l3montree-dev
diff --git a/‎accesscontrol/members.go‎
Lines changed: 0 additions & 68 deletions b/‎accesscontrol/members.go‎
Lines changed: 0 additions & 68 deletions
diff --git a/‎cmd/devguard-scanner/commands/clean.go‎
Lines changed: 0 additions & 5 deletions b/‎cmd/devguard-scanner/commands/clean.go‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎cmd/devguard-scanner/commands/clean_test.go‎
Lines changed: 5 additions & 4 deletions b/‎cmd/devguard-scanner/commands/clean_test.go‎
Lines changed: 5 additions & 4 deletions
diff --git a/‎cmd/devguard-scanner/commands/intoto/intoto_record.go‎
Lines changed: 0 additions & 27 deletions b/‎cmd/devguard-scanner/commands/intoto/intoto_record.go‎
Lines changed: 0 additions & 27 deletions
diff --git a/‎cmd/devguard-scanner/commands/intoto/intoto_record_test.go‎
Lines changed: 0 additions & 31 deletions b/‎cmd/devguard-scanner/commands/intoto/intoto_record_test.go‎
Lines changed: 0 additions & 31 deletions
diff --git a/‎controllers/asset_controller.go‎
Lines changed: 1 addition & 1 deletion b/‎controllers/asset_controller.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎controllers/dependencyfirewall/oci.go‎
Lines changed: 1 addition & 0 deletions b/‎controllers/dependencyfirewall/oci.go‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎controllers/helpers.go‎
Lines changed: 1 addition & 1 deletion b/‎controllers/helpers.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎database/models/comment_model.go‎
Lines changed: 0 additions & 4 deletions b/‎database/models/comment_model.go‎
Lines changed: 0 additions & 4 deletions
diff --git a/‎database/models/component_model.go‎
Lines changed: 0 additions & 13 deletions b/‎database/models/component_model.go‎
Lines changed: 0 additions & 13 deletions
@@ -15,71 +15,3 @@
 
 package accesscontrol
 
-import (
-	"maps"
-
-	"github.com/l3montree-dev/devguard/dtos"
-	"github.com/l3montree-dev/devguard/shared"
-	"github.com/l3montree-dev/devguard/utils"
-	"github.com/ory/client-go"
-)
-
-// FetchMembersOfOrganization retrieves all members of an organization including their roles
-// from both the RBAC system and third-party integrations
-func FetchMembersOfOrganization(ctx shared.Context) ([]dtos.UserDTO, error) {
-	// get all members from the organization
-	organization := shared.GetOrg(ctx)
-	accessControl := shared.GetRBAC(ctx)
-
-	members, err := accessControl.GetAllMembersOfOrganization()
-
-	if err != nil {
-		return nil, err
-	}
-
-	users := make([]dtos.UserDTO, 0, len(members))
-	if len(members) > 0 {
-		// get the auth admin client from the context
-		authAdminClient := shared.GetAuthAdminClient(ctx)
-		// fetch the users from the auth service
-		m, err := authAdminClient.ListUser(client.IdentityAPIListIdentitiesRequest{}.Ids(members))
-		if err != nil {
-			return nil, err
-		}
-
-		// get the roles for the members
-		errGroup := utils.ErrGroup[map[string]shared.Role](10)
-		for _, member := range m {
-			errGroup.Go(func() (map[string]shared.Role, error) {
-				role, err := accessControl.GetDomainRole(member.Id)
-				if err != nil {
-					return map[string]shared.Role{member.Id: shared.RoleUnknown}, nil
-				}
-				return map[string]shared.Role{member.Id: role}, nil
-			})
-		}
-
-		roles, err := errGroup.WaitAndCollect()
-		if err != nil {
-			return nil, err
-		}
-
-		roleMap := utils.Reduce(roles, func(acc map[string]shared.Role, r map[string]shared.Role) map[string]shared.Role {
-			maps.Copy(acc, r)
-			return acc
-		}, make(map[string]shared.Role))
-
-		for _, member := range m {
-			users = append(users, dtos.UserDTO{
-				ID:   member.Id,
-				Name: shared.IdentityName(member.Traits),
-				Role: string(roleMap[member.Id]),
-			})
-		}
-	}
-
-	// fetch all members from third party integrations
-	thirdPartyIntegrations := shared.GetThirdPartyIntegration(ctx)
-	users = append(users, thirdPartyIntegrations.GetUsers(organization)...)
-	return users, nil
-}
@@ -1,7 +1,6 @@
 package commands
 
 import (
-	"context"
 	"log/slog"
 
 	"github.com/google/go-containerregistry/pkg/authn"
@@ -12,10 +11,6 @@ import (
 	"github.com/spf13/cobra"
 )
 
-func cleanImage(ctx context.Context, regOpts cosignoptions.RegistryOptions, cleanType cosignoptions.CleanType, imageRef string) error {
-	return cosignclean.CleanCmd(ctx, regOpts, cleanType, imageRef, true)
-}
-
 // NewCleanCommand returns a command that removes attestations/signatures from an OCI image.
 func NewCleanCommand() *cobra.Command {
 	cmd := &cobra.Command{
 
@@ -25,6 +25,7 @@ import (
 	"github.com/google/go-containerregistry/pkg/registry"
 	"github.com/google/go-containerregistry/pkg/v1/random"
 	"github.com/google/go-containerregistry/pkg/v1/remote"
+	cosignclean "github.com/sigstore/cosign/v2/cmd/cosign/cli"
 	cosignoptions "github.com/sigstore/cosign/v2/cmd/cosign/cli/options"
 	ociremote "github.com/sigstore/cosign/v2/pkg/oci/remote"
 )
@@ -100,7 +101,7 @@ func TestCleanImageCleanTypeAllRemovesAllTags(t *testing.T) {
 		t.Fatal("signature tag should exist before clean")
 	}
 
-	if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef); err != nil {
+	if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef, true); err != nil {
 		t.Fatalf("cleanImage: %v", err)
 	}
 
@@ -130,7 +131,7 @@ func TestCleanImageCleanTypeAttestationLeavesSignatureTag(t *testing.T) {
 	pushDummyImage(t, attTag, remoteOpts)
 	pushDummyImage(t, sigTag, remoteOpts)
 
-	if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeAttestation, imageRef); err != nil {
+	if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeAttestation, imageRef, true); err != nil {
 		t.Fatalf("cleanImage: %v", err)
 	}
 
@@ -160,7 +161,7 @@ func TestCleanImageCleanTypeSignatureLeavesAttestationTag(t *testing.T) {
 	pushDummyImage(t, attTag, remoteOpts)
 	pushDummyImage(t, sigTag, remoteOpts)
 
-	if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeSignature, imageRef); err != nil {
+	if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeSignature, imageRef, true); err != nil {
 		t.Fatalf("cleanImage: %v", err)
 	}
 
@@ -179,7 +180,7 @@ func TestCleanImageNoTagsDoesNotError(t *testing.T) {
 	pushBaseImage(t, imageRef, remoteOpts)
 
 	// no attestation/signature tags present — clean should still succeed
-	if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef); err != nil {
+	if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef, true); err != nil {
 		t.Fatalf("cleanImage on image with no sig/att tags failed: %v", err)
 	}
 }
@@ -20,41 +20,14 @@ import (
 	"fmt"
 	"log/slog"
 	"os"
-	"strings"
 
 	toto "github.com/in-toto/in-toto-golang/in_toto"
 	"github.com/l3montree-dev/devguard/cmd/devguard-scanner/config"
 	"github.com/l3montree-dev/devguard/cmd/devguard-scanner/scanner"
-	"github.com/l3montree-dev/devguard/utils"
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
 )
 
