Remove outdated Dependency Scanning frontend code

Since we now retrieve data from the Backend, we can remove the parsing
log from the Frontend. See:
https://gitlab.com/groups/gitlab-org/-/epics/1425

ee/app/assets/javascripts/vue_shared/security_reports/store/actions.js

@@ -127,11 +127,6 @@ export const fetchDastDiff = ({ state, dispatch }) => {
 /**
  * DEPENDENCY SCANNING
  */
-export const setDependencyScanningHeadPath = ({ commit }, path) =>
-  commit(types.SET_DEPENDENCY_SCANNING_HEAD_PATH, path);
-
-export const setDependencyScanningBasePath = ({ commit }, path) =>
-  commit(types.SET_DEPENDENCY_SCANNING_BASE_PATH, path);
 
 export const setDependencyScanningDiffEndpoint = ({ commit }, path) =>
   commit(types.SET_DEPENDENCY_SCANNING_DIFF_ENDPOINT, path);
@@ -139,12 +134,6 @@ export const setDependencyScanningDiffEndpoint = ({ commit }, path) =>
 export const requestDependencyScanningReports = ({ commit }) =>
   commit(types.REQUEST_DEPENDENCY_SCANNING_REPORTS);
 
-export const receiveDependencyScanningReports = ({ commit }, response) =>
-  commit(types.RECEIVE_DEPENDENCY_SCANNING_REPORTS, response);
-
-export const receiveDependencyScanningError = ({ commit }, error) =>
-  commit(types.RECEIVE_DEPENDENCY_SCANNING_ERROR, error);
-
 export const receiveDependencyScanningDiffSuccess = ({ commit }, response) =>
   commit(types.RECEIVE_DEPENDENCY_SCANNING_DIFF_SUCCESS, response);
 
@@ -173,32 +162,6 @@ export const fetchDependencyScanningDiff = ({ state, dispatch }) => {
     });
 };
 
-export const fetchDependencyScanningReports = ({ state, dispatch }) => {
-  const { base, head } = state.dependencyScanning.paths;
-
-  dispatch('requestDependencyScanningReports');
-
-  return Promise.all([
-    head ? axios.get(head) : Promise.resolve(),
-    base ? axios.get(base) : Promise.resolve(),
-    axios.get(state.vulnerabilityFeedbackPath, {
-      params: {
-        category: 'dependency_scanning',
-      },
-    }),
-  ])
-    .then(values => {
-      dispatch('receiveDependencyScanningReports', {
-        head: values[0] ? values[0].data : null,
-        base: values[1] ? values[1].data : null,
-        enrichData: values && values[2] ? values[2].data : [],
-      });
-    })
-    .catch(() => {
-      dispatch('receiveDependencyScanningError');
-    });
-};
-
 export const updateDependencyScanningIssue = ({ commit }, issue) =>
   commit(types.UPDATE_DEPENDENCY_SCANNING_ISSUE, issue);
 

ee/app/assets/javascripts/vue_shared/security_reports/store/mutation_types.js

@@ -26,12 +26,8 @@ export const RECEIVE_DAST_DIFF_SUCCESS = 'RECEIVE_DAST_DIFF_SUCCESS';
 export const RECEIVE_DAST_DIFF_ERROR = 'RECEIVE_DAST_DIFF_ERROR';
 
 // DEPENDENCY_SCANNING
-export const SET_DEPENDENCY_SCANNING_HEAD_PATH = 'SET_DEPENDENCY_SCANNING_HEAD_PATH';
-export const SET_DEPENDENCY_SCANNING_BASE_PATH = 'SET_DEPENDENCY_SCANNING_BASE_PATH';
 export const SET_DEPENDENCY_SCANNING_DIFF_ENDPOINT = 'SET_DEPENDENCY_SCANNING_DIFF_ENDPOINT';
 export const REQUEST_DEPENDENCY_SCANNING_REPORTS = 'REQUEST_DEPENDENCY_SCANNING_REPORTS';
-export const RECEIVE_DEPENDENCY_SCANNING_REPORTS = 'RECEIVE_DEPENDENCY_SCANNING_REPORTS';
-export const RECEIVE_DEPENDENCY_SCANNING_ERROR = 'RECEIVE_DEPENDENCY_SCANNING_ERROR';
 export const RECEIVE_DEPENDENCY_SCANNING_DIFF_SUCCESS = 'RECEIVE_DEPENDENCY_SCANNING_DIFF_SUCCESS';
 export const RECEIVE_DEPENDENCY_SCANNING_DIFF_ERROR = 'RECEIVE_DEPENDENCY_SCANNING_DIFF_ERROR';
 

