deprecate [snyk] badges (#9349)

Co-authored-by: repo-ranger[bot] <39074581+repo-ranger[bot]@users.noreply.github.com>
2025-04-18 19:44:04 +03:00 · 2023-07-03 17:59:04 +01:00 · 2023-07-03 17:59:04 +01:00 · 7bad3f5902
commit 7bad3f5902
parent 1afa3b7871
6 changed files with 47 additions and 321 deletions
--- a/services/snyk/snyk-test-helpers.js
+++ b/services/snyk/snyk-test-helpers.js
@ -1,6 +0,0 @@
-const zeroVulnerabilitiesSvg =
-  '<svg id="snyk-badge" data-package="undefined@undefined" width="152" height="20"><linearGradient id="b" x2="0" y2="100%"><stop offset="0" stop-color="#bbb" stop-opacity=".1" /><stop offset="1" stop-opacity=".1" /></linearGradient><mask id="a"><rect width="152" height="20" rx="3" fill="#fff" /></mask><g mask="url(#a)"><path fill="#555" d="M0 0h90v20H0z" /><path fill="#7B7B7B" d="M90 0h152v20H90z" /><path fill="url(#b)" d="M0 0h152v20H0z" /></g><g fill="#fff" text-anchor="middle" font-family="DejaVu Sans,Verdana,Geneva,sans-serif" font-size="11"><text x="45" y="15" fill="#010101" fill-opacity=".3">vulnerabilities</text><text x="45" y="14">vulnerabilities</text><text x="120" y="15" fill="#010101" fill-opacity=".3">0</text><text x="120" y="14">0</text></g></svg>'
-const twoVulnerabilitiesSvg =
-  '<svg id="snyk-badge" data-package="undefined@undefined" width="152" height="20"><linearGradient id="b" x2="0" y2="100%"><stop offset="0" stop-color="#bbb" stop-opacity=".1" /><stop offset="1" stop-opacity=".1" /></linearGradient><mask id="a"><rect width="152" height="20" rx="3" fill="#fff" /></mask><g mask="url(#a)"><path fill="#555" d="M0 0h90v20H0z" /><path fill="#7B7B7B" d="M90 0h152v20H90z" /><path fill="url(#b)" d="M0 0h152v20H0z" /></g><g fill="#fff" text-anchor="middle" font-family="DejaVu Sans,Verdana,Geneva,sans-serif" font-size="11"><text x="45" y="15" fill="#010101" fill-opacity=".3">vulnerabilities</text><text x="45" y="14">vulnerabilities</text><text x="120" y="15" fill="#010101" fill-opacity=".3">2</text><text x="120" y="14">2</text></g></svg>'
-
-export { zeroVulnerabilitiesSvg, twoVulnerabilitiesSvg }
--- a/services/snyk/snyk-vulnerability-base.js
+++ b/services/snyk/snyk-vulnerability-base.js
@ -1,40 +0,0 @@
-import Joi from 'joi'
-import { BaseSvgScrapingService } from '../index.js'
-
-const schema = Joi.object({
-  message: Joi.alternatives()
-    .try(Joi.string().regex(/^\d*$/), Joi.equal('unknown'))
-    .required(),
-}).required()
-
-export default class SnykVulnerabilityBase extends BaseSvgScrapingService {
-  static category = 'analysis'
-
-  static defaultBadgeData = {
-    label: 'vulnerabilities',
-  }
-
-  static render({ vulnerabilities }) {
-    let color = 'red'
-    if (vulnerabilities === '0') {
-      color = 'brightgreen'
-    }
-    return {
-      message: vulnerabilities,
-      color,
-    }
-  }
-
-  async fetch({ url, searchParams, httpErrors }) {
-    const { message: vulnerabilities } = await this._requestSvg({
-      url,
-      schema,
-      options: {
-        searchParams,
-      },
-      httpErrors,
-    })
-
-    return { vulnerabilities }
-  }
-}
--- a/services/snyk/snyk-vulnerability-github.service.js
+++ b/services/snyk/snyk-vulnerability-github.service.js
@ -1,48 +1,11 @@
-import SynkVulnerabilityBase from './snyk-vulnerability-base.js'
+import { deprecatedService } from '../index.js'

