github.com/noqcks/syft@v0.0.0-20230920222752-a9e2c4e288e5/syft/formats/common/cyclonedxhelpers/external_references_test.go (about) 1 package cyclonedxhelpers 2 3 import ( 4 "testing" 5 6 "github.com/CycloneDX/cyclonedx-go" 7 "github.com/stretchr/testify/assert" 8 9 "github.com/anchore/syft/syft/pkg" 10 ) 11 12 func Test_encodeExternalReferences(t *testing.T) { 13 tests := []struct { 14 name string 15 input pkg.Package 16 expected *[]cyclonedx.ExternalReference 17 }{ 18 { 19 name: "no metadata", 20 input: pkg.Package{}, 21 expected: nil, 22 }, 23 { 24 name: "from apk", 25 input: pkg.Package{ 26 Metadata: pkg.ApkMetadata{ 27 URL: "http://a-place.gov", 28 }, 29 }, 30 expected: &[]cyclonedx.ExternalReference{ 31 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeDistribution}, 32 }, 33 }, 34 { 35 name: "from npm with valid URL", 36 input: pkg.Package{ 37 Metadata: pkg.NpmPackageJSONMetadata{ 38 URL: "http://a-place.gov", 39 }, 40 }, 41 expected: &[]cyclonedx.ExternalReference{ 42 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeDistribution}, 43 }, 44 }, 45 { 46 name: "from npm with invalid URL but valid Homepage", 47 input: pkg.Package{ 48 Metadata: pkg.NpmPackageJSONMetadata{ 49 URL: "b-place", 50 Homepage: "http://b-place.gov", 51 }, 52 }, 53 expected: &[]cyclonedx.ExternalReference{ 54 {URL: "http://b-place.gov", Type: cyclonedx.ERTypeWebsite}, 55 }, 56 }, 57 { 58 name: "from cargo lock", 59 input: pkg.Package{ 60 Name: "ansi_term", 61 Version: "0.12.1", 62 Language: pkg.Rust, 63 Type: pkg.RustPkg, 64 MetadataType: pkg.RustCargoPackageMetadataType, 65 Licenses: pkg.NewLicenseSet(), 66 Metadata: pkg.CargoPackageMetadata{ 67 Name: "ansi_term", 68 Version: "0.12.1", 69 Source: "registry+https://github.com/rust-lang/crates.io-index", 70 Checksum: "d52a9bb7ec0cf484c551830a7ce27bd20d67eac647e1befb56b0be4ee39a55d2", 71 Dependencies: []string{ 72 "winapi", 73 }, 74 }, 75 }, 76 expected: &[]cyclonedx.ExternalReference{ 77 {URL: "registry+https://github.com/rust-lang/crates.io-index", Type: cyclonedx.ERTypeDistribution}, 78 }, 79 }, 80 { 81 name: "from npm with homepage", 82 input: pkg.Package{ 83 Metadata: pkg.NpmPackageJSONMetadata{ 84 URL: "http://a-place.gov", 85 Homepage: "http://homepage", 86 }, 87 }, 88 expected: &[]cyclonedx.ExternalReference{ 89 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeDistribution}, 90 {URL: "http://homepage", Type: cyclonedx.ERTypeWebsite}, 91 }, 92 }, 93 { 94 name: "from gem", 95 input: pkg.Package{ 96 Metadata: pkg.GemMetadata{ 97 Homepage: "http://a-place.gov", 98 }, 99 }, 100 expected: &[]cyclonedx.ExternalReference{ 101 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeWebsite}, 102 }, 103 }, 104 { 105 name: "from python direct url", 106 input: pkg.Package{ 107 Metadata: pkg.PythonPackageMetadata{ 108 DirectURLOrigin: &pkg.PythonDirectURLOriginInfo{ 109 URL: "http://a-place.gov", 110 }, 111 }, 112 }, 113 expected: &[]cyclonedx.ExternalReference{ 114 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeVCS}, 115 }, 116 }, 117 { 118 name: "from python direct url with commit", 119 input: pkg.Package{ 120 Metadata: pkg.PythonPackageMetadata{ 121 DirectURLOrigin: &pkg.PythonDirectURLOriginInfo{ 122 URL: "http://a-place.gov", 123 CommitID: "test", 124 }, 125 }, 126 }, 127 expected: &[]cyclonedx.ExternalReference{ 128 {URL: "http://a-place.gov", Type: cyclonedx.ERTypeVCS, Comment: "commit: test"}, 129 }, 130 }, 131 { 132 name: "empty", 133 input: pkg.Package{ 134 Metadata: pkg.NpmPackageJSONMetadata{ 135 URL: "", 136 }, 137 }, 138 expected: nil, 139 }, 140 } 141 for _, test := range tests { 142 t.Run(test.name, func(t *testing.T) { 143 assert.Equal(t, test.expected, encodeExternalReferences(test.input)) 144 }) 145 } 146 } 147 148 func Test_isValidExternalRef(t *testing.T) { 149 tests := []struct { 150 name string 151 input string 152 expected bool 153 }{ 154 { 155 name: "valid URL for external_reference, git protocol", 156 input: "git+https://github.com/abc/def.git", 157 expected: true, 158 }, 159 { 160 name: "valid URL for external_reference, git protocol", 161 input: "git+https://github.com/abc/def.git", 162 expected: true, 163 }, 164 { 165 name: "invalid URL for external_reference", 166 input: "abc/def", 167 expected: false, 168 }, 169 } 170 for _, test := range tests { 171 t.Run(test.name, func(t *testing.T) { 172 assert.Equal(t, test.expected, isValidExternalRef(test.input)) 173 }) 174 } 175 }