Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-06 06:48:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 124
fleet/cmd/osv-processor/transforms_test.go

71 lines
1.8 KiB
Go
Raw Normal View History

OSV artifact generation for use in vulnerabilities repository (#42203) **Related issue:** Resolves #41571 **Full Artifacts:** Ubuntu 14.04: 901 KB Ubuntu 16.04: 2.0 MB Ubuntu 18.04: 4.3 MB Ubuntu 20.04: 5.9 MB Ubuntu 22.04: 5.6 MB Ubuntu 24.04: 1.7 MB Ubuntu 24.10: 4.4 KB Ubuntu 25.04: 6.0 KB Ubuntu 25.10: 207 KB **Total Size:** All artifacts (full + deltas): 31 MB (was 54 MB) Full artifacts only: ~20 MB (was ~27 MB) Delta artifacts: ~11 MB (was ~27 MB) ## Testing - [x] Added/updated automated tests - [x] QA'd all new/changed functionality manually <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added a vulnerability data processor that scans OSV JSON inputs, aggregates per-Ubuntu-version artifacts, supports inclusive/exclusive version filters, and can emit optional “today”/“yesterday” delta artifacts. * Added a repository sync-and-change-detection tool that generates de-duplicated lists of CVE-related files changed today and yesterday. * Processor expands certain package names (e.g., emacs) into additional package entries for broader coverage. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-25 18:02:26 +00:00
package main
import (
"testing"
"github.com/stretchr/testify/require"
)
func TestTransformVuln(t *testing.T) {
tests := []struct {
name string
packageName string
cveID string
inputVuln ProcessedVuln
expectedPackages []string
expectModified bool
}{
{
name: "emacs maps to emacs, emacs-common, and emacs-el",
packageName: "emacs",
cveID: "CVE-2024-39331",
inputVuln: ProcessedVuln{
CVE: "CVE-2024-39331",
Published: "2024-07-01T00:00:00Z",
Modified: "2024-07-15T00:00:00Z",
Fixed: "1:26.3+1-1ubuntu2.1",
Introduced: "0",
},
expectedPackages: []string{"emacs", "emacs-common", "emacs-el"},
expectModified: false,
},
{
name: "curl returns only curl (no transform)",
packageName: "curl",
cveID: "CVE-2024-1234",
inputVuln: ProcessedVuln{
CVE: "CVE-2024-1234",
Published: "2024-01-01T00:00:00Z",
Modified: "2024-01-15T00:00:00Z",
},
expectedPackages: []string{"curl"},
expectModified: false,
},
{
name: "linux returns only linux (no transform)",
packageName: "linux",
cveID: "CVE-2024-5678",
inputVuln: ProcessedVuln{
CVE: "CVE-2024-5678",
Published: "2024-03-01T00:00:00Z",
Modified: "2024-03-15T00:00:00Z",
},
expectedPackages: []string{"linux"},
expectModified: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
packages, modifiedVuln := transformVuln(tt.packageName, tt.cveID, &tt.inputVuln)
require.ElementsMatch(t, tt.expectedPackages, packages)
if tt.expectModified {
require.NotNil(t, modifiedVuln, "expected modified vulnerability")
} else {
require.Nil(t, modifiedVuln, "expected no modification")
}
})
}
}
Reference in a new issue Copy permalink