Ejemplos de TaskRunner en Python

Ejemplo n.º 1

    def test_update_bucket(self):
        """Test bucket entries."""
        self.source_repo.type = osv.SourceRepositoryType.BUCKET
        self.source_repo.bucket = TEST_BUCKET
        self.source_repo.editable = False
        self.source_repo.put()

        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)

        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'a/b/test.json',
            'original_sha256': ('b2b37bde8f39256239419078de672ce7'
                                'a408735f1c2502ee8fa08745096e1971'),
            'deleted':
            'false',
        }
        task_runner._source_update(message)

        self.expect_dict_equal('update_bucket_0',
                               osv.Bug.get_by_id('GO-2021-0085')._to_dict())
        self.expect_dict_equal('update_bucket_1',
                               osv.Bug.get_by_id('GO-2021-0087')._to_dict())

Ejemplo n.º 2

    def test_update_new(self):
        """Test update with new vulnerability added."""
        self.mock_repo.add_file(
            'BLAH-126.yaml',
            self._load_test_data(os.path.join(TEST_DATA_DIR, 'BLAH-126.yaml')))
        self.mock_repo.commit('User', 'user@email')

        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-126.yaml',
            'original_sha256': ('5e1c2f30f6312cb16f5eedac88f92992'
                                'dd015e2891d17e84ee2ab8af78b801b9'),
            'deleted':
            'false',
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        self.assertEqual('*****@*****.**', commit.author.email)
        self.assertEqual('OSV', commit.author.name)
        self.assertEqual('Update BLAH-126', commit.message)

        self.expect_dict_equal('update_new',
                               osv.Bug.get_by_id('BLAH-126')._to_dict())

Ejemplo n.º 3

Archivo: worker_test.py Proyecto: xining-tools/osv

    def test_update_conflict_while_pushing(self):
        """Test basic update with a conflict while pushing."""
        original_push_source_changes = osv.push_source_changes

        def mock_push_source_changes(*args, **kwargs):
            self.mock_repo.add_file('BLAH-123.yaml', 'changed')
            self.mock_repo.commit('Another user', 'user@email')

            original_push_source_changes(*args, **kwargs)

        patcher = mock.patch('osv.push_source_changes')
        self.addCleanup(patcher.stop)
        patcher.start().side_effect = mock_push_source_changes

        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-123.yaml',
            'original_sha256': ('b149accd3dd3e66f882de2201481d9fa'
                                'd25324916501a9a0f7b1ae1afe256f0b'),
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        # Latest commit is still the user commit.
        self.assertEqual('user@email', commit.author.email)
        self.assertEqual('Another user', commit.author.name)

Ejemplo n.º 4

    def test_update_conflict_while_pushing(self):
        """Test basic update with a conflict while pushing."""
        original_push_source_changes = osv.push_source_changes

        def mock_push_source_changes(*args, **kwargs):
            self.mock_repo.add_file('BLAH-123.yaml', 'changed')
            self.mock_repo.commit('Another user', 'user@email')

            original_push_source_changes(*args, **kwargs)

        patcher = mock.patch('osv.push_source_changes')
        self.addCleanup(patcher.stop)
        patcher.start().side_effect = mock_push_source_changes

        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-123.yaml',
            'original_sha256': ('4ff2c39882e21b963f6d716f318f07c2'
                                '9434baef91eb339aefa9840fadb12084'),
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        # Latest commit is still the user commit.
        self.assertEqual('user@email', commit.author.email)
        self.assertEqual('Another user', commit.author.name)

Ejemplo n.º 5

    def test_update_conflict_while_pushing(self):
        """Test basic update with a conflict while pushing."""
        original_push_source_changes = osv.push_source_changes

        def mock_push_source_changes(*args, **kwargs):
            self.mock_repo.add_file('BLAH-123.yaml', 'changed')
            self.mock_repo.commit('Another user', 'user@email')

            original_push_source_changes(*args, **kwargs)

        patcher = mock.patch('osv.push_source_changes')
        self.addCleanup(patcher.stop)
        patcher.start().side_effect = mock_push_source_changes

