Strip rightmost / in settings.py, from URL envvars #1672

    * Update tab_vulnerabilities.html to add a slash after VULNERABLECODE_URL to properly create the link

Signed-off-by: Jono Yang <jyang@nexb.com>

Author: JonoYang

scancodeio/settings.py

@@ -425,28 +425,30 @@
 
 # VulnerableCode integration
 
-VULNERABLECODE_URL = env.str("VULNERABLECODE_URL", default="")
+VULNERABLECODE_URL = env.str("VULNERABLECODE_URL", default="").rstrip("/")
 VULNERABLECODE_USER = env.str("VULNERABLECODE_USER", default="")
 VULNERABLECODE_PASSWORD = env.str("VULNERABLECODE_PASSWORD", default="")
 VULNERABLECODE_API_KEY = env.str("VULNERABLECODE_API_KEY", default="")
 
 # PurlDB integration
 
-PURLDB_URL = env.str("PURLDB_URL", default="")
+PURLDB_URL = env.str("PURLDB_URL", default="").rstrip("/")
 PURLDB_USER = env.str("PURLDB_USER", default="")
 PURLDB_PASSWORD = env.str("PURLDB_PASSWORD", default="")
 PURLDB_API_KEY = env.str("PURLDB_API_KEY", default="")
 
 # MatchCode.io integration
 
-MATCHCODEIO_URL = env.str("MATCHCODEIO_URL", default="")
+MATCHCODEIO_URL = env.str("MATCHCODEIO_URL", default="").rstrip("/")
 MATCHCODEIO_USER = env.str("MATCHCODEIO_USER", default="")
 MATCHCODEIO_PASSWORD = env.str("MATCHCODEIO_PASSWORD", default="")
 MATCHCODEIO_API_KEY = env.str("MATCHCODEIO_API_KEY", default="")
 
 # FederatedCode integration
 
-FEDERATEDCODE_GIT_ACCOUNT_URL = env.str("FEDERATEDCODE_GIT_ACCOUNT_URL", default="")
+FEDERATEDCODE_GIT_ACCOUNT_URL = env.str(
+    "FEDERATEDCODE_GIT_ACCOUNT_URL", default=""
+).rstrip("/")
 FEDERATEDCODE_GIT_SERVICE_TOKEN = env.str("FEDERATEDCODE_GIT_SERVICE_TOKEN", default="")
 FEDERATEDCODE_GIT_SERVICE_NAME = env.str("FEDERATEDCODE_GIT_SERVICE_NAME", default="")
 FEDERATEDCODE_GIT_SERVICE_EMAIL = env.str("FEDERATEDCODE_GIT_SERVICE_EMAIL", default="")

scanpipe/pipes/federatedcode.py

@@ -74,7 +74,7 @@ def get_package_repository(project_purl, logger=None):
     """Return the Git repository URL and scan path for a given package."""
     project_package_url = PackageURL.from_string(project_purl)
 
-    git_account_url = f"{settings.FEDERATEDCODE_GIT_ACCOUNT_URL.rstrip('/')}/"
+    git_account_url = f"{settings.FEDERATEDCODE_GIT_ACCOUNT_URL}/"
     package_base_dir = hashid.get_package_base_dir(purl=project_purl)
     package_repo_name = package_base_dir.parts[0]
 

scanpipe/pipes/matchcode.py

@@ -52,7 +52,7 @@ class MatchCodeIOException(Exception):
 MATCHCODEIO_API_URL = None
 MATCHCODEIO_URL = settings.MATCHCODEIO_URL
 if MATCHCODEIO_URL:
-    MATCHCODEIO_API_URL = f"{MATCHCODEIO_URL.rstrip('/')}/api/"
+    MATCHCODEIO_API_URL = f"{MATCHCODEIO_URL}/api/"
 
 # Basic Authentication
 MATCHCODEIO_USER = settings.MATCHCODEIO_USER

scanpipe/pipes/purldb.py

@@ -50,7 +50,7 @@ class PurlDBException(Exception):
 PURLDB_API_URL = None
 PURLDB_URL = settings.PURLDB_URL
 if PURLDB_URL:
-    PURLDB_API_URL = f"{PURLDB_URL.rstrip('/')}/api/"
+    PURLDB_API_URL = f"{PURLDB_URL}/api/"
 
 # Basic Authentication
 PURLDB_USER = settings.PURLDB_USER

scanpipe/pipes/vulnerablecode.py

@@ -35,7 +35,7 @@
 VULNERABLECODE_API_URL = None
 VULNERABLECODE_URL = settings.VULNERABLECODE_URL
 if VULNERABLECODE_URL:
-    VULNERABLECODE_API_URL = f"{VULNERABLECODE_URL.rstrip('/')}/api/"
+    VULNERABLECODE_API_URL = f"{VULNERABLECODE_URL}/api/"
 
 # Basic Authentication
 VULNERABLECODE_USER = settings.VULNERABLECODE_USER

scanpipe/templates/scanpipe/tabset/tab_vulnerabilities.html

@@ -11,7 +11,7 @@
       {% for vulnerability in tab_data.fields.affected_by_vulnerabilities.value %}
         <tr>
           <td>
-            <a href="{{ VULNERABLECODE_URL }}vulnerabilities/{{ vulnerability.vulnerability_id }}" target="_blank">
+            <a href="{{ VULNERABLECODE_URL }}/vulnerabilities/{{ vulnerability.vulnerability_id }}" target="_blank">
               {{ vulnerability.vulnerability_id }}
               <i class="fa-solid fa-up-right-from-square is-small"></i>
             </a>