ee/app/assets/javascripts/vue_shared/security_reports/store/mutations.js

 import Vue from 'vue';
 import * as types from './mutation_types';
-import { parseDependencyScanningIssues, findIssueIndex, parseDiff } from './utils';
-import filterByKey from './utils/filter_by_key';
+import { findIssueIndex, parseDiff } from './utils';
 import getFileLocation from './utils/get_file_location';
 import { visitUrl } from '~/lib/utils/url_utility';
 
@@ -107,14 +106,6 @@ export default {
 
   // DEPENDECY SCANNING
 
-  [types.SET_DEPENDENCY_SCANNING_HEAD_PATH](state, path) {
-    Vue.set(state.dependencyScanning.paths, 'head', path);
-  },
-
-  [types.SET_DEPENDENCY_SCANNING_BASE_PATH](state, path) {
-    Vue.set(state.dependencyScanning.paths, 'base', path);
-  },
-
   [types.SET_DEPENDENCY_SCANNING_DIFF_ENDPOINT](state, path) {
     Vue.set(state.dependencyScanning.paths, 'diffEndpoint', path);
   },
@@ -123,56 +114,6 @@ export default {
     Vue.set(state.dependencyScanning, 'isLoading', true);
   },
 
-  /**
-   * Compares dependency scanning results and returns the formatted report
-   *
-   * Dependency report has 3 types of issues, newIssues, resolvedIssues and allIssues.
-   *
-   * When we have both base and head:
-   * - newIssues = head - base
-   * - resolvedIssues = base - head
-   * - allIssues = head - newIssues - resolvedIssues
-   *
-   * When we only have head
-   * - newIssues = head
-   * - resolvedIssues = 0
-   * - allIssues = 0
-   */
-  [types.RECEIVE_DEPENDENCY_SCANNING_REPORTS](state, reports) {
-    if (reports.base && reports.head) {
-      const filterKey = 'cve';
-      const parsedHead = parseDependencyScanningIssues(
-        reports.head,
-        reports.enrichData,
-        state.blobPath.head,
-      );
-      const parsedBase = parseDependencyScanningIssues(
-        reports.base,
-        reports.enrichData,
-        state.blobPath.base,
-      );
-
-      const newIssues = filterByKey(parsedHead, parsedBase, filterKey);
-      const resolvedIssues = filterByKey(parsedBase, parsedHead, filterKey);
-      const allIssues = filterByKey(parsedHead, newIssues.concat(resolvedIssues), filterKey);
-
-      Vue.set(state.dependencyScanning, 'newIssues', newIssues);
-      Vue.set(state.dependencyScanning, 'resolvedIssues', resolvedIssues);
-      Vue.set(state.dependencyScanning, 'allIssues', allIssues);
-      Vue.set(state.dependencyScanning, 'isLoading', false);
-    }
-
-    if (reports.head && !reports.base) {
-      const newIssues = parseDependencyScanningIssues(
-        reports.head,
-        reports.enrichData,
-        state.blobPath.head,
-      );
-      Vue.set(state.dependencyScanning, 'newIssues', newIssues);
-      Vue.set(state.dependencyScanning, 'isLoading', false);
-    }
-  },
-
   [types.RECEIVE_DEPENDENCY_SCANNING_DIFF_SUCCESS](state, { diff, enrichData }) {
     const { added, fixed, existing } = parseDiff(diff, enrichData);
     const baseReportOutofDate = diff.base_report_out_of_date || false;
@@ -191,11 +132,6 @@ export default {
     Vue.set(state.dependencyScanning, 'hasError', true);
   },
 
