github.com/google/osv-scalibr@v0.4.1/guidedremediation/internal/strategy/inplace/inplace_test.go (about) 1 // Copyright 2025 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package inplace_test 16 17 import ( 18 "encoding/json" 19 "os" 20 "testing" 21 22 "deps.dev/util/resolve/dep" 23 "github.com/google/go-cmp/cmp" 24 "github.com/google/go-cmp/cmp/cmpopts" 25 "github.com/google/osv-scalibr/clients/clienttest" 26 scalibrfs "github.com/google/osv-scalibr/fs" 27 "github.com/google/osv-scalibr/guidedremediation/internal/lockfile" 28 "github.com/google/osv-scalibr/guidedremediation/internal/lockfile/npm" 29 "github.com/google/osv-scalibr/guidedremediation/internal/remediation" 30 "github.com/google/osv-scalibr/guidedremediation/internal/strategy/inplace" 31 "github.com/google/osv-scalibr/guidedremediation/internal/vulnenrichertest" 32 "github.com/google/osv-scalibr/guidedremediation/options" 33 "github.com/google/osv-scalibr/guidedremediation/result" 34 ) 35 36 func TestComputePatches(t *testing.T) { 37 npmWR, err := npm.GetReadWriter() 38 if err != nil { 39 t.Fatalf("failed getting ReadWriter: %v", err) 40 } 41 tests := []struct { 42 name string 43 universeFile string 44 vulnsFile string 45 lockfilePath string 46 readWriter lockfile.ReadWriter 47 opts options.RemediationOptions 48 wantFile string 49 }{ 50 { 51 name: "npm", 52 universeFile: "testdata/npm/universe.yaml", 53 vulnsFile: "testdata/npm/vulnerabilities.json", 54 lockfilePath: "npm/package-lock.json", 55 readWriter: npmWR, 56 opts: options.DefaultRemediationOptions(), 57 wantFile: "testdata/npm/patches.json", 58 }, 59 } 60 for _, tt := range tests { 61 t.Run(tt.name, func(t *testing.T) { 62 wantFile, err := os.Open(tt.wantFile) 63 if err != nil { 64 t.Fatalf("failed opening wantFile: %v", err) 65 } 66 defer wantFile.Close() 67 var want []result.Patch 68 if err := json.NewDecoder(wantFile).Decode(&want); err != nil { 69 t.Fatalf("failed decoding wantFile: %v", err) 70 } 71 72 fsys := scalibrfs.DirFS("./testdata") 73 g, err := tt.readWriter.Read(tt.lockfilePath, fsys) 74 if err != nil { 75 t.Fatalf("failed reading graph: %v", err) 76 } 77 78 cl := clienttest.NewMockResolutionClient(t, tt.universeFile) 79 ve := vulnenrichertest.NewMockVulnerabilityEnricher(t, tt.vulnsFile) 80 resolvedGraph, err := remediation.ResolveGraphVulns(t.Context(), cl, ve, g, nil, &tt.opts) 81 if err != nil { 82 t.Fatalf("failed resolving vulns from graph: %v", err) 83 } 84 85 got, err := inplace.ComputePatches(t.Context(), cl, resolvedGraph, &tt.opts) 86 if err != nil { 87 t.Fatalf("failed computing patches: %v", err) 88 } 89 // Type is not in exported to json, so just ignore it. 90 if diff := cmp.Diff(want, got, cmpopts.EquateEmpty(), cmpopts.IgnoreTypes(dep.Type{})); diff != "" { 91 t.Errorf("ComputePatches: unexpected diff (-want +got):\n%s", diff) 92 } 93 }) 94 } 95 }