def test_rerun_with_edited_inputs(project, run, no_lfs_warning): """Test input modification.""" runner = CliRunner(mix_stderr=False) cwd = Path(project) data = cwd / "examples" data.mkdir() first = data / "first.txt" second = data / "second.txt" third = data / "third.txt" run(args=["run", "echo", "hello"], stdout=first) run(args=["run", "cat", str(first)], stdout=second) run(args=["run", "echo", "1"], stdout=third) with first.open("r") as first_fp: with second.open("r") as second_fp: assert first_fp.read() == second_fp.read() # Change the initial input from "hello" to "hola". from click.testing import make_input_stream stdin = make_input_stream("hola\n", "utf-8") assert 0 == run(args=("rerun", "--edit-inputs", str(second)), stdin=stdin) with second.open("r") as second_fp: assert "hola\n" == second_fp.read() # Change the input from examples/first.txt to examples/third.txt. stdin = make_input_stream(str(third.name), "utf-8") old_dir = os.getcwd() try: # Make sure the input path is relative to the current directory. os.chdir(str(data)) result = runner.invoke( cli, ["rerun", "--show-inputs", "--from", str(first), str(second)], catch_exceptions=False) assert 0 == result.exit_code assert result.output.startswith("https://") assert result.output[:-1].endswith(first.name) assert 0 == run(args=("rerun", "--edit-inputs", "--from", str(first), str(second)), stdin=stdin) finally: os.chdir(old_dir) with third.open("r") as third_fp: with second.open("r") as second_fp: assert third_fp.read() == second_fp.read()
def test_rerun_with_edited_inputs(project, run, no_lfs_warning): """Test input modification.""" runner = CliRunner(mix_stderr=False) cwd = Path(project) data = cwd / 'examples' data.mkdir() first = data / 'first.txt' second = data / 'second.txt' third = data / 'third.txt' run(args=['run', 'echo', 'hello'], stdout=first) run(args=['run', 'cat', str(first)], stdout=second) run(args=['run', 'echo', '1'], stdout=third) with first.open('r') as first_fp: with second.open('r') as second_fp: assert first_fp.read() == second_fp.read() # Change the initial input from "hello" to "hola". from click.testing import make_input_stream stdin = make_input_stream('hola\n', 'utf-8') assert 0 == run(args=('rerun', '--edit-inputs', str(second)), stdin=stdin) with second.open('r') as second_fp: assert 'hola\n' == second_fp.read() # Change the input from examples/first.txt to examples/third.txt. stdin = make_input_stream(str(third.name), 'utf-8') old_dir = os.getcwd() try: # Make sure the input path is relative to the current directory. os.chdir(str(data)) result = runner.invoke( cli, ['rerun', '--show-inputs', '--from', str(first), str(second)], catch_exceptions=False) assert 0 == result.exit_code assert result.output.startswith('_:CommandInput') assert result.output[:-1].endswith(first.name) assert 0 == run(args=('rerun', '--edit-inputs', '--from', str(first), str(second)), stdin=stdin) finally: os.chdir(old_dir) with third.open('r') as third_fp: with second.open('r') as second_fp: assert third_fp.read() == second_fp.read()
def test_vulnerable_package_with_ignore_list_via_cli( runner: click.testing.CliRunner, cache_dir: str, monkeypatch: MonkeyPatch) -> None: """Ensure that using a .skjoldignore file ignores marked findings and can be set via '-i/--ignore-file'.""" monkeypatch.setenv("SKJOLD_CACHE_DIR", cache_dir) ignore_path = os.path.join(os.path.dirname(__file__), "fixtures", "formats", "ignore", "all") assert os.path.exists(ignore_path) config = Configuration() config.use({ "report_only": False, "report_format": "cli", "sources": ["pypa"] }) assert config.ignore_file == ".skjoldignore" # TODO(twu): Figure out how to do this right. input_ = make_input_stream("urllib3==1.23", "utf-8") setattr(input_, "name", "<stdin>") result = runner.invoke(cli, args=["audit", "-i", ignore_path, "-"], input=input_, obj=config) assert "Ignored 6 finding(s)!" in result.stderr assert "No vulnerable packages found!" in result.stderr assert result.exit_code == 0
def test_cli_configuration_used_by_default( runner: click.testing.CliRunner, cache_dir: str, monkeypatch: MonkeyPatch, ) -> None: """Ensure that we use options set in the configuration file if not overridden by passing CLI options.""" monkeypatch.setenv("SKJOLD_CACHE_DIR", cache_dir) config = Configuration() config.use({ "report_only": True, "report_format": "json", "sources": ["gemnasium"] }) result = runner.invoke(cli, args=["config"], obj=config) assert "report_only: True" in result.stderr assert "report_format: json" in result.stderr # TODO(twu): Figure out how to do this right. input_ = make_input_stream("urllib3==1.23\nrequests==22.2.2\n", "utf-8") setattr(input_, "name", "<stdin>") result = runner.invoke( cli, args=["audit", "-"], env={"SKJOLD_CACHE_DIR": cache_dir}, input=input_, obj=config, ) assert result.exit_code == 0 json_ = json.loads(result.stdout) assert len(json_) > 0 assert json_[0]["name"] == "urllib3" assert json_[0]["source"] == "gemnasium"