        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-123.yaml',
            'original_sha256': ('d35b787ba467d6d45c2046c0c5a9c237'
                                'ab4b7d9942cc9ad25f2bc27a2ffa7859'),
            'deleted':
            'false',
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        # Latest commit is still the user commit.
        self.assertEqual('user@email', commit.author.email)
        self.assertEqual('Another user', commit.author.name)

Ejemplo n.º 6

Archivo: worker_test.py Proyecto: henryzz0/osv

  def test_update_new(self):
    """Test update with new vulnerability added."""
    self.mock_repo.add_file(
        'BLAH-126.yaml',
        self._load_test_data(os.path.join(TEST_DATA_DIR, 'BLAH-126.yaml')))
    self.mock_repo.commit('User', 'user@email')

    task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name, None,
                                    None)
    message = mock.Mock()
    message.attributes = {
        'source': 'source',
        'path': 'BLAH-126.yaml',
        'original_sha256': ('bfbbcdaa2d90d39e1086933b8f69ca8e'
                            'ae35c9d093ec9b4a37d7c01851da7b2a'),
        'deleted': 'false',
    }
    task_runner._source_update(message)

    repo = pygit2.Repository(self.remote_source_repo_path)
    commit = repo.head.peel()

    self.assertEqual('*****@*****.**', commit.author.email)
    self.assertEqual('OSV', commit.author.name)
    self.assertEqual('Update BLAH-126', commit.message)

    self.assertDictEqual(
        {
            'additional_commit_ranges': [{
                'fixed_in': 'b9b3fd4732695b83c3068b7b6a14bb372ec31f98',
                'introduced_in': 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd'
            }, {
                'fixed_in': '',
                'introduced_in': 'febfac1940086bc1f6d3dc33fda0a1d1ba336209'
            }],
            'affected':
                ['branch-v0.1.1', 'branch_1_cherrypick_regress', 'v0.1.1'],
            'affected_fuzzy': ['0-1-1', '1', '0-1-1'],
            'details': 'Blah blah blah\nBlah\n',
            'ecosystem': 'golang',
            'fixed': '8d8242f545e9cec3e6d0d2e3f5bde8be1c659735',
            'has_affected': True,
            'issue_id': None,
            'last_modified': datetime.datetime(2021, 1, 1, 0, 0),
            'project': 'blah.com/package',
            'public': None,
            'reference_urls': ['https://ref.com/ref'],
            'regressed': 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
            'repo_url': 'https://osv-test/repo/url',
            'search_indices': ['blah.com/package', 'BLAH-126', 'BLAH', '126'],
            'severity': 'HIGH',
            'sort_key': 'BLAH-0000126',
            'source_id': 'source:BLAH-126.yaml',
            'source_of_truth': osv.SourceOfTruth.SOURCE_REPO,
            'status': osv.BugStatus.PROCESSED,
            'summary': 'A vulnerability',
            'timestamp': datetime.datetime(2021, 1, 1, 0, 0),
        },
        osv.Bug.get_by_id('BLAH-126')._to_dict())

Ejemplo n.º 7

    def test_update_no_introduced(self):
        """Test update vulnerability with no introduced commit."""
        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)

        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-127.yaml',
            'original_sha256': ('41ba4799f09d73ab41d60f8fbeaa83a7'
                                '9f6d8a301330c5c1061cf113ff96a8a3'),
            'deleted':
            'false',
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        self.assertEqual('*****@*****.**', commit.author.email)
        self.assertEqual('OSV', commit.author.name)
        self.assertEqual('Update BLAH-127', commit.message)
        diff = repo.diff(commit.parents[0], commit)

        self.expect_dict_equal('update_no_introduced',
                               osv.Bug.get_by_id('BLAH-127')._to_dict())
        self.expect_equal('diff_update_no_introduced', diff.patch)

        affected_commits = list(osv.AffectedCommit.query())
        self.assertCountEqual([
            'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
            'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
            'a2ba949290915d445d34d0e8e9de2e7ce38198fc',
            'e1b045257bc5ca2a11d0476474f45ef77a0366c7',
            '00514d6f244f696e750a37083163992c6a50cfd3',
            '25147a74d8aeb27b43665530ee121a2a1b19dc58',
            '3c5dcf6a5bec14baab3b247d369a7270232e1b83',
            '4c155795426727ea05575bd5904321def23c03f4',
            '57e58a5d7c2bb3ce0f04f17ec0648b92ee82531f',
            '90aa4127295b2c37b5f7fcf6a9772b12c99a5212',
            '949f182716f037e25394bbb98d39b3295d230a29',
            'b1fa81a5d59e9b4d6e276d82fc17058f3cf139d9',
            'f0cc40d8c3dabb27c2cfe26f1764305abc91a0b9',
            'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
            'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b',
        ], [commit.commit for commit in affected_commits])

Ejemplo n.º 8

    def test_update_pypi(self):
        """Test a PyPI entry."""
        self.source_repo.ignore_git = False
        self.source_repo.versions_from_repo = False
        self.source_repo.detect_cherrypicks = False
        self.source_repo.put()

        self.mock_repo.add_file(
            'PYSEC-123.yaml',
            self._load_test_data(os.path.join(TEST_DATA_DIR,
                                              'PYSEC-123.yaml')))
        self.mock_repo.commit('User', 'user@email')
        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'PYSEC-123.yaml',
            'original_sha256': ('f664bd547299c003e658feb81d4e3b36'
                                '17c1433e301037a5a825a615581fc6ee'),
            'deleted':
            'false',
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        self.assertEqual('*****@*****.**', commit.author.email)
        self.assertEqual('OSV', commit.author.name)
        self.assertEqual('Update PYSEC-123', commit.message)
        diff = repo.diff(commit.parents[0], commit)
        self.expect_equal('diff_pypi', diff.patch)

        self.expect_dict_equal(
            'update_pypi',
            ndb.Key(osv.Bug, 'source:PYSEC-123').get()._to_dict())

        affected_commits = list(osv.AffectedCommit.query())
        self.assertCountEqual([
            'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
            'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
        ], [a.commit for a in affected_commits])

Ejemplo n.º 9

Archivo: worker_test.py Proyecto: henryzz0/osv

  def test_update_delete(self):
    """Test deletion."""
    task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name, None,
                                    None)
    self.mock_repo.delete_file('BLAH-123.yaml')
    self.mock_repo.commit('User', 'user@email')

    message = mock.Mock()
    message.attributes = {
        'source': 'source',
        'path': 'BLAH-123.yaml',
        'original_sha256': ('b149accd3dd3e66f882de2201481d9fa'
                            'd25324916501a9a0f7b1ae1afe256f0b'),
        'deleted': 'true',
    }
    task_runner._source_update(message)
    bug = osv.Bug.get_by_id('BLAH-123')
    self.assertEqual(osv.BugStatus.INVALID, bug.status)

Ejemplo n.º 10

    def test_update_conflict(self):
        """Test basic update with a conflict."""
        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source': 'source',
            'path': 'BLAH-123.yaml',
            'original_sha256': 'invalid',
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        # Latest commit is still the user commit.
        self.assertEqual('user@email', commit.author.email)
        self.assertEqual('User', commit.author.name)

Ejemplo n.º 11

Archivo: worker_test.py Proyecto: henryzz0/osv

  def test_update_no_changes(self):
    """Test basic update (with no changes)."""
    task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name, None,
                                    None)
    message = mock.Mock()
    message.attributes = {
        'source': 'source',
        'path': 'BLAH-125.yaml',
        'original_sha256': ('b5ecb05106faef7fc5bd07f86e089783'
                            '4354608c5bb59d3b6317491874198a3a'),
        'deleted': 'false',
    }
    task_runner._source_update(message)

    repo = pygit2.Repository(self.remote_source_repo_path)
    commit = repo.head.peel()

    self.assertEqual('user@email', commit.author.email)
    self.assertEqual('User', commit.author.name)

