Documentation
¶
Overview ¶
Package pipeline provides the scan orchestration engine for stringer. It resolves collectors, runs them sequentially, validates their output, and aggregates results into a ScanResult.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DeduplicateSignals ¶
DeduplicateSignals removes duplicate signals based on content hashing. When duplicates are found, the first occurrence is kept. If a later duplicate has a higher Confidence score, the kept signal's Confidence is updated to the higher value.
func SignalHash ¶
SignalHash computes a content-based hash for a signal. The hash key is: Source + Kind + FilePath + Line + Title. It uses SHA-256 truncated to 8 hex characters (4 bytes).
Types ¶
type Pipeline ¶
type Pipeline struct {
// contains filtered or unexported fields
}
Pipeline orchestrates the execution of collectors and aggregates results.
func New ¶
func New(config signal.ScanConfig) (*Pipeline, error)
New creates a Pipeline from the given ScanConfig. It resolves collectors from the global registry. If config.Collectors is empty, all registered collectors are used (sorted by name for deterministic ordering). Returns an error if a requested collector is not found in the registry.
func NewWithCollectors ¶
func NewWithCollectors(config signal.ScanConfig, collectors []collector.Collector) *Pipeline
NewWithCollectors creates a Pipeline with explicitly provided collectors, bypassing the global registry. This is primarily useful for testing.
func (*Pipeline) Run ¶
Run executes all configured collectors in parallel, validates their output, deduplicates signals, and returns the aggregated ScanResult. Each collector runs in its own goroutine using errgroup with context cancellation. Results are collected with proper synchronization and returned in deterministic order matching the input collector list.
Error handling is controlled per-collector via ErrorMode in CollectorOpts:
- Skip: errors are silently ignored
- Warn: errors are logged, pipeline continues (default)
- Fail: first error aborts the entire scan
Signals are deduplicated via content-based hashing (Source + Kind + FilePath + Line + Title). When duplicates are found, the first occurrence is kept and its confidence is updated if a later duplicate has a higher value.
Invalid signals are logged and skipped.
type ValidationError ¶
type ValidationError struct {
// Field is the struct field that failed validation.
Field string
// Message describes what went wrong.
Message string
}
ValidationError describes a single validation failure for a RawSignal.
func ValidateSignal ¶
func ValidateSignal(s signal.RawSignal) []ValidationError
ValidateSignal checks a RawSignal for validity and returns all validation errors found. An empty slice means the signal is valid.
func (ValidationError) Error ¶
func (v ValidationError) Error() string
Error implements the error interface.
Source Files