-
Notifications
You must be signed in to change notification settings - Fork 336
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
test: add cases for output functions (#937)
This introduces a set of crafted scanner results that each supported `output` format is run through to showcase how they look across all the different results possible from a scanner run - it originally started life as the tests for #889 but I realised they could base used more generally for testing and reviewing all the outputters, so here we are. ~It looks like this has also revealed the SARIF output is unstable in its ordering, which I'll aim to address in a dedicated PR~
- Loading branch information
Showing
11 changed files
with
7,442 additions
and
0 deletions.
There are no files selected for viewing
132 changes: 132 additions & 0 deletions
132
internal/output/__snapshots__/githubannotation_test.snap
Large diffs are not rendered by default.
Oops, something went wrong.
2,415 changes: 2,415 additions & 0 deletions
2,415
internal/output/__snapshots__/machinejson_test.snap
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,230 @@ | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/multiple_sources_with_a_mixed_count_of_packages,_no_license_violations - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/multiple_sources_with_a_mixed_count_of_packages,_some_license_violations - 1] | ||
| | License Violation | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | | ||
| | MIT | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | Apache-2.0 | npm | mine2 | 3.2.5 | path/to/my/second/lockfile | | ||
| | MIT | npm | mine1 | 1.2.3 | path/to/my/third/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/multiple_sources_with_a_mixed_count_of_packages,_some_license_violations#01 - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/multiple_sources_with_a_mixed_count_of_packages_across_ecosystems,_some_license_violations - 1] | ||
| | License Violation | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | | ||
| | MIT | Packagist | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | Apache-2.0 | npm | mine2 | 3.2.5 | path/to/my/second/lockfile | | ||
| | MIT | Packagist | mine1 | 1.2.3 | path/to/my/third/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/multiple_sources_with_a_mixed_count_of_packages_and_groups,_some_license_violations - 1] | ||
| | License Violation | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | | ||
| | MIT | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | Apache-2.0 | npm | mine2 | 3.2.5 | path/to/my/second/lockfile | | ||
| | MIT | npm | mine1 | 1.2.3 | path/to/my/third/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/multiple_sources_with_no_packages - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/no_sources - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/one_source_with_no_packages - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/one_source_with_one_package,_no_license_violations - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/one_source_with_one_package,_no_licenses - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/one_source_with_one_package_and_an_unknown_license - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/one_source_with_one_package_and_multiple_license_violations - 1] | ||
| | License Violation | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | | ||
| | MIT, Apache-2.0 | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/one_source_with_one_package_and_one_license_violation - 1] | ||
| | License Violation | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | | ||
| | MIT | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/one_source_with_one_package_and_one_license_violation_(dev) - 1] | ||
| | License Violation | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | | ||
| | MIT | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithLicenseViolations/two_sources_with_packages,_one_license_violation - 1] | ||
| | License Violation | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | | ||
| | MIT | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithMixedIssues/multiple_sources_with_a_mixed_count_of_packages,_some_vulnerabilities_and_license_violations - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-2 | | npm | mine2 | 3.2.5 | path/to/my/second/lockfile | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.3 | path/to/my/third/lockfile | | ||
| | License Violation | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | | ||
| | MIT | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | MIT | npm | mine1 | 1.3.5 | path/to/my/third/lockfile | | ||
| | Apache-2.0 | npm | mine1 | 1.2.3 | path/to/my/third/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithMixedIssues/one_source_with_one_package,_one_vulnerability,_and_one_license_violation - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | License Violation | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | | ||
| | MIT | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithMixedIssues/two_sources_with_packages,_one_vulnerability,_one_license_violation - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | License Violation | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | | ||
| | MIT | npm | mine2 | 5.9.0 | path/to/my/second/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/multiple_sources_with_a_mixed_count_of_grouped_packages,_and_multiple_vulnerabilities - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 (dev) | 1.2.3 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-5 | | npm | mine1 (dev) | 1.2.3 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.2 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-2 | | npm | mine2 (dev) | 3.2.5 | path/to/my/second/lockfile | | ||
| | https://osv.dev/OSV-3 | | npm | mine3 | 0.4.1 | path/to/my/second/lockfile | | ||
| | https://osv.dev/OSV-5 | | npm | mine3 | 0.4.1 | path/to/my/second/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/multiple_sources_with_a_mixed_count_of_packages,_and_multiple_vulnerabilities - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-5 | | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.2 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-2 | | npm | mine2 | 3.2.5 | path/to/my/second/lockfile | | ||
| | https://osv.dev/OSV-3 | | npm | mine3 | 0.4.1 | path/to/my/second/lockfile | | ||
| | https://osv.dev/OSV-5 | | npm | mine3 | 0.4.1 | path/to/my/second/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/multiple_sources_with_a_mixed_count_of_packages,_no_vulnerabilities - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/multiple_sources_with_a_mixed_count_of_packages,_some_vulnerabilities - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-2 | | npm | mine2 | 3.2.5 | path/to/my/second/lockfile | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.3 | path/to/my/third/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/multiple_sources_with_a_mixed_count_of_packages_across_ecosystems,_and_multiple_vulnerabilities - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | Packagist | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-5 | | Packagist | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.2 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-2 | | NuGet | mine2 | 3.2.5 | path/to/my/second/lockfile | | ||
| | https://osv.dev/OSV-3 | | Packagist | mine3 | 0.4.1 | path/to/my/second/lockfile | | ||
| | https://osv.dev/OSV-5 | | Packagist | mine3 | 0.4.1 | path/to/my/second/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/multiple_sources_with_no_packages - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/no_sources - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/one_source_with_no_packages - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/one_source_with_one_package,_no_vulnerabilities - 1] | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/one_source_with_one_package_and_one_vulnerability - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/one_source_with_one_package_and_one_vulnerability_(dev) - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 (dev) | 1.2.3 | path/to/my/first/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/one_source_with_one_package_and_two_aliases_of_a_single_vulnerability - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1<br/>https://osv.dev/GHSA-123 | | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/one_source_with_vulnerabilities,_some_missing_content - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-2 | | npm | mine3 | 0.10.2-rc | path/to/my/first/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/two_sources_with_packages,_one_vulnerability - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
|
|
||
| --- | ||
|
|
||
| [TestPrintMarkdownTableResults_WithVulnerabilities/two_sources_with_the_same_vulnerable_package - 1] | ||
| | OSV URL | CVSS | Ecosystem | Package | Version | Source | | ||
| | --- | --- | --- | --- | --- | --- | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 | 1.2.3 | path/to/my/first/lockfile | | ||
| | https://osv.dev/OSV-1 | | npm | mine1 (dev) | 1.2.3 | path/to/my/second/lockfile | | ||
|
|
||
| --- |
Oops, something went wrong.