Ejemplo n.º 12

    def test_update_no_changes(self):
        """Test basic update (with no changes)."""
        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-125.yaml',
            'original_sha256': ('e405bf50fe67dc09217eb898b1321a4c'
                                'b7a0bfb71de68910240ff804e45e7ff5'),
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        self.assertEqual('user@email', commit.author.email)
        self.assertEqual('User', commit.author.name)

Ejemplo n.º 13

    def test_update_add_fix(self):
        """Test basic update adding a fix."""
        fix_result = osv.FixResult(
            id='source:BLAH-124.yaml',
            commit='8d8242f545e9cec3e6d0d2e3f5bde8be1c659735')
        fix_result.put()
        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-124.yaml',
            'original_sha256': ('5d6224b81fb100d51bf61c2568b1c75f'
                                '1df355ace1872af1b7eb0b1b5d93f477'),
            'deleted':
            'false',
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        self.assertEqual('*****@*****.**', commit.author.email)
        self.assertEqual('OSV', commit.author.name)
        self.assertEqual('Update BLAH-124', commit.message)
        diff = repo.diff(commit.parents[0], commit)

        self.expect_equal('diff_update_add_fix', diff.patch)
        self.expect_dict_equal('update_add_fix',
                               osv.Bug.get_by_id('BLAH-124')._to_dict())

        affected_commits = list(osv.AffectedCommit.query())
        self.assertCountEqual([
            '4c155795426727ea05575bd5904321def23c03f4',
            'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
            'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
            'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
            'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b',
        ], [commit.commit for commit in affected_commits])

Ejemplo n.º 14

    def test_update_delete(self):
        """Test deletion."""
        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        self.mock_repo.delete_file('BLAH-123.yaml')
        self.mock_repo.commit('User', 'user@email')

        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-123.yaml',
            'original_sha256': ('d35b787ba467d6d45c2046c0c5a9c237'
                                'ab4b7d9942cc9ad25f2bc27a2ffa7859'),
            'deleted':
            'true',
        }
        task_runner._source_update(message)
        bug = osv.Bug.get_by_id('BLAH-123')
        self.assertEqual(osv.BugStatus.INVALID, bug.status)

Ejemplo n.º 15

    def test_update_no_changes(self):
        """Test basic update (with no changes)."""
        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-125.yaml',
            'original_sha256': ('f3914d12891a3a441cb19cfe5c11f9b6'
                                'b5cd0c87c3c14c40d54559dad4bb813a'),
            'deleted':
            'false',
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        self.assertEqual('user@email', commit.author.email)
        self.assertEqual('User', commit.author.name)

Ejemplo n.º 16

    def test_update(self):
        """Test basic update."""
        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-123.yaml',
            'original_sha256': ('d35b787ba467d6d45c2046c0c5a9c237'
                                'ab4b7d9942cc9ad25f2bc27a2ffa7859'),
            'deleted':
            'false',
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        self.assertEqual('*****@*****.**', commit.author.email)
        self.assertEqual('OSV', commit.author.name)
        self.assertEqual('Update BLAH-123', commit.message)
        diff = repo.diff(commit.parents[0], commit)

        self.expect_equal('diff_update', diff.patch)
        self.expect_dict_equal('update',
                               osv.Bug.get_by_id('BLAH-123')._to_dict())

        affected_commits = list(osv.AffectedCommit.query())
        self.assertCountEqual([
            '4c155795426727ea05575bd5904321def23c03f4',
            'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
            'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
            'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
            'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b',
        ], [commit.commit for commit in affected_commits])

