10 files changed, 211 insertions, 608 deletions
diff --git a/src/test/__init__.py b/src/test/__init__.py
index e69de29..d382ead 100644
--- a/src/test/__init__.py
+++ b/src/test/__init__.py
@@ -0,0 +1,5 @@
+# SPDX-License-Identifier: CC0-1.0
+
+# Copyright (C) 2022 Wojtek Kosior <koszko@koszko.org>
+#
+# Available under the terms of Creative Commons Zero v1.0 Universal.
diff --git a/src/test/development_config.json b/src/test/development_config.json
index 30cf10d..c2382f7 100644
--- a/src/test/development_config.json
+++ b/src/test/development_config.json
@@ -2,7 +2,7 @@
 
 // Hydrilla development config file.
 //
-// Copyright (C) 2021 Wojtek Kosior
+// Copyright (C) 2021, 2022 Wojtek Kosior
 //
 // Available under the terms of Creative Commons Zero v1.0 Universal.
 
@@ -10,21 +10,18 @@
 // unlike config.json, it shall not be included in distribution
 {
     // Relative paths now get resolved from config's containing direcotry.
-    "content_dir": "./example_content",
-
-    // Except files from content_dir to be served there (used to redirect
-    // clients).
-    "static_resource_uri": "http://localhost:8000/",
+    "malcontent_dir": "./sample_malcontent",
 
     // Hydrilla will display this link to users as a place where they can
     // obtain sources for its software. This config option is meant to ease
     // compliance with the AGPL.
-    "hydrilla_sources_uri": "https://git.koszko.org/pydrilla/",
+    "hydrilla_project_url": "https://hydrillabugs.koszko.org/projects/hydrilla/wiki",
 
-    // Make Pydrilla error out on any warning
+    // Make Hydrilla error out on any warning
     "werror": true
 
-    // With the below we can make Pydrilla look for missing content items in
+    // With the below we can make hydrilla look for missing content items in
     // another instance instead of just erroring/warning.
-    // ,"hydrilla_parent": "https://api.hachette-hydrilla.org/0.2/"
+    // TODO: feature not implemented
+    // ,"hydrilla_parent": "https://api.hydrilla.koszko.org/1.0/"
 }
diff --git a/src/test/example_content/hello/bye.js b/src/test/example_content/hello/bye.js
deleted file mode 100644
index e6fd70c..0000000
--- a/src/test/example_content/hello/bye.js
+++ /dev/null
@@ -1,7 +0,0 @@
-// SPDX-License-Identifier: CC0-1.0
-
-// Copyright (C) 2021 Wojtek Kosior
-//
-// Available under the terms of Creative Commons Zero v1.0 Universal.
-
-console.log(bye_message + "apple!");
diff --git a/src/test/example_content/hello/cc0.txt b/src/test/example_content/hello/cc0.txt
deleted file mode 100644
index 0e259d4..0000000
--- a/src/test/example_content/hello/cc0.txt
+++ /dev/null
@@ -1,121 +0,0 @@
-Creative Commons Legal Code
-
-CC0 1.0 Universal
-
-    CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE
-    LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN
-    ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS
-    INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES
-    REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS
-    PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM
-    THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED
-    HEREUNDER.
-
-Statement of Purpose
-
-The laws of most jurisdictions throughout the world automatically confer
-exclusive Copyright and Related Rights (defined below) upon the creator
-and subsequent owner(s) (each and all, an "owner") of an original work of
-authorship and/or a database (each, a "Work").
-
-Certain owners wish to permanently relinquish those rights to a Work for
-the purpose of contributing to a commons of creative, cultural and
-scientific works ("Commons") that the public can reliably and without fear
-of later claims of infringement build upon, modify, incorporate in other
-works, reuse and redistribute as freely as possible in any form whatsoever
-and for any purposes, including without limitation commercial purposes.
-These owners may contribute to the Commons to promote the ideal of a free
-culture and the further production of creative, cultural and scientific
-works, or to gain reputation or greater distribution for their Work in
-part through the use and efforts of others.
-
-For these and/or other purposes and motivations, and without any
-expectation of additional consideration or compensation, the person
-associating CC0 with a Work (the "Affirmer"), to the extent that he or she
-is an owner of Copyright and Related Rights in the Work, voluntarily
-elects to apply CC0 to the Work and publicly distribute the Work under its
-terms, with knowledge of his or her Copyright and Related Rights in the
-Work and the meaning and intended legal effect of CC0 on those rights.
-
-1. Copyright and Related Rights. A Work made available under CC0 may be
-protected by copyright and related or neighboring rights ("Copyright and
-Related Rights"). Copyright and Related Rights include, but are not
-limited to, the following:
-
-  i. the right to reproduce, adapt, distribute, perform, display,
-     communicate, and translate a Work;
- ii. moral rights retained by the original author(s) and/or performer(s);
-iii. publicity and privacy rights pertaining to a person's image or
-     likeness depicted in a Work;
- iv. rights protecting against unfair competition in regards to a Work,
-     subject to the limitations in paragraph 4(a), below;
-  v. rights protecting the extraction, dissemination, use and reuse of data
-     in a Work;
- vi. database rights (such as those arising under Directive 96/9/EC of the
-     European Parliament and of the Council of 11 March 1996 on the legal
-     protection of databases, and under any national implementation
-     thereof, including any amended or successor version of such
-     directive); and
-vii. other similar, equivalent or corresponding rights throughout the
-     world based on applicable law or treaty, and any national
-     implementations thereof.
-
-2. Waiver. To the greatest extent permitted by, but not in contravention
-of, applicable law, Affirmer hereby overtly, fully, permanently,
-irrevocably and unconditionally waives, abandons, and surrenders all of
-Affirmer's Copyright and Related Rights and associated claims and causes
-of action, whether now known or unknown (including existing as well as
-future claims and causes of action), in the Work (i) in all territories
-worldwide, (ii) for the maximum duration provided by applicable law or
-treaty (including future time extensions), (iii) in any current or future
-medium and for any number of copies, and (iv) for any purpose whatsoever,
-including without limitation commercial, advertising or promotional
-purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each
-member of the public at large and to the detriment of Affirmer's heirs and
-successors, fully intending that such Waiver shall not be subject to
-revocation, rescission, cancellation, termination, or any other legal or
-equitable action to disrupt the quiet enjoyment of the Work by the public
-as contemplated by Affirmer's express Statement of Purpose.
-
-3. Public License Fallback. Should any part of the Waiver for any reason
-be judged legally invalid or ineffective under applicable law, then the
-Waiver shall be preserved to the maximum extent permitted taking into
-account Affirmer's express Statement of Purpose. In addition, to the
-extent the Waiver is so judged Affirmer hereby grants to each affected
-person a royalty-free, non transferable, non sublicensable, non exclusive,
-irrevocable and unconditional license to exercise Affirmer's Copyright and
-Related Rights in the Work (i) in all territories worldwide, (ii) for the
-maximum duration provided by applicable law or treaty (including future
-time extensions), (iii) in any current or future medium and for any number
-of copies, and (iv) for any purpose whatsoever, including without
-limitation commercial, advertising or promotional purposes (the
-"License"). The License shall be deemed effective as of the date CC0 was
-applied by Affirmer to the Work. Should any part of the License for any
-reason be judged legally invalid or ineffective under applicable law, such
-partial invalidity or ineffectiveness shall not invalidate the remainder
-of the License, and in such case Affirmer hereby affirms that he or she
-will not (i) exercise any of his or her remaining Copyright and Related
-Rights in the Work or (ii) assert any associated claims and causes of
-action with respect to the Work, in either case contrary to Affirmer's
-express Statement of Purpose.
-
-4. Limitations and Disclaimers.
-
- a. No trademark or patent rights held by Affirmer are waived, abandoned,
-    surrendered, licensed or otherwise affected by this document.
- b. Affirmer offers the Work as-is and makes no representations or
-    warranties of any kind concerning the Work, express, implied,
-    statutory or otherwise, including without limitation warranties of
-    title, merchantability, fitness for a particular purpose, non
-    infringement, or the absence of latent or other defects, accuracy, or
-    the present or absence of errors, whether or not discoverable, all to
-    the greatest extent permissible under applicable law.
- c. Affirmer disclaims responsibility for clearing rights of other persons
-    that may apply to the Work or any use thereof, including without
-    limitation any person's Copyright and Related Rights in the Work.
-    Further, Affirmer disclaims responsibility for obtaining any necessary
-    consents, permissions or other rights required for any use of the
-    Work.
- d. Affirmer understands and acknowledges that Creative Commons is not a
-    party to this document and has no duty or obligation with respect to
-    this CC0 or use of the Work.
diff --git a/src/test/example_content/hello/hello.js b/src/test/example_content/hello/hello.js
deleted file mode 100644
index d87ea7f..0000000
--- a/src/test/example_content/hello/hello.js
+++ /dev/null
@@ -1,7 +0,0 @@
-// SPDX-License-Identifier: CC0-1.0
-
-// Copyright (C) 2021 Wojtek Kosior
-//
-// Available under the terms of Creative Commons Zero v1.0 Universal.
