async def test_use_rust(self, node, rust, cargo_audit, crates):
if not (rust / "rust-install" / "bin" / "cargo").is_file():
subprocess.check_call([
str(rust / "rust-1.42.0-x86_64-unknown-linux-gnu" /
"install.sh"),
f"--prefix={(rust / 'rust-install').resolve()}",
])
with prepend_to_path(
node / "node-v14.2.0-linux-x64" / "bin",
rust / "rust-install" / "bin",
cargo_audit / "cargo-audit-0.11.2" / "target" / "release",
):
if not (cargo_audit / "cargo-audit-0.11.2" / "target" / "release" /
"cargo-audit").is_file():
await run_cargo_build(cargo_audit / "cargo-audit-0.11.2")
with patch("sys.stdout", new_callable=io.StringIO) as stdout:
await ShouldI.cli(
"use",
str(crates /
"crates.io-8c1a7e29073e175f0e69e0e537374269da244cee"),
)
output = stdout.getvalue()
# cargo audit
self.assertIn("low=9,", output)
# npm audit
self.assertIn("high=8,", output)
async def test_run(self):
rust = await cached_download_unpack_archive(*CACHED_RUST)
cargo_audit = await cached_download_unpack_archive(*CACHED_CARGO_AUDIT)
rust_clippy = await cached_download_unpack_archive(
*CACHED_TARGET_RUST_CLIPPY
)
if not (
cargo_audit
/ "rustsec-cargo-audit-v0.15.0"
/ "target"
/ "release"
/ "cargo-audit"
).is_file():
await run_cargo_build(
cargo_audit / "rustsec-cargo-audit-v0.15.0" / "cargo-audit"
)
# Fix for https://github.com/RustSec/rustsec/issues/331
advisory_db_path = pathlib.Path("~", ".cargo", "advisory-db")
if advisory_db_path.is_dir():
shutil.rmtree(str(advisory_db_path))
with prepend_to_path(
rust / "rust-1.52.0-x86_64-unknown-linux-gnu" / "cargo" / "bin",
cargo_audit / "rustsec-cargo-audit-v0.15.0" / "target" / "release",
):
results = await run_cargo_audit(
str(
rust_clippy
/ "rust-clippy-52c25e9136f533c350fa1916b5bf5103f69c0f4d"
)
)
self.assertGreater(
len(results["report"]["vulnerabilities"]["list"]), -1
)
async def test_run(self, node, javascript_algo):
with prepend_to_path(node / "node-v14.2.0-linux-x64" / "bin"):
results = await run_npm_audit(
str(javascript_algo /
"javascript-algorithms-ba2d8dc4a8e27659c1420fe52390cb7981df4a94"
))
self.assertGreater(results["report"]["high"], 2941)
async def test_run(self, npm_audit, javascript_algo):
with prepend_to_path(npm_audit / "bin"):
results = await run_npm_audit(
str(
javascript_algo
/ "javascript-algorithms-ba2d8dc4a8e27659c1420fe52390cb7981df4a94"
)
)
self.assertEqual(type(results), dict)
async def test_run(self, java, dependency_check, rxjava):
with prepend_to_path(
java / "jdk-14" / "bin",
dependency_check / "dependency-check" / "bin",
):
(dependency_check / "dependency-check" / "bin" /
"dependency-check.sh").chmod(0o755)
results = await run_dependency_check(str(rxjava / "RxJava-2.2.16"))
self.assertEqual(results["report"]["total_CVE"], 3)
async def test_run(self):
node = await cached_download_unpack_archive(*CACHED_NODE)
javascript_algo = await cached_download_unpack_archive(
*CACHED_TARGET_JAVASCRIPT_ALGORITHMS)
with prepend_to_path(node / "node-v14.2.0-linux-x64" / "bin"):
results = await run_npm_audit(
str(javascript_algo /
"javascript-algorithms-ba2d8dc4a8e27659c1420fe52390cb7981df4a94"
))
self.assertGreater(results["report"]["high"], 1)