-func parseGitIgnore(path string) ([]string, error) {
-	// read .gitignore if exists
-	content, err := os.ReadFile(path)
-	if err == nil {
-		ignorePaths := strings.Split(string(content), "\n")
-
-		// make sure to remove new lines and empty strings
-		ignorePaths = utils.Filter(
-			utils.Map(utils.Map(ignorePaths, strings.TrimSpace), func(e string) string {
-				// nextjs products a gitignore which contains /node_modules but we need to ignore /node_modules/
-				if e == "/node_modules" {
-					return e + "/"
-				}
-				return e
-			}),
-			func(e string) bool {
-				return e != "" && e != "\n" && !strings.HasPrefix(strings.TrimSpace(e), "#")
-			})
-
-		return ignorePaths, nil
-	}
-
-	return nil, err
-}
-
 func stopInTotoRecording(cmd *cobra.Command, args []string) error {
 	if config.RuntimeInTotoConfig.Disabled {
 		return nil
 
@@ -1,32 +1 @@
 package intotocmd
-
-import (
-	"os"
-	"path"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func TestParseGitIgnore(t *testing.T) {
-	t.Run("parseGitIgnore with empty strings", func(t *testing.T) {
-		// create temp dir for testing
-		dir, err := os.MkdirTemp("", "test")
-		assert.NoError(t, err, "failed to create temporary directory")
-
-		defer os.RemoveAll(dir)
-
-		// Create a temporary .gitignore file for testing
-		gitignoreContent := "\n.DS_Store\n\t\t\t\n"
-
-		filepath := path.Join(dir, ".gitignore")
-
-		err = os.WriteFile(filepath, []byte(gitignoreContent), 0600)
-		assert.NoError(t, err, "failed to create temporary .gitignore file")
-
-		ignorePaths, err := parseGitIgnore(filepath)
-		assert.NoError(t, err, "expected no error when reading .gitignore")
-		assert.Equal(t, []string{".DS_Store"}, ignorePaths, "unexpected ignore paths")
-
-	})
-}
@@ -476,7 +476,7 @@ func (a *AssetController) GetBadges(ctx shared.Context) error {
 	}
 	var artifactName *string
 	artifact, err := shared.MaybeGetArtifact(ctx)
-	if err == nil {
+	if err == nil && artifact != nil {
 		artifactName = &artifact.ArtifactName
 	}
 
 
@@ -25,6 +25,7 @@ import (
 	"net/http"
 	"net/url"
 	"os"
+	
 	"regexp"
 	"strings"
 	"time"
 
@@ -28,7 +28,7 @@ func ctxToBOMMetadata(ctx shared.Context) normalize.BOMMetadata {
 	assetVersion := shared.GetAssetVersion(ctx)
 	artifactName := ""
 	artifact, err := shared.MaybeGetArtifact(ctx)
-	if err != nil {
+	if err != nil || artifact == nil {
 		org := shared.GetOrg(ctx)
 		project := shared.GetProject(ctx)
 
 
@@ -10,7 +10,3 @@ type Comment struct {
 	UserID           uuid.UUID `json:"userId"`
 	Comment          string    `json:"comment"`
 }
-
-func (m Comment) TableName() string {
-	return "comments"
-}
@@ -246,19 +246,6 @@ func (c ComponentDependency) GetDependentID() *string {
 	return c.ComponentID
 }
 
