test: removetestcontainers dependency

[mgoetzegb]

What

test: removetestcontainers dependency

Why

It slows down tests and has a lot of dependencies which create a lot of noise during dependabot updates.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ❌ 6 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 3 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 637c76b.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

go.mod

Package	Version	License	Issue Type
golang.org/x/crypto	0.50.0	BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang	Incompatible License
golang.org/x/mod	0.35.0	BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang	Incompatible License
golang.org/x/net	0.53.0	BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang	Incompatible License
golang.org/x/sys	0.43.0	BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang	Incompatible License
golang.org/x/text	0.36.0	BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang	Incompatible License
golang.org/x/tools	0.44.0	BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang	Incompatible License
github.com/mattn/go-isatty	0.0.21	Null	Unknown License
github.com/mattn/go-sqlite3	1.14.42	Null	Unknown License
golang.org/x/arch	0.26.0	Null	Unknown License

Allowed Licenses:

0BSD, AGPL-3.0-or-later, Apache-2.0, BlueOak-1.0.0, BSD-2-Clause, BSD-3-Clause-Clear, BSD-3-Clause, BSL-1.0, bzip2-1.0.6, CAL-1.0, CC-BY-3.0, CC-BY-4.0, CC-BY-SA-4.0, CC0-1.0, EPL-2.0, GPL-1.0-or-later, GPL-2.0-only, GPL-2.0-or-later, GPL-2.0, GPL-3.0-only, GPL-3.0-or-later, GPL-3.0, ISC, LGPL-2.0-only, LGPL-2.0-or-later, LGPL-2.1-only, LGPL-2.1-or-later, LGPL-2.1, LGPL-3.0-only, LGPL-3.0, LGPL-3.0-or-later, MIT, MIT-CMU, MPL-1.1, MPL-2.0, OFL-1.1, PSF-2.0, Python-2.0, Python-2.0.1, Unicode-3.0, Unicode-DFS-2016, Unlicense, Zlib, ZPL-2.1

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
gomod/github.com/go-openapi/jsonpointer	0.23.0	🟢 8.2	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 0 Found 1/12 approved changesets -- score normalized to 0 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 21 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 7 SAST tool is not run on all commits -- score normalized to 7
gomod/github.com/go-openapi/swag/conv	0.26.0	🟢 8.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/13 approved changesets -- score normalized to 0 Maintained 🟢 10 23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 7 SAST tool is not run on all commits -- score normalized to 7
gomod/github.com/go-openapi/swag/jsonname	0.26.0	🟢 8.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/13 approved changesets -- score normalized to 0 Maintained 🟢 10 23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 7 SAST tool is not run on all commits -- score normalized to 7
gomod/github.com/go-openapi/swag/jsonutils	0.26.0	🟢 8.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/13 approved changesets -- score normalized to 0 Maintained 🟢 10 23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 7 SAST tool is not run on all commits -- score normalized to 7
gomod/github.com/go-openapi/swag/loading	0.26.0	🟢 8.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/13 approved changesets -- score normalized to 0 Maintained 🟢 10 23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 7 SAST tool is not run on all commits -- score normalized to 7
gomod/github.com/go-openapi/swag/stringutils	0.26.0	🟢 8.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/13 approved changesets -- score normalized to 0 Maintained 🟢 10 23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 7 SAST tool is not run on all commits -- score normalized to 7
gomod/github.com/go-openapi/swag/typeutils	0.26.0	🟢 8.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/13 approved changesets -- score normalized to 0 Maintained 🟢 10 23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 7 SAST tool is not run on all commits -- score normalized to 7
gomod/github.com/go-openapi/swag/yamlutils	0.26.0	🟢 8.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/13 approved changesets -- score normalized to 0 Maintained 🟢 10 23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 7 SAST tool is not run on all commits -- score normalized to 7
gomod/github.com/mattn/go-isatty	0.0.21	Unknown	Unknown
gomod/github.com/mattn/go-sqlite3	1.14.42	Unknown	Unknown
gomod/go.mongodb.org/mongo-driver/v2	2.5.1	🟢 7.8	Details Check Score Reason Code-Review 🟢 8 Found 8/10 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Vulnerabilities 🟢 3 7 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing 🟢 10 project is fuzzed Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 22 out of 22 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 25 contributing companies or organizations
gomod/golang.org/x/arch	0.26.0	Unknown	Unknown
gomod/golang.org/x/crypto	0.50.0	Unknown	Unknown
gomod/golang.org/x/mod	0.35.0	Unknown	Unknown
gomod/golang.org/x/net	0.53.0	Unknown	Unknown
gomod/golang.org/x/sys	0.43.0	Unknown	Unknown
gomod/golang.org/x/text	0.36.0	Unknown	Unknown
gomod/golang.org/x/tools	0.44.0	Unknown	Unknown

Scanned Files

• go.mod

[github-actions]

Conventional Commits Report

😢 No conventional commits found.

👉 Learn more about the conventional commits usage at Greenbone.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 57.85%. Comparing base (efc872f) to head (637c76b).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #305      +/-   ##
==========================================
+ Coverage   56.59%   57.85%   +1.26%     
==========================================
  Files          71       58      -13     
  Lines        4006     3028     -978     
==========================================
- Hits         2267     1752     -515     
+ Misses       1543     1147     -396     
+ Partials      196      129      -67     

Flag	Coverage Δ
opensearch-tests	95.68% <ø> (ø)
postgres-tests	92.03% <ø> (ø)
unit-tests	50.63% <ø> (-0.57%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[mgoetzegb]

As some deps were pinned at newer version, they still showed up in go.mod. To clean it up I removed all indirect obsolete dependency entries and ran afterwards

go mod tidy
go get -u -t ./... # update again to newest deps versions

[mgoetzegb]

Note: Projects which still need to use testContainers can just define the content in the package where they are using openSearch with testcontainers: https://github.com/greenbone/opensight-golang-libraries/blob/e1516506d4c9afdf8de03c3a1d1c056a4d0defd4/pkg/openSearch/openSearchClient/opensearchTestContainer.go