async def test_use_javascript(self, node, javascript_algo):
with prepend_to_path(node / "node-v14.2.0-linux-x64" / "bin", ):
with patch("sys.stdout", new_callable=io.StringIO) as stdout:
await ShouldI.cli(
"use",
str(javascript_algo /
"javascript-algorithms-ba2d8dc4a8e27659c1420fe52390cb7981df4a94"
),
)
output = stdout.getvalue()
self.assertIn("high=2941", output)
async def test_run(self):
java = await cached_download_unpack_archive(*CACHED_OPENJDK)
dependency_check = await cached_download_unpack_archive(
*CACHED_DEPENDENCY_CHECK)
rxjava = await cached_download_unpack_archive(*CACHED_TARGET_RXJAVA)
with prepend_to_path(
java / "jdk-14" / "bin",
dependency_check / "dependency-check" / "bin",
):
(dependency_check / "dependency-check" / "bin" /
"dependency-check.sh").chmod(0o755)
results = await run_dependency_check(str(rxjava / "RxJava-2.2.16"))
self.assertGreater(results["report"]["total_CVE"], 3)
async def test_use_javascript(self):
node = await cached_download_unpack_archive(*CACHED_NODE)
javascript_algo = await cached_download_unpack_archive(
*CACHED_TARGET_JAVASCRIPT_ALGORITHMS)
with prepend_to_path(node / "node-v14.2.0-linux-x64" / "bin", ):
results = await ShouldI._main(
"use",
str(javascript_algo /
"javascript-algorithms-ba2d8dc4a8e27659c1420fe52390cb7981df4a94"
),
)
self.assertGreater(
list(results.values())[0]["static_analysis"][0].high, 1)
async def test_run(self, golang, golangci_lint, cri_resource_manager):
os.environ["GOROOT"] = str(golang / "go")
os.environ["GOPATH"] = str(cri_resource_manager / ".gopath")
os.environ["GOBIN"] = str(cri_resource_manager / ".gopath" / "bin")
with prepend_to_path(
golang / "go" / "bin",
golangci_lint / "golangci-lint-1.23.7-linux-amd64",
):
results = await run_golangci_lint(
str(cri_resource_manager /
"cri-resource-manager-c5e6091c79830cf7d076bbdec59c4a253b369d6a"
))
self.assertEqual(results["issues"], 99)
async def test_use_javascript(self, node, javascript_algo):
with prepend_to_path(node / "node-v14.2.0-linux-x64" / "bin", ):
with patch("sys.stdout", new_callable=io.StringIO) as stdout:
await ShouldI._main(
"use",
str(javascript_algo /
"javascript-algorithms-ba2d8dc4a8e27659c1420fe52390cb7981df4a94"
),
)
output = stdout.getvalue()
results = json.loads(output)
self.assertGreater(
list(results.values())[0]["static_analysis"][0]["high"], 2940)
async def test_run(self, rust, cargo_audit, crates):
if not (cargo_audit / "cargo-audit-0.11.2" / "target" / "release" /
"cargo-audit").is_file():
await run_cargo_build(cargo_audit / "cargo-audit-0.11.2")
with prepend_to_path(
rust / "rust-1.42.0-x86_64-unknown-linux-gnu" / "cargo" /
"bin",
cargo_audit / "cargo-audit-0.11.2" / "target" / "release",
):
results = await run_cargo_audit(
str(crates /
"crates.io-8c1a7e29073e175f0e69e0e537374269da244cee"))
self.assertEqual(type(results["report"]), int)
async def test_use_rust(self):
rust = await cached_download_unpack_archive(*CACHED_RUST)
cargo_audit = await cached_download_unpack_archive(*CACHED_CARGO_AUDIT)
rust_clippy = await cached_download_unpack_archive(
*CACHED_TARGET_RUST_CLIPPY)
if not (rust / "rust-install" / "bin" / "cargo").is_file():
subprocess.check_call([