-
-console.log(hello_message + "apple!");
diff --git a/src/test/example_content/hello/index.json b/src/test/example_content/hello/index.json
deleted file mode 100644
index 16843cb..0000000
--- a/src/test/example_content/hello/index.json
+++ /dev/null
@@ -1,302 +0,0 @@
-// SPDX-License-Identifier: CC0-1.0
-
-// Copyright (C) 2021 Wojtek Kosior
-// Available under the terms of Creative Commons Zero v1.0 Universal.
-
-// This is an example index.json file describing Hydrilla site content. As you
-// can see, for storing site content information Hydrilla utilizes JSON with an
-// additional extension in the form of '//' comments support. Hydrilla shall
-// look into each direct subdirectory of the content directory passed to it
-// (via a cofig file option). If such subsirectory contains an index.json file,
-// Hydrilla shall process it.
-
-// An index.json file conveys definitions of site resources, pattern->payload
-// mappings and licenses thereof. The definitions may reference files under
-// index.json's containing directory, using relative paths. This is how scripts,
-// license texts, etc. are included. Unix paths (using '/' as separator) are
-// assumed. It is not allowed for an index.json file to reference files outside
-// its directory.
-
-// Certain objects are allowed to contain a "comment" field. Although '//'
-// comments can be used in index.json files, they will be stripped when the file
-// is processed. If a comment should be included in the JSON definitions served
-// by Hydrilla API, it should be put in a "comment" field of the proper object.
-
-// Various kinds of objects contain version information. Version is always an
-// array of integers, with major version number being the first array item. When
-// applicable, a version is accompanied by a revision field which contains a
-// positive integer. If versions specified by arrays of different length need to
-// be compared, the shorter array gets padded with zeroes on the right. This
-// means that for example version 1.3 could be given as both [1, 3] and
-// [1, 3, 0, 0] (aka 1.3.0.0) and either would mean the same.
-
-{
-    // Once our json schema changes, this version will change. Our software will
-    // be able to handle both current and older formats thanks to this
-    // information present in every index.json file. Different schema versions
-    // are always incompatible (e.g. a Hydrilla instance that understands schema
-    // version 0.2.0.0 will not understand version 0.2.0.1). Schemas that are
-    // backwards-compatible will be denoted by a different revision.
-    // We will try to make schema version match the version of Hydrilla software
-    // that introduced it.
-    "schema_version": [0, 2],
-    "schema_revision": 1,
-
-    // Copyright of this json file. It's a list of copyright holder information
-    // objects. Alternatively, "auto" can be used to make Hydrilla attempt to
-    // extract copyright info from the comment at the beginning of the file.
-    "copyright":  [
-	// There can be multiple entries, one for each co-holder of the
-	// copyright.
-	{
-	    // There can also be multiple years, like ["2021","2023-2024"].
-	    "years": ["2021"],
-	    // Name of the copyright holder. Depending on the situation it can
-	    // be just the first name, name+surname, a company name, a
-	    // pseudonym, etc.
-	    "holder": "Wojtek Kosior"
-	}
-    ],
-
-    // License of this json file. Identifier has to be known to Hydrilla. Can
-    // be defined either in the same or another index.json file as a "license"
-    // item. It is possible to specify license combinations, like:
-    // [["Expat", "and", "Apache-2.0"], "or", "GPL-3.0-only"]
-    // Alternatively, "auto" can be used to make Hydrilla attempt to extract
-    // copyright info from this file's SPDX license identifier.
-    "licenses": "CC0-1.0",
-
-    // Where this software/work initially comes from. In some cases (i.e. when
-    // the developer of content is also the one who packages it for Hydrilla)
-    // this might be the same as "package_url".
-    "upstream_url": "https://git.koszko.org/pydrilla/tree/src/test/example_content/hello",
-
-    // Where sources for the packaging of this content can be found.
-    "package_url": "https://git.koszko.org/pydrilla/tree/src/test/example_content/hello",
-
-    // Additional "comment" field can be used if needed.
-    // "comment": ""
-
-    // List of actual site resources, pattern->payload mappings and licenses.
-    // Each of them is represented by an object. Meta-sites and replacement site
-    // interfaces will also belong here once they get implemented.
-    "definitions": [
-	{
-	    // Value of "type" can currently be one of: "resource", "license"
-	    // and "mapping". The one we have here, "resource", defines a list
-	    // of injectable scripts that can be used as a payload or as a
-	    // dependency of another "resource". In the future CSS style sheets
-	    // and WASM modules will also be composite parts of a "resource" as
-	    // scripts are now.
-	    "type": "resource",
-
-	    // Used when referring to this resource in "dependencies" list of
-	    // another resource or in "payload" field of a mapping. Should
-	    // be consize and can only use a restricted set of characters. It
-	    // has to match: [-0-9a-zA-Z]
-	    "identifier": "helloapple",
-
-	    // "long_name" should be used to specify a user-friendly alternative
-	    // to an identifier. It should generally not collide with a long
-	    // name of some resource with a different uuid and also shouldn't
-	    // change in-between versions of the same resource, although
-	    // exceptions to both rules might be considered. Long name is
-	    // allowed to contain arbitrary unicode characters (within reason!).
-	    "long_name": "Hello Apple",
-
-	    // Different versions (e.g. 1.0 and 1.3) of the same resource can be
-	    // defined in separate index.json files. This makes it easy to
-	    // accidently cause an identifier clash. To help detect it, we
-	    // require that each resource has a uuid associated with it. Attempt
-	    // to define multiple resources with the same identifier and
-	    // different uuids will result in an error being reported. Defining
-	    // multiple resources with different identifiers and the same uuid
-	    // is disallowed for now (it may be later permitted if we consider
-	    // it good for some use-case).
-	    "uuid": "a6754dcb-58d8-4b7a-a245-24fd7ad4cd68",
-
-	    // Version should match the upstream version of the resource (e.g. a
-	    // version of javascript library). Revision number starts as 1 for
-	    // each new resource version and gets incremented by 1 each time a
-	    // modification to the packaging of this version is done. Hydrilla
-	    // will allow multiple definitions of the same resource to load, as
-	    // long as their versions differ. Thanks to the "version" and
-	    // "revision" fields, clients will know they have to update certain
-	    // resource after it has been updated. If multiple definitions of
-	    // the same version of given resource are provided, an error is
-	    // generated (even if those definitions differ by revision number).
-	    "version": [2021, 11, 10],
-	    "revision": 1,
-
-	    // A short, meaningful description of what the resource is and/or
-	    // what it does.
-	    "description": "greets an apple",
-
-	    // If needed, a "comment" field can be added to provide some
-	    // additional information.
-	    // "comment": "this resource something something",
-
-	    // One should specify the copyright and licensing terms of the
-	    // entire package. The format is the same as when specifying these
-	    // for the index.json file, except "auto" cannot be used.
-	    "copyright": [{"years": ["2021"], "holder": "Wojtek Kosior"}],
-	    "licenses": "CC0-1.0",
-
-	    // Resource's "dependencies" array shall contain names of other
-	    // resources that (in case of scripts at least) should get evaluated
-	    // on a page before this resource's own scripts.
-	    "dependencies": ["hello-message"],
-
-	    // Array of javascript files that belong to this resource.
-	    "scripts": [
-		{
-		    // Script name. It should also be a valid file path relative
-		    // to index.json's containing directory.
-		    "file": "hello.js",
-		    // Copyright and license info of a script file can be
-		    // specified using the same format as in the case of the
-		    // index.json file itself. If "copyright" or "license" is
-		    // not provided, Hydrilla assumes it to be the same as the
-		    // value specified for the resource itself.
-		    "copyright": "auto",
-		    "licenses":  "auto"
-		}, {
-		    "file":   "bye.js"
-		}
-	    ]
-	}, {
-	    "type":       "resource",
-	    "identifier": "hello-message",
-	    "long_name":  "Hello Message",
-	    "uuid":       "1ec36229-298c-4b35-8105-c4f2e1b9811e",
-	    "version":     [2021, 11, 10],
-	    "revision":    2,
-	    "description": "define messages for saying hello and bye",
-	    "copyright":   [{"years": ["2021"], "holder": "Wojtek Kosior"}],
-	    "licenses":    "CC0-1.0",
-	    // If "dependencies" is empty, it can also be omitted.
-	    // "dependencies": [],
-	    "scripts": [{"file": "message.js"}]
-	}, {
-	    "type": "mapping",
-
-	    // Has similar function to resource's identifier. Should be consize
-	    // and can only use a restricted set of characters. It has to match:
-	    // [-0-9a-zA-Z]
-	    // It can be the same as some resource identifier (those are
-	    // different entities and are treated separately).
-	    "identifier": "helloapple",
-
-	    // "long name" and "uuid" have the same meaning as in the case of
-	    // resources. Uuids of a resource and a mapping can technically be
-	    // the same, but it is recommended to avoid even this kind of
-	    // repetition.
-	    "long_name": "Hello Apple",
-	    "uuid": "54d23bba-472e-42f5-9194-eaa24c0e3ee7",
-
-	    // "version" differs from its counterpart in resource in that it has
-	    // no accompanying revision number.
-	    "version": [2021, 11, 10],
-
-	    // A short, meaningful description of what the mapping does.
-	    "description": "causes apple to get greeted on Hydrillabugs issue tracker",
-
-	    // A comment, if necessary.
-	    // "comment": "blah blah because bleh"
-
-	    // The "payloads" array specifies, which payloads are to be
-	    // applied to which URLs.
-	    "payloads": [
-		{
-		    // Should be a valid Haketilo URL pattern.
-		    "pattern": "https://hydrillabugs.koszko.org/***",
-		    // Should be the name of an existing resource. The resource
-		    // may, but doesn't have to, be defined in the same
-		    // index.json file.
-		    "payload": "helloapple"
-		},
-		// More associations may follow.
-		{
-		    "pattern": "https://hachettebugs.koszko.org/***",
-		    "payload": "helloapple"
-		}
-	    ]
-	}, {
-	    "type": "license",
-
-	    // Will be used to refer to this license in other places. Should
-	    // match the SPDX identifier if possible (despite that, please use
-	    // "Expat" instead of "MIT" where possible). Unlike other definition
-	    // types, "license" does not allow uuids to be used to avoid license
-	    // id clashes. Any attempt to define multiple licenses with the same
-	    // id will result in an error being reported.
-	    "identifier": "CC0-1.0",
-
-	    // This long name must also be unique among all license definitions.
-	    "long_name": "Creative Commons Zero v1.0 Universal",
-
-	    // We don't use "version" in license definitions. We do, however,
-	    // use "revision" to indicate changes to the packaging of a license.
-	    // Revision should be increased by 1 at each such change.
-	    "revision": 2,
-
-	    "legal_text": [
-		// Legal text can be available in multiple forms. Usually just
-		// plain .txt file is enough, though.
-		{
-		    // "format" should match an agreed-upon MIME type if
-		    // possible.
-		    "format": "text/plain",
-		    // Value of "file" should be a path relative to the
-		    // directory of index.json file.
-		    "file":   "cc0.txt"
-		}
-		// If a markdown version of CC0 was provided, we could add this:
-		// {
-		//     "format": "text/markdown",
-		//     "file": "cc0.md"
-		// }
-	    ]
-
-	    // If needed, a "comment" field can be added to clarify something.
-	    // For example, when definind "Expat" license we could add:
-	    //
-	    // "comment": "Expat license is the most common form of the license often called \"MIT\". Many other forms of \"MIT\" license exist. Here the name \"Expat\" is used to avoid ambiguity."
-
-	    // If applicable, a "notice" can be included. It shall then be an
-	    // object with "file" field containing a path (relative to
-	    // index.json's directory) to a plain text file with that notice.
-	    //
-	    // "notice": {
-	    //     "file": "license-notice.txt"
-	    // }
-	    //
-	    // This is needed for example in case of GNU licenses (both with and
-	    // without exceptions). For instance,
-	    // "GPL-3.0-or-later-with-html-exception" could have the following
-	    // in its notice file:
-	    //
-	    // This program is free software: you can redistribute it and/or
-	    // modify it under the terms of the GNU General Public License as
-	    // published by the Free Software Foundation, either version 3 of
-	    // the License, or (at your option) any later version.
-	    //
-	    // This program is distributed in the hope that it will be useful,
-	    // but WITHOUT ANY WARRANTY; without even the implied warranty of
-	    // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-	    // GNU General Public License for more details.
-	    //
-	    // As a special exception to the GPL, any HTML file which merely
-	    // makes function calls to this code, and for that purpose
-	    // includes it by reference shall be deemed a separate work for
-	    // copyright law purposes.  If you modify this code, you may extend
-	    // this exception to your version of the code, but you are not
-	    // obligated to do so.  If you do not wish to do so, delete this
-	    // exception statement from your version.
-	    //
-	    // You should have received a copy of the GNU General Public License
-	    // along with this program.  If not, see
-	    // <https://www.gnu.org/licenses/>.
