github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/detector/library/compare/pep440/compare_test.go

github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/detector/library/compare/pep440/compare_test.go (about)

     1  package pep440_test
     2  
     3  import (
     4  	"testing"
     5  
     6  	"github.com/stretchr/testify/assert"
     7  
     8  	dbTypes "github.com/aquasecurity/trivy-db/pkg/types"
     9  	"github.com/devseccon/trivy/pkg/detector/library/compare/pep440"
    10  )
    11  
    12  func TestPep440Comparer_IsVulnerable(t *testing.T) {
    13  	type args struct {
    14  		currentVersion string
    15  		advisory       dbTypes.Advisory
    16  	}
    17  	tests := []struct {
    18  		name string
    19  		args args
    20  		want bool
    21  	}{
    22  		{
    23  			name: "happy path",
    24  			args: args{
    25  				currentVersion: "1.0.0",
    26  				advisory: dbTypes.Advisory{
    27  					VulnerableVersions: []string{"<=1.0"},
    28  					PatchedVersions:    []string{">=1.1"},
    29  				},
    30  			},
    31  			want: true,
    32  		},
    33  		{
    34  			name: "no patch",
    35  			args: args{
    36  				currentVersion: "1.2.3",
    37  				advisory: dbTypes.Advisory{
    38  					VulnerableVersions: []string{"<=99.999.99999"},
    39  					PatchedVersions:    []string{"<0.0.0"},
    40  				},
    41  			},
    42  			want: true,
    43  		},
    44  		{
    45  			name: "no patch with wildcard",
    46  			args: args{
    47  				currentVersion: "1.2.3",
    48  				advisory: dbTypes.Advisory{
    49  					VulnerableVersions: []string{"*"},
    50  					PatchedVersions:    nil,
    51  				},
    52  			},
    53  			want: true,
    54  		},
    55  		{
    56  			name: "pre-release",
    57  			args: args{
    58  				currentVersion: "1.2.3a1",
    59  				advisory: dbTypes.Advisory{
    60  					VulnerableVersions: []string{"<=1.2.2"},
    61  					PatchedVersions:    []string{">=1.2.2"},
    62  				},
    63  			},
    64  			want: false,
    65  		},
    66  		{
    67  			name: "multiple constraints",
    68  			args: args{
    69  				currentVersion: "2.0.0",
    70  				advisory: dbTypes.Advisory{
    71  					VulnerableVersions: []string{">=1.7.0 <1.7.16", ">=1.8.0 <1.8.8", ">=2.0.0 <2.0.8", ">=3.0.0b1 <3.0.0b7"},
    72  					PatchedVersions:    []string{">=3.0.0b7", ">=2.0.8 <3.0.0b1", ">=1.8.8 <2.0.0", ">=1.7.16 <1.8.0"},
    73  				},
    74  			},
    75  			want: true,
    76  		},
    77  		{
    78  			name: "exact versions",
    79  			args: args{
    80  				currentVersion: "2.1.0.post1",
    81  				advisory: dbTypes.Advisory{
    82  					VulnerableVersions: []string{"2.1.0.post1", "2.0.0"},
    83  					PatchedVersions:    []string{">=2.1.1"},
    84  				},
    85  			},
    86  			want: true,
    87  		},
    88  		{
    89  			name: "invalid version",
    90  			args: args{
    91  				currentVersion: "1.2..4",
    92  				advisory: dbTypes.Advisory{
    93  					VulnerableVersions: []string{"<1.0.0"},
    94  				},
    95  			},
    96  			want: false,
    97  		},
    98  		{
    99  			name: "invalid constraint",
   100  			args: args{
   101  				currentVersion: "1.2.4",
   102  				advisory: dbTypes.Advisory{
   103  					VulnerableVersions: []string{"!1.0.0"},
   104  				},
   105  			},
   106  			want: false,
   107  		},
   108  	}
   109  	for _, tt := range tests {
   110  		t.Run(tt.name, func(t *testing.T) {
   111  			c := pep440.Comparer{}
   112  			got := c.IsVulnerable(tt.args.currentVersion, tt.args.advisory)
   113  			assert.Equal(t, tt.want, got)
   114  		})
   115  	}
   116  }