str(rust / "rust-1.52.0-x86_64-unknown-linux-gnu" /
"install.sh"),
f"--prefix={(rust / 'rust-install').resolve()}",
])
with prepend_to_path(
rust / "rust-install" / "bin",
cargo_audit / "rustsec-0.14.1" / "target" / "release",
):
if not (cargo_audit / "rustsec-0.14.1" / "target" / "release" /
"cargo-audit").is_file():
await run_cargo_build(cargo_audit / "rustsec-0.14.1")
# Fix for https://github.com/RustSec/cargo-audit/issues/331
advisory_db_path = pathlib.Path("~", ".cargo", "advisory-db")
if advisory_db_path.is_dir():
shutil.rmtree(str(advisory_db_path))
with patch("sys.stdout", new_callable=io.StringIO) as stdout:
await ShouldI._main(
"use",
str(rust_clippy /
"rust-clippy-52c25e9136f533c350fa1916b5bf5103f69c0f4d"
),
)
output = stdout.getvalue()
print(output)
results = json.loads(output)
from pprint import pprint
pprint(results)
contexts = 0
reports = 0
for context in results.values():
contexts += 1
for report in context["static_analysis"]:
reports += 1
self.assertGreater(report["report"]["qualitative"]["low"],
-1)
self.assertEqual(contexts, 1, "One project context expected")
self.assertEqual(reports, 1, "One reports expected")
async def test_use_javascript(self):
node = await cached_download_unpack_archive(*CACHED_NODE)
javascript_algo = await cached_download_unpack_archive(
*CACHED_TARGET_JAVASCRIPT_ALGORITHMS)
with prepend_to_path(node / "node-v14.2.0-linux-x64" / "bin", ):
with patch("sys.stdout", new_callable=io.StringIO) as stdout:
await ShouldI._main(
"use",
str(javascript_algo /
"javascript-algorithms-ba2d8dc4a8e27659c1420fe52390cb7981df4a94"
),
)
output = stdout.getvalue()
results = json.loads(output)
self.assertGreater(
list(results.values())[0]["static_analysis"][0]["high"], 2940)
async def test_use_rust(self, rust, cargo_audit, crates):
if not (cargo_audit / "cargo-audit-0.11.2" / "target" / "release" /
"cargo-audit").is_file():
await run_cargo_build(cargo_audit / "cargo-audit-0.11.2")
with prepend_to_path(
rust / "rust-1.42.0-x86_64-unknown-linux-gnu" / "cargo" /
"bin",
cargo_audit / "cargo-audit-0.11.2" / "target" / "release",
):
with patch("sys.stdout", new_callable=io.StringIO) as stdout:
await ShouldI.cli(
"use",
str(crates /
"crates.io-8c1a7e29073e175f0e69e0e537374269da244cee"),
)
output = stdout.getvalue()
self.assertIn("high=2", output)
async def test_run(self):
golang = await cached_download_unpack_archive(*CACHED_GOLANG)
golangci_lint = await cached_download_unpack_archive(
*CACHED_GOLANGCI_LINT)
cri_resource_manager = await cached_download_unpack_archive(
*CACHED_TARGET_CRI_RESOURCE_MANAGER)
os.environ["GOROOT"] = str(golang / "go")
os.environ["GOPATH"] = str(cri_resource_manager / ".gopath")
os.environ["GOBIN"] = str(cri_resource_manager / ".gopath" / "bin")
with prepend_to_path(
golang / "go" / "bin",
golangci_lint / "golangci-lint-1.23.7-linux-amd64",
):
results = await run_golangci_lint(
str(cri_resource_manager /
"cri-resource-manager-c5e6091c79830cf7d076bbdec59c4a253b369d6a"
))
self.assertEqual(results["issues"], 99)
async def test_use_rust(self, node, rust, cargo_audit, crates):
if not (rust / "rust-install" / "bin" / "cargo").is_file():