-export default class SnykVulnerabilityGitHub extends SynkVulnerabilityBase {
-  static route = {
+export default deprecatedService({
+  category: 'analysis',
+  route: {
    base: 'snyk/vulnerabilities/github',
-    pattern: ':user/:repo/:manifestFilePath*',
-  }
-
-  static examples = [
-    {
-      title: 'Snyk Vulnerabilities for GitHub Repo',
-      pattern: ':user/:repo',
-      namedParams: {
-        user: 'badges',
-        repo: 'shields',
-      },
-      staticPreview: this.render({ vulnerabilities: '0' }),
-    },
-    {
-      title: 'Snyk Vulnerabilities for GitHub Repo (Specific Manifest)',
-      pattern: ':user/:repo/:manifestFilePath',
-      namedParams: {
-        user: 'badges',
-        repo: 'shields',
-        manifestFilePath: 'badge-maker/package.json',
-      },
-      staticPreview: this.render({ vulnerabilities: '0' }),
-      documentation: `<p>
-          Provide the path to your target manifest file relative to the base of your repository.
-          Snyk does not support using a specific branch for this, so do not include "blob" nor a branch name.
-        </p>
-        `,
-    },
-  ]
-
-  async handle({ user, repo, manifestFilePath }) {
-    const url = `https://snyk.io/test/github/${user}/${repo}/badge.svg`
-    const searchParams = { targetFile: manifestFilePath }
-    const { vulnerabilities } = await this.fetch({
-      url,
-      searchParams,
-      httpErrors: {
-        404: 'repo or manifest not found',
-      },
-    })
-    return this.constructor.render({ vulnerabilities })
-  }
-}
+    pattern: ':various*',
+  },
+  label: 'vulnerabilities',
+  dateAdded: new Date('2023-07-03'),
+})
--- a/services/snyk/snyk-vulnerability-github.tester.js
+++ b/services/snyk/snyk-vulnerability-github.tester.js
@ -1,94 +1,18 @@
-import Joi from 'joi'
-import { createServiceTester } from '../tester.js'
-import {
-  twoVulnerabilitiesSvg,
-  zeroVulnerabilitiesSvg,
-} from './snyk-test-helpers.js'
-export const t = await createServiceTester()
-
-t.create('valid repo').get('/snyk/snyk.json').timeout(20000).expectBadge({
-  label: 'vulnerabilities',
-  message: Joi.number().required(),
+import { ServiceTester } from '../tester.js'
+export const t = new ServiceTester({
+  id: 'SnykVulnerabilityGitHub',
+  title: 'SnykVulnerabilityGitHub',
+  pathPrefix: '/snyk/vulnerabilities/github',
 })

-t.create('non existent repo')
-  .get('/badges/not-real.json')
-  .timeout(20000)
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: 'repo or manifest not found',
-  })
+t.create('repo').get('/snyk/snyk.json').expectBadge({
+  label: 'vulnerabilities',
+  message: 'no longer available',
+})

-t.create('valid target manifest path')
+t.create('manifest path')
  .get('/snyk/snyk/test/fixtures/demo-os/package.json.json')
-  .timeout(20000)
  .expectBadge({
    label: 'vulnerabilities',
-    message: Joi.number().required(),
-  })
-
-t.create('invalid target manifest path')
-  .get('/badges/shields/badge-maker/requirements.txt.json')
-  .timeout(20000)
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: 'repo or manifest not found',
-  })
-
-t.create('repo has no vulnerabilities')
-  .get('/badges/shields.json')
-  .intercept(nock =>
-    nock('https://snyk.io/test/github/badges/shields')
-      .get('/badge.svg')
-      .reply(200, zeroVulnerabilitiesSvg)
-  )
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: '0',
-    color: 'brightgreen',
-  })
-
-t.create('repo has vulnerabilities')
-  .get('/badges/shields.json')
-  .intercept(nock =>
-    nock('https://snyk.io/test/github/badges/shields')
-      .get('/badge.svg')
-      .reply(200, twoVulnerabilitiesSvg)
-  )
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: '2',
-    color: 'red',
-  })
-
-t.create('target manifest file has no vulnerabilities')
-  .get('/badges/shields/badge-maker/package.json.json')
-  .intercept(nock =>
-    nock('https://snyk.io/test/github/badges/shields')
-      .get('/badge.svg')
-      .query({
-        targetFile: 'badge-maker/package.json',
-      })
-      .reply(200, zeroVulnerabilitiesSvg)
-  )
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: '0',
-    color: 'brightgreen',
-  })
-
-t.create('target manifest file has vulnerabilities')
-  .get('/badges/shields/badge-maker/package.json.json')
-  .intercept(nock =>
-    nock('https://snyk.io/test/github/badges/shields')
-      .get('/badge.svg')
-      .query({
-        targetFile: 'badge-maker/package.json',
-      })
-      .reply(200, twoVulnerabilitiesSvg)
-  )
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: '2',
-    color: 'red',
+    message: 'no longer available',
  })
--- a/services/snyk/snyk-vulnerability-npm.service.js
+++ b/services/snyk/snyk-vulnerability-npm.service.js
@ -1,60 +1,11 @@
-import { NotFound } from '../index.js'
-import SynkVulnerabilityBase from './snyk-vulnerability-base.js'
+import { deprecatedService } from '../index.js'

