Skip to content

Commit

Permalink
deprecate [snyk] badges
Browse files Browse the repository at this point in the history
  • Loading branch information
@chris48s
chris48s committed Jul 3, 2023
1 parent c37dd08 commit c4675b0
Show file tree
Hide file tree
Showing 6 changed files with 48 additions and 322 deletions.
6 changes: 0 additions & 6 deletions services/snyk/snyk-test-helpers.js
View file

This file was deleted.

40 changes: 0 additions & 40 deletions services/snyk/snyk-vulnerability-base.js
View file

This file was deleted.

55 changes: 9 additions & 46 deletions services/snyk/snyk-vulnerability-github.service.js
View file
Original file line number Diff line number Diff line change
@@ -1,48 +1,11 @@
import SynkVulnerabilityBase from './snyk-vulnerability-base.js'
import { deprecatedService } from '../index.js'

export default class SnykVulnerabilityGitHub extends SynkVulnerabilityBase {
static route = {
export default deprecatedService({
category: 'analysis',
route: {
base: 'snyk/vulnerabilities/github',
pattern: ':user/:repo/:manifestFilePath*',
}

static examples = [
{
title: 'Snyk Vulnerabilities for GitHub Repo',
pattern: ':user/:repo',
namedParams: {
user: 'badges',
repo: 'shields',
},
staticPreview: this.render({ vulnerabilities: '0' }),
},
{
title: 'Snyk Vulnerabilities for GitHub Repo (Specific Manifest)',
pattern: ':user/:repo/:manifestFilePath',
namedParams: {
user: 'badges',
repo: 'shields',
manifestFilePath: 'badge-maker/package.json',
},
staticPreview: this.render({ vulnerabilities: '0' }),
documentation: `<p>
Provide the path to your target manifest file relative to the base of your repository.
Snyk does not support using a specific branch for this, so do not include "blob" nor a branch name.
</p>
`,
},
]

async handle({ user, repo, manifestFilePath }) {
const url = `https://snyk.io/test/github/${user}/${repo}/badge.svg`
const searchParams = { targetFile: manifestFilePath }
const { vulnerabilities } = await this.fetch({
url,
searchParams,
httpErrors: {
404: 'repo or manifest not found',
},
})
return this.constructor.render({ vulnerabilities })
}
}
pattern: ':various*',
},
label: 'vulnerabilities',
dateAdded: new Date('2023-07-03'),
})
96 changes: 10 additions & 86 deletions services/snyk/snyk-vulnerability-github.tester.js
View file
Original file line number Diff line number Diff line change
@@ -1,94 +1,18 @@
import Joi from 'joi'
import { createServiceTester } from '../tester.js'
import {
twoVulnerabilitiesSvg,
zeroVulnerabilitiesSvg,
} from './snyk-test-helpers.js'
export const t = await createServiceTester()
import { ServiceTester } from '../tester.js'
export const t = new ServiceTester({
id: 'SnykVulnerabilityGitHub',
title: 'SnykVulnerabilityGitHub',
pathPrefix: '/snyk/vulnerabilities/github',
})

t.create('valid repo').get('/snyk/snyk.json').timeout(20000).expectBadge({
t.create('repo').get('/snyk/snyk.json').expectBadge({
label: 'vulnerabilities',
message: Joi.number().required(),
message: 'no longer available',
})

t.create('non existent repo')
.get('/badges/not-real.json')
.timeout(20000)
.expectBadge({
label: 'vulnerabilities',
message: 'repo or manifest not found',
})

t.create('valid target manifest path')
t.create('manifest path')
.get('/snyk/snyk/test/fixtures/demo-os/package.json.json')
.timeout(20000)
.expectBadge({
label: 'vulnerabilities',
message: Joi.number().required(),
})

t.create('invalid target manifest path')
.get('/badges/shields/badge-maker/requirements.txt.json')
.timeout(20000)
.expectBadge({
label: 'vulnerabilities',
message: 'repo or manifest not found',
})

t.create('repo has no vulnerabilities')
.get('/badges/shields.json')
.intercept(nock =>
nock('https://snyk.io/test/github/badges/shields')
.get('/badge.svg')
.reply(200, zeroVulnerabilitiesSvg)
)
.expectBadge({
label: 'vulnerabilities',
message: '0',
color: 'brightgreen',
})

t.create('repo has vulnerabilities')
.get('/badges/shields.json')
.intercept(nock =>
nock('https://snyk.io/test/github/badges/shields')
.get('/badge.svg')
.reply(200, twoVulnerabilitiesSvg)
)
.expectBadge({
label: 'vulnerabilities',
message: '2',
color: 'red',
})

t.create('target manifest file has no vulnerabilities')
.get('/badges/shields/badge-maker/package.json.json')
.intercept(nock =>
nock('https://snyk.io/test/github/badges/shields')
.get('/badge.svg')
.query({
targetFile: 'badge-maker/package.json',
})
.reply(200, zeroVulnerabilitiesSvg)
)
.expectBadge({
label: 'vulnerabilities',
message: '0',
color: 'brightgreen',
})

