SAP · CCFenner · May 16, 2025 · May 16, 2025 · May 16, 2025 · May 19, 2025
@@ -3,6 +3,7 @@ package syft
 import (
 	"archive/tar"
 	"compress/gzip"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -12,7 +13,6 @@ import (
 	"github.com/SAP/jenkins-library/pkg/command"
 	piperhttp "github.com/SAP/jenkins-library/pkg/http"
 	"github.com/SAP/jenkins-library/pkg/piperutils"
-	"github.com/pkg/errors"
 )
 
 type SyftScanner struct {
@@ -40,7 +40,7 @@ func CreateSyftScanner(syftDownloadURL string, fileUtils piperutils.FileUtils, h
 
 	err = install(syftDownloadURL, syftFile, fileUtils, httpClient)
 	if err != nil {
-		return nil, errors.Wrap(err, "failed to install syft")
+		return nil, fmt.Errorf("failed to install syft: %w", err)
 	}
 
 	return &SyftScanner{syftFile: syftFile}, nil
@@ -86,7 +86,7 @@ func install(syftDownloadURL, dest string, fileUtils piperutils.FileUtils, httpC
 
 	err = extractSyft(response.Body, dest, fileUtils)
 	if err != nil {
-		return errors.Wrap(err, "failed to extract syft binary")
+		return fmt.Errorf("failed to extract syft binary: %w", err)
 	}
 
 	err = fileUtils.Chmod(dest, 0755)
@@ -114,15 +114,15 @@ func extractSyft(archive io.Reader, dest string, fileUtils piperutils.FileUtils)
 		}
 
 		if err != nil {
-			return errors.Wrap(err, "failed to read archive")
+			return fmt.Errorf("failed to read archive: %w", err)
 		}
 
 		if filepath.Base(f.Name) == "syft" {
 			fileFound = true
 
 			df, err := fileUtils.Create(dest)
 			if err != nil {
-				return errors.Wrapf(err, "failed to create file %q", dest)
+				return fmt.Errorf("failed to create file %q: %w", dest, err)
 			}
 
 			size, err := io.Copy(df, tr)

@@ -4,14 +4,14 @@
 package syft_test
 
 import (
+	"errors"
 	"net/http"
 	"testing"
 
 	piperhttp "github.com/SAP/jenkins-library/pkg/http"
 	"github.com/SAP/jenkins-library/pkg/mock"
 	"github.com/SAP/jenkins-library/pkg/syft"
 	"github.com/jarcoal/httpmock"
-	"github.com/pkg/errors"
 
 	"github.com/stretchr/testify/assert"
 )

@@ -8,7 +8,6 @@ import (
 
 	"github.com/SAP/jenkins-library/pkg/log"
 	"github.com/SAP/jenkins-library/pkg/piperutils"
-	"github.com/pkg/errors"
 )
 
 // ReportOptions defines options for downloading reports after scanning.
@@ -48,13 +47,13 @@ func (s *Scan) DownloadReports(options ReportOptions, utils scanUtils, sys white
 func downloadVulnerabilityReport(options ReportOptions, project Project, utils scanUtils, sys whitesource) (*piperutils.Path, error) {
 	reportBytes, err := sys.GetProjectVulnerabilityReport(project.Token, options.VulnerabilityReportFormat)
 	if err != nil {
-		return nil, errors.Wrapf(err, "unable to download vulnerability report from url")
+		return nil, fmt.Errorf("unable to download vulnerability report from url: %w", err)
 	}
 
 	rptFileName := fmt.Sprintf("%s-vulnerability-report.%s", strings.ReplaceAll(project.Name, "/", "_"), options.VulnerabilityReportFormat)
 	rptFileName = filepath.Join(options.ReportDirectory, rptFileName)
 	if err := utils.FileWrite(rptFileName, reportBytes, 0644); err != nil {
-		return nil, errors.Wrapf(err, "unable to copy content from url to file %v", rptFileName)
+		return nil, fmt.Errorf("unable to copy content from url to file %v: %w", rptFileName, err)
 	}
 