def test_cli_configuration_override_via_cli( runner: click.testing.CliRunner, cache_dir: str, monkeypatch: MonkeyPatch, ) -> None: """Ensure that overriding configured values via CLI is possible.""" monkeypatch.setenv("SKJOLD_CACHE_DIR", cache_dir) config = Configuration() config.use({ "report_only": True, "report_format": "json", "sources": ["pyup"], "cache_dir": cache_dir, }) result = runner.invoke(cli, args=["config"], obj=config) assert "report_only: True" in result.stderr assert "report_format: json" in result.stderr # TODO(twu): Figure out how to do this right. input_ = make_input_stream("urllib3==1.23\nrequests==22.2.2\n", "utf-8") setattr(input_, "name", "<stdin>") result = runner.invoke( cli, args=["audit", "-r", "-s", "github", "-o", "cli", "-"], input=input_, env={"SKJOLD_CACHE_DIR": cache_dir}, obj=config, ) assert result.exit_code == 0 assert "urllib3" in result.stdout assert "via github" in result.stdout
def test_cli_json_report_with_package_list_via_stdin( runner: click.testing.CliRunner, cache_dir: str, monkeypatch: MonkeyPatch, ) -> None: """Ensure request json output with packages via stdin results in parsable stdout.""" monkeypatch.setenv("SKJOLD_CACHE_DIR", cache_dir) config = Configuration() config.use({ "report_only": False, "report_format": "cli", "sources": ["pyup"] }) # TODO(twu): Figure out how to do this right. input_ = make_input_stream("urllib3==1.23\nrequests==22.2.2\n", "utf-8") setattr(input_, "name", "<stdin>") result = runner.invoke( cli, args=["audit", "-r", "-o", "json", "-s", "github", "-"], input=input_) assert not result.exception assert result.exit_code == 0 json_ = json.loads(result.stdout) assert len(json_) > 0 assert json_[0]["name"] == "urllib3"
def test_vulnerable_package_via_cli(runner: click.testing.CliRunner) -> None: """Ensure that passing a vulnerable package via stdin produces the expected output.""" # TODO(twu): Figure out how to do this right. input_ = make_input_stream("urllib3==1.23\nrequests==22.2.2\n", "utf-8") setattr(input_, "name", "<stdin>") result = runner.invoke(cli.cli, args=["audit", "-s", "github", "-"], input=input_) assert result.exception assert result.exit_code == 1 assert "via github" in result.output
def test_vulnerable_package_via_cli( runner: click.testing.CliRunner, cache_dir: str, monkeypatch: MonkeyPatch ) -> None: """Ensure that passing a vulnerable package via stdin produces the expected output.""" monkeypatch.setenv("SKJOLD_CACHE_DIR", cache_dir) config = Configuration() config.use({"report_only": False, "report_format": "cli", "sources": ["pyup"]}) # TODO(twu): Figure out how to do this right. input_ = make_input_stream("urllib3==1.23\nrequests==22.2.2\n", "utf-8") setattr(input_, "name", "<stdin>") result = runner.invoke(cli, args=["audit", "-s", "github", "-"], input=input_) assert result.exception assert result.exit_code == 1 assert "via github" in result.stdout
def test_cli_json_report_with_package_list_via_stdin( runner: click.testing.CliRunner, ) -> None: """Ensure request json output with packages via stdin results in parsable stdout.""" # TODO(twu): Figure out how to do this right. input_ = make_input_stream("urllib3==1.23\nrequests==22.2.2\n", "utf-8") setattr(input_, "name", "<stdin>") result = runner.invoke( cli.cli, args=["audit", "-r", "-o", "json", "-s", "github", "-"], input=input_ ) assert not result.exception assert result.exit_code == 0 json_ = json.loads(result.output) assert len(json_) > 0 assert json_[0]["name"] == "urllib3"
def test_rerun_with_edited_inputs(runner, project, capsys): """Test input modification.""" cwd = Path(project) data = cwd / 'examples' data.mkdir() first = data / 'first.txt' second = data / 'second.txt' third = data / 'third.txt' def _generate(output, cmd): """Generate an output.""" with capsys.disabled(): with output.open('wb') as stdout: try: old_stdout = sys.stdout sys.stdout = stdout try: cli.cli.main( args=cmd, prog_name=runner.get_default_prog_name(cli.cli), ) except SystemExit as e: assert e.code in {None, 0} finally: sys.stdout = old_stdout _generate(first, ['run', 'echo', 'hello']) _generate(second, ['run', 'cat', str(first)]) _generate(third, ['run', 'echo', '1']) with first.open('r') as first_fp: with second.open('r') as second_fp: assert first_fp.read() == second_fp.read() # Change the initial input from "hello" to "hola". from click.testing import make_input_stream stdin = make_input_stream('hola\n', 'utf-8') old_stdin = sys.stdin try: sys.stdin = stdin assert 0 == _run_update(runner, capsys, args=('rerun', '--edit-inputs', str(second))) finally: sys.stdin = old_stdin with second.open('r') as second_fp: assert 'hola\n' == second_fp.read() # Change the input from examples/first.txt to examples/third.txt. stdin = make_input_stream(str(third.name), 'utf-8') old_stdin = sys.stdin old_dir = os.getcwd() try: # Make sure the input path is relative to the current directory. os.chdir(str(data)) result = runner.invoke( cli.cli, ['rerun', '--show-inputs', '--from', str(first), str(second)], catch_exceptions=False) assert 0 == result.exit_code assert 'input_1: {0}\n'.format(first.name) == result.output sys.stdin = stdin assert 0 == _run_update(runner, capsys, args=('rerun', '--edit-inputs', '--from', str(first), str(second))) finally: os.chdir(old_dir) sys.stdin = old_stdin with third.open('r') as third_fp: with second.open('r') as second_fp: assert third_fp.read() == second_fp.read()