-export default class SnykVulnerabilityNpm extends SynkVulnerabilityBase {
-  static route = {
+export default deprecatedService({
+  category: 'analysis',
+  route: {
    base: 'snyk/vulnerabilities/npm',
-    pattern: ':packageName(.+?)',
-  }
-
-  static examples = [
-    {
-      title: 'Snyk Vulnerabilities for npm package',
-      pattern: ':packageName',
-      namedParams: {
-        packageName: 'mocha',
-      },
-      staticPreview: this.render({ vulnerabilities: '0' }),
-    },
-    {
-      title: 'Snyk Vulnerabilities for npm package version',
-      pattern: ':packageName',
-      namedParams: {
-        packageName: 'mocha@4.0.0',
-      },
-      staticPreview: this.render({ vulnerabilities: '1' }),
-    },
-    {
-      title: 'Snyk Vulnerabilities for npm scoped package',
-      pattern: ':packageName',
-      namedParams: {
-        packageName: '@babel/core',
-      },
-      staticPreview: this.render({ vulnerabilities: '0' }),
-    },
-  ]
-
-  async handle({ packageName }) {
-    const url = `https://snyk.io/test/npm/${packageName}/badge.svg`
-
-    try {
-      const { vulnerabilities } = await this.fetch({
-        url,
-        // Snyk returns an HTTP 200 with an HTML page when the specified
-        // npm package is not found that contains the text 404.
-        // Including this in case Snyk starts returning a 404 response code instead.
-        httpErrors: {
-          404: 'npm package is invalid or does not exist',
-        },
-      })
-      return this.constructor.render({ vulnerabilities })
-    } catch (e) {
-      // If the package is invalid/nonexistent Snyk will return an HTML page
-      // which will result in an InvalidResponse error being thrown by the valueFromSvgBadge()
-      // function. Catching it here to switch to a more contextualized error message.
-      throw new NotFound({
-        prettyMessage: 'npm package is invalid or does not exist',
-      })
-    }
-  }
-}
+    pattern: ':various*',
+  },
+  label: 'vulnerabilities',
+  dateAdded: new Date('2023-07-03'),
+})
--- a/services/snyk/snyk-vulnerability-npm.tester.js
+++ b/services/snyk/snyk-vulnerability-npm.tester.js
@ -1,86 +1,20 @@
-import Joi from 'joi'
-import { createServiceTester } from '../tester.js'
-import {
-  twoVulnerabilitiesSvg,
-  zeroVulnerabilitiesSvg,
-} from './snyk-test-helpers.js'
-export const t = await createServiceTester()
+import { ServiceTester } from '../tester.js'
+export const t = new ServiceTester({
+  id: 'SnykVulnerabilityNpm',
+  title: 'SnykVulnerabilityNpm',
+  pathPrefix: '/snyk/vulnerabilities/npm',
+})
+t.create('latest version').get('/commander.json').expectBadge({
+  label: 'vulnerabilities',
+  message: 'no longer available',
+})

-t.create('valid package latest version')
-  .get('/commander.json')
-  .timeout(20000)
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: Joi.number().required(),
-  })
+t.create('scoped package latest version').get('/@babel/core.json').expectBadge({
+  label: 'vulnerabilities',
+  message: 'no longer available',
+})

-t.create('valid scoped package latest version')
-  .get('/@babel/core.json')
-  .timeout(20000)
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: Joi.number().required(),
-  })
-
-t.create('non existent package')
-  .get('/mochaabcdef.json')
-  .timeout(20000)
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: 'npm package is invalid or does not exist',
-  })
-
-t.create('valid package specific version')
-  .get('/commander@2.20.0.json')
-  .timeout(20000)
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: Joi.number().required(),
-  })
-
-t.create('non existent package version')
-  .get('/gh-badges@0.3.4.json')
-  .timeout(20000)
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: 'npm package is invalid or does not exist',
-  })
-
-t.create('package has no vulnerabilities')
-  .get('/mocha.json')
-  .intercept(nock =>
-    nock('https://snyk.io/test/npm/mocha')
-      .get('/badge.svg')
-      .reply(200, zeroVulnerabilitiesSvg)
-  )
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: '0',
-    color: 'brightgreen',
-  })
-
-t.create('package has vulnerabilities')
-  .get('/mocha.json')
-  .intercept(nock =>
-    nock('https://snyk.io/test/npm/mocha')
-      .get('/badge.svg')
-      .reply(200, twoVulnerabilitiesSvg)
-  )
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: '2',
-    color: 'red',
-  })
-
-t.create('package not found')
-  .get('/not-mocha-fake-ish@13.0.0.json')
-  .intercept(nock =>
-    nock('https://snyk.io/test/npm/not-mocha-fake-ish@13.0.0')
-      .get('/badge.svg')
-      .reply(200, '<html>foo</html>')
-  )
-  .expectBadge({
-    label: 'vulnerabilities',
-    message: 'npm package is invalid or does not exist',
-    color: 'red',
-  })
+t.create('package specific version').get('/commander@2.20.0.json').expectBadge({
+  label: 'vulnerabilities',
+  message: 'no longer available',
+})