-func BuildDepMap(deps []ComponentDependency) map[string][]string {
-	depMap := make(map[string][]string)
-	for _, dep := range deps {
-		if _, ok := depMap[utils.SafeDereference(dep.ComponentID)]; !ok {
-			depMap[utils.SafeDereference(dep.ComponentID)] = []string{}
-		}
-		depMap[utils.SafeDereference(dep.ComponentID)] = append(depMap[utils.SafeDereference(dep.ComponentID)], dep.DependencyID)
-	}
-	return depMap
-}
-
-const NoVersion = "0.0.0"
-
 func (c Component) TableName() string {
 	return "components"
 }
Original file line number	Diff line number	Diff line change
`@@ -25,6 +25,7 @@ import (`
`25`	`25`	`"github.com/google/go-containerregistry/pkg/registry"`
`26`	`26`	`"github.com/google/go-containerregistry/pkg/v1/random"`
`27`	`27`	`"github.com/google/go-containerregistry/pkg/v1/remote"`
	`28`	`+ cosignclean "github.com/sigstore/cosign/v2/cmd/cosign/cli"`
`28`	`29`	`cosignoptions "github.com/sigstore/cosign/v2/cmd/cosign/cli/options"`
`29`	`30`	`ociremote "github.com/sigstore/cosign/v2/pkg/oci/remote"`
`30`	`31`	`)`
`@@ -100,7 +101,7 @@ func TestCleanImageCleanTypeAllRemovesAllTags(t *testing.T) {`
`100`	`101`	`t.Fatal("signature tag should exist before clean")`
`101`	`102`	`}`
`102`	`103`
`103`		`- if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef); err != nil {`
	`104`	`+ if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef, true); err != nil {`
`104`	`105`	`t.Fatalf("cleanImage: %v", err)`
`105`	`106`	`}`
`106`	`107`
`@@ -130,7 +131,7 @@ func TestCleanImageCleanTypeAttestationLeavesSignatureTag(t *testing.T) {`
`130`	`131`	`pushDummyImage(t, attTag, remoteOpts)`
`131`	`132`	`pushDummyImage(t, sigTag, remoteOpts)`
`132`	`133`
`133`		`- if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeAttestation, imageRef); err != nil {`
	`134`	`+ if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeAttestation, imageRef, true); err != nil {`
`134`	`135`	`t.Fatalf("cleanImage: %v", err)`
`135`	`136`	`}`
`136`	`137`
`@@ -160,7 +161,7 @@ func TestCleanImageCleanTypeSignatureLeavesAttestationTag(t *testing.T) {`
`160`	`161`	`pushDummyImage(t, attTag, remoteOpts)`
`161`	`162`	`pushDummyImage(t, sigTag, remoteOpts)`
`162`	`163`
`163`		`- if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeSignature, imageRef); err != nil {`
	`164`	`+ if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeSignature, imageRef, true); err != nil {`
`164`	`165`	`t.Fatalf("cleanImage: %v", err)`
`165`	`166`	`}`
`166`	`167`
`@@ -179,7 +180,7 @@ func TestCleanImageNoTagsDoesNotError(t *testing.T) {`
`179`	`180`	`pushBaseImage(t, imageRef, remoteOpts)`
`180`	`181`
`181`	`182`	`// no attestation/signature tags present — clean should still succeed`
`182`		`- if err := cleanImage(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef); err != nil {`
	`183`	`+ if err := cosignclean.CleanCmd(context.Background(), regOpts, cosignoptions.CleanTypeAll, imageRef, true); err != nil {`
`183`	`184`	`t.Fatalf("cleanImage on image with no sig/att tags failed: %v", err)`
`184`	`185`	`}`
`185`	`186`	`}`
Original file line number	Diff line number	Diff line change
`@@ -476,7 +476,7 @@ func (a *AssetController) GetBadges(ctx shared.Context) error {`
`476`	`476`	`}`
`477`	`477`	`var artifactName *string`
`478`	`478`	`artifact, err := shared.MaybeGetArtifact(ctx)`
`479`		`- if err == nil {`
	`479`	`+ if err == nil && artifact != nil {`
`480`	`480`	`artifactName = &artifact.ArtifactName`
`481`	`481`	`}`
`482`	`482`
Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,3 @@ type Comment struct {`
`10`	`10`	UserID uuid.UUID `json:"userId"`
`11`	`11`	Comment string `json:"comment"`
`12`	`12`	`}`
`13`		`-`
`14`		`-func (m Comment) TableName() string {`
`15`		`- return "comments"`
`16`		`-}`