t.create('target manifest file has vulnerabilities')
.get('/badges/shields/badge-maker/package.json.json')
.intercept(nock =>
nock('https://snyk.io/test/github/badges/shields')
.get('/badge.svg')
.query({
targetFile: 'badge-maker/package.json',
})
.reply(200, twoVulnerabilitiesSvg)
)
.expectBadge({
label: 'vulnerabilities',
message: '2',
color: 'red',
message: 'no longer available',
})
67 changes: 9 additions & 58 deletions services/snyk/snyk-vulnerability-npm.service.js
View file
Original file line number Diff line number Diff line change
@@ -1,60 +1,11 @@
import { NotFound } from '../index.js'
import SynkVulnerabilityBase from './snyk-vulnerability-base.js'
import { deprecatedService } from '../index.js'

export default class SnykVulnerabilityNpm extends SynkVulnerabilityBase {
static route = {
export default deprecatedService({
category: 'analysis',
route: {
base: 'snyk/vulnerabilities/npm',
pattern: ':packageName(.+?)',
}

static examples = [
{
title: 'Snyk Vulnerabilities for npm package',
pattern: ':packageName',
namedParams: {
packageName: 'mocha',
},
staticPreview: this.render({ vulnerabilities: '0' }),
},
{
title: 'Snyk Vulnerabilities for npm package version',
pattern: ':packageName',
namedParams: {
packageName: 'mocha@4.0.0',
},
staticPreview: this.render({ vulnerabilities: '1' }),
},
{
title: 'Snyk Vulnerabilities for npm scoped package',
pattern: ':packageName',
namedParams: {
packageName: '@babel/core',
},
staticPreview: this.render({ vulnerabilities: '0' }),
},
]

async handle({ packageName }) {
const url = `https://snyk.io/test/npm/${packageName}/badge.svg`

try {
const { vulnerabilities } = await this.fetch({
url,
// Snyk returns an HTTP 200 with an HTML page when the specified
// npm package is not found that contains the text 404.
// Including this in case Snyk starts returning a 404 response code instead.
httpErrors: {
404: 'npm package is invalid or does not exist',
},
})
return this.constructor.render({ vulnerabilities })
} catch (e) {
// If the package is invalid/nonexistent Snyk will return an HTML page
// which will result in an InvalidResponse error being thrown by the valueFromSvgBadge()
// function. Catching it here to switch to a more contextualized error message.
throw new NotFound({
prettyMessage: 'npm package is invalid or does not exist',
})
}
}
}
pattern: ':various*',
},
label: 'vulnerabilities',
dateAdded: new Date('2023-07-03'),
})
106 changes: 20 additions & 86 deletions services/snyk/snyk-vulnerability-npm.tester.js
View file
Original file line number Diff line number Diff line change
@@ -1,86 +1,20 @@
import Joi from 'joi'
import { createServiceTester } from '../tester.js'
import {
twoVulnerabilitiesSvg,
zeroVulnerabilitiesSvg,
} from './snyk-test-helpers.js'
export const t = await createServiceTester()

t.create('valid package latest version')
.get('/commander.json')
.timeout(20000)
.expectBadge({
label: 'vulnerabilities',
message: Joi.number().required(),
})

t.create('valid scoped package latest version')
.get('/@babel/core.json')
.timeout(20000)
.expectBadge({
label: 'vulnerabilities',
message: Joi.number().required(),
})

t.create('non existent package')
.get('/mochaabcdef.json')
.timeout(20000)
.expectBadge({
label: 'vulnerabilities',
message: 'npm package is invalid or does not exist',
})

t.create('valid package specific version')
.get('/commander@2.20.0.json')
.timeout(20000)
.expectBadge({
label: 'vulnerabilities',
message: Joi.number().required(),
})

t.create('non existent package version')
.get('/gh-badges@0.3.4.json')
.timeout(20000)
.expectBadge({
label: 'vulnerabilities',
message: 'npm package is invalid or does not exist',
})

t.create('package has no vulnerabilities')
.get('/mocha.json')
.intercept(nock =>
nock('https://snyk.io/test/npm/mocha')
.get('/badge.svg')
.reply(200, zeroVulnerabilitiesSvg)
)
.expectBadge({
label: 'vulnerabilities',
message: '0',
color: 'brightgreen',
})

t.create('package has vulnerabilities')
.get('/mocha.json')
.intercept(nock =>
nock('https://snyk.io/test/npm/mocha')
.get('/badge.svg')
.reply(200, twoVulnerabilitiesSvg)
)
.expectBadge({
label: 'vulnerabilities',
message: '2',
color: 'red',
})

t.create('package not found')
.get('/not-mocha-fake-ish@13.0.0.json')
.intercept(nock =>
nock('https://snyk.io/test/npm/not-mocha-fake-ish@13.0.0')
.get('/badge.svg')
.reply(200, '<html>foo</html>')
)
.expectBadge({
label: 'vulnerabilities',
message: 'npm package is invalid or does not exist',
color: 'red',
})
import { ServiceTester } from '../tester.js'
export const t = new ServiceTester({
id: 'SnykVulnerabilityNpm',
title: 'SnykVulnerabilityNpm',
pathPrefix: '/snyk/vulnerabilities/npm',
})
t.create('latest version').get('/commander.json').expectBadge({
label: 'vulnerabilities',
message: 'no longer available',
})

t.create('scoped package latest version').get('/@babel/core.json').expectBadge({
label: 'vulnerabilities',
message: 'no longer available',
})

t.create('package specific version').get('/commander@2.20.0.json').expectBadge({
label: 'vulnerabilities',
message: 'no longer available',
})

0 comments on commit c4675b0

Please sign in to comment.