You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
macOS tests cases upgrade_package_maintain_add_vulnerability and upgrade_package_add_vulnerability for Vulnerability Detection E2E tests make use of the same packages leading to test case failure:
Tests Case
case: 'Upgrade: New vulnerability 'id: upgrade_package_add_vulnerabilitydescription: | Upgrade of a vulnerable package which include a new vulnerabilitybody:
operation: update_packagepackage:
from:
centos:
amd64: grafana-8.5.6-1arm64v8: grafana-8.5.6-1ubuntu:
amd64: grafana-8.5.6arm64v8: grafana-8.5.6windows:
amd64: node-v17.1.0macos:
amd64: systeminformation-4.34.23arm64v8: systeminformation-4.34.23to:
centos:
amd64: grafana-9.1.1-1arm64v8: grafana-9.1.1-1ubuntu:
amd64: grafana-9.1.1arm64v8: grafana-9.1.1windows:
amd64: node-v18.0.0macos:
amd64: systeminformation-5.0.0arm64v8: systeminformation-5.0.0
- case: 'Upgrade: Maintain and new vulnerability 'id: upgrade_package_maintain_add_vulnerabilitydescription: > Upgrade of a vulnerable package which maintain vulnerabilities and include new onesbody:
operation: update_packagepackage:
from:
centos:
amd64: grafana-9.1.1-1arm64v8: grafana-9.1.1-1ubuntu:
amd64: grafana-9.1.1arm64v8: grafana-9.1.1windows:
amd64: node-v18.0.0macos:
amd64: systeminformation-4.34.23arm64v8: systeminformation-4.34.23to:
centos:
amd64: grafana-9.2.0-1arm64v8: grafana-9.2.0-1ubuntu:
amd64: grafana-9.2.0arm64v8: grafana-9.2.0windows:
amd64: node-v18.1.0macos:
amd64: systeminformation-5.0.0arm64v8: systeminformation-5.0.0
The text was updated successfully, but these errors were encountered:
They have been looking for other vulnerable packages to replace in the test cases. Packages such as axios, lodash, firebase, etc. have been found. It remains to decide which one is appropriate for the respective case and to check the test functionality.
Finally, it has been decided to use the Axios package so that, in the upgrade_package_add_vulnerability case Axios 0.6.0 (3 vulnerabilities) will be installed and upgraded to Axios 0.10.0 (4 vulnerabilities), and in the upgrade_package_maintain_add_vulnerability case Systeminformation will be kept but it will be necessary to add a precondition for the package to be installed before.
The test has been launched to test this but has failed due to an error which needs to be further investigated.
Description
macOS tests cases
upgrade_package_maintain_add_vulnerability
andupgrade_package_add_vulnerability
for Vulnerability Detection E2E tests make use of the same packages leading to test case failure:Tests Case
The text was updated successfully, but these errors were encountered: