Chercher Dans Les Dépôts De Paquets Fedora En Utilisant Sourcegraph
À mesure que notre collection de paquets Open-Source grandit, il y a un besoin de rendre la recherche de paquets dans notre répertoire dist-git plus facile. En 2022, les personnes de Sourcegraph se sont associées à notre communauté Fedora pour intégrer leur outil avancé de moteur de recherche de code dans nos répertoires de distribution de paquets, qui incluent maintenant plus de 38,000 paquets. Avec le moteur de recherche de Sourcegraph, nos dévelopeurs, contributeurs et mainteneurs peuvent chercher notre répertoire git-dist pour des specfiles RPM, définitions de modules et de conteneurs, patchs spécifiques à Fedora, tests, et bien plus encore, depuis un seul endroit, réduisant le temps passé à chercher des fichiers.
Qu’est-ce que Sourcegraph ?
Sourcegraph is a code intelligence platform. You can think of it as a search engine for code. It can be used to search code across all code hosts, repositories, and branches. Sourcegraph has many great features, such as code intelligence, code insights, batch changes, and Cody - an AI Coding Assistant, but at its core, it is a Code Search tool. In this article, we will explore how to use Code Search for src.fedoraproject.org repositories, also known as Fedora dist-git.
Utiliser La Recherche De Code Pour Les Répertoires De Paquets Fedora
Code search is a powerful search capability in Sourcegraph for searching code from a single interface. It supports search filtering by file type, repository, and language. This helps in refining search results.
Sourcegraph provides both a web app and CLI interface. When using the Sourcegraph web app, you will need to start each search with: repo:^src.fedoraproject.org before entering any search queries.
Filter Search: Using file Keyword to Find Specfiles
The file keyword returns results from files that match the specified file path. The following query searches all repositories for files ending in .spec that contain the term dnf5. The use of the file keyword simplifies the task of locating specfiles.
repo:^src\.fedoraproject\.org/ file:\.spec$ dnf5
Use the lang Filter to Find a Fedora Repository to Contribute to
The lang keyword is used to filter search results by programming language.
The following query searches our dist-git repositories for files written in Markdown with instances of the term contributing. This is great for people seeking to assist with projects in need of contributions.
repo:^src\.fedoraproject\.org/ lang:markdown contributing
Search for Specfiles Disabling Debug Packages
By using the query "%global debug_package %{nil}", you can search for specfiles that contain the line where the debug_package macro is set to nil. This line disables the creation of a debug package in the build process.
Find Repositories Using Popular OSI-approved Licenses
The following query will scan all the repositories for software that is compatible with the “Open Source Definition” (OSD).
repo:^src.fedoraproject.org/ lang:"RPM Spec" License: ^.*apache|bsd|gpl|lgpl|mit|mpl|cddl|epl.*$
Find Files with a Vulnerable Version of Log4j
This query will find any files that are possibly vulnerable to CVE-2021-44228, aka Log4j. Note that false positives can happen, so you should investigate further before making a conclusion on whether a package is actually vulnerable or not. You can also search for other vulnerabilities that can then be reported to project maintainers.
repo:^src.fedoraproject.org/ org.apache.logging.log4j 2.((0|1|2|3|4|5|6|7|8|9|10|11|12|13|14|15)(.[0-9]+)) count:all
Conclusion
For more search queries, see Sourcegraph official documentation.
Having Sourcegraph Code Search integrated into our dist-git repository is a great addition to our engineering productivity toolkit. With Code Search’s powerful capabilities, our contributors and users can efficiently search across our entire universe of open source repositories from a single place.
Want to help? Learn how to contribute to Fedora Docs ›