From ffb723b807574d1d586b8e4d852d621b73548f1f Mon Sep 17 00:00:00 2001
From: Eleftheria Stein-Kousathana <eleftheria@stacklok.com>
Date: Fri, 31 Jan 2025 18:01:33 +0100
Subject: [PATCH] Remove score from trusty evaluator

Fix #4944
---
 internal/engine/eval/trusty/actions.go     |  7 +++----
 internal/engine/eval/trusty/trusty.go      |  4 ----
 internal/engine/eval/trusty/trusty_test.go | 14 --------------
 3 files changed, 3 insertions(+), 22 deletions(-)

diff --git a/internal/engine/eval/trusty/actions.go b/internal/engine/eval/trusty/actions.go
index 52b9b44280..a2a55ee7d7 100644
--- a/internal/engine/eval/trusty/actions.go
+++ b/internal/engine/eval/trusty/actions.go
@@ -53,7 +53,6 @@ Archived packages are no longer updated or maintained. This can lead to security
 {{ if .Deprecated }}
 ⚠️ __Deprecated Package:__ This package is marked as archived. Proceed with caution!
 {{ end }}
-#### Trusty Score: {{ .Score }}
 {{ if .ScoreComponents }}
 <details>
   <summary>Scoring details</summary>
@@ -98,10 +97,10 @@ Archived packages are no longer updated or maintained. This can lead to security
 <details>
   <summary>Alternatives</summary>
 
-  | Package             | Score | Description |
-  | ------------------- | ----: | ----------- |
+  | Package             | Description |
+  | ------------------- | ----------- |
 {{ range .Alternatives -}}
-  | [{{ .PackageName }}]({{ .TrustyURL }})  | {{ .Score }} | {{ .Summary }} |
+  | [{{ .PackageName }}]({{ .TrustyURL }})  | {{ .Summary }} |
 {{ end }}
 </details>
 {{- end -}}
diff --git a/internal/engine/eval/trusty/trusty.go b/internal/engine/eval/trusty/trusty.go
index bf61a43704..38954168b7 100644
--- a/internal/engine/eval/trusty/trusty.go
+++ b/internal/engine/eval/trusty/trusty.go
@@ -586,10 +586,6 @@ func classifyDependency(
 		packageScore = *resp.Score
 	}
 
-	if ecoConfig.Score > packageScore {
-		reasons = append(reasons, TRUSTY_LOW_SCORE)
-	}
-
 	if ecoConfig.Provenance > resp.ProvenanceScore && resp.ProvenanceScore > 0 {
 		reasons = append(reasons, TRUSTY_LOW_PROVENANCE)
 	}
diff --git a/internal/engine/eval/trusty/trusty_test.go b/internal/engine/eval/trusty/trusty_test.go
index 4f7b307c3a..1a04ecbe5e 100644
--- a/internal/engine/eval/trusty/trusty_test.go
+++ b/internal/engine/eval/trusty/trusty_test.go
@@ -240,20 +240,6 @@ func TestClassifyDependency(t *testing.T) {
 			},
 			mustFilter: false,
 		},
-		{
-			name: "normal-bad-score",
-			score: &trustyReport{
-				PackageName: "test",
-				PackageType: "npm",
-				Score:       mkfloat(4.0),
-			},
-			config: defaultConfig(),
-			expected: &dependencyAlternatives{
-				Reasons:     []RuleViolationReason{TRUSTY_LOW_SCORE},
-				trustyReply: &trustyReport{},
-			},
-			mustFilter: true,
-		},
 		{
 			name: "normal-malicious",
 			score: &trustyReport{