-
Notifications
You must be signed in to change notification settings - Fork 2.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
test(bom): add test with same GAV from different modules
- Loading branch information
1 parent
29fc583
commit c72a080
Showing
1 changed file
with
295 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -764,6 +764,301 @@ func TestEncoder_Encode(t *testing.T) { | |
| }, | ||
| wantVulns: make(map[uuid.UUID][]core.Vulnerability), | ||
| }, | ||
| { | ||
| name: "multimodule maven project with deps with same GAV", | ||
| report: types.Report{ | ||
| SchemaVersion: 2, | ||
| ArtifactName: "pom.xml", | ||
| ArtifactType: artifact.TypeFilesystem, | ||
| Results: []types.Result{ | ||
| { | ||
| Target: "pom.xml", | ||
| Type: ftypes.Pom, | ||
| Class: types.ClassLangPkg, | ||
| Packages: []ftypes.Package{ | ||
| { | ||
| ID: "2ff14136-e09f-4df9-80ea-000000000002", | ||
| Name: "com.example:module1", | ||
| Version: "1.0.0", | ||
| Identifier: ftypes.PkgIdentifier{ | ||
| UID: "dd331628c74fdbed", | ||
| PURL: &packageurl.PackageURL{ | ||
| Type: packageurl.TypeMaven, | ||
| Namespace: "com.example", | ||
| Name: "module1", | ||
| Version: "1.0.0", | ||
| }, | ||
| }, | ||
| Relationship: ftypes.RelationshipRoot, | ||
| DependsOn: []string{ | ||
| "2ff14136-e09f-4df9-80ea-000000000003", | ||
| }, | ||
| }, | ||
| { | ||
| ID: "2ff14136-e09f-4df9-80ea-000000000004", | ||
| Name: "com.example:module2", | ||
| Version: "2.0.0", | ||
| Identifier: ftypes.PkgIdentifier{ | ||
| UID: "d9f69cbb644299b2", | ||
| PURL: &packageurl.PackageURL{ | ||
| Type: packageurl.TypeMaven, | ||
| Namespace: "com.example", | ||
| Name: "module2", | ||
| Version: "2.0.0", | ||
| }, | ||
| }, | ||
| Relationship: ftypes.RelationshipRoot, | ||
| DependsOn: []string{ | ||
| "2ff14136-e09f-4df9-80ea-000000000005", | ||
| }, | ||
| }, | ||
| { | ||
| ID: "2ff14136-e09f-4df9-80ea-000000000001", | ||
| Name: "com.example:root", | ||
| Version: "1.0.0", | ||
| Identifier: ftypes.PkgIdentifier{ | ||
| UID: "b4bdd7e3e8cc94d", | ||
| PURL: &packageurl.PackageURL{ | ||
| Type: packageurl.TypeMaven, | ||
| Namespace: "com.example", | ||
| Name: "root", | ||
| Version: "1.0.0", | ||
| }, | ||
| }, | ||
| Relationship: ftypes.RelationshipRoot, | ||
| }, | ||
| { | ||
| ID: "2ff14136-e09f-4df9-80ea-000000000003", | ||
| Name: "org.apache.logging.log4j:log4j-core", | ||
| Version: "2.6.1", | ||
| Identifier: ftypes.PkgIdentifier{ | ||
| UID: "d249736f7ddaaf4f", | ||
| PURL: &packageurl.PackageURL{ | ||
| Type: packageurl.TypeMaven, | ||
| Namespace: "org.apache.logging.log4j", | ||
| Name: "log4j-core", | ||
| Version: "2.6.1", | ||
| }, | ||
| }, | ||
| Relationship: ftypes.RelationshipDirect, | ||
| }, | ||
| { | ||
| ID: "2ff14136-e09f-4df9-80ea-000000000005", | ||
| Name: "org.apache.logging.log4j:log4j-core", | ||
| Version: "2.6.1", | ||
| Identifier: ftypes.PkgIdentifier{ | ||
| UID: "2955bd45b32b9058", | ||
| PURL: &packageurl.PackageURL{ | ||
| Type: packageurl.TypeMaven, | ||