-  [types.RECEIVE_DEPENDENCY_SCANNING_ERROR](state) {
-    Vue.set(state.dependencyScanning, 'isLoading', false);
-    Vue.set(state.dependencyScanning, 'hasError', true);
-  },
-
   [types.SET_ISSUE_MODAL_DATA](state, payload) {
     const { issue, status } = payload;
     const fileLocation = getFileLocation(issue.location);

ee/app/assets/javascripts/vue_shared/security_reports/store/utils.js

-import sha1 from 'sha1';
-import _ from 'underscore';
 import { n__, s__, sprintf } from '~/locale';
 
 /**
@@ -10,32 +8,6 @@ import { n__, s__, sprintf } from '~/locale';
 export const findIssueIndex = (issues, issue) =>
   issues.findIndex(el => el.project_fingerprint === issue.project_fingerprint);
 
-/**
- *
- * Returns whether a vulnerability has a match in an array of fixes
- *
- * @param fixes {Array} Array of fixes (vulnerability identifiers) of a remediation
- * @param vulnerability {Object} Vulnerability
- * @returns {boolean}
- */
-const hasMatchingFix = (fixes, vulnerability) =>
-  Array.isArray(fixes) ? fixes.some(fix => _.isMatch(vulnerability, fix)) : false;
-
-/**
- *
- * Returns the remediations that fix the given vulnerability
- *
- * @param {Array} remediations
- * @param {Object} vulnerability
- * @returns {Array}
- */
-export const findMatchingRemediations = (remediations, vulnerability) => {
-  if (!Array.isArray(remediations)) {
-    return [];
-  }
-  return remediations.filter(rem => hasMatchingFix(rem.fixes, vulnerability));
-};
-
 /**
  * Returns given vulnerability enriched with the corresponding
  * feedback (`dismissal` or `issue` type)
@@ -68,109 +40,6 @@ export const enrichVulnerabilityWithFeedback = (vulnerability, feedback = []) =>
       return vuln;
     }, vulnerability);
 
-/**
- * Generates url to repository file and highlight section between start and end lines.
- *
- * @param {Object} location
- * @param {String} pathPrefix
- * @returns {String}
- */
-function fileUrl(location, pathPrefix) {
-  let lineSuffix = '';
-  if (location.start_line) {
-    lineSuffix += `#L${location.start_line}`;
-    if (location.end_line) {
-      lineSuffix += `-${location.end_line}`;
-    }
-  }
-  return `${pathPrefix}/${location.file}${lineSuffix}`;
-}
-
-/**
- * Parses issues with deprecated JSON format and adapts it to the new one.
- *
- * @param {Object} issue
- * @returns {Object}
- */
-function adaptDeprecatedIssueFormat(issue) {
-  // Skip issue with new format (old format does not have a location property)
-  if (issue.location) {
-    return issue;
-  }
-
-  const adapted = {
-    ...issue,
-  };
-
-  // Add the new links property
-  const links = [];
-  if (!_.isEmpty(adapted.url)) {
-    links.push({ url: adapted.url });
-  }
-
-  Object.assign(adapted, {
-    // Add the new location property
-    location: {
-      file: adapted.file,
-      start_line: adapted.line ? parseInt(adapted.line, 10) : undefined,
-    },
-    links,
-  });
-
-  return adapted;
-}
-
-/**
- *
- * Wraps old report formats (plain array of vulnerabilities).
- *
- * @param {Array|Object} report
- * @returns {Object}
- */
-function adaptDeprecatedReportFormat(report) {
-  if (Array.isArray(report)) {
-    return {
-      vulnerabilities: report,
-      remediations: [],
-    };
-  }
-
-  return report;
-}
-
-/**
- * Parses Dependency Scanning results into a common format to allow to use the same Vue component.
- *
- * @param {Array|Object} report
- * @param {Array} feedback
- * @param {String} path
- * @returns {Array}
- */
-export const parseDependencyScanningIssues = (report = [], feedback = [], path = '') => {
-  const { vulnerabilities, remediations } = adaptDeprecatedReportFormat(report);
-  return vulnerabilities.map(issue => {
-    const parsed = {
-      ...adaptDeprecatedIssueFormat(issue),
-      category: 'dependency_scanning',
-      project_fingerprint: sha1(issue.cve),
-      title: issue.message,
-    };
-
-    const matchingRemediations = findMatchingRemediations(remediations, parsed);
-
-    if (remediations) {
-      parsed.remediations = matchingRemediations;
-    }
-
-    return {
-      ...parsed,
-      path: parsed.location.file,
-      urlPath: fileUrl(parsed.location, path),
-      ...enrichVulnerabilityWithFeedback(parsed, feedback),
-    };
-  });
-};
-
 export const groupedTextBuilder = ({
   reportType = '',
   paths = {},

