Skip to content

Update OSS Index datasource for Sonatype Guide#2312

Open
GHX5T-SOL wants to merge 1 commit into
aboutcode-org:mainfrom
GHX5T-SOL:fix/2311-sonatype-guide-migration
Open

Update OSS Index datasource for Sonatype Guide#2312
GHX5T-SOL wants to merge 1 commit into
aboutcode-org:mainfrom
GHX5T-SOL:fix/2311-sonatype-guide-migration

Conversation

@GHX5T-SOL
Copy link
Copy Markdown

@GHX5T-SOL GHX5T-SOL commented May 25, 2026

Closes #2311.

Summary:

  • Point the OSS Index datasource at Sonatype Guide compatibility API endpoints.
  • Keep the existing OSS Index-compatible request/response parsing behavior.
  • Add focused no-network tests for unauthenticated and authenticated endpoint selection.

Validation:

  • .venv/bin/python -m pytest vulntotal/tests/test_oss_index.py -q (3 passed; local Python 3.14 required pytest 9.0.3 because repo-pinned pytest 7.1.1 errors before collection on Python 3.14)
  • .venv/bin/python -m black --check vulntotal/datasources/oss_index.py vulntotal/tests/test_oss_index.py
  • .venv/bin/python -m isort --check-only vulntotal/datasources/oss_index.py vulntotal/tests/test_oss_index.py
  • git diff --check
  • git diff --cached --check
  • git diff --no-ext-diff | gitleaks stdin --no-banner --redact --exit-code 1
  • git diff --cached --no-ext-diff | gitleaks stdin --no-banner --redact --exit-code 1

Limitations:

  • Full make test was not run locally; this was validated with a minimal focused virtualenv on Python 3.14.

@GHX5T-SOL GHX5T-SOL force-pushed the fix/2311-sonatype-guide-migration branch from 9a13cb3 to 0d56b21 Compare May 25, 2026 18:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Replace OSSindex with new Sonatype Guide

1 participant

@GHX5T-SOL