fix: A check should know if it's exempted or not

Moving the verification "IsCheckExempted" from maintainers_annotation package to checker package. This way a check result will define, consulting maintainers annotation, if it is exempted or not.

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

checker/check_result.go

@@ -19,9 +19,11 @@ import (
 	"errors"
 	"fmt"
 	"math"
+	"strings"
 
 	sce "github.com/ossf/scorecard/v4/errors"
 	"github.com/ossf/scorecard/v4/finding"
+	ma "github.com/ossf/scorecard/v4/maintainers_annotation"
 	"github.com/ossf/scorecard/v4/rule"
 )
 
@@ -262,3 +264,22 @@ func LogFindings(findings []finding.Finding, dl DetailLogger) {
 		}
 	}
 }
+
+// IsExempted verifies if a given check in the results is exempted in maintainers annotation.
+func (check *CheckResult) IsExempted(maintainersAnnotation ma.MaintainersAnnotation) (bool, []string) {
+	// If check has a maximum score, then there it doesn't make sense anymore to reason the check
+	// This may happen if the check score was once low but then the problem was fixed on Scorecard side
+	// or on the maintainers side
+	if check.Score == MaxResultScore {
+		return false, nil
+	}
+
+	for _, exemption := range maintainersAnnotation.Exemptions {
+		for _, checkName := range exemption.Checks {
+			if strings.EqualFold(checkName, strings.ToLower(check.Name)) {
+				return true, ma.GetAnnotations(exemption.Annotations)
+			}
+		}
+	}
+	return false, nil
+}

maintainers_annotation/maintainers_annotation.go

@@ -17,9 +17,7 @@ package maintainers_annotation
 import (
 	"errors"
 	"fmt"
-	"strings"
 
-	"github.com/ossf/scorecard/v4/checker"
 	"github.com/ossf/scorecard/v4/clients"
 	sce "github.com/ossf/scorecard/v4/errors"
 	"gopkg.in/yaml.v3"
@@ -129,27 +127,8 @@ func GetMaintainersAnnotation(repoClient clients.RepoClient) (MaintainersAnnotat
 	return ma, nil
 }
 
-// IsCheckExempted verifies if a given check in the results is exempted in maintainers annotation.
-func (ma *MaintainersAnnotation) IsCheckExempted(check checker.CheckResult) (bool, []string) {
-	// If check has a maximum score, then there it doesn't make sense anymore to reason the check
-	// This may happen if the check score was once low but then the problem was fixed on Scorecard side
-	// or on the maintainers side
-	if check.Score == checker.MaxResultScore {
-		return false, nil
-	}
-
-	for _, exemption := range ma.Exemptions {
-		for _, checkName := range exemption.Checks {
-			if strings.EqualFold(checkName, strings.ToLower(check.Name)) {
-				return true, getAnnotations(exemption.Annotations)
-			}
-		}
-	}
-	return false, nil
-}
-
 // getAnnotations parses a group of annotations into annotation reasons.
-func getAnnotations(a []Annotation) []string {
+func GetAnnotations(a []Annotation) []string {
 	var annotationReasons []string
 	for _, annotation := range a {
 		annotationReasons = append(annotationReasons, AnnotationReasonDoc[annotation.AnnotationReason])

pkg/json.go

@@ -175,7 +175,7 @@ func (r *ScorecardResult) AsJSON2(showDetails bool,
 			}
 		}
 		if showMaintainersAnnotation {
-			exempted, reasons := r.MaintainersAnnotation.IsCheckExempted(checkResult)
+			exempted, reasons := checkResult.IsExempted(r.MaintainersAnnotation)
 			if exempted {
 				tmpResult.MaintainersAnnotation = reasons
 			}

pkg/sarif.go

@@ -628,7 +628,7 @@ func (r *ScorecardResult) AsSARIF(showDetails bool, logLevel log.Level,
 		check := check
 
 		// If check is exempted, skip
-		exempted, _ := r.MaintainersAnnotation.IsCheckExempted(check)
+		exempted, _ := check.IsExempted(r.MaintainersAnnotation)
 		if exempted {
 			continue
 		}

pkg/scorecard_result.go

@@ -196,7 +196,7 @@ func (r *ScorecardResult) AsString(showDetails bool,
 		}
 		x = append(x, doc)
 		if showMaintainersAnnotation {
-			_, reasons := r.MaintainersAnnotation.IsCheckExempted(row)
+			_, reasons := row.IsExempted(r.MaintainersAnnotation)
 			x = append(x, strings.Join(reasons, "\n"))
 		}
 		data[i] = x