def mock_get_packages_by_type(type): return [ ImagePackage( image_id=image_id, image_user_id=user, pkg_type="npm", name="yarn", version="1.22.10", ), ImagePackage( image_id=image_id, image_user_id=user, pkg_type="npm", name="jsonparse", version="1.1.0", ), ImagePackage( image_id=image_id, image_user_id=user, pkg_type="npm", name="ini", version="1.0.0", ), ImagePackage( image_id=image_id, image_user_id=user, pkg_type="npm", name="unofficial-test", version="1.3.1", ), ]
def mock_get_packages_by_type(type): return [ # latest and offical ImagePackage( image_id=image_id, image_user_id=user, name="rails", version="6.0.3.4", pkg_type="gem", ), # official but not latest ImagePackage( image_id=image_id, image_user_id=user, name="nokogiri", version="1.0.5", pkg_type="gem", ), # not latest nor official ImagePackage( image_id=image_id, image_user_id=user, name="builder", version="3.3.rc1", pkg_type="gem", ), # not in feed ImagePackage( image_id=image_id, image_user_id=user, name="unoffical_test", version="3.0", pkg_type="gem", ), ]
def packages(): return [ ImagePackage( image_id=image_id, image_user_id=user, name="git", license= "GPL-2 LGPL-2.1+ EDL-1.0 GPL-2+ Expat BSD-2-clause GPL-1+ ISC mingw-runtime Boost dlmalloc Apache-2.0 LGPL-2+", ), ImagePackage( image_id=image_id, image_user_id=user, name="gnupg", license= "GPL-3+ permissive LGPL-2.1+ Expat LGPL-3+ RFC-Reference TinySCHEME BSD-3-clause", ), ]
def python_pkg1_101(): pkg = ImagePackage() pkg.image_id = "image1" pkg.image_user_id = "admin" pkg.name = "pythonpkg1" pkg.normalized_src_pkg = "pythonpkg1" pkg.version = "1.0.1" pkg.fullversion = "1.0.1" pkg.release = None pkg.pkg_type = "python" pkg.distro_name = "centos" pkg.distro_version = "8" pkg.like_distro = "RHEL" return pkg
def nonvulnerable_pkg1(): pkg = ImagePackage() pkg.image_id = "image1" pkg.image_user_id = "admin" pkg.name = "pkg1" pkg.normalized_src_pkg = "pkg1" pkg.version = "1.1.el8" pkg.fullversion = "0:1.1.el8" pkg.release = None pkg.pkg_type = "RPM" pkg.distro_name = "centos" pkg.distro_version = "8" pkg.like_distro = "RHEL" return pkg
def vulnerable_pkg1(): pkg = ImagePackage() pkg.image_id = "image1" pkg.image_user_id = "admin" pkg.name = "pkg1" pkg.normalized_src_pkg = "pkg1" pkg.version = "0:1.0.el8" pkg.fullversion = "0:1.0.el8" pkg.release = None pkg.pkg_type = "RPM" pkg.distro_name = "rhel" pkg.distro_version = "8" pkg.like_distro = "RHEL" pkg.arch = "amd64" pkg.pkg_path = "rpmdb" return pkg
def vulnerable_semver_pkg2(): pkg = ImagePackage() pkg.image_id = "image1" pkg.image_user_id = "admin" pkg.name = "semverpkg1" pkg.normalized_src_pkg = "semverpkg1" pkg.version = "2.2.0" pkg.fullversion = "2.2.0" pkg.release = None pkg.pkg_type = "npm" pkg.distro_name = "npm" pkg.distro_version = "N/A" pkg.like_distro = "npm" pkg.arch = "amd64" pkg.pkg_path = "/app/myapp2/package.json" return pkg
def python_pkg1_101(): pkg = ImagePackage() pkg.image_id = 'image1' pkg.image_user_id = 'admin' pkg.name = 'pythonpkg1' pkg.normalized_src_pkg = 'pythonpkg1' pkg.version = '1.0.1' pkg.fullversion = '1.0.1' pkg.release = None pkg.pkg_type = 'python' pkg.distro_name = 'centos' pkg.distro_version = '8' pkg.like_distro = 'rhel' return pkg
def nonvulnerable_pkg1(): pkg = ImagePackage() pkg.image_id = 'image1' pkg.image_user_id = 'admin' pkg.name = 'pkg1' pkg.normalized_src_pkg = 'pkg1' pkg.version = '1.1.el8' pkg.fullversion = '0:1.1.el8' pkg.release = None pkg.pkg_type = 'RPM' pkg.distro_name = 'centos' pkg.distro_version = '8' pkg.like_distro = 'rhel' return pkg
def vulnerable_pkg1(): pkg = ImagePackage() pkg.image_id = 'image1' pkg.image_user_id = 'admin' pkg.name = 'pkg1' pkg.normalized_src_pkg = 'pkg1' pkg.version = '0:1.0.el8' pkg.fullversion = '0:1.0.el8' pkg.release = None pkg.pkg_type = 'RPM' pkg.distro_name = 'rhel' pkg.distro_version = '8' pkg.like_distro = 'rhel' pkg.arch = 'amd64' pkg.pkg_path = 'rpmdb' return pkg
def vulnerable_semver_pkg2(): pkg = ImagePackage() pkg.image_id = 'image1' pkg.image_user_id = 'admin' pkg.name = 'semverpkg1' pkg.normalized_src_pkg = 'semverpkg1' pkg.version = '2.2.0' pkg.fullversion = '2.2.0' pkg.release = None pkg.pkg_type = 'npm' pkg.distro_name = 'npm' pkg.distro_version = 'N/A' pkg.like_distro = 'npm' pkg.arch = 'amd64' pkg.pkg_path = '/app/myapp2/package.json' return pkg
) def test_filter_secdb( image_matches, mock_db_query_manager, expected, ): namespace = DistroNamespace( name="debian", version="9" ) # This is needed for lookup, but does not change results since the cves are injected filtered = filter_secdb_entries( image_distro=namespace, matches=image_matches, db_manager=mock_db_query_manager ) assert filtered == expected pkg1 = ImagePackage(name="pkg1", version="1.0.0") pkg2 = ImagePackage(name="pkg-two", version="2.0.0") pkg1_cpe = ImageCpe(name="pkg1", version="1.0.0") pkg2_cpe1 = ImageCpe(name="pkg-two", version="2.0.0") pkg2_cpe2 = ImageCpe(name="pkg_two", version="2.0.0") @pytest.mark.parametrize( "packages, mapped_cpes", [ ( [pkg1], [(pkg1, pkg1_cpe)], ), ( [pkg2],