Separate observation from evaluation in blacklist sources

Each source's Query() method previously set r.Listed and r.Severity, embedding verdict logic inside the prober. Evaluation now lives in a dedicated Evaluate(SourceResult) (bool, string) method per source, keeping Query() as pure observation. A package-level EvaluateResult() helper looks up the source by ID and delegates to its Evaluate method; rules.go, report.go, types.go, and provider.go all call this instead of reading pre-set r.Listed/r.Severity values. An unknownSource sentinel handles results whose source is no longer registered.
2026-05-15 18:04:10 +08:00 · 2026-05-15 18:04:10 +08:00 · c437339bda
commit c437339bda
parent 01909debad
13 changed files with 123 additions and 44 deletions
--- a/checker/virustotal_test.go
+++ b/checker/virustotal_test.go
@ -46,8 +46,8 @@ func TestVTSource_Listed(t *testing.T) {

 	s := &virusTotalSource{endpoint: endpoint}
 	r := s.Query(context.Background(), "example.com", "example.com", sdk.CheckerOptions{"virustotal_api_key": "k"})[0]
-	if !r.Listed || r.Severity != SeverityCrit {
-		t.Errorf("expected listed+crit, got %+v", r)
+	if listed, severity := s.Evaluate(r); !listed || severity != SeverityCrit {
+		t.Errorf("expected Evaluate()=(true, crit), got (%v, %q)", listed, severity)
 	}
 	var d vtDetails
 	if err := json.Unmarshal(r.Details, &d); err != nil {
@ -72,9 +72,12 @@ func TestVTSource_NotFound(t *testing.T) {

 	s := &virusTotalSource{endpoint: endpoint}
 	r := s.Query(context.Background(), "example.com", "example.com", sdk.CheckerOptions{"virustotal_api_key": "k"})[0]
-	if r.Listed || r.Error != "" {
+	if r.Error != "" {
 		t.Errorf("404 should be quiet not-listed: %+v", r)
 	}
+	if listed, severity := s.Evaluate(r); listed || severity != "" {
+		t.Errorf("Evaluate() on clean result = (%v, %q), want (false, \"\")", listed, severity)
+	}
 	if !strings.Contains(r.Reference, "example.com") {
 		t.Errorf("reference URL missing: %+v", r)
 	}