ee/spec/frontend/vue_shared/security_reports/store/actions_spec.js

@@ -9,12 +9,7 @@ import {
   setCanCreateFeedbackPermission,
   requestSastContainerReports,
   requestDastReports,
-  setDependencyScanningHeadPath,
-  setDependencyScanningBasePath,
   requestDependencyScanningReports,
-  receiveDependencyScanningError,
-  receiveDependencyScanningReports,
-  fetchDependencyScanningReports,
   openModal,
   setModalData,
   requestDismissVulnerability,
@@ -62,9 +57,6 @@ import state from 'ee/vue_shared/security_reports/store/state';
 import testAction from 'helpers/vuex_action_helper';
 import axios from '~/lib/utils/axios_utils';
 import {
-  sastIssues,
-  sastIssuesBase,
-  sastFeedbacks,
   dastFeedbacks,
   containerScanningFeedbacks,
   dependencyScanningFeedbacks,
@@ -272,42 +264,6 @@ describe('security reports actions', () => {
     });
   });
 
-  describe('setDependencyScanningHeadPath', () => {
-    it('should commit set head blob path', done => {
-      testAction(
-        setDependencyScanningHeadPath,
-        'path',
-        mockedState,
-        [
-          {
-            type: types.SET_DEPENDENCY_SCANNING_HEAD_PATH,
-            payload: 'path',
-          },
-        ],
-        [],
-        done,
-      );
-    });
-  });
-
-  describe('setDependencyScanningBasePath', () => {
-    it('should commit set head blob path', done => {
-      testAction(
-        setDependencyScanningBasePath,
-        'path',
-        mockedState,
-        [
-          {
-            type: types.SET_DEPENDENCY_SCANNING_BASE_PATH,
-            payload: 'path',
-          },
-        ],
-        [],
-        done,
-      );
-    });
-  });
-
   describe('requestDependencyScanningReports', () => {
     it('should commit request mutation', done => {
       testAction(
@@ -325,157 +281,6 @@ describe('security reports actions', () => {
     });
   });
 
