From 833cb05083046b72eeada16a2bef2166b1bd3f11 Mon Sep 17 00:00:00 2001 From: Sebastian Schuberth Date: Fri, 9 Aug 2024 22:24:18 +0200 Subject: [PATCH] build(gradle): Remove the unused `scanoss` client project Signed-off-by: Sebastian Schuberth --- clients/scanoss/build.gradle.kts | 37 --- .../scanoss/src/main/kotlin/ScanOssService.kt | 80 ------ .../main/kotlin/model/BooleanSerializer.kt | 34 --- .../scanoss/src/main/kotlin/model/Model.kt | 230 ------------------ .../src/main/kotlin/model/ScanResponse.kt | 97 -------- .../assets/details/mappings/scan_details.json | 23 -- clients/scanoss/src/test/assets/scan/file.wfp | 6 - ...-0a7de786-48f0-4815-b5f9-8d3c0f435bc5.json | 23 -- .../src/test/kotlin/ScanOssDetailsTest.kt | 99 -------- .../src/test/kotlin/ScanOssServiceTest.kt | 104 -------- settings.gradle.kts | 2 - 11 files changed, 735 deletions(-) delete mode 100644 clients/scanoss/build.gradle.kts delete mode 100644 clients/scanoss/src/main/kotlin/ScanOssService.kt delete mode 100644 clients/scanoss/src/main/kotlin/model/BooleanSerializer.kt delete mode 100644 clients/scanoss/src/main/kotlin/model/Model.kt delete mode 100644 clients/scanoss/src/main/kotlin/model/ScanResponse.kt delete mode 100644 clients/scanoss/src/test/assets/details/mappings/scan_details.json delete mode 100644 clients/scanoss/src/test/assets/scan/file.wfp delete mode 100644 clients/scanoss/src/test/assets/scan/mappings/scan_direct-0a7de786-48f0-4815-b5f9-8d3c0f435bc5.json delete mode 100644 clients/scanoss/src/test/kotlin/ScanOssDetailsTest.kt delete mode 100644 clients/scanoss/src/test/kotlin/ScanOssServiceTest.kt diff --git a/clients/scanoss/build.gradle.kts b/clients/scanoss/build.gradle.kts deleted file mode 100644 index 9bd0774d86eca..0000000000000 --- a/clients/scanoss/build.gradle.kts +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright (C) 2022 The ORT Project Authors (see ) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * License-Filename: LICENSE - */ - -plugins { - // Apply precompiled plugins. - id("ort-library-conventions") - - // Apply third-party plugins. - alias(libs.plugins.kotlinSerialization) -} - -dependencies { - api(libs.okhttp) - api(libs.retrofit) - - implementation(libs.kotlinx.serialization.core) - implementation(libs.kotlinx.serialization.json) - implementation(libs.retrofit.converter.kotlinxSerialization) - - testImplementation(libs.wiremock) -} diff --git a/clients/scanoss/src/main/kotlin/ScanOssService.kt b/clients/scanoss/src/main/kotlin/ScanOssService.kt deleted file mode 100644 index d50a4c614f686..0000000000000 --- a/clients/scanoss/src/main/kotlin/ScanOssService.kt +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (C) 2022 The ORT Project Authors (see ) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * License-Filename: LICENSE - */ - -package org.ossreviewtoolkit.clients.scanoss - -import kotlinx.serialization.json.Json -import kotlinx.serialization.json.JsonNamingStrategy - -import okhttp3.MediaType.Companion.toMediaType -import okhttp3.MultipartBody -import okhttp3.OkHttpClient - -import org.ossreviewtoolkit.clients.scanoss.model.ScanResponse - -import retrofit2.Retrofit -import retrofit2.converter.kotlinx.serialization.asConverterFactory -import retrofit2.http.Multipart -import retrofit2.http.POST -import retrofit2.http.Part - -typealias FullScanResponse = Map> - -/** - * The API definition for SCANOSS, see https://docs.osskb.org/. - */ -interface ScanOssService { - companion object { - /** - * The default API URL. - */ - const val DEFAULT_API_URL = "https://api.osskb.org/" - - /** - * The JSON (de-)serialization object used by this service. - */ - val JSON = Json { - ignoreUnknownKeys = true - namingStrategy = JsonNamingStrategy.SnakeCase - } - - /** - * Create a new service instance that connects to the [url] specified and uses the optionally provided [client]. - */ - fun create(url: String? = null, client: OkHttpClient? = null): ScanOssService { - val contentType = "application/json".toMediaType() - val retrofit = Retrofit.Builder() - .apply { if (client != null) client(client) } - .baseUrl(url ?: DEFAULT_API_URL) - .addConverterFactory(JSON.asConverterFactory(contentType)) - .build() - - return retrofit.create(ScanOssService::class.java) - } - } - - /** - * Perform a scan using the streaming API based on the given winnowing fingerprint [file]. - * - * TODO: Implement support for scanning with SBOM. - */ - @Multipart - @POST("scan/direct") - suspend fun scan(@Part file: MultipartBody.Part): FullScanResponse -} diff --git a/clients/scanoss/src/main/kotlin/model/BooleanSerializer.kt b/clients/scanoss/src/main/kotlin/model/BooleanSerializer.kt deleted file mode 100644 index 4641176cc99bb..0000000000000 --- a/clients/scanoss/src/main/kotlin/model/BooleanSerializer.kt +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright (C) 2022 The ORT Project Authors (see ) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * License-Filename: LICENSE - */ - -package org.ossreviewtoolkit.clients.scanoss.model - -import kotlinx.serialization.KSerializer -import kotlinx.serialization.Serializer -import kotlinx.serialization.encoding.Decoder -import kotlinx.serialization.encoding.Encoder - -/** - * SCANOSS returns booleans as "yes" or "no". Therefore, we need a special deserializer for it. - */ -@Serializer(Boolean::class) -object BooleanSerializer : KSerializer { - override fun serialize(encoder: Encoder, value: Boolean) = encoder.encodeString(if (value) "yes" else "no") - override fun deserialize(decoder: Decoder): Boolean = decoder.decodeString() == "yes" -} diff --git a/clients/scanoss/src/main/kotlin/model/Model.kt b/clients/scanoss/src/main/kotlin/model/Model.kt deleted file mode 100644 index 09b7808e18bc4..0000000000000 --- a/clients/scanoss/src/main/kotlin/model/Model.kt +++ /dev/null @@ -1,230 +0,0 @@ -/* - * Copyright (C) 2022 The ORT Project Authors (see ) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * License-Filename: LICENSE - */ - -package org.ossreviewtoolkit.clients.scanoss.model - -import kotlinx.serialization.SerialName -import kotlinx.serialization.Serializable -import kotlinx.serialization.json.JsonNames - -/** - * Information about the engine running on the server providing the response. Note that different engine versions may be - * used within a single response as the request is distributed across random backends. - */ -@Serializable -data class Server( - val version: String, - val kbVersion: KnowledgeBaseVersion? = null -) - -/** - * Information about the version of the knowledge base running on the server providing the response. - */ -@Serializable -data class KnowledgeBaseVersion( - val monthly: String, - val daily: String -) - -/** - * The "licenses" section of the raw report. - */ -@Serializable -data class License( - /** Name of the license */ - val name: String, - - /** Location where the license was mined from. */ - val source: Source, - - /** Are there patent hints for this license.