Exemplos de VictimsDB.from_zip em Python

Exemplo n.º 1

Arquivo: test_victims.py Projeto: syamgk/fabric8-analytics-worker

def test_mark_in_graph(victims_zip, mocker):
    """Test VictimsCheck.mark_in_graph()."""
    graph_mock = mocker.patch("f8a_worker.workers.victims.update_properties")
    graph_mock.return_value = None

    # Total number of affected artifacts (EPVs) for all 3 CVEs in our test database;
    vuln_count = 11

    with VictimsDB.from_zip(victims_zip) as db:
        task = VictimsCheck.create_test_instance()
        packages = task.get_vulnerable_packages(db)
        task.mark_in_graph(packages)

    assert graph_mock.call_count == vuln_count

Exemplo n.º 2

def test_get_vulnerable_java_packages(victims_zip):
    """Test VictimsDB.get_vulnerable_java_packages()."""
    with VictimsDB.from_zip(victims_zip) as db:
        vulns = [x for x in db.get_details_for_ecosystem('maven')]
        assert len(vulns) == 3

        expected_packages = [
            'commons-fileupload:commons-fileupload',
            'commons-fileupload:commons-fileupload',
            'org.apache.commons:commons-compress'
        ]
        expected_cves = ['CVE-2014-0050', 'CVE-2016-1000031', 'CVE-2012-2098']
        for record in vulns:
            assert record['package'] in expected_packages
            expected_packages.pop(expected_packages.index(record['package']))
            assert record['cve_id'] in expected_cves
            expected_cves.pop(expected_cves.index(record['cve_id']))

Exemplo n.º 3

Arquivo: test_victims.py Projeto: syamgk/fabric8-analytics-worker

def test_get_vulnerable_packages(victims_zip):
    """Test VictimsCheck.get_vulnerable_packages()."""
    with VictimsDB.from_zip(victims_zip) as db:
        task = VictimsCheck.create_test_instance()
        packages = task.get_vulnerable_packages(db)
        assert len(packages) == 2

        expected_packages = [
            'commons-fileupload:commons-fileupload',
            'org.apache.commons:commons-compress'
        ]
        for package, data in packages.items():
            assert package in expected_packages
            if package == 'commons-fileupload:commons-fileupload':
                # there are multiple vulnerabilities for this package
                assert len(data) == 2
            else:
                assert len(data) == 1

Exemplo n.º 4

Arquivo: test_victims.py Projeto: ravsa/fabric8-analytics-worker

def test_notify_gemini(maven, victims_zip, mocker):
    """Test VictimsCheck.notify_gemini()."""
    response = requests.Response()
    response.status_code = 200
    sa_mock = mocker.patch("f8a_worker.workers.victims.VictimsCheck.init_auth_sa_token")
    sa_mock.return_value = 'access_token'
    gemini_mock = mocker.patch("requests.post")
    gemini_mock.return_value = response

    # Total number of affected packages
    vuln_count = 2

    with VictimsDB.from_zip(victims_zip) as db:
        task = VictimsCheck.create_test_instance()
        packages = task.get_vulnerable_packages(db, maven)
        task.notify_gemini(packages, maven)

    assert gemini_mock.call_count == vuln_count

Exemplo n.º 5

def test_java_vulnerabilities(victims_zip):
    """Test VictimsDB.java_vulnerabilities()."""
    with VictimsDB.from_zip(victims_zip) as db:
        vulns = [x for x in db.java_vulnerabilities]
        assert len(vulns) == 3

Exemplo n.º 6

Arquivo: conftest.py Projeto: humaton/fabric8-analytics-worker

def victims_zip_s3():
    """Upload VictimsDB zip file to S3."""
    dispatcher_setup()
    archive = victims_zip()
    with VictimsDB.from_zip(archive) as db:
        db.store_on_s3()