-	}
-    ]
-}
diff --git a/src/test/example_content/hello/message.js b/src/test/example_content/hello/message.js
deleted file mode 100644
index da5966d..0000000
--- a/src/test/example_content/hello/message.js
+++ /dev/null
@@ -1,8 +0,0 @@
-// SPDX-License-Identifier: CC0-1.0
-
-// Copyright (C) 2021 Wojtek Kosior
-//
-// Available under the terms of Creative Commons Zero v1.0 Universal.
-
-var hello_message = "hello, "
-var bye_message = "bye, "
diff --git a/src/test/source-package-example b/src/test/source-package-example
new file mode 160000
+Subproject e571b3911f198e3feccc8d06390c79131f9cf09
diff --git a/src/test/test_pydrilla.py b/src/test/test_pydrilla.py
deleted file mode 100644
index 50757a7..0000000
--- a/src/test/test_pydrilla.py
+++ /dev/null
@@ -1,153 +0,0 @@
-# SPDX-License-Identifier: AGPL-3.0-or-later
-
-# Repository tests
-#
-# This file is part of Hydrilla
-#
-# Copyright (C) 2021 Wojtek Kosior
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-#
-#
-# I, Wojtek Kosior, thereby promise not to sue for violation of this
-# file's license. Although I request that you do not make use this code
-# in a proprietary program, I am not going to enforce this in court.
-
-import pytest
-import sys
-import shutil
-from pathlib import Path
-from hashlib import sha256
-from os import mkdir, unlink, environ
-import json
-from markupsafe import escape
-
-from pydrilla import pydrilla, create_app
-
-test_dir         = Path(__file__).resolve().parent
-packages_dir     = test_dir.parent
-development_config_path = test_dir / 'development_config.json'
-example_content_dir = test_dir / 'example_content'
-
-@pytest.fixture
-def client():
-    app = create_app(development_config_path, flask_config={'TESTING': True})
-
-    with app.test_client() as client:
-        yield client
-
-@pytest.fixture
-def development_config():
-    with open(development_config_path) as config_file:
-        yield json.loads(pydrilla.strip_json_comments(config_file.read()))
-
-def test_api_basic(client, development_config):
-    def verify_sha256sum(source_name, file_object):
-        with open(example_content_dir / source_name / file_object['file'],
-                  mode='rb') as file:
-            assert sha256(file.read()).digest().hex() == file_object['sha256']
-
-    response = client.get('/')
-    assert b'html' in response.data
-    sources_uri = development_config['hydrilla_sources_uri']
-    assert escape(sources_uri).encode() in response.data
-
-    for item_type in ['mapping', 'resource']:
-        response = client.get(f'/{item_type}s/helloapple')
-        assert response.status_code == 200
-        definition = json.loads(response.data.decode())
-        assert definition['type']        == item_type
-        assert definition['source_name'] == 'hello'
-        assert definition['version']     == [2021, 11, 10]
-        if item_type == 'resource':
-            assert type(definition['scripts']) is list
-            assert len(definition['scripts']) > 0
-            for script_file in definition['scripts']:
-                verify_sha256sum(definition['source_name'], script_file)
-
-        response = client.get(f'/{item_type}s/helloapple?ver=2021.11.10.0')
-        assert response.status_code == 200
-        assert definition == json.loads(response.data.decode())
-
-        response = client.get(f'/{item_type}s/helloapple?ver=2021.11.10.999')
-        assert response.status_code == 404
-
-        response = client.get(f'/{item_type}s/helloapple?ver=random_bad_input')
-        assert response.status_code == 400
-
-        response = client.get(f'/{item_type}s/random-bad-identifier')
-        assert response.status_code == 404
-
-        response = client.get(f'/{item_type}s/helloapple?ver=all')
-        assert response.status_code == 200
-        definitions = json.loads(response.data.decode())
-        assert type(definitions) is list
-        assert all([d['type']    == item_type      for d in definitions])
-        assert any([d['version'] == [2021, 11, 10] for d in definitions])
-
-    response = client.get('/licenses/CC0-1.0')
-    assert response.status_code == 200
-    definition = json.loads(response.data.decode())
-    assert definition['type']        == 'license'
-    assert definition['long_name']   == 'Creative Commons Zero v1.0 Universal'
-    assert definition['source_name'] == 'hello'
-
-    assert type(definition['legal_text']) is list
-    assert len(definition['legal_text']) > 0