 	log.Entry().Infof("Successfully downloaded vulnerability report to %s", rptFileName)
@@ -65,13 +64,13 @@ func downloadVulnerabilityReport(options ReportOptions, project Project, utils s
 func downloadRiskReport(options ReportOptions, project Project, utils scanUtils, sys whitesource) (*piperutils.Path, error) {
 	reportBytes, err := sys.GetProjectRiskReport(project.Token)
 	if err != nil {
-		return nil, errors.Wrapf(err, "unable to download risk report from url")
+		return nil, fmt.Errorf("unable to download risk report from url: %w", err)
 	}
 
 	rptFileName := fmt.Sprintf("%s-risk-report.pdf", strings.ReplaceAll(project.Name, "/", "_"))
 	rptFileName = filepath.Join(options.ReportDirectory, rptFileName)
 	if err := utils.FileWrite(rptFileName, reportBytes, 0644); err != nil {
-		return nil, errors.Wrapf(err, "unable to copy content from url to file %v", rptFileName)
+		return nil, fmt.Errorf("unable to copy content from url to file %v: %w", rptFileName, err)
 	}
 
 	log.Entry().Infof("Successfully downloaded risk report to %s", rptFileName)

@@ -2,13 +2,12 @@ package xsuaa
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
 	"net/url"
 	"time"
-
-	"github.com/pkg/errors"
 )
 
 const authHeaderKey = "Authorization"
@@ -40,7 +39,7 @@ func (x *XSUAA) SetAuthHeaderIfNotPresent(header *http.Header) error {
 	if len(x.OAuthURL) == 0 ||
 		len(x.ClientID) == 0 ||
 		len(x.ClientSecret) == 0 {
-		return errors.Errorf("OAuthURL, ClientID and ClientSecret have to be set on the xsuaa instance")
+		return errors.New("OAuthURL, ClientID and ClientSecret have to be set on the xsuaa instance")
 	}
 
 	secondsOfValidityLeft := x.CachedAuthToken.ExpiresAt.Sub(time.Now()).Seconds()
@@ -80,8 +79,8 @@ func (x *XSUAA) GetBearerToken() (authToken AuthToken, err error) {
 
 	response, httpErr := httpClient.Do(request)
 	if httpErr != nil {
-		err = errors.Wrapf(httpErr, "fetching an access token failed: HTTP %s request to %s failed",
-			method, entireURL)
+		err = fmt.Errorf("fetching an access token failed: HTTP %s request to %s failed: %w",
+			method, entireURL, httpErr)
 		return
 	}
 
@@ -91,20 +90,20 @@ func (x *XSUAA) GetBearerToken() (authToken AuthToken, err error) {
 	}
 
 	if response.StatusCode != http.StatusOK {
-		err = errors.Errorf("fetching an access token failed: HTTP %s request to %s failed: "+
+		err = fmt.Errorf("fetching an access token failed: HTTP %s request to %s failed: "+
 			"expected response code 200, got '%d', response body: '%s'",
 			method, entireURL, response.StatusCode, bodyText)
 		return
 	}
 
 	parsingErr := json.Unmarshal(bodyText, &authToken)
 	if err != nil {
-		err = errors.Wrapf(parsingErr, "HTTP response body could not be parsed as JSON: %s", bodyText)
+		err = fmt.Errorf("HTTP response body could not be parsed as JSON: %s %w", bodyText, parsingErr)
 		return
 	}
 
 	if authToken.AccessToken == "" {
-		err = errors.Errorf("expected authToken field 'access_token' in json response: got response body: '%s'",
+		err = fmt.Errorf("expected authToken field 'access_token' in json response: got response body: '%s'",
 			bodyText)
 		return
 	}
@@ -124,14 +123,14 @@ func setExpireTime(now time.Time, secondsValid time.Duration) time.Time {
 
 func readResponseBody(response *http.Response) ([]byte, error) {
 	if response == nil {
-		return nil, errors.Errorf("did not retrieve an HTTP response")
+		return nil, errors.New("did not retrieve an HTTP response")
 	}
 	if response.Body != nil {
 		defer response.Body.Close()
 	}
 	bodyText, readErr := io.ReadAll(response.Body)
 	if readErr != nil {
-		return nil, errors.Wrap(readErr, "HTTP response body could not be read")
+		return nil, fmt.Errorf("HTTP response body could not be read: %w", readErr)
 	}
 	return bodyText, nil
 }