-  describe('receiveDependencyScanningReports', () => {
-    it('should commit sast receive mutation', done => {
-      testAction(
-        receiveDependencyScanningReports,
-        {},
-        mockedState,
-        [
-          {
-            type: types.RECEIVE_DEPENDENCY_SCANNING_REPORTS,
-            payload: {},
-          },
-        ],
-        [],
-        done,
-      );
-    });
-  });
-
-  describe('receiveDependencyScanningError', () => {
-    it('should commit dependency scanning error mutation', done => {
-      const error = new Error('test');
-
-      testAction(
-        receiveDependencyScanningError,
-        error,
-        mockedState,
-        [
-          {
-            type: types.RECEIVE_DEPENDENCY_SCANNING_ERROR,
-            payload: error,
-          },
-        ],
-        [],
-        done,
-      );
-    });
-  });
-
-  describe('fetchDependencyScanningReports', () => {
-    describe('with head and base', () => {
-      it('should dispatch `receiveDependencyScanningReports`', done => {
-        mock.onGet('foo').reply(200, sastIssues);
-        mock.onGet('bar').reply(200, sastIssuesBase);
-        mock
-          .onGet('vulnerabilities_path', {
-            params: {
-              category: 'dependency_scanning',
-            },
-          })
-          .reply(200, sastFeedbacks);
-
-        mockedState.vulnerabilityFeedbackPath = 'vulnerabilities_path';
-        mockedState.dependencyScanning.paths.head = 'foo';
-        mockedState.dependencyScanning.paths.base = 'bar';
-
-        testAction(
-          fetchDependencyScanningReports,
-          null,
-          mockedState,
-          [],
-          [
-            {
-              type: 'requestDependencyScanningReports',
-            },
-            {
-              type: 'receiveDependencyScanningReports',
-              payload: { head: sastIssues, base: sastIssuesBase, enrichData: sastFeedbacks },
-            },
-          ],
-          done,
-        );
-      });
-
-      it('should dispatch `receiveDependencyScanningError`', done => {
-        mock.onGet('foo').reply(500, {});
-        mockedState.dependencyScanning.paths.head = 'foo';
-        mockedState.dependencyScanning.paths.base = 'bar';
-
-        testAction(
-          fetchDependencyScanningReports,
-          null,
-          mockedState,
-          [],
-          [
-            {
-              type: 'requestDependencyScanningReports',
-            },
-            {
-              type: 'receiveDependencyScanningError',
-            },
-          ],
-          done,
-        );
-      });
-    });
-
-    describe('with head', () => {
-      it('should dispatch `receiveDependencyScanningReports`', done => {
-        mock.onGet('foo').reply(200, sastIssues);
-        mock
-          .onGet('vulnerabilities_path', {
-            params: {
-              category: 'dependency_scanning',
-            },
-          })
-          .reply(200, sastFeedbacks);
-
-        mockedState.vulnerabilityFeedbackPath = 'vulnerabilities_path';
-        mockedState.dependencyScanning.paths.head = 'foo';
-
-        testAction(
-          fetchDependencyScanningReports,
-          null,
-          mockedState,
-          [],
-          [
-            {
-              type: 'requestDependencyScanningReports',
-            },
-            {
-              type: 'receiveDependencyScanningReports',
-              payload: { head: sastIssues, base: null, enrichData: sastFeedbacks },
-            },
-          ],
-          done,
-        );
-      });
-
-      it('should dispatch `receiveDependencyScanningError`', done => {
-        mock.onGet('foo').reply(500, {});
-        mockedState.dependencyScanning.paths.head = 'foo';
-
-        testAction(
-          fetchDependencyScanningReports,
-          null,
-          mockedState,
-          [],
-          [
-            {
-              type: 'requestDependencyScanningReports',
-            },
-            {
-              type: 'receiveDependencyScanningError',
-            },
-          ],
-          done,
-        );
-      });
-    });
-  });
-
   describe('openModal', () => {
     it('dispatches setModalData action', done => {
       testAction(

ee/spec/frontend/vue_shared/security_reports/store/mutations_spec.js

 import state from 'ee/vue_shared/security_reports/store/state';
 import mutations from 'ee/vue_shared/security_reports/store/mutations';
 import * as types from 'ee/vue_shared/security_reports/store/mutation_types';
-import {
-  dependencyScanningIssuesOld,
-  dependencyScanningIssuesBase,
-  parsedDependencyScanningIssuesHead,
-  parsedDependencyScanningBaseStore,
-  parsedDependencyScanningIssuesStore,
-  mockFindings,
-} from '../mock_data';
+import { mockFindings } from '../mock_data';
 import { visitUrl } from '~/lib/utils/url_utility';
 
 jest.mock('~/lib/utils/url_utility', () => ({
@@ -94,22 +87,6 @@ describe('security reports mutations', () => {
     });
   });
 
-  describe('SET_DEPENDENCY_SCANNING_HEAD_PATH', () => {
-    it('should set dependency scanning head path', () => {
-      mutations[types.SET_DEPENDENCY_SCANNING_HEAD_PATH](stateCopy, 'head_path');
-
-      expect(stateCopy.dependencyScanning.paths.head).toEqual('head_path');
-    });
-  });
-
-  describe('SET_DEPENDENCY_SCANNING_BASE_PATH', () => {
-    it('should set dependency scanning base path', () => {
-      mutations[types.SET_DEPENDENCY_SCANNING_BASE_PATH](stateCopy, 'base_path');
-
-      expect(stateCopy.dependencyScanning.paths.base).toEqual('base_path');
-    });
-  });
-
   describe('REQUEST_DEPENDENCY_SCANNING_REPORTS', () => {
     it('should set dependency scanning loading flag to true', () => {
       mutations[types.REQUEST_DEPENDENCY_SCANNING_REPORTS](stateCopy);
@@ -118,46 +95,6 @@ describe('security reports mutations', () => {
     });
   });
 
