-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathprotect-ignore.test.js
112 lines (95 loc) · 3.08 KB
/
protect-ignore.test.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
var filter = require('snyk-policy').filter;
var test = require('tap').test;
var vulns = require('./fixtures/test-jsbin-vulns.json');
function runFilterShared(res, path, date) {
var rule = { 'node-semver-63': [{}] };
rule['node-semver-63'][0][path] = {
expires: (date || new Date(Date.now() + 1000 * 60 * 60 * 24)).toJSON(),
reason: 'none given',
};
return filterIgnored(rule, res.vulnerabilities);
}
function filterIgnored(rule, vulns) {
var res = filter(
{
ok: false,
vulnerabilities: vulns,
},
{ ignore: rule },
);
return res.vulnerabilities || [];
}
// skipped intentially - only used for debugging tests
test(
'protect correctly filters (single)',
function(t) {
t.plan(1);
Promise.resolve(vulns)
.then(function(res) {
// exact match
var total = res.vulnerabilities.length;
var vulns;
var runFilter = runFilterShared.bind(null, res);
vulns = runFilter('*');
t.equal(vulns.length, total - 1, 'removed with * _only_ rule');
})
.catch(function(e) {
console.log(e.stack);
t.fail(e);
});
},
{ skip: true },
);
test('protect correctly filters', function(t) {
Promise.resolve(vulns)
.then(function(res) {
// exact match
var total = res.vulnerabilities.length;
var vulns;
var runFilter = runFilterShared.bind(null, res);
t.equal(vulns.length, total - 1, 'removed matched vuln');
vulns = runFilter('sqlite3 > node-pre-gyp > semver');
t.equal(vulns.length, total - 1, 'removed with range (@-less)');
vulns = runFilter('sqlite3@* > node-pre-gyp@* > semver@*');
t.equal(vulns.length, total - 1, 'removed with range (with @*)');
vulns = runFilter(
new Date(Date.now() - 1000 * 60 * 60 * 24),
);
t.equal(vulns.length, total, 'expired rule is ignored');
vulns = runFilter('* > [email protected]');
t.equal(vulns.length, total - 1, 'removed with * rule');
vulns = runFilter('sqlite3 > * > semver@*');
t.equal(vulns.length, total - 1, 'mixed *, @-less and latest');
vulns = runFilter('*');
t.equal(vulns.length, total - 1, 'removed with * _only_ rule');
vulns = runFilter('sqlite3 > * > semver@5');
t.equal(vulns.length, total, 'no match');
t.end();
})
.catch(t.threw);
});
test('ignores real vuln data', function(t) {
var vulns2 = require('./fixtures/test-jsbin-vulns-updated.json').vulnerabilities.filter(
function(v) {
return (
v.id === 'npm:uglify-js:20150824' || v.id === 'npm:semver:20150403'
);
},
);
var policy = require('snyk-policy');
t.plan(1);
policy
.load(__dirname + '/fixtures/jsbin-snyk-config')
.then(function(config) {
return filterIgnored(config.ignore, vulns2);
})
.then(function(res) {
t.equal(res.length, 0, 'all vulns have been ignored');
})
.catch(function(e) {
console.log(e.stack);
t.fail(e);
});
});