Merge branch 'main' into feat/checkperm

.github/workflows/codeql-analysis.yml

@@ -52,7 +52,7 @@ jobs:
 
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@9b0655f430fba8c7001d4e38f8d4306db5c6e0ab # v1
+      uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
       with:
         egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 

.github/workflows/docker.yml

@@ -40,7 +40,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -82,7 +82,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -124,7 +124,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -166,7 +166,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -208,7 +208,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -250,7 +250,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -292,7 +292,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 

.github/workflows/goreleaser.yaml

@@ -29,7 +29,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+        uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -50,7 +50,7 @@ jobs:
       -
         name: Import GPG key
         id: import_gpg
-        uses: crazy-max/ghaction-import-gpg@4d58d49bfefed583addec96996588e8bc4b306b8 # v3.1.0
+        uses: crazy-max/ghaction-import-gpg@e00cb83a68c1158b29afc5217dd0582cada6d172 # v3.1.0
         with:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.PASSPHRASE }}

.github/workflows/integration.yml

@@ -25,7 +25,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+        uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -38,7 +38,7 @@ jobs:
     needs: [approve]
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+        uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 

.github/workflows/main.yml

@@ -37,7 +37,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -75,7 +75,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -121,7 +121,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -165,7 +165,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -210,7 +210,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -255,7 +255,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -300,7 +300,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -345,7 +345,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -390,7 +390,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -435,7 +435,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -480,7 +480,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -525,7 +525,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -570,7 +570,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -615,7 +615,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -660,7 +660,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -704,7 +704,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -743,7 +743,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -784,7 +784,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
      - name: Install Protoc
@@ -827,7 +827,7 @@ jobs:
       contents: read
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -867,7 +867,7 @@ jobs:
       contents: read
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+        uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 

.github/workflows/ok-to-test.yml

@@ -27,7 +27,7 @@ jobs:
     if: ${{ github.event.issue.pull_request }}
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+      uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
       with:
         egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 

.github/workflows/publishimage.yml

@@ -32,7 +32,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
      - name: Harden Runner
-       uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+       uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
        with:
          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 

.github/workflows/scorecard-analysis.yml

@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+        uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 

.github/workflows/stale.yml

@@ -27,7 +27,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+      uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
       with:
         egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 

.github/workflows/verify.yml

@@ -26,7 +26,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@bdb12b622a910dfdc99a31fdfe6f45a16bc287a4 # v1
+      uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1
       with:
         egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 

checker/check_result.go

@@ -79,7 +79,6 @@ const (
 // nolint:govet
 type CheckResult struct {
 	// TODO(#1393): Remove old structure after deprecation.
-	Error      error `json:"-"`
 	Name       string
 	Details    []string
 	Confidence int
@@ -88,7 +87,7 @@ type CheckResult struct {
 	// UPGRADEv2: New structure. Omitting unchanged Name field
 	// for simplicity.
 	Version  int           `json:"-"` // Default value of 0 indicates old structure.
-	Error2   error         `json:"-"` // Runtime error indicate a filure to run the check.
+	Error    error         `json:"-"` // Runtime error indicate a filure to run the check.
 	Details2 []CheckDetail `json:"-"` // Details of tests and sub-checks
 	Score    int           `json:"-"` // {[-1,0...10], -1 = Inconclusive}
 	Reason   string        `json:"-"` // A sentence describing the check result (score, etc)
@@ -161,12 +160,11 @@ func CreateResultWithScore(name, reason string, score int) CheckResult {
 	return CheckResult{
 		Name: name,
 		// Old structure.
-		Error:      nil,
 		Confidence: MaxResultScore,
 		Pass:       pass,
 		// New structure.
 		Version: 2,
-		Error2:  nil,
+		Error:   nil,
 		Score:   score,
 		Reason:  reason,
 	}
@@ -186,12 +184,11 @@ func CreateProportionalScoreResult(name, reason string, b, t int) CheckResult {
 	return CheckResult{
 		Name: name,
 		// Old structure.
-		Error:      nil,
 		Confidence: MaxResultConfidence,
 		Pass:       pass,
 		// New structure.
 		Version: 2,
-		Error2:  nil,
+		Error:   nil,
 		Score:   score,
 		Reason:  NormalizeReason(reason, score),
 	}
@@ -232,12 +229,11 @@ func CreateRuntimeErrorResult(name string, e error) CheckResult {
 	return CheckResult{
 		Name: name,
 		// Old structure.
-		Error:      e,
 		Confidence: 0,
 		Pass:       false,
 		// New structure.
 		Version: 2,
-		Error2:  e,
+		Error:   e,
 		Score:   InconclusiveResultScore,
 		Reason:  e.Error(), // Note: message already accessible by caller thru `Error`.
 	}