*/ - @Serializable(BooleanSerializer::class) - val patentHints: Boolean? = null, - - /** Is this considered a copyleft license or not. */ - @Serializable(BooleanSerializer::class) - val copyleft: Boolean? = null, - - /** URL of the OSADL checklist for this license. */ - val checklistUrl: String? = null, - - val incompatibleWith: String? = null, - - /** Date the OSADL data was last updated. */ - val osadlUpdated: String? = null -) - -/** - * The "Dependency" section of the raw report. - */ -@Serializable -data class Dependency( - val vendor: String, - val component: String, - val version: String, - val source: String -) - -/** - * The "copyrights" section of the raw report. - */ -@Serializable -data class Copyright( - /** The copyright found. */ - val name: String, - - /** - * Location where the copyright was mined from. Reuse the [Source] enum for simplicity even if the - * [Source.FILE_SPDX_TAG] value is not supported here. - */ - val source: Source -) - -@Serializable -enum class Source { - /** A component level declaration was found in the component’s repository for the matched file. */ - @SerialName("component_declared") - COMPONENT_DECLARED, - - /** Minr detected a license text in the file header. */ - @SerialName("file_header") - FILE_HEADER, - - /** The matched file contains a SPDX-License-Identifier tag in its header. */ - @SerialName("file_spdx_tag") - FILE_SPDX_TAG, - - /** Minr detected a license in the LICENSE file in the component of the matched file. */ - @SerialName("license_file") - LICENSE_FILE, - - /** Scancode detected a license declaration in the matched file. */ - @SerialName("scancode") - SCANCODE -} - -/** - * The "vulnerabilities" section of the raw report. - */ -@Serializable -data class Vulnerability( - /** Vulnerability identifier (i.e CVE or Github Advisory ID). */ - @JsonNames("ID") - val id: String, - - /** Published CVE Identifier. */ - @JsonNames("CVE") - val cve: String, - - /** Source location for the vulnerability data. */ - val source: VulnerabilitySource, - - /** Severity of the vulnerability */ - val severity: String, - - /** Summary of the issue. */ - val summary: String, - - /** Date first reported. */ - val reported: String, - - /** Version when the issue was introduced. */ - val introduced: String, - - /** Version the issue is patched/resolved in */ - val patched: String -) - -/** - * Source location for the vulnerability data. - */ -@Serializable -enum class VulnerabilitySource { - /** GitHub Advisories. */ - @SerialName("github_advisories") - GITHUB_ADVISORIES, - - /** National Vulnerability Database. */ - @SerialName("nvd") - NVD -} - -/** - * The "quality" section of the raw report. - */ -@Serializable -data class Quality( - /** Rating for that quality score */ - val score: String, - - /** Type of quality score presented. */ - val source: QualityScoreType -) - -/** - * Type of quality score. - */ -@Serializable -enum class QualityScoreType { - /** - * Score from 0 to 5 based on various items : Proper amount of code comment, proper length of file, proper lines - * length, SPDX license identifier tag found and uniform indentation. - */ - @SerialName("best_practices") - BEST_PRACTICES -} - -/** - * The "cryptography" section of the raw report. - */ -@Serializable -data class Cryptography( - /** Algorithm name. */ - val algorithm: String, - - /** Algorithm strength (number of bits). */ - val strength: String -) - -/** - * Type of identification for the scanned file. - */ -@Serializable -enum class IdentificationType { - @SerialName("file") - FILE, - - @SerialName("none") - NONE, - - @SerialName("snippet") - SNIPPET -} - -/** - * Status of the file match. - */ -@Serializable -enum class FileMatchStatus { - @SerialName("identified") - IDENTIFIED, - - @SerialName("pending") - PENDING -} diff --git a/clients/scanoss/src/main/kotlin/model/ScanResponse.kt b/clients/scanoss/src/main/kotlin/model/ScanResponse.kt deleted file mode 100644 index 1c31aec011b70..0000000000000 --- a/clients/scanoss/src/main/kotlin/model/ScanResponse.kt +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright (C) 2022 The ORT Project Authors (see ) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * License-Filename: LICENSE - */ - -package org.ossreviewtoolkit.clients.scanoss.model - -import kotlinx.serialization.Serializable - -/** - * Response of the SCANOSS streaming API returned for each file that was requested to scan. - */ -@Serializable -data class ScanResponse( - /** Type of identification for the scanned file. */ - val id: IdentificationType, - - /** Status of the file match. */ - val status: FileMatchStatus? = null, - - /** Matching line numbers of a snippet in the source file. */ - val lines: String? = null, - - /** Matching line numbers for the snippet in the open source file. */ - val ossLines: String? = null, - - /** Percentage of the source file that matches the open source file. */ - val matched: String? = null, - - /** List of possible Package URLs identifying the OSS component. */ - val purl: List? = null, - - /** Vendor for the matched OSS component */ - val vendor: String? = null, - - /** Name for the matched OSS component. */ - val component: String? = null, - - /** Earliest matched OSS component version. */ - val version: String? = null, - - /** Latest matched OSS component version. */ - val latest: String? = null, - - /** URL of the OSS component. */ - val url: String? = null, - - /** Release date of the component. */ - val releaseDate: String? = null, - - /** Name of the matching OSS file. */ - val file: String? = null, - - /** MD5 hash of the project zip that was mined from. */ - val urlHash: String? = null, - - /** Unique hash for the matching OSS file stored in the KB. */ - val fileHash: String? = null, - - /** URL to download the matching OSS file from the KB. */ - val fileUrl: String? = null, - - /** List of declared dependencies for the detected component. */ - val dependencies: List = emptyList(), - - /** List of licenses associated with the OSS component. */ - val licenses: List = emptyList(), - - /** List of copyrights found in the OSS file. */ - val copyrights: List = emptyList(), - - /** List of known vulnerabilities associated with the OSS component. */ - val vulnerabilities: List = emptyList(), - - /** List of quality metrics associated with the OSS component. */ - val quality: List = emptyList(), - - /** List of cryptographic algorithms found in the OSS component. */ - val cryptography: List = emptyList(), - - /** Details about the SCANOSS server used to conduct the scan. */ - val server: Server -) diff --git a/clients/scanoss/src/test/assets/details/mappings/scan_details.json b/clients/scanoss/src/test/assets/details/mappings/scan_details.json deleted file mode 100644 index 79712efe357a3..0000000000000 --- a/clients/scanoss/src/test/assets/details/mappings/scan_details.