Ejemplo n.º 17

    def test_update_limit(self):
        """Test basic update with limit events."""
        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-128.yaml',
            'original_sha256': ('54683c1611241e58bfe7489df6d5431fa'
                                '476ff15eaf7511e2800246733ff3975'),
            'deleted':
            'false',
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        self.assertEqual('*****@*****.**', commit.author.email)
        self.assertEqual('OSV', commit.author.name)
        self.assertEqual('Update BLAH-128', commit.message)
        diff = repo.diff(commit.parents[0], commit)

        self.expect_equal('diff_update_limit', diff.patch)
        self.expect_dict_equal('update_limit',
                               osv.Bug.get_by_id('BLAH-128')._to_dict())

        affected_commits = list(osv.AffectedCommit.query())
        self.assertCountEqual([
            'a2ba949290915d445d34d0e8e9de2e7ce38198fc',
            'e1b045257bc5ca2a11d0476474f45ef77a0366c7',
            'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
            'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
        ], [commit.commit for commit in affected_commits])

Ejemplo n.º 18

    def test_update(self):
        """Test basic update."""
        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-123.yaml',
            'original_sha256': ('4ff2c39882e21b963f6d716f318f07c2'
                                '9434baef91eb339aefa9840fadb12084'),
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        self.assertEqual('*****@*****.**', commit.author.email)
        self.assertEqual('OSV', commit.author.name)
        self.assertEqual('Update BLAH-123', commit.message)
        diff = repo.diff(commit.parents[0], commit)
        self.assertEqual(self._load_test_data('expected.diff'), diff.patch)

        self.assertDictEqual(
            {
                'additional_commit_ranges':
                [{
                    'fixed_in': 'b9b3fd4732695b83c3068b7b6a14bb372ec31f98',
                    'introduced_in': 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd'
                }, {
                    'fixed_in': '',
                    'introduced_in': 'febfac1940086bc1f6d3dc33fda0a1d1ba336209'
                }],
                'affected': [],
                'affected_fuzzy': [],
                'confidence':
                None,
                'details':
                'Blah blah blah\nBlah\n',
                'ecosystem':
                'golang',
                'fixed':
                '8d8242f545e9cec3e6d0d2e3f5bde8be1c659735',
                'has_affected':
                False,
                'issue_id':
                None,
                'last_modified':
                datetime.datetime(2021, 1, 1, 0, 0),
                'project':
                'blah.com/package',
                'public':
                None,
                'reference_urls': ['https://ref.com/ref'],
                'regressed':
                'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
                'repo_url':
                None,
                'search_indices':
                ['blah.com/package', 'BLAH-123', 'BLAH', '123'],
                'severity':
                'HIGH',
                'sort_key':
                'BLAH-0000123',
                'source_id':
                'source:BLAH-123.yaml',
                'source_of_truth':
                osv.SourceOfTruth.SOURCE_REPO,
                'status':
                None,
                'summary':
                'A vulnerability',
                'timestamp':
                None
            },
            osv.Bug.get_by_id('BLAH-123')._to_dict())

Ejemplo n.º 19

Archivo: worker_test.py Proyecto: xining-tools/osv

    def test_update(self):
        """Test basic update."""
        task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name,
                                        None, None)
        message = mock.Mock()
        message.attributes = {
            'source':
            'source',
            'path':
            'BLAH-123.yaml',
            'original_sha256': ('b149accd3dd3e66f882de2201481d9fa'
                                'd25324916501a9a0f7b1ae1afe256f0b'),
        }
        task_runner._source_update(message)

        repo = pygit2.Repository(self.remote_source_repo_path)
        commit = repo.head.peel()

        self.assertEqual('*****@*****.**', commit.author.email)
        self.assertEqual('OSV', commit.author.name)
        self.assertEqual('Update BLAH-123', commit.message)
        diff = repo.diff(commit.parents[0], commit)
        self.assertEqual(self._load_test_data('expected.diff'), diff.patch)