-  describe('RECEIVE_DEPENDENCY_SCANNING_REPORTS', () => {
-    describe('with head and base', () => {
-      it('should set new, fixed and all issues', () => {
-        mutations[types.SET_BASE_BLOB_PATH](stateCopy, 'path');
-        mutations[types.SET_HEAD_BLOB_PATH](stateCopy, 'path');
-        mutations[types.RECEIVE_DEPENDENCY_SCANNING_REPORTS](stateCopy, {
-          head: dependencyScanningIssuesOld,
-          base: dependencyScanningIssuesBase,
-        });
-
-        expect(stateCopy.dependencyScanning.isLoading).toEqual(false);
-        expect(stateCopy.dependencyScanning.newIssues).toEqual(parsedDependencyScanningIssuesHead);
-        expect(stateCopy.dependencyScanning.resolvedIssues).toEqual(
-          parsedDependencyScanningBaseStore,
-        );
-      });
-    });
-
-    describe('with head', () => {
-      it('should set new issues', () => {
-        mutations[types.SET_HEAD_BLOB_PATH](stateCopy, 'path');
-        mutations[types.RECEIVE_DEPENDENCY_SCANNING_REPORTS](stateCopy, {
-          head: dependencyScanningIssuesOld,
-        });
-
-        expect(stateCopy.dependencyScanning.isLoading).toEqual(false);
-        expect(stateCopy.dependencyScanning.newIssues).toEqual(parsedDependencyScanningIssuesStore);
-      });
-    });
-  });
-
-  describe('RECEIVE_DEPENDENCY_SCANNING_ERROR', () => {
-    it('should set dependency scanning loading flag to false and error flag to true', () => {
-      mutations[types.RECEIVE_DEPENDENCY_SCANNING_ERROR](stateCopy);
-
-      expect(stateCopy.dependencyScanning.isLoading).toEqual(false);
-      expect(stateCopy.dependencyScanning.hasError).toEqual(true);
-    });
-  });
-
   describe('SET_ISSUE_MODAL_DATA', () => {
     it('has default data', () => {
       expect(stateCopy.modal.data.description.value).toEqual(null);
@@ -535,11 +472,11 @@ describe('security reports mutations', () => {
 
   describe('UPDATE_DEPENDENCY_SCANNING_ISSUE', () => {
     it('updates issue in the new issues list', () => {
-      stateCopy.dependencyScanning.newIssues = parsedDependencyScanningIssuesHead;
+      stateCopy.dependencyScanning.newIssues = mockFindings;
       stateCopy.dependencyScanning.resolvedIssues = [];
       stateCopy.dependencyScanning.allIssues = [];
       const updatedIssue = {
-        ...parsedDependencyScanningIssuesHead[0],
+        ...mockFindings[0],
         foo: 'bar',
       };
 
@@ -550,10 +487,10 @@ describe('security reports mutations', () => {
 
     it('updates issue in the resolved issues list', () => {
       stateCopy.dependencyScanning.newIssues = [];
-      stateCopy.dependencyScanning.resolvedIssues = parsedDependencyScanningIssuesHead;
+      stateCopy.dependencyScanning.resolvedIssues = mockFindings;
       stateCopy.dependencyScanning.allIssues = [];
       const updatedIssue = {
-        ...parsedDependencyScanningIssuesHead[0],
+        ...mockFindings[0],
         foo: 'bar',
       };
 
@@ -565,9 +502,9 @@ describe('security reports mutations', () => {
     it('updates issue in the all issues list', () => {
       stateCopy.dependencyScanning.newIssues = [];
       stateCopy.dependencyScanning.resolvedIssues = [];
-      stateCopy.dependencyScanning.allIssues = parsedDependencyScanningIssuesHead;
+      stateCopy.dependencyScanning.allIssues = mockFindings;
       const updatedIssue = {
-        ...parsedDependencyScanningIssuesHead[0],
+        ...mockFindings[0],
         foo: 'bar',
       };
 

