Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91
fleet/cmd/osv-processor/transforms_test.go
Konstantin Sykulev 8eaecfc9e1
OSV artifact generation for use in vulnerabilities repository (#42203) 
**Related issue:** Resolves #41571

**Full Artifacts:**
Ubuntu 14.04: 901 KB
Ubuntu 16.04: 2.0 MB
Ubuntu 18.04: 4.3 MB
Ubuntu 20.04: 5.9 MB
Ubuntu 22.04: 5.6 MB
Ubuntu 24.04: 1.7 MB
Ubuntu 24.10: 4.4 KB
Ubuntu 25.04: 6.0 KB
Ubuntu 25.10: 207 KB

**Total Size:**
All artifacts (full + deltas): 31 MB (was 54 MB)
Full artifacts only: ~20 MB (was ~27 MB)
Delta artifacts: ~11 MB (was ~27 MB)

## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added a vulnerability data processor that scans OSV JSON inputs,
aggregates per-Ubuntu-version artifacts, supports inclusive/exclusive
version filters, and can emit optional “today”/“yesterday” delta
artifacts.
* Added a repository sync-and-change-detection tool that generates
de-duplicated lists of CVE-related files changed today and yesterday.
* Processor expands certain package names (e.g., emacs) into additional
package entries for broader coverage.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-25 13:02:26 -05:00

70 lines
1.8 KiB
Go
Raw Blame History

package main
import (
"testing"
"github.com/stretchr/testify/require"
)
func TestTransformVuln(t *testing.T) {
tests := []struct {
name string
packageName string
cveID string
inputVuln ProcessedVuln
expectedPackages []string
expectModified bool
}{
{
name: "emacs maps to emacs, emacs-common, and emacs-el",
packageName: "emacs",
cveID: "CVE-2024-39331",
inputVuln: ProcessedVuln{
CVE: "CVE-2024-39331",
Published: "2024-07-01T00:00:00Z",
Modified: "2024-07-15T00:00:00Z",
Fixed: "1:26.3+1-1ubuntu2.1",
Introduced: "0",
},
expectedPackages: []string{"emacs", "emacs-common", "emacs-el"},
expectModified: false,
},
{
name: "curl returns only curl (no transform)",
packageName: "curl",
cveID: "CVE-2024-1234",
inputVuln: ProcessedVuln{
CVE: "CVE-2024-1234",
Published: "2024-01-01T00:00:00Z",
Modified: "2024-01-15T00:00:00Z",
},
expectedPackages: []string{"curl"},
expectModified: false,
},
{
name: "linux returns only linux (no transform)",
packageName: "linux",
cveID: "CVE-2024-5678",
inputVuln: ProcessedVuln{
CVE: "CVE-2024-5678",
Published: "2024-03-01T00:00:00Z",
Modified: "2024-03-15T00:00:00Z",
},
expectedPackages: []string{"linux"},
expectModified: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
packages, modifiedVuln := transformVuln(tt.packageName, tt.cveID, &tt.inputVuln)
require.ElementsMatch(t, tt.expectedPackages, packages)
if tt.expectModified {
require.NotNil(t, modifiedVuln, "expected modified vulnerability")
} else {
require.Nil(t, modifiedVuln, "expected no modification")
}
})
}
}
Reference in a new issue View git blame Copy permalink