        self.assertDictEqual(
            {
                'additional_commit_ranges':
                [{
                    'fixed_in': 'b9b3fd4732695b83c3068b7b6a14bb372ec31f98',
                    'introduced_in': 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd'
                }, {
                    'fixed_in': '',
                    'introduced_in': 'febfac1940086bc1f6d3dc33fda0a1d1ba336209'
                }],
                'affected': [],
                'affected_fuzzy': [],
                'confidence':
                None,
                'details':
                'Blah blah blah\nBlah\n',
                'ecosystem':
                'golang',
                'fixed':
                '8d8242f545e9cec3e6d0d2e3f5bde8be1c659735',
                'has_affected':
                False,
                'issue_id':
                None,
                'last_modified':
                datetime.datetime(2021, 1, 1, 0, 0),
                'project':
                'blah.com/package',
                'public':
                None,
                'reference_urls': ['https://ref.com/ref'],
                'regressed':
                'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
                'repo_url':
                None,
                'search_indices':
                ['blah.com/package', 'BLAH-123', 'BLAH', '123'],
                'severity':
                'HIGH',
                'sort_key':
                'BLAH-0000123',
                'source_id':
                'source:BLAH-123.yaml',
                'source_of_truth':
                osv.SourceOfTruth.SOURCE_REPO,
                'status':
                None,
                'summary':
                'A vulnerability',
                'timestamp':
                None
            },
            osv.Bug.get_by_id('BLAH-123')._to_dict())

        affected_commits = list(osv.AffectedCommit.query())
        self.assertCountEqual([
            '4c155795426727ea05575bd5904321def23c03f4',
            'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
            'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
            'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
            'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b',
        ], [commit.commit for commit in affected_commits])

Ejemplo n.º 20

Archivo: worker_test.py Proyecto: henryzz0/osv

  def test_update_no_introduced(self):
    """Test update vulnerability with no introduced commit."""
    task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name, None,
                                    None)

    message = mock.Mock()
    message.attributes = {
        'source': 'source',
        'path': 'BLAH-127.yaml',
        'original_sha256': ('484f6d8659f0c01e2f08a6fba9791fb2'
                            '9b5df09530e5d8307fc1f368b01d7dcb'),
        'deleted': 'false',
    }
    task_runner._source_update(message)

    repo = pygit2.Repository(self.remote_source_repo_path)
    commit = repo.head.peel()

    self.assertEqual('*****@*****.**', commit.author.email)
    self.assertEqual('OSV', commit.author.name)
    self.assertEqual('Update BLAH-127', commit.message)
    diff = repo.diff(commit.parents[0], commit)
    self.assertEqual(self._load_test_data('expected_127.diff'), diff.patch)

    self.assertDictEqual(
        {
            'additional_commit_ranges': [{
                'fixed_in': 'b9b3fd4732695b83c3068b7b6a14bb372ec31f98',
                'introduced_in': ''
            },],
            'affected': [
                'branch-v0.1.1', 'branch_1_cherrypick_regress', 'v0.1', 'v0.1.1'
            ],
            'affected_fuzzy': ['0-1-1', '1', '0-1', '0-1-1'],
            'details': 'Blah blah blah\nBlah\n',
            'ecosystem': 'golang',
            'fixed': '8d8242f545e9cec3e6d0d2e3f5bde8be1c659735',
            'has_affected': True,
            'issue_id': None,
            'last_modified': datetime.datetime(2021, 1, 1, 0, 0),
            'project': 'blah.com/package',
            'public': None,
            'reference_urls': ['https://ref.com/ref'],
            'regressed': '',
            'repo_url': 'https://osv-test/repo/url',
            'search_indices': ['blah.com/package', 'BLAH-127', 'BLAH', '127'],
            'severity': 'HIGH',
            'sort_key': 'BLAH-0000127',
            'source_id': 'source:BLAH-127.yaml',
            'source_of_truth': osv.SourceOfTruth.SOURCE_REPO,
            'status': None,
            'summary': 'A vulnerability',
            'timestamp': None
        },
        osv.Bug.get_by_id('BLAH-127')._to_dict())

