Rename pipeline CheckVulnerabilities to FindVulnerabilities #101

Signed-off-by: Thomas Druez <[email protected]>

Author: tdruez

CHANGELOG.rst

@@ -4,12 +4,7 @@ Changelog
 v31.1.0 (unreleased)
 --------------------
 
-- Add a new "inspect manifest" pipeline to resolve packages from manifest, lockfile,
-  and SBOM. The resolved packages are created as discovered packages.
-  Support PyPI "requirements.txt" files and AboutCode ".ABOUT" files
-  https://github.com/nexB/scancode.io/issues/284
-
-- Add a new "check vulnerabilities" pipeline to lookup vulnerabilities in the
+- Add a new "find vulnerabilities" pipeline to lookup vulnerabilities in the
   VulnerableCode database for all project discovered packages.
   Vulnerability data is stored in the extra_data field of each package.
   More details about VulnerableCode at https://github.com/nexB/vulnerablecode/

docs/built-in-pipelines.rst

@@ -15,14 +15,6 @@ Pipeline Base Class
     :members:
     :member-order: bysource
 
-.. _pipeline_check_vulnerabilities:
-
-Check Vulnerabilities
----------------------
-.. autoclass:: scanpipe.pipelines.check_vulnerabilities.CheckVulnerabilities()
-    :members:
-    :member-order: bysource
-
 .. _pipeline_docker:
 
 Docker Image Analysis
@@ -39,6 +31,14 @@ Docker Windows Image Analysis
     :members:
     :member-order: bysource
 
+.. _pipeline_find_vulnerabilities:
+
+Find Vulnerabilities
+--------------------
+.. autoclass:: scanpipe.pipelines.find_vulnerabilities.FindVulnerabilities()
+    :members:
+    :member-order: bysource
+
 .. _pipeline_inspect_manifest:
 
 Inspect Manifest

scanpipe/pipelines/check_vulnerabilities.py renamed to scanpipe/pipelines/find_vulnerabilities.py

@@ -24,9 +24,9 @@
 from scanpipe.pipes import vulnerablecode
 
 
-class CheckVulnerabilities(Pipeline):
+class FindVulnerabilities(Pipeline):
     """
-    A pipeline to check for discovered packages vulnerabilities in the VulnerableCode
+    A pipeline to find vulnerabilities for discovered packages in the VulnerableCode
     database.
 
     Vulnerability data is stored in the extra_data field of each package.

scanpipe/tests/test_pipelines.py

@@ -586,10 +586,10 @@ def test_scanpipe_load_inventory_pipeline_integration_test(self):
     @mock.patch("scanpipe.pipes.vulnerablecode.is_available")
     @mock.patch("scanpipe.pipes.vulnerablecode.is_configured")
     @mock.patch("scanpipe.pipes.vulnerablecode.get_vulnerabilities_by_purl")
-    def test_scanpipe_check_vulnerabilities_pipeline_integration_test(
+    def test_scanpipe_find_vulnerabilities_pipeline_integration_test(
         self, mock_get_vulnerabilities, mock_is_configured, mock_is_available
     ):
-        pipeline_name = "check_vulnerabilities"
+        pipeline_name = "find_vulnerabilities"
         project1 = Project.objects.create(name="Analysis")
         package1 = DiscoveredPackage.create_from_data(project1, package_data1)
 

setup.cfg

@@ -107,7 +107,7 @@ console_scripts =
     scanpipe = scancodeio:command_line
 
 scancodeio_pipelines =
-    check_vulnerabilities = scanpipe.pipelines.check_vulnerabilities:CheckVulnerabilities
+    find_vulnerabilities = scanpipe.pipelines.find_vulnerabilities:FindVulnerabilities
     docker = scanpipe.pipelines.docker:Docker
     docker_windows = scanpipe.pipelines.docker_windows:DockerWindows
     inspect_manifest = scanpipe.pipelines.inspect_manifest:InspectManifest