Make OSV api public (google#167)

* Make OSV api public

* Add osv file

* Add commend on public function

* Removed v1, made maxQueriesPerRequest private

* Fix bug

---------

Co-authored-by: Oliver Chang <[email protected]>

Author: 2 people

internal/output/table.go

@@ -6,8 +6,8 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/google/osv-scanner/internal/osv"
 	"github.com/google/osv-scanner/pkg/models"
+	"github.com/google/osv-scanner/pkg/osv"
 
 	"github.com/jedib0t/go-pretty/v6/table"
 	"github.com/jedib0t/go-pretty/v6/text"

internal/osv/osv.go renamed to pkg/osv/osv.go

@@ -19,9 +19,9 @@ const (
 	GetEndpoint = "https://api.osv.dev/v1/vulns"
 	// BaseVulnerabilityURL is the base URL for detailed vulnerability views.
 	BaseVulnerabilityURL = "https://osv.dev/"
-	// MaxQueriesPerRequest splits up querybatch into multiple requests if
+	// maxQueriesPerRequest splits up querybatch into multiple requests if
 	// number of queries exceed this number
-	MaxQueriesPerRequest = 1000
+	maxQueriesPerRequest = 1000
 )
 
 // Package represents a package identifier for OSV.
@@ -121,9 +121,10 @@ func checkResponseError(resp *http.Response) error {
 	return fmt.Errorf("server response error: %s", string(respBuf))
 }
 
+// MakeRequest sends a batched query to osv.dev
 func MakeRequest(request BatchedQuery) (*BatchedResponse, error) {
 	// API has a limit of 1000 bulk query per request
-	queryChunks := chunkBy(request.Queries, MaxQueriesPerRequest)
+	queryChunks := chunkBy(request.Queries, maxQueriesPerRequest)
 	var totalOsvResp BatchedResponse
 	for _, queries := range queryChunks {
 		requestBytes, err := json.Marshal(BatchedQuery{Queries: queries})

pkg/osvscanner/osvscanner.go

@@ -10,12 +10,12 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/google/osv-scanner/internal/osv"
 	"github.com/google/osv-scanner/internal/output"
 	"github.com/google/osv-scanner/internal/sbom"
 	"github.com/google/osv-scanner/pkg/config"
 	"github.com/google/osv-scanner/pkg/lockfile"
 	"github.com/google/osv-scanner/pkg/models"
+	"github.com/google/osv-scanner/pkg/osv"
 )
 
 type ScannerActions struct {

pkg/osvscanner/vulnerability_result.go

@@ -3,10 +3,10 @@ package osvscanner
 import (
 	"fmt"
 
-	"github.com/google/osv-scanner/internal/osv"
 	"github.com/google/osv-scanner/internal/output"
 	"github.com/google/osv-scanner/pkg/grouper"
 	"github.com/google/osv-scanner/pkg/models"
+	"github.com/google/osv-scanner/pkg/osv"
 )
 
 // groupResponseBySource converts raw OSV API response into structured vulnerability information

pkg/osvscanner/vulnerability_result_internal_test.go

@@ -4,9 +4,9 @@ import (
 	"reflect"
 	"testing"
 
-	"github.com/google/osv-scanner/internal/osv"
 	"github.com/google/osv-scanner/internal/output"
 	"github.com/google/osv-scanner/pkg/models"
+	"github.com/google/osv-scanner/pkg/osv"
 )
 
 func Test_groupResponseBySource(t *testing.T) {