    affected_commits = list(osv.AffectedCommit.query())
    self.assertCountEqual([
        'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
        'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
        'a2ba949290915d445d34d0e8e9de2e7ce38198fc',
        'e1b045257bc5ca2a11d0476474f45ef77a0366c7',
        '00514d6f244f696e750a37083163992c6a50cfd3',
        '25147a74d8aeb27b43665530ee121a2a1b19dc58',
        '3c5dcf6a5bec14baab3b247d369a7270232e1b83',
        '4c155795426727ea05575bd5904321def23c03f4',
        '57e58a5d7c2bb3ce0f04f17ec0648b92ee82531f',
        '90aa4127295b2c37b5f7fcf6a9772b12c99a5212',
        '949f182716f037e25394bbb98d39b3295d230a29',
        'b1fa81a5d59e9b4d6e276d82fc17058f3cf139d9',
        'f0cc40d8c3dabb27c2cfe26f1764305abc91a0b9',
        'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
        'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b',
    ], [commit.commit for commit in affected_commits])

Ejemplo n.º 21

Archivo: worker_test.py Proyecto: henryzz0/osv

  def test_update_add_fix(self):
    """Test basic update adding a fix."""
    fix_result = osv.FixResult(
        id='source:BLAH-124.yaml',
        commit='8d8242f545e9cec3e6d0d2e3f5bde8be1c659735')
    fix_result.put()
    task_runner = worker.TaskRunner(ndb_client, None, self.tmp_dir.name, None,
                                    None)
    message = mock.Mock()
    message.attributes = {
        'source': 'source',
        'path': 'BLAH-124.yaml',
        'original_sha256': ('df9b0207ff2aa433d71869fa206b4884'
                            '071807d5dfddf8626b93da210b6572ef'),
        'deleted': 'false',
    }
    task_runner._source_update(message)

    repo = pygit2.Repository(self.remote_source_repo_path)
    commit = repo.head.peel()

    self.assertEqual('*****@*****.**', commit.author.email)
    self.assertEqual('OSV', commit.author.name)
    self.assertEqual('Update BLAH-124', commit.message)
    diff = repo.diff(commit.parents[0], commit)
    self.assertEqual(self._load_test_data('expected_add_fix.diff'), diff.patch)

    self.assertDictEqual(
        {
            'additional_commit_ranges': [{
                'fixed_in': 'b9b3fd4732695b83c3068b7b6a14bb372ec31f98',
                'introduced_in': 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd'
            }, {
                'fixed_in': '',
                'introduced_in': 'febfac1940086bc1f6d3dc33fda0a1d1ba336209'
            }],
            'affected':
                ['branch-v0.1.1', 'branch_1_cherrypick_regress', 'v0.1.1'],
            'affected_fuzzy': ['0-1-1', '1', '0-1-1'],
            'details': 'Blah blah blah\nBlah\n',
            'ecosystem': 'golang',
            'fixed': '8d8242f545e9cec3e6d0d2e3f5bde8be1c659735',
            'has_affected': True,
            'issue_id': None,
            'last_modified': datetime.datetime(2021, 1, 1, 0, 0),
            'project': 'blah.com/package',
            'public': None,
            'reference_urls': ['https://ref.com/ref'],
            'regressed': 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
            'repo_url': 'https://osv-test/repo/url',
            'search_indices': ['blah.com/package', 'BLAH-124', 'BLAH', '124'],
            'severity': 'HIGH',
            'sort_key': 'BLAH-0000124',
            'source_id': 'source:BLAH-124.yaml',
            'source_of_truth': osv.SourceOfTruth.SOURCE_REPO,
            'status': None,
            'summary': 'A vulnerability',
            'timestamp': None
        },
        osv.Bug.get_by_id('BLAH-124')._to_dict())

    affected_commits = list(osv.AffectedCommit.query())
    self.assertCountEqual([
        '4c155795426727ea05575bd5904321def23c03f4',
        'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
        'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
        'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
        'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b',
    ], [commit.commit for commit in affected_commits])