diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b3ed2d65..b13fd4d6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,3 +29,16 @@ jobs: - name: Test run: go test ./... if: matrix.os != 'windows-latest' + + govulncheck: + uses: charmbracelet/meta/.github/workflows/govulncheck.yml@main + with: + go-version: stable + + semgrep: + uses: charmbracelet/meta/.github/workflows/semgrep.yml@main + + ruleguard: + uses: charmbracelet/meta/.github/workflows/ruleguard.yml@main + with: + go-version: stable diff --git a/ansi/baseelement.go b/ansi/baseelement.go index 43289fb6..d4b6a4f3 100644 --- a/ansi/baseelement.go +++ b/ansi/baseelement.go @@ -76,7 +76,7 @@ func renderText(w io.Writer, p termenv.Profile, rules StylePrimitive, s string) out = out.Blink() } - _, _ = w.Write([]byte(out.String())) + _, _ = io.WriteString(w, out.String()) } func (e *BaseElement) Render(w io.Writer, ctx RenderContext) error { diff --git a/ansi/blockelement.go b/ansi/blockelement.go index 893f9e55..aed1b658 100644 --- a/ansi/blockelement.go +++ b/ansi/blockelement.go @@ -38,8 +38,7 @@ func (e *BlockElement) Finish(w io.Writer, ctx RenderContext) error { } if e.Newline { - _, err = mw.Write([]byte("\n")) - if err != nil { + if _, err := io.WriteString(mw, "\n"); err != nil { return err } } diff --git a/ansi/paragraph.go b/ansi/paragraph.go index 0d3f99a5..96513275 100644 --- a/ansi/paragraph.go +++ b/ansi/paragraph.go @@ -18,7 +18,7 @@ func (e *ParagraphElement) Render(w io.Writer, ctx RenderContext) error { rules := ctx.options.Styles.Paragraph if !e.First { - _, _ = w.Write([]byte("\n")) + _, _ = io.WriteString(w, "\n") } be := BlockElement{ Block: &bytes.Buffer{}, @@ -46,7 +46,7 @@ func (e *ParagraphElement) Finish(w io.Writer, ctx RenderContext) error { if err != nil { return err } - _, _ = mw.Write([]byte("\n")) + _, _ = io.WriteString(mw, "\n") } renderText(w, ctx.options.ColorProfile, bs.Current().Style.StylePrimitive, rules.Suffix) diff --git a/ansi/renderer.go b/ansi/renderer.go index 55444cae..e312550b 100644 --- a/ansi/renderer.go +++ b/ansi/renderer.go @@ -103,7 +103,7 @@ func (r *ANSIRenderer) renderNode(w util.BufWriter, source []byte, node ast.Node writeTo = io.Writer(bs.Current().Block) } - _, _ = writeTo.Write([]byte(e.Entering)) + _, _ = io.WriteString(writeTo, e.Entering) if e.Renderer != nil { err := e.Renderer.Render(writeTo, r.context) if err != nil { @@ -128,7 +128,8 @@ func (r *ANSIRenderer) renderNode(w util.BufWriter, source []byte, node ast.Node return ast.WalkStop, err } } - _, _ = bs.Current().Block.Write([]byte(e.Exiting)) + + _, _ = io.WriteString(bs.Current().Block, e.Exiting) } return ast.WalkContinue, nil diff --git a/glamour_test.go b/glamour_test.go index 0448b3a1..3a20b470 100644 --- a/glamour_test.go +++ b/glamour_test.go @@ -260,3 +260,15 @@ func TestCapitalization(t *testing.T) { t.Errorf("Rendered output doesn't match!\nExpected: `\n%s`\nGot: `\n%s`\n", td, b) } } + +func FuzzData(f *testing.F) { + f.Fuzz(func(t *testing.T, data []byte) { + func() int { + _, err := RenderBytes(data, DarkStyle) + if err != nil { + return 0 + } + return 1 + }() + }) +} diff --git a/testdata/fuzz/fuzz.go b/testdata/fuzz/fuzz.go deleted file mode 100644 index 9410b859..00000000 --- a/testdata/fuzz/fuzz.go +++ /dev/null @@ -1,11 +0,0 @@ -package fuzzing - -import "github.com/charmbracelet/glamour" - -func Fuzz(data []byte) int { - _, err := glamour.RenderBytes(data, glamour.DarkStyle) - if err != nil { - return 0 - } - return 1 -}