refactor: JUnit Jupiter migration from JUnit 4.x

[aamotharald]

Use this link to re-run the recipe: https://app.moderne.io/recipes/org.openrewrite.java.testing.junit5.JUnit4to5Migration?organizationId=U0FQ

[aamotharald]

Hi @artem-smotrakov ,
I am working on porting your OS project from JUnit4 to JUnit5.

There are 3 things I would like to discuss with you:

1. setting the locale en_US for formatting functionality
2. How can I automatically fix the checkstyle violations with regards to code formatting? Do you have a fpormatting tool / plugin?
3. I see a Unit test failing that passed on the JUnit4 framwrok. the Failing test is ScoreVerificationTest.testVerification . I would appreciate some consulting.

Have a great one and happy FOSSTARS rating!

[artem-smotrakov]

Hey @aamotharald !

I am working on porting your OS project from JUnit4 to JUnit5.

I have not been really involved into this project for a long time, maybe @Sachpat or @sourabhsparkala can help better.

In general, I'd say do whatever it needs to move it to JUnit 5 :)

setting the locale en_US for formatting functionality

I think this should be fine, I don't see any issue here.

How can I automatically fix the checkstyle violations with regards to code formatting? Do you have a fpormatting tool / plugin?

It depends on your IDE. The project uses Google Java Style Guide

https://github.com/SAP/fosstars-rating-core/blob/master/CONTRIBUTING.md#code-formatting

Depending on IDE you use, I'd guess there should be plugins that supports that.

I see a Unit test failing that passed on the JUnit4 framwrok. the Failing test is ScoreVerificationTest.testVerification . I would appreciate some consulting.

What is the error?

[aamotharald]

HI @artem-smotrakov ,

the test failure is:

Verify SecurityReviewScore with 4 test vectors
[+] Test vector #2 failed
[+]     reason: Expected a score in the interval [9.5, 10.0] but 5.0 returned
[+]     alias:  fresh_review
[+] Test vector #3 failed
[+]     reason: Expected a score in the interval [2.0, 5.0] but 1.6666666666666667 returned
[+]     alias:  old_review

and

Verify VulnerabilityDiscoveryAndSecurityTestingScore with 8 test vectors
[+] Test vector #4 failed
[+]     reason: Expected a score in the interval [0.0, 1.0] but 2.0 returned
[+]     alias:  bad testing and recent vulnerabilities
[+] Test vector #6 failed
[+]     reason: Expected a score in the interval [7.0, 9.0] but 10.0 returned
[+]     alias:  good testing and recent vulnerabilities

As no logic got changed this is quite cumbersome to me.
I just changed the testing framework and then suddenly scenarios start to fail.
I am trying to understand the yamls and what's tested there.

[aamotharald]

I can also see 2 failing integration tests which I have to investigate.

[aamotharald]

Found the problem.

PR is ready to merge - well but in 1 year tests will fail again as then date distances for the scores have changed.

[aamotharald]

If the CLI tests fail, the reason will be a timeout from the NVD database api.

Who can add a secret for this pipeline?

Besides that the tool is now "Modernized" ..

[aamotharald]

OK, I will now pimp the 3 Dockerfiles in this project and simplify them.
just showing the green integration tests as they might be flaky without an NVD database access token..

[skateball]

nice, is replacing my PR #1000

[skateball]

Suggested change

	uses: actions/checkout@v3.5.3
	uses: actions/checkout@v4

[skateball]

newer version available

[skateball]

Suggested change

	uses: actions/checkout@v3.5.3
	uses: actions/checkout@v4

[skateball]

newer version available

[skateball]

Suggested change

	- uses: actions/checkout@v3.5.3
	- uses: actions/checkout@v4

[skateball]

newer version available