github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/fanal/analyzer/language/python/poetry/poetry_test.go (about) 1 package poetry 2 3 import ( 4 "context" 5 "os" 6 "testing" 7 8 "github.com/stretchr/testify/assert" 9 "github.com/stretchr/testify/require" 10 11 "github.com/devseccon/trivy/pkg/fanal/analyzer" 12 "github.com/devseccon/trivy/pkg/fanal/types" 13 ) 14 15 func Test_poetryLibraryAnalyzer_Analyze(t *testing.T) { 16 tests := []struct { 17 name string 18 dir string 19 want *analyzer.AnalysisResult 20 }{ 21 { 22 name: "happy path", 23 dir: "testdata/happy", 24 want: &analyzer.AnalysisResult{ 25 Applications: []types.Application{ 26 { 27 Type: types.Poetry, 28 FilePath: "poetry.lock", 29 Libraries: types.Packages{ 30 { 31 ID: "certifi@2022.12.7", 32 Name: "certifi", 33 Version: "2022.12.7", 34 Indirect: true, 35 }, 36 { 37 ID: "charset-normalizer@2.1.1", 38 Name: "charset-normalizer", 39 Version: "2.1.1", 40 Indirect: true, 41 }, 42 { 43 ID: "click@7.1.2", 44 Name: "click", 45 Version: "7.1.2", 46 Indirect: true, 47 }, 48 { 49 ID: "flask@1.1.4", 50 Name: "flask", 51 Version: "1.1.4", 52 DependsOn: []string{ 53 "click@7.1.2", 54 "itsdangerous@1.1.0", 55 "jinja2@2.11.3", 56 "werkzeug@1.0.1", 57 }, 58 }, 59 { 60 ID: "idna@3.4", 61 Name: "idna", 62 Version: "3.4", 63 Indirect: true, 64 }, 65 { 66 ID: "itsdangerous@1.1.0", 67 Name: "itsdangerous", 68 Version: "1.1.0", 69 Indirect: true, 70 }, 71 { 72 ID: "jinja2@2.11.3", 73 Name: "jinja2", 74 Version: "2.11.3", 75 Indirect: true, 76 DependsOn: []string{ 77 "markupsafe@2.1.2", 78 }, 79 }, 80 { 81 ID: "markupsafe@2.1.2", 82 Name: "markupsafe", 83 Version: "2.1.2", 84 Indirect: true, 85 }, 86 { 87 ID: "requests@2.28.1", 88 Name: "requests", 89 Version: "2.28.1", 90 DependsOn: []string{ 91 "certifi@2022.12.7", 92 "charset-normalizer@2.1.1", 93 "idna@3.4", 94 "urllib3@1.26.14", 95 }, 96 }, 97 { 98 ID: "urllib3@1.26.14", 99 Name: "urllib3", 100 Version: "1.26.14", 101 Indirect: true, 102 }, 103 { 104 ID: "werkzeug@1.0.1", 105 Name: "werkzeug", 106 Version: "1.0.1", 107 Indirect: true, 108 }, 109 }, 110 }, 111 }, 112 }, 113 }, 114 { 115 name: "no pyproject.toml", 116 dir: "testdata/no-pyproject", 117 want: &analyzer.AnalysisResult{ 118 Applications: []types.Application{ 119 { 120 Type: types.Poetry, 121 FilePath: "poetry.lock", 122 Libraries: types.Packages{ 123 { 124 ID: "click@8.1.3", 125 Name: "click", 126 Version: "8.1.3", 127 DependsOn: []string{ 128 "colorama@0.4.6", 129 }, 130 }, 131 { 132 ID: "colorama@0.4.6", 133 Name: "colorama", 134 Version: "0.4.6", 135 }, 136 }, 137 }, 138 }, 139 }, 140 }, 141 { 142 name: "wrong pyproject.toml", 143 dir: "testdata/wrong-pyproject", 144 want: &analyzer.AnalysisResult{ 145 Applications: []types.Application{ 146 { 147 Type: types.Poetry, 148 FilePath: "poetry.lock", 149 Libraries: types.Packages{ 150 { 151 ID: "click@8.1.3", 152 Name: "click", 153 Version: "8.1.3", 154 DependsOn: []string{ 155 "colorama@0.4.6", 156 }, 157 }, 158 { 159 ID: "colorama@0.4.6", 160 Name: "colorama", 161 Version: "0.4.6", 162 }, 163 }, 164 }, 165 }, 166 }, 167 }, 168 { 169 name: "broken poetry.lock", 170 dir: "testdata/sad", 171 want: &analyzer.AnalysisResult{}, 172 }, 173 } 174 175 for _, tt := range tests { 176 t.Run(tt.name, func(t *testing.T) { 177 a, err := newPoetryAnalyzer(analyzer.AnalyzerOptions{}) 178 require.NoError(t, err) 179 180 got, err := a.PostAnalyze(context.Background(), analyzer.PostAnalysisInput{ 181 FS: os.DirFS(tt.dir), 182 }) 183 184 assert.NoError(t, err) 185 assert.Equal(t, tt.want, got) 186 }) 187 } 188 }