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "id" : "0a7de786-48f0-4815-b5f9-8d3c0f435bc5", - "name" : "scan_direct", - "request" : { - "url" : "/scan/direct", - "method" : "POST", - "bodyPatterns" : [ { - "anything" : "anything" - } ] - }, - "response" : { - "status" : 200, - "body" : "{\"osskb.c\":[{\"id\":\"snippet\",\"status\":\"pending\",\"lines\":\"1-10\",\"oss_lines\":\"175-184\",\"matched\":\"90%\",\"purl\":[\"pkg:github/unoconv/unoconv\"],\"vendor\":\"unoconv\",\"component\":\"unoconv\",\"version\":\"0.8.2\",\"latest\":\"0.8.2\",\"url\":\"https://github.com/unoconv/unoconv\",\"release_date\":\"\",\"file\":\"unoconv\",\"url_hash\":\"c36074c3996ba9d7d85f4a57787b5645\",\"file_hash\":\"0f55e083dcc72a11334eb1a77137e2c4\",\"file_url\":\"https://osskb.org/api/file_contents/0f55e083dcc72a11334eb1a77137e2c4\",\"dependencies\":[],\"licenses\":[{\"name\":\"GPL-2.0-only\",\"checklist_url\":\"https://www.osadl.org/fileadmin/checklists/unreflicenses/GPL-2.0-only.txt\",\"copyleft\":\"yes\",\"patent_hints\":\"yes\",\"incompatible_with\":\"Apache-1.0,Apache-1.1,Apache-2.0,BSD-4-Clause,BSD-4-Clause-UC,FTL,IJG,OpenSSL,Python-2.0,zlib-acknowledgement,XFree86-1.1\",\"osadl_updated\":\"2022-02-15\",\"source\":\"component_declared\"}],\"copyrights\":[{\"name\":\"Copyright2007-2010DagWieers\",\"source\":\"file_header\"},{\"name\":\"Copyright2007-2010DagWieers\",\"source\":\"scancode\"}],\"vulnerabilities\":[{\"ID\":\"GHSA-27p5-7cw6-m45h\",\"CVE\":\"CVE-2019-17400\",\"severity\":\"HIGH\",\"reported\":\"2021-08-18\",\"introduced\":\"\",\"patched\":\"<0.9.0\",\"summary\":\"Server-SideRequestForgeryinunoconv\",\"source\":\"github_advisories\"}],\"quality\":[{\"score\":\"2/5\",\"source\":\"best_practices\"}],\"cryptography\":[],\"server\":{\"hostname\":\"p9\",\"version\":\"4.3.0\",\"flags\":\"0\",\"elapsed\":\"0.004624s\"}}]}", - "headers" : { - "Server" : "nginx/1.14.2", - "Date" : "Tue, 01 Mar 2022 09:39:58 GMT", - "Content-Type" : "application/json" - } - }, - "uuid" : "0a7de786-48f0-4815-b5f9-8d3c0f435bc5", - "persistent" : true, - "insertionIndex" : 10 -} diff --git a/clients/scanoss/src/test/assets/scan/file.wfp b/clients/scanoss/src/test/assets/scan/file.wfp deleted file mode 100644 index 3585258738d3d..0000000000000 --- a/clients/scanoss/src/test/assets/scan/file.wfp +++ /dev/null @@ -1,6 +0,0 @@ -file=24e35278ad5d4d3babe7379dc34d5bce,439,pasted.wfp -5=369450fc -6=bf7226a9 -8=b04dd861 -9=9727e3cd -11=2152ba16 diff --git a/clients/scanoss/src/test/assets/scan/mappings/scan_direct-0a7de786-48f0-4815-b5f9-8d3c0f435bc5.json b/clients/scanoss/src/test/assets/scan/mappings/scan_direct-0a7de786-48f0-4815-b5f9-8d3c0f435bc5.json deleted file mode 100644 index 77952d8c9d561..0000000000000 --- a/clients/scanoss/src/test/assets/scan/mappings/scan_direct-0a7de786-48f0-4815-b5f9-8d3c0f435bc5.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "id" : "0a7de786-48f0-4815-b5f9-8d3c0f435bc5", - "name" : "scan_direct", - "request" : { - "url" : "/scan/direct", - "method" : "POST", - "bodyPatterns" : [ { - "anything" : "anything" - } ] - }, - "response" : { - "status" : 200, - "body" : "{\"pasted.wfp\": [{\"id\": \"snippet\",\"status\": \"pending\",\"lines\": \"1-11\",\"oss_lines\": \"119-129\",\"matched\": \"90%\",\"purl\": [\"pkg:github/unoconv/unoconv\",\"pkg:deb/unoconv\",\"pkg:pypi/unoconv\"],\"vendor\": \"unoconv\",\"component\": \"unoconv\",\"version\": \"0.6\",\"latest\": \"0.6\",\"url\": \"https://github.com/unoconv/unoconv\",\"release_date\": \"2012-09-10\",\"file\": \"unoconv\",\"url_hash\": \"2b5b8e4c1c62f2b3cba48ceabc1f3671\",\"file_hash\": \"38e743a8566d3df4a2dc4432f8d6b091\",\"source_hash\": \"24e35278ad5d4d3babe7379dc34d5bce\",\"file_url\": \"https://osskb.org/api/file_contents/38e743a8566d3df4a2dc4432f8d6b091\",\"licenses\": [{\"name\": \"GPL-2.0-only\",\"patent_hints\": \"yes\", \"copyleft\": \"yes\", \"checklist_url\": \"https://www.osadl.org/fileadmin/checklists/unreflicenses/GPL-2.0-only.txt\", \"incompatible_with\": \"Apache-1.0, Apache-1.1, Apache-2.0, BSD-4-Clause, BSD-4-Clause-UC, FTL, IJG, OpenSSL, Python-2.0, zlib-acknowledgement, XFree86-1.1\",\"osadl_updated\": \"2022-02-15\",\"source\": \"component_declared\"},{\"name\": \"GPL-1.0-or-later\",\"source\": \"scancode\"},{\"name\": \"GPL-2.0-only\",\"patent_hints\": \"yes\", \"copyleft\": \"yes\", \"checklist_url\": \"https://www.osadl.org/fileadmin/checklists/unreflicenses/GPL-2.0-only.txt\", \"incompatible_with\": \"Apache-1.0, Apache-1.1, Apache-2.0, BSD-4-Clause, BSD-4-Clause-UC, FTL, IJG, OpenSSL, Python-2.0, zlib-acknowledgement, XFree86-1.1\",\"osadl_updated\": \"2022-02-15\",\"source\": \"scancode\"}],\"server\": {\"version\": \"4.4.1\",\"kb_version\": {\"monthly\":\"22.01\", \"daily\":\"22.02.08\"}}}]}\n\r\n", - "headers" : { - "Server" : "nginx/1.14.2", - "Date" : "Tue, 01 Mar 2022 09:39:58 GMT", - "Content-Type" : "application/json" - } - }, - "uuid" : "0a7de786-48f0-4815-b5f9-8d3c0f435bc5", - "persistent" : true, - "insertionIndex" : 10 -} \ No newline at end of file diff --git a/clients/scanoss/src/test/kotlin/ScanOssDetailsTest.kt b/clients/scanoss/src/test/kotlin/ScanOssDetailsTest.kt deleted file mode 100644 index f4a8ba99928cf..0000000000000 --- a/clients/scanoss/src/test/kotlin/ScanOssDetailsTest.kt +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright (C) 2022 The ORT Project Authors (see ) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * License-Filename: LICENSE - */ - -package org.ossreviewtoolkit.clients.scanoss - -import com.github.tomakehurst.wiremock.WireMockServer -import com.github.tomakehurst.wiremock.core.WireMockConfiguration - -import io.kotest.core.spec.style.StringSpec -import io.kotest.matchers.collections.beEmpty -import io.kotest.matchers.collections.shouldHaveSize -import io.kotest.matchers.maps.shouldHaveKey -import io.kotest.matchers.nulls.shouldNotBeNull -import io.kotest.matchers.should -import io.kotest.matchers.shouldBe -import io.kotest.matchers.shouldNot - -import java.io.File - -import okhttp3.MediaType.Companion.toMediaType -import okhttp3.MultipartBody -import okhttp3.RequestBody.Companion.asRequestBody - -import org.ossreviewtoolkit.clients.scanoss.model.Source - -private const val SCANOSS_DETAILS_RESPONSE_FILENAME = "osskb.c" - -class ScanOssDetailsTest : StringSpec({ - val server = WireMockServer( - WireMockConfiguration.options() - .dynamicPort() - .usingFilesUnderDirectory("src/test/assets/details") - ) - lateinit var service: ScanOssService - - val sampleFile = File("src/test/assets/scan/file.wfp").let { file -> - MultipartBody.Part.createFormData( - "file", - file.name, - file.asRequestBody("application/octet-stream".toMediaType()) - ) - } - - beforeSpec { - server.start() - service = ScanOssService.create("http://localhost:${server.port()}") - } - - afterSpec { - server.stop() - } - - beforeTest { - server.resetAll() - } - - "The response details can be parsed" { - val result = service.scan(sampleFile) - result shouldHaveKey SCANOSS_DETAILS_RESPONSE_FILENAME - result[SCANOSS_DETAILS_RESPONSE_FILENAME] shouldNotBeNull { - this shouldNot beEmpty() - first() shouldNotBeNull { - dependencies should beEmpty() - copyrights shouldHaveSize 2 - copyrights.first() shouldNotBeNull { - source shouldBe Source.FILE_HEADER - } - - vulnerabilities shouldHaveSize 1 - vulnerabilities.first() shouldNotBeNull { - id shouldBe "GHSA-27p5-7cw6-m45h" - } - - quality shouldHaveSize 1 - quality.first() shouldNotBeNull { - score shouldBe "2/5" - } - - cryptography should beEmpty() - } - } - } -}) diff --git a/clients/scanoss/src/test/kotlin/ScanOssServiceTest.kt b/clients/scanoss/src/test/kotlin/ScanOssServiceTest.kt deleted file mode 100644 index c76b0cc16aa5f..0000000000000 --- a/clients/scanoss/src/test/kotlin/ScanOssServiceTest.kt +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (C) 2022 The ORT Project Authors (see ) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * License-Filename: LICENSE - */ - -package org.ossreviewtoolkit.clients.scanoss - -import com.github.tomakehurst.wiremock.WireMockServer -import com.github.tomakehurst.wiremock.core.WireMockConfiguration - -import io.kotest.core.spec.style.StringSpec -import io.kotest.matchers.collections.beEmpty -import io.kotest.matchers.collections.shouldHaveSize -import io.kotest.matchers.maps.shouldHaveKey -import io.kotest.matchers.nulls.shouldNotBeNull -import io.kotest.matchers.shouldBe -import io.kotest.matchers.shouldNot - -import java.io.File - -import okhttp3.MediaType.Companion.toMediaType -import okhttp3.MultipartBody -import okhttp3.RequestBody.Companion.asRequestBody - -import org.ossreviewtoolkit.clients.scanoss.model.IdentificationType - -/** - * The default filename in a SCANOSS response. - */ -const val SCANOSS_RESPONSE_FILENAME = "pasted.wfp" - -class ScanOssServiceTest : StringSpec({ - val server = WireMockServer( - WireMockConfiguration.options() - .dynamicPort() - .usingFilesUnderDirectory("src/test/assets/scan") - ) - lateinit var service: ScanOssService - - val sampleFile = File("src/test/assets/scan/file.wfp").let { file -> - MultipartBody.Part.createFormData( - "file", - file.name, - file.asRequestBody("application/octet-stream".toMediaType()) - ) - } - - beforeSpec { - server.start() - service = ScanOssService.create("http://localhost:${server.port()}") - } - - afterSpec { - server.stop() - } - - beforeTest { - server.resetAll() - } - - "A WFP file scan can be requested" { - val result = service.scan(sampleFile) - result shouldHaveKey SCANOSS_RESPONSE_FILENAME - result[SCANOSS_RESPONSE_FILENAME] shouldNotBeNull { - this shouldNot beEmpty() - first() shouldNotBeNull { - id shouldBe IdentificationType.SNIPPET - licenses shouldHaveSize 3 - licenses[0].name shouldBe "GPL-2.0-only" - licenses[1].name shouldBe "GPL-1.0-or-later" - licenses[2].name shouldBe "GPL-2.0-only" - } - } - } - - "A Boolean value from SCANOSS can be deserialized" { - val result = service.scan(sampleFile) - result shouldHaveKey SCANOSS_RESPONSE_FILENAME - result[SCANOSS_RESPONSE_FILENAME] shouldNotBeNull { - this shouldNot beEmpty() - first() shouldNotBeNull { - licenses shouldHaveSize 3 - licenses[0].copyleft shouldBe true - licenses[0].patentHints shouldBe true - licenses[1].copyleft shouldBe null - licenses[1].patentHints shouldBe null - } - } - } -}) diff --git a/settings.gradle.kts b/settings.gradle.kts index 390f154f17d57..93d4480b57e13 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -34,7 +34,6 @@ include(":clients:github-graphql") include(":clients:nexus-iq") include(":clients:oss-index") include(":clients:osv") -include(":clients:scanoss") include(":clients:vulnerable-code") include(":detekt-rules") include(":downloader") @@ -58,7 +57,6 @@ project(":clients:github-graphql").name = "github-graphql-client" project(":clients:nexus-iq").name = "nexus-iq-client" project(":clients:oss-index").name = "oss-index-client" project(":clients:osv").name = "osv-client" -project(":clients:scanoss").name = "scanoss-client" project(":clients:vulnerable-code").name = "vulnerable-code-client" project(":utils:common").name = "common-utils"