github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/syft/cpe/by_source_then_specificity_test.go

github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/syft/cpe/by_source_then_specificity_test.go (about)

     1  package cpe
     2  
     3  import (
     4  	"sort"
     5  	"testing"
     6  
     7  	"github.com/stretchr/testify/assert"
     8  )
     9  
    10  func TestBySourceThenSpecificity(t *testing.T) {
    11  	tests := []struct {
    12  		name  string
    13  		input []CPE
    14  		want  []CPE
    15  	}{
    16  		{
    17  			name: "empty case",
    18  		},
    19  		{
    20  			name: "nvd before generated",
    21  			input: []CPE{
    22  				Must("cpe:2.3:a:alpine:alpine_keys:2.3-r1:*:*:*:*:*:*:*", GeneratedSource),
    23  				Must("cpe:2.3:a:alpine:alpine_keys:2.3-r1:*:*:*:*:*:*:*", NVDDictionaryLookupSource),
    24  			},
    25  			want: []CPE{
    26  				Must("cpe:2.3:a:alpine:alpine_keys:2.3-r1:*:*:*:*:*:*:*", NVDDictionaryLookupSource),
    27  				Must("cpe:2.3:a:alpine:alpine_keys:2.3-r1:*:*:*:*:*:*:*", GeneratedSource),
    28  			},
    29  		},
    30  		{
    31  			name: "declared before generated",
    32  			input: []CPE{
    33  				Must("cpe:2.3:a:alpine:alpine_keys:2.3-r1:*:*:*:*:*:*:*", GeneratedSource),
    34  				Must("cpe:2.3:a:alpine:alpine_keys:2.3-r1:*:*:*:*:*:*:*", DeclaredSource),
    35  			},
    36  			want: []CPE{
    37  				Must("cpe:2.3:a:alpine:alpine_keys:2.3-r1:*:*:*:*:*:*:*", DeclaredSource),
    38  				Must("cpe:2.3:a:alpine:alpine_keys:2.3-r1:*:*:*:*:*:*:*", GeneratedSource),
    39  			},
    40  		},
    41  		{
    42  			name: "most specific attributes of equal sources",
    43  			input: []CPE{
    44  				Must("cpe:2.3:a:some:package:*:*:*:*:*:*:*:*", NVDDictionaryLookupSource),
    45  				Must("cpe:2.3:a:some:package:1:*:*:*:*:*:*:*", NVDDictionaryLookupSource),
    46  				Must("cpe:2.3:a:some:package:1:*:*:*:*:some:*:*", NVDDictionaryLookupSource),
    47  			},
    48  			want: []CPE{
    49  				Must("cpe:2.3:a:some:package:1:*:*:*:*:some:*:*", NVDDictionaryLookupSource),
    50  				Must("cpe:2.3:a:some:package:1:*:*:*:*:*:*:*", NVDDictionaryLookupSource),
    51  				Must("cpe:2.3:a:some:package:*:*:*:*:*:*:*:*", NVDDictionaryLookupSource),
    52  			},
    53  		},
    54  		{
    55  			name: "most specific attributes of unknown sources",
    56  			input: []CPE{
    57  				Must("cpe:2.3:a:some:package:1:*:*:*:*:*:*:*", ""),
    58  				Must("cpe:2.3:a:some:package:1:*:*:*:*:some:*:*", "some-other-unknown-source"),
    59  				Must("cpe:2.3:a:some:package:*:*:*:*:*:*:*:*", "some-unknown-source"),
    60  			},
    61  			want: []CPE{
    62  				Must("cpe:2.3:a:some:package:1:*:*:*:*:some:*:*", "some-other-unknown-source"),
    63  				Must("cpe:2.3:a:some:package:1:*:*:*:*:*:*:*", ""),
    64  				Must("cpe:2.3:a:some:package:*:*:*:*:*:*:*:*", "some-unknown-source"),
    65  			},
    66  		},
    67  	}
    68  	for _, tt := range tests {
    69  		t.Run(tt.name, func(t *testing.T) {
    70  			sort.Sort(BySourceThenSpecificity(tt.input))
    71  			assert.Equal(t, tt.want, tt.input)
    72  		})
    73  	}
    74  }