ee/spec/frontend/vue_shared/security_reports/store/utils_spec.js

-import sha1 from 'sha1';
 import {
   findIssueIndex,
-  findMatchingRemediations,
-  parseDependencyScanningIssues,
   groupedTextBuilder,
   statusIcon,
   countIssues,
@@ -10,12 +7,6 @@ import {
 } from 'ee/vue_shared/security_reports/store/utils';
 import filterByKey from 'ee/vue_shared/security_reports/store/utils/filter_by_key';
 import getFileLocation from 'ee/vue_shared/security_reports/store/utils/get_file_location';
-import {
-  dependencyScanningIssuesOld,
-  dependencyScanningIssues,
-  dependencyScanningIssuesMajor2,
-  dependencyScanningFeedbacks,
-} from '../mock_data';
 
 describe('security reports utils', () => {
   describe('findIssueIndex', () => {
@@ -46,114 +37,6 @@ describe('security reports utils', () => {
     });
   });
 
-  describe('findMatchingRemediations', () => {
-    const remediation1 = {
-      fixes: [
-        {
-          cve: '123',
-        },
-        {
-          foobar: 'baz',
-        },
-      ],
-      summary: 'Update to x.y.z',
-    };
-
-    const remediation2 = { ...remediation1, summary: 'Remediation2' };
-
-    const impossibleRemediation = {
-      fixes: [],
-      summary: 'Impossible',
-    };
-
-    const remediations = [impossibleRemediation, remediation1, remediation2];
-
-    it('returns null for empty vulnerability', () => {
-      expect(findMatchingRemediations(remediations, {})).toHaveLength(0);
-      expect(findMatchingRemediations(remediations, null)).toHaveLength(0);
-      expect(findMatchingRemediations(remediations, undefined)).toHaveLength(0);
-    });
-
-    it('returns empty arrays for empty remediations', () => {
-      expect(findMatchingRemediations([], { cve: '123' })).toHaveLength(0);
-      expect(findMatchingRemediations(null, { cve: '123' })).toHaveLength(0);
-      expect(findMatchingRemediations(undefined, { cve: '123' })).toHaveLength(0);
-    });
-
-    it('returns an empty array for vulnerabilities without a remediation', () => {
-      expect(findMatchingRemediations(remediations, { cve: 'NOT_FOUND' })).toHaveLength(0);
-    });
-
-    it('returns all matching remediations for a vulnerability', () => {
-      expect(findMatchingRemediations(remediations, { cve: '123' })).toEqual([
-        remediation1,
-        remediation2,
-      ]);
-
-      expect(findMatchingRemediations(remediations, { foobar: 'baz' })).toEqual([
-        remediation1,
-        remediation2,
-      ]);
-    });
-  });
-
-  describe('parseDependencyScanningIssues', () => {
-    it('should parse the received issues', () => {
-      const parsed = parseDependencyScanningIssues(dependencyScanningIssuesOld, [], 'path')[0];
-
-      expect(parsed.title).toEqual(dependencyScanningIssuesOld[0].message);
-      expect(parsed.path).toEqual(dependencyScanningIssuesOld[0].file);
-      expect(parsed.location.start_line).toEqual(parseInt(dependencyScanningIssuesOld[0].line, 10));
-      expect(parsed.location.end_line).toBeUndefined();
-      expect(parsed.urlPath).toEqual('path/Gemfile.lock#L5');
-      expect(parsed.project_fingerprint).toEqual(sha1(dependencyScanningIssuesOld[0].cve));
-    });
-
-    it('should parse the received issues with new JSON format', () => {
-      const raw = dependencyScanningIssues[0];
-      const parsed = parseDependencyScanningIssues(dependencyScanningIssues, [], 'path')[0];
-
-      expect(parsed.title).toEqual(raw.message);
-      expect(parsed.path).toEqual(raw.location.file);
-      expect(parsed.location.start_line).toBeUndefined();
-      expect(parsed.location.end_line).toBeUndefined();
-      expect(parsed.urlPath).toEqual(`path/${raw.location.file}`);
-      expect(parsed.project_fingerprint).toEqual(sha1(raw.cve));
-    });
-
-    it('should parse the received issues with new JSON format (2.0)', () => {
-      const raw = dependencyScanningIssues[0];
-      const parsed = parseDependencyScanningIssues(dependencyScanningIssuesMajor2, [], 'path')[0];
-
-      expect(parsed.title).toEqual(raw.message);
-      expect(parsed.path).toEqual(raw.location.file);
-      expect(parsed.location.start_line).toBeUndefined();
-      expect(parsed.location.end_line).toBeUndefined();
-      expect(parsed.urlPath).toEqual(`path/${raw.location.file}`);
-      expect(parsed.project_fingerprint).toEqual(sha1(raw.cve));
-      expect(parsed.remediations).toEqual([dependencyScanningIssuesMajor2.remediations[0]]);
-    });
-
-    it('generate correct path to file when there is no line', () => {
-      const parsed = parseDependencyScanningIssues(dependencyScanningIssuesOld, [], 'path')[1];
-
-      expect(parsed.urlPath).toEqual('path/Gemfile.lock');
-    });
-
-    it('includes vulnerability feedbacks', () => {
-      const parsed = parseDependencyScanningIssues(
-        dependencyScanningIssuesOld,
-        dependencyScanningFeedbacks,
-        'path',
-      )[0];
-
-      expect(parsed.hasIssue).toEqual(true);
-      expect(parsed.isDismissed).toEqual(true);
-      expect(parsed.dismissalFeedback).toEqual(dependencyScanningFeedbacks[0]);
-      expect(parsed.issue_feedback).toEqual(dependencyScanningFeedbacks[1]);
-    });
-  });
-
   describe('filterByKey', () => {
     it('filters the array with the provided key', () => {
       const array1 = [{ id: '1234' }, { id: 'abg543' }, { id: '214swfA' }];

