-
Notifications
You must be signed in to change notification settings - Fork 63
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(web-scripts preinstall): Add test coverage and use enum options
For test coverage, I added multiple package.json files that demonstrated what various vulnerabilities and threshold limits should show a user. re #73
- Loading branch information
1 parent
f043658
commit aaed187
Showing
8 changed files
with
118 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
import { preinstallTask } from './PreinstallTasks'; | ||
import { THIS_ROOT } from '../Paths'; | ||
|
||
// @ts-ignore | ||
jest.spyOn(process, 'exit').mockImplementation(c => c); | ||
|
||
/** | ||
* WARNING: | ||
* These tests have some issues with being potentially non-deterministic. | ||
* Due to a network dependency on npmjs.com this test could potentially fail | ||
* should there be any downtime with external services used by with yarn audit. | ||
* | ||
* Should these tests begin to fail suddenly, it might be worth trading test coverage | ||
* confidence for test reliability by mocking the network calls made by yarn audit. | ||
*/ | ||
describe('web-scripts preinstall', () => { | ||
beforeEach(() => jest.clearAllMocks()); | ||
afterAll(() => jest.restoreAllMocks()); | ||
|
||
test.each` | ||
violations | threshold | status | ||
${0} | ${undefined} | ${0} | ||
${0} | ${'none'} | ${0} | ||
${12} | ${undefined} | ${0} | ||
${12} | ${'none'} | ${0} | ||
${12} | ${'low'} | ${12} | ||
${12} | ${'moderate'} | ${12} | ||
${12} | ${'high'} | ${12} | ||
${12} | ${'critical'} | ${0} | ||
${30} | ${undefined} | ${0} | ||
${30} | ${'none'} | ${0} | ||
${30} | ${'low'} | ${30} | ||
${30} | ${'moderate'} | ${30} | ||
${30} | ${'high'} | ${30} | ||
${30} | ${'critical'} | ${30} | ||
`( | ||
'return status code $status when audited dependencies have $violations violations and $threshold threshold', | ||
async ({ violations, threshold, status }) => { | ||
const source = `${THIS_ROOT}/src/Tasks/__fixtures__/preinstall/${violations}`; | ||
|
||
await preinstallTask({ | ||
name: 'preinstall', | ||
threshold, | ||
// Overrides implementation logic for CWD | ||
restOptions: ['--cwd', source], | ||
}); | ||
|
||
if (status) expect(process.exit).toHaveBeenCalledWith(status); | ||
else expect(process.exit).not.toHaveBeenCalled(); | ||
}, | ||
); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 4 additions & 0 deletions
4
packages/web-scripts/src/Tasks/__fixtures__/preinstall/0/package.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
{ | ||
"name": "preinstall-test", | ||
"description": "This test has no dependencies, so the preinstall dependency should return a status code of 0" | ||
} |
7 changes: 7 additions & 0 deletions
7
packages/web-scripts/src/Tasks/__fixtures__/preinstall/12/package.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"name": "preinstall-test", | ||
"description": "Throws a high and moderate status. See => https://www.npmjs.com/advisories/10", | ||
"devDependencies": { | ||
"geddy": "13.0.7" | ||
} | ||
} |
10 changes: 10 additions & 0 deletions
10
packages/web-scripts/src/Tasks/__fixtures__/preinstall/30/package.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
{ | ||
"name": "preinstall-test", | ||
"description": "Throws a high and moderate status. See => https://www.npmjs.com/advisories/10 + 48 + 1 ", | ||
"devDependencies": { | ||
"bassmaster": "1.5.1", | ||
"geddy": "13.0.7", | ||
"uglify-js": "2.5.0", | ||
"chokidar": "2.1.8" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters