},
+		{
+			name: "only groups with weight and total matter to the score",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 1,
+					Total:   1,
+					Weight:  0,
+				},
+				{
+					Success: 0,
+					Total:   0,
+					Weight:  10,
+				},
+				{
+					Success: 2,
+					Total:   10,
+					Weight:  8,
+				},
+				{
+					Success: 8,
+					Total:   10,
+					Weight:  2,
+				},
+			},
+			want: want{
+				score: 3,
+			},
+		},
+		{
+			name: "only groups with weight and total matter to the score but no groups have success, results in min score",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 1,
+					Total:   1,
+					Weight:  0,
+				},
+				{
+					Success: 0,
+					Total:   0,
+					Weight:  10,
+				},
+				{
+					Success: 0,
+					Total:   10,
+					Weight:  8,
+				},
+				{
+					Success: 0,
+					Total:   10,
+					Weight:  2,
+				},
+			},
+			want: want{
+				score: 0,
+			},
+		},
+		{
+			name: "group with 0 weight counts as max score and group with 0 total does not count",
+			scores: []ProportionalScoreWeighted{
+				{
+					Success: 2,
+					Total:   8,
+					Weight:  0,
+				},
+				{
+					Success: 0,
+					Total:   0,
+					Weight:  10,
+				},
+			},
+			want: want{
+				score: 10,
+			},
+		},
+	}
+	for _, tt := range tests {
+		tt := tt
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+			got, err := CreateProportionalScoreWeighted(tt.scores...)
+			if err != nil && !tt.want.err {
+				t.Errorf("CreateProportionalScoreWeighted unexpected error '%v'", err)
+				t.Fail()
+			}
+			if err == nil && tt.want.err {
+				t.Errorf("CreateProportionalScoreWeighted expected error and got none")
+				t.Fail()
+			}
+			if got != tt.want.score {
+				t.Errorf("CreateProportionalScoreWeighted() = %v, want %v", got, tt.want.score)
+			}
+		})
+	}
+}
+
 func TestNormalizeReason(t *testing.T) {
 	t.Parallel()
 	type args struct {

checker/raw_result.go

@@ -121,6 +121,7 @@ type Dependency struct {
 	PinnedAt *string
 	Location *File
 	Msg      *string // Only for debug messages.
+	Pinned   *bool
 	Type     DependencyUseType
 }