github.com/lineaje-labs/syft@v0.98.1-0.20231227153149-9e393f60ff1b/syft/format/common/cyclonedxhelpers/external_references_test.go (about) 1 package cyclonedxhelpers 2 3 import ( 4 "testing" 5 6 "github.com/CycloneDX/cyclonedx-go" 7 "github.com/stretchr/testify/assert" 8 9 "github.com/anchore/syft/syft/pkg" 10 ) 11 12 func Test_encodeExternalReferences(t *testing.T) { 13 tests := []struct { 14 name string 15 input pkg.Package 16 expected *[]cyclonedx.ExternalReference 17 }{ 18 { 19 name: "no metadata", 20 input: pkg.Package{}, 21 expected: nil, 22 }, 23 { 24 name: "from apk", 25 input: pkg.Package{ 26 Metadata: pkg.ApkDBEntry{ 27 URL: "http://a-place.gov", 28 }, 29 }, 30 expected: &[]cyclonedx.ExternalReference{ 31 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeDistribution}, 32 }, 33 }, 34 { 35 name: "from npm with valid URL", 36 input: pkg.Package{ 37 Metadata: pkg.NpmPackage{ 38 URL: "http://a-place.gov", 39 }, 40 }, 41 expected: &[]cyclonedx.ExternalReference{ 42 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeDistribution}, 43 }, 44 }, 45 { 46 name: "from npm with invalid URL but valid Homepage", 47 input: pkg.Package{ 48 Metadata: pkg.NpmPackage{ 49 URL: "b-place", 50 Homepage: "http://b-place.gov", 51 }, 52 }, 53 expected: &[]cyclonedx.ExternalReference{ 54 {URL: "http://b-place.gov", Type: cyclonedx.ERTypeWebsite}, 55 }, 56 }, 57 { 58 name: "from cargo lock", 59 input: pkg.Package{ 60 Name: "ansi_term", 61 Version: "0.12.1", 62 Language: pkg.Rust, 63 Type: pkg.RustPkg, 64 Licenses: pkg.NewLicenseSet(), 65 Metadata: pkg.RustCargoLockEntry{ 66 Name: "ansi_term", 67 Version: "0.12.1", 68 Source: "registry+https://github.com/rust-lang/crates.io-index", 69 Checksum: "d52a9bb7ec0cf484c551830a7ce27bd20d67eac647e1befb56b0be4ee39a55d2", 70 Dependencies: []string{ 71 "winapi", 72 }, 73 }, 74 }, 75 expected: &[]cyclonedx.ExternalReference{ 76 {URL: "registry+https://github.com/rust-lang/crates.io-index", Type: cyclonedx.ERTypeDistribution}, 77 }, 78 }, 79 { 80 name: "from npm with homepage", 81 input: pkg.Package{ 82 Metadata: pkg.NpmPackage{ 83 URL: "http://a-place.gov", 84 Homepage: "http://homepage", 85 }, 86 }, 87 expected: &[]cyclonedx.ExternalReference{ 88 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeDistribution}, 89 {URL: "http://homepage", Type: cyclonedx.ERTypeWebsite}, 90 }, 91 }, 92 { 93 name: "from gem", 94 input: pkg.Package{ 95 Metadata: pkg.RubyGemspec{ 96 Homepage: "http://a-place.gov", 97 }, 98 }, 99 expected: &[]cyclonedx.ExternalReference{ 100 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeWebsite}, 101 }, 102 }, 103 { 104 name: "from python direct url", 105 input: pkg.Package{ 106 Metadata: pkg.PythonPackage{ 107 DirectURLOrigin: &pkg.PythonDirectURLOriginInfo{ 108 URL: "http://a-place.gov", 109 }, 110 }, 111 }, 112 expected: &[]cyclonedx.ExternalReference{ 113 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeVCS}, 114 }, 115 }, 116 { 117 name: "from python direct url with commit", 118 input: pkg.Package{ 119 Metadata: pkg.PythonPackage{ 120 DirectURLOrigin: &pkg.PythonDirectURLOriginInfo{ 121 URL: "http://a-place.gov", 122 CommitID: "test", 123 }, 124 }, 125 }, 126 expected: &[]cyclonedx.ExternalReference{ 127 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeVCS, Comment: "commit: test"}, 128 }, 129 }, 130 { 131 name: "empty", 132 input: pkg.Package{ 133 Metadata: pkg.NpmPackage{ 134 URL: "", 135 }, 136 }, 137 expected: nil, 138 }, 139 } 140 for _, test := range tests { 141 t.Run(test.name, func(t *testing.T) { 142 assert.Equal(t, test.expected, encodeExternalReferences(test.input)) 143 }) 144 } 145 } 146 147 func Test_isValidExternalRef(t *testing.T) { 148 tests := []struct { 149 name string 150 input string 151 expected bool 152 }{ 153 { 154 name: "valid URL for external_reference, git protocol", 155 input: "git+https://github.com/abc/def.git", 156 expected: true, 157 }, 158 { 159 name: "valid URL for external_reference, git protocol", 160 input: "git+https://github.com/abc/def.git", 161 expected: true, 162 }, 163 { 164 name: "invalid URL for external_reference", 165 input: "abc/def", 166 expected: false, 167 }, 168 } 169 for _, test := range tests { 170 t.Run(test.name, func(t *testing.T) { 171 assert.Equal(t, test.expected, isValidExternalRef(test.input)) 172 }) 173 } 174 } 175 176 func Test_toCycloneDXAlgorithm(t *testing.T) { 177 tests := []struct { 178 name string 179 input string 180 expected cyclonedx.HashAlgorithm 181 }{ 182 { 183 name: "valid algorithm name in upper case", 184 input: "SHA1", 185 expected: cyclonedx.HashAlgorithm("SHA-1"), 186 }, 187 { 188 name: "valid algorithm name in lower case", 189 input: "sha1", 190 expected: cyclonedx.HashAlgorithm("SHA-1"), 191 }, 192 } 193 for _, test := range tests { 194 t.Run(test.name, func(t *testing.T) { 195 assert.Equal(t, test.expected, toCycloneDXAlgorithm(test.input)) 196 }) 197 } 198 }