package.json

@@ -111,7 +111,6 @@
     "raw-loader": "^3.1.0",
     "sanitize-html": "^1.20.0",
     "select2": "3.5.2-browserify",
-    "sha1": "^1.1.1",
     "smooshpack": "^0.0.54",
     "sortablejs": "^1.10.0",
     "sql.js": "^0.4.0",

yarn.lock

@@ -2501,7 +2501,7 @@ chardet@^0.5.0:
   resolved "https://registry.yarnpkg.com/chardet/-/chardet-0.5.0.tgz#fe3ac73c00c3d865ffcc02a0682e2c20b6a06029"
   integrity sha512-9ZTaoBaePSCFvNlNGrsyI8ZVACP2svUtq0DkM7t4K2ClAa96sqOIRjAzDTc8zXzFt1cZR46rRzLTiHFSJ+Qw0g==
 
-"charenc@>= 0.0.1", charenc@~0.0.1:
+charenc@~0.0.1:
   version "0.0.2"
   resolved "https://registry.yarnpkg.com/charenc/-/charenc-0.0.2.tgz#c0a1d2f3a7092e03774bfa83f14c0fc5790a8667"
   integrity sha1-wKHS86cJLgN3S/qD8UwPxXkKhmc=
@@ -3114,7 +3114,7 @@ cross-spawn@^5.0.1:
     shebang-command "^1.2.0"
     which "^1.2.9"
 
-"crypt@>= 0.0.1", crypt@~0.0.1:
+crypt@~0.0.1:
   version "0.0.2"
   resolved "https://registry.yarnpkg.com/crypt/-/crypt-0.0.2.tgz#88d7ff7ec0dfb86f713dc87bbb42d044d3e6c41b"
   integrity sha1-iNf/fsDfuG9xPch7u0LQRNPmxBs=
@@ -10136,14 +10136,6 @@ sha.js@^2.4.0, sha.js@^2.4.8:
     inherits "^2.0.1"
     safe-buffer "^5.0.1"
 
-sha1@^1.1.1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/sha1/-/sha1-1.1.1.tgz#addaa7a93168f393f19eb2b15091618e2700f848"
-  integrity sha1-rdqnqTFo85PxnrKxUJFhjicA+Eg=
-  dependencies:
-    charenc ">= 0.0.1"
-    crypt ">= 0.0.1"
-
 shallow-clone@^3.0.0:
   version "3.0.1"
   resolved "https://registry.yarnpkg.com/shallow-clone/-/shallow-clone-3.0.1.tgz#8f2981ad92531f55035b01fb230769a40e02efa3"