-    for license_file in definition['legal_text']:
-        verify_sha256sum(definition['source_name'], license_file)
-
-    response = client.get('/licenses/random-bad-identifier')
-    assert response.status_code == 404
-
-    response = client.get('/sources/hello')
-    assert response.status_code == 200
-    definition = json.loads(response.data.decode())
-
-    assert definition['source_name'] == 'hello'
-    assert type(definition['schema_version']) is list
-
-    response = client.get('/sources/random-bad-identifier')
-    assert response.status_code == 404
-
-    response = client.get('/query?url=https://hachettebugs.koszko.org')
-    assert response.status_code == 200
-    definitions = json.loads(response.data.decode())
-    assert type(definitions) is list
-    assert all([d['type'] == 'mapping' for d in definitions])
-    assert any([p['pattern'] == 'https://hachettebugs.koszko.org/***'
-                for d in definitions for p in d['payloads']])
-
-    response = client.get('/query?url=https://random_bad_domain.org/something')
-    assert response.status_code == 200
-    definitions = json.loads(response.data.decode())
-    assert definitions == []
-
-    resource_uri = development_config['static_resource_uri']
-    response = client.get('/sources/hello/hello.js')
-    assert response.status_code == 301
-    assert response.location == resource_uri + 'hello/hello.js'
-    response = client.get('/sources/random-bad-identifier/hello.js')
-    assert response.status_code == 404
-    response = client.get('/sources/hello/random/bad/path')
-    assert response.status_code == 301
-    assert response.location == resource_uri + 'hello/random/bad/path'
-
-def test_normalize_version():
-    assert pydrilla.normalize_version([4, 5, 3, 0, 0]) == [4, 5, 3]
-    assert pydrilla.normalize_version([1, 0, 5, 0])    == [1, 0, 5]
-    assert pydrilla.normalize_version([3, 3])          == [3, 3]
-
-def test_strip_json_comments(development_config):
-    assert development_config['static_resource_uri'] == 'http://localhost:8000/'
diff --git a/src/test/test_server.py b/src/test/test_server.py
new file mode 100644
index 0000000..def48dc
--- /dev/null
+++ b/src/test/test_server.py
@@ -0,0 +1,199 @@
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+# Repository tests
+#
+# This file is part of Hydrilla
+#
+# Copyright (C) 2021, 2022 Wojtek Kosior
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+#
+# I, Wojtek Kosior, thereby promise not to sue for violation of this
+# file's license. Although I request that you do not make use this code
+# in a proprietary program, I am not going to enforce this in court.
+
+import pytest
+import sys
+import shutil
+import json
+
+from pathlib import Path
+from hashlib import sha256
+from tempfile import TemporaryDirectory
+from typing import Iterable, Callable
+
+from flask.testing import FlaskClient
+from markupsafe import escape
+
+from hydrilla import util as hydrilla_util
+from hydrilla.builder import Build
+from hydrilla.server import create_app
+
+here        = Path(__file__).resolve().parent
+config_path = here / 'development_config.json'
+source_path = here / 'source-package-example'
+
+@pytest.fixture(scope="session")
+def default_setup() -> Iterable[dict[str, Path]]:
+    with TemporaryDirectory() as tmpdir:
+        setup = {
+            'malcontent_dir': Path(tmpdir) / 'sample_malcontent',
+            'config_path':    Path(tmpdir) / 'config.json',
+            'containing_dir': Path(tmpdir)
+        }
+
+        setup['config_path'].symlink_to(config_path)
+
+        build = Build(source_path, Path('index.json'))
+        build.write_package_files(setup['malcontent_dir'])
+
+        yield setup
+
+@pytest.fixture(scope="session")
+def client(default_setup: dict[str, Path]) -> Iterable[FlaskClient]:
+    """Provide app client that serves the object from built sample package."""
+    app = create_app(default_setup['config_path'],
+                     flask_config={'TESTING': True})
+
+    with app.test_client() as client:
+        yield client
+
+@pytest.fixture(scope="session")
+def development_config(default_setup) -> Iterable[dict]:
+    """Provide the contents of JSON config file fed to the client."""
+    contents = default_setup['config_path'].read_text()
+    yield json.loads(hydrilla_util.strip_json_comments(contents))
+
+def test_project_url(client: FlaskClient, development_config: dict) -> None:
+    """Fetch index.html and verify project URL fro config is present there."""
