Skip to content

Commit

Permalink
Merge pull request #793 from coinbase/test-fixture-update
Browse files Browse the repository at this point in the history
Test Fixture Update
  • Loading branch information
maitrayshah-cb authored Jan 17, 2023
2 parents dbd96fd + 710e36e commit 9ecf754
Showing 1 changed file with 16 additions and 36 deletions.
52 changes: 16 additions & 36 deletions spec/lib/salus/scanners/yarn_audit_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -81,42 +81,22 @@
expect(vul["ID"]).to be_kind_of(Integer)
end

id_vuls = vulns.select { |v| v['ID'] == 1_085_945 }
expect(id_vuls.size).to eq(1)
# vul has two merged dependdency of
expected_vul = { "Package" => "nth-check",
"Patched in" => ">=2.0.1",
"Dependency of" => "rollup-plugin-postcss",
"More info" => "https://www.npmjs.com/advisories/1085945",
"Severity" => "high",
"Title" => "Inefficient Regular Expression Complexity in nth-check",
"ID" => 1_085_945 }
expect(id_vuls[0]).to eq(expected_vul)

id_vuls_w_paths = scanner.instance_variable_get(:@vulns_w_paths)
.select { |v| v['ID'] == 1_085_945 }
expect(id_vuls.size).to eq(1)
expected_vul['Path'] = "rollup-plugin-postcss > cssnano > cssnano-preset-default > "\
"postcss-svgo > svgo > css-select > nth-check"
expect(id_vuls_w_paths[0]).to eq(expected_vul)

id_vuls = vulns.select { |v| v['ID'] == 1_067_342 }
expect(id_vuls.size).to eq(1)
id_vuls = vulns.find { |v| v['ID'] == 1_085_631 }
# vul has 1 dependency of
expected_vul = { "Package" => "minimist",
"Patched in" => ">=1.2.6",
"Dependency of" => "gulp-cssmin",
"More info" => "https://www.npmjs.com/advisories/1067342",
expected_vul = { "Package" => "lodash",
"Patched in" => ">=4.17.12",
"Dependency of" => "gulp-modify-file",
"More info" => "https://www.npmjs.com/advisories/1085631",
"Severity" => "critical",
"Title" => "Prototype Pollution in minimist",
"ID" => 1_067_342 }
expect(id_vuls[0]).to eq(expected_vul)
"Title" => "Prototype Pollution in lodash",
"ID" => 1_085_631 }
expect(id_vuls).to eq(expected_vul)

id_vuls_w_paths = scanner.instance_variable_get(:@vulns_w_paths)
.select { |v| v['ID'] == 1_067_342 }
expect(id_vuls.size).to eq(1)
expected_vul['Path'] = "gulp-cssmin > gulp-util > minimist"
expect(id_vuls_w_paths[0]).to eq(expected_vul)
.find { |v| v['ID'] == 1_085_631 }
expected_vul['Path'] = "gulp-modify-file > gulp > vinyl-fs > "\
"glob-watcher > gaze > globule > lodash"
expect(id_vuls_w_paths).to eq(expected_vul)
end

it 'should fail with error if there are errors' do
Expand Down Expand Up @@ -184,7 +164,7 @@
scanner.run
expect(scanner.report.to_h.fetch(:passed)).to eq(false)
vulns = JSON.parse(scanner.report.to_h[:info][:stdout])
expect(vulns.size).to eq(61)
expect(vulns.size).to eq(63)

auto_fix_scanner = Salus::Scanners::YarnAudit.new(repository: repo,
config: { 'auto_fix' => { 'run' => false } })
Expand All @@ -194,7 +174,7 @@
after_fix_scan.run
expect(after_fix_scan.report.to_h.fetch(:passed)).to eq(false)
after_fix_vulns = JSON.parse(after_fix_scan.report.to_h[:info][:stdout])
expect(after_fix_vulns.size).to eq(61)
expect(after_fix_vulns.size).to eq(63)
end

it 'should apply auto fixes resulting in reduced vulns' do
Expand All @@ -205,7 +185,7 @@
scanner.run
expect(scanner.report.to_h.fetch(:passed)).to eq(false)
vulns = JSON.parse(scanner.report.to_h[:info][:stdout])
expect(vulns.size).to eq(61)
expect(vulns.size).to eq(63)

auto_fix_scanner = Salus::Scanners::YarnAudit.new(repository: repo,
config: { 'auto_fix' => { 'run' => true } })
Expand All @@ -215,7 +195,7 @@
after_fix_scan.run
expect(after_fix_scan.report.to_h.fetch(:passed)).to eq(false)
after_fix_vulns = JSON.parse(after_fix_scan.report.to_h[:info][:stdout])
expect(after_fix_vulns.size).to eq(23)
expect(after_fix_vulns.size).to eq(22)
end
end

Expand Down

0 comments on commit 9ecf754

Please sign in to comment.