subprocess.check_call([
str(rust / "rust-1.42.0-x86_64-unknown-linux-gnu" /
"install.sh"),
f"--prefix={(rust / 'rust-install').resolve()}",
])
with prepend_to_path(
node / "node-v14.2.0-linux-x64" / "bin",
rust / "rust-install" / "bin",
cargo_audit / "cargo-audit-0.11.2" / "target" / "release",
):
if not (cargo_audit / "cargo-audit-0.11.2" / "target" / "release" /
"cargo-audit").is_file():
await run_cargo_build(cargo_audit / "cargo-audit-0.11.2")
with patch("sys.stdout", new_callable=io.StringIO) as stdout:
await ShouldI._main(
"use",
str(crates /
"crates.io-8c1a7e29073e175f0e69e0e537374269da244cee"),
)
output = stdout.getvalue()
print(output)
results = json.loads(output)
from pprint import pprint
pprint(results)
contexts = 0
reports = 0
for context in results.values():
contexts += 1
for report in context["static_analysis"]:
reports += 1
if "npm_audit_output" in report["report"]:
self.assertGreater(
report["report"]["npm_audit_output"]["high"], 7)
elif "qualitative" in report["report"]:
self.assertGreater(
report["report"]["qualitative"]["low"], 9)
self.assertEqual(contexts, 1, "One project context expected")
self.assertEqual(reports, 2, "Two reports expected")
async def test_run(self, rust, cargo_audit, rust_clippy):
if not (cargo_audit / "cargo-audit-0.14.0" / "target" / "release" /
"cargo-audit").is_file():
await run_cargo_build(cargo_audit / "cargo-audit-0.14.0")
# Fix for https://github.com/RustSec/cargo-audit/issues/331
advisory_db_path = pathlib.Path("~", ".cargo", "advisory-db")
if advisory_db_path.is_dir():
shutil.rmtree(str(advisory_db_path))
with prepend_to_path(
rust / "rust-1.50.0-x86_64-unknown-linux-gnu" / "cargo" /
"bin",
cargo_audit / "cargo-audit-0.14.0" / "target" / "release",
):
results = await run_cargo_audit(
str(rust_clippy /
"rust-clippy-52c25e9136f533c350fa1916b5bf5103f69c0f4d"))
self.assertGreater(
len(results["report"]["vulnerabilities"]["list"]), -1)
async def test_use_rust(self):
rust = await cached_download_unpack_archive(*CACHED_RUST)
cargo_audit = await cached_download_unpack_archive(*CACHED_CARGO_AUDIT)
rust_clippy = await cached_download_unpack_archive(
*CACHED_TARGET_RUST_CLIPPY)
if not (cargo_audit / "rustsec-cargo-audit-v0.15.0" / "target" /
"release" / "cargo-audit").is_file():
await run_cargo_build(cargo_audit / "rustsec-cargo-audit-v0.15.0" /
"cargo-audit")
# Fix for https://github.com/RustSec/rustsec/issues/331
advisory_db_path = pathlib.Path("~", ".cargo", "advisory-db")
if advisory_db_path.is_dir():
shutil.rmtree(str(advisory_db_path))
with prepend_to_path(
rust / "rust-1.52.0-x86_64-unknown-linux-gnu" / "cargo" /
"bin",
cargo_audit / "rustsec-cargo-audit-v0.15.0" / "target" /
"release",
):
results = await ShouldI._main(
"use",
str(rust_clippy /
"rust-clippy-52c25e9136f533c350fa1916b5bf5103f69c0f4d"),
)
from pprint import pprint
pprint(results)
contexts = 0
reports = 0
for context in results.values():
contexts += 1
for report in context["static_analysis"]:
reports += 1
self.assertGreater(report.report["qualitative"]["low"], -1)
self.assertEqual(contexts, 1, "One project context expected")
self.assertEqual(reports, 1, "One reports expected")