+    response = client.get('/')
+    assert b'html' in response.data
+    project_url = development_config['hydrilla_project_url']
+    assert escape(project_url).encode() in response.data
+
+@pytest.mark.parametrize('item_type', ['resource', 'mapping'])
+def test_get_newest(client: FlaskClient, item_type: str) -> None:
+    """
+    Verify that
+        GET '/{item_type}/{item_identifier}.json'
+    returns proper definition that is also served at:
+        GET '/{item_type}/{item_identifier}/{item_version}'
+    """
+    response = client.get(f'/{item_type}/helloapple.json')
+    assert response.status_code == 200
+    definition = json.loads(response.data.decode())
+    assert definition['type']        == item_type
+    assert definition['identifier']  == 'helloapple'
+
+    response = client.get(f'/{item_type}/helloapple/2021.11.10')
+    assert response.status_code == 200
+    assert definition == json.loads(response.data.decode())
+
+    hydrilla_util.validator_for(f'api_{item_type}_description-1.schema.json')\
+                 .validate(definition)
+
+@pytest.mark.parametrize('item_type', ['resource', 'mapping'])
+def test_get_nonexistent(client: FlaskClient, item_type: str) -> None:
+    """
+    Verify that attempts to GET a JSON definition of a nonexistent item or item
+    version result in 404.
+    """
+    response = client.get(f'/{item_type}/nonexistentapple.json')
+    assert response.status_code == 404
+    response = client.get(f'/{item_type}/helloapple/1.2.3.999')
+    assert response.status_code == 404
+
+@pytest.mark.parametrize('item_type', ['resource', 'mapping'])
+def test_file_refs(client: FlaskClient, item_type: str) -> None:
+    """
+    Verify that files referenced by definitions are accessible under their
+    proper URLs and that their hashes match.
+    """
+    response = client.get(f'/{item_type}/helloapple/2021.11.10')
+    assert response.status_code == 200
+    definition = json.loads(response.data.decode())
+
+    for file_ref in [*definition.get('scripts', []),
+                     *definition['source_copyright']]:
+        hash_sum = file_ref["sha256"]
+        response = client.get(f'/file/sha256-{hash_sum}')
+
+        assert response.status_code == 200
+        assert sha256(response.data).digest().hex() == hash_sum
+
+def test_empty_query(client: FlaskClient) -> None:
+    """
+    Verify that querying mappings for URL gives an empty list when there're no
+    mathes.
+    """
+    response = client.get(f'/query?url=https://nonexiste.nt/example')
+    assert response.status_code == 200
+
+    response_object = json.loads(response.data.decode())
+
+    assert response_object['mappings'] == []
+
+    hydrilla_util.validator_for('api_query_result-1.schema.json')\
+                 .validate(response_object)
+
+def test_query(client: FlaskClient) -> None:
+    """
+    Verify that querying mappings for URL gives a list with reference(s) the the
+    matching mapping(s).
+    """
+    response = client.get(f'/query?url=https://hydrillabugs.koszko.org/')
+    assert response.status_code == 200
+
+    response_object = json.loads(response.data.decode())
+
+    assert response_object['mappings'] == [{
+        'identifier': 'helloapple',
+        'long_name': 'Hello Apple',
+        'version': [2021, 11, 10]
+    }]
+
+    hydrilla_util.validator_for('api_query_result-1.schema.json')\
+                 .validate(response_object)
+
+def test_source(client: FlaskClient) -> None:
+    """Verify source descriptions are properly served."""
+    response = client.get(f'/source/hello.json')
+    assert response.status_code == 200
+
+    description = json.loads(response.data.decode())
+    assert description['source_name'] == 'hello'
+
+    assert sorted([d['identifier'] for d in description['definitions']]) == \
+        ['hello-message', 'helloapple', 'helloapple']
+
+    zipfile_hash = description['source_archives']['zip']['sha256']
+    response = client.get(f'/source/hello.zip')
+    assert sha256(response.data).digest().hex() == zipfile_hash
+
+    hydrilla_util.validator_for('api_source_description-1.schema.json')\
+                 .validate(description)
+
+def test_missing_source(client: FlaskClient) -> None:
+    """Verify requests for nonexistent sources result in 404."""
+    response = client.get(f'/source/nonexistent.json')
+    assert response.status_code == 404
+
+    response = client.get(f'/source/nonexistent.zip')
+    assert response.status_code == 404
+
+def test_normalize_version():
+    assert hydrilla_util.normalize_version([4, 5, 3, 0, 0]) == [4, 5, 3]
+    assert hydrilla_util.normalize_version([1, 0, 5, 0])    == [1, 0, 5]
+    assert hydrilla_util.normalize_version([3, 3])          == [3, 3]