| Namespace: "org.apache.logging.log4j", | ||
| Name: "log4j-core", | ||
| Version: "2.6.1", | ||
| }, | ||
| }, | ||
| Relationship: ftypes.RelationshipDirect, | ||
| }, | ||
| }, | ||
| }, | ||
| }, | ||
| }, | ||
| wantComponents: map[uuid.UUID]*core.Component{ | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000001"): { | ||
| Type: core.TypeFilesystem, | ||
| Name: "pom.xml", | ||
| Root: true, | ||
| Properties: []core.Property{ | ||
| { | ||
| Name: core.PropertySchemaVersion, | ||
| Value: "2", | ||
| }, | ||
| }, | ||
| PkgIdentifier: ftypes.PkgIdentifier{ | ||
| BOMRef: "3ff14136-e09f-4df9-80ea-000000000001", | ||
| }, | ||
| }, | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000002"): { | ||
| Type: core.TypeApplication, | ||
| Name: "pom.xml", | ||
| Properties: []core.Property{ | ||
| { | ||
| Name: core.PropertyClass, | ||
| Value: "lang-pkgs", | ||
| }, | ||
| { | ||
| Name: core.PropertyType, | ||
| Value: "pom", | ||
| }, | ||
| }, | ||
| PkgIdentifier: ftypes.PkgIdentifier{ | ||
| BOMRef: "3ff14136-e09f-4df9-80ea-000000000002", | ||
| }, | ||
| }, | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000003"): { | ||
| Type: core.TypeLibrary, | ||
| Group: "com.example", | ||
| Name: "module1", | ||
| Version: "1.0.0", | ||
| SrcFile: "pom.xml", | ||
| Properties: []core.Property{ | ||
| { | ||
| Name: core.PropertyPkgID, | ||
| Value: "2ff14136-e09f-4df9-80ea-000000000002", | ||
| }, | ||
| { | ||
| Name: core.PropertyPkgType, | ||
| Value: "pom", | ||
| }, | ||
| }, | ||
| PkgIdentifier: ftypes.PkgIdentifier{ | ||
| UID: "dd331628c74fdbed", | ||
| PURL: &packageurl.PackageURL{ | ||
| Type: packageurl.TypeMaven, | ||
| Namespace: "com.example", | ||
| Name: "module1", | ||
| Version: "1.0.0", | ||
| }, | ||
| BOMRef: "pkg:maven/com.example/[email protected]", | ||
| }, | ||
| }, | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000004"): { | ||
| Type: core.TypeLibrary, | ||
| Group: "com.example", | ||
| Name: "module2", | ||
| Version: "2.0.0", | ||
| SrcFile: "pom.xml", | ||
| Properties: []core.Property{ | ||
| { | ||
| Name: core.PropertyPkgID, | ||
| Value: "2ff14136-e09f-4df9-80ea-000000000004", | ||
| }, | ||
| { | ||
| Name: core.PropertyPkgType, | ||
| Value: "pom", | ||
| }, | ||
| }, | ||
| PkgIdentifier: ftypes.PkgIdentifier{ | ||
| UID: "d9f69cbb644299b2", | ||
| PURL: &packageurl.PackageURL{ | ||
| Type: packageurl.TypeMaven, | ||
| Namespace: "com.example", | ||
| Name: "module2", | ||
| Version: "2.0.0", | ||
| }, | ||
| BOMRef: "pkg:maven/com.example/[email protected]", | ||
| }, | ||
| }, | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000005"): { | ||
| Type: core.TypeLibrary, | ||
| Group: "com.example", | ||
| Name: "root", | ||
| Version: "1.0.0", | ||
| SrcFile: "pom.xml", | ||
| Properties: []core.Property{ | ||
| { | ||
| Name: core.PropertyPkgID, | ||
| Value: "2ff14136-e09f-4df9-80ea-000000000001", | ||
| }, | ||
| { | ||
| Name: core.PropertyPkgType, | ||
| Value: "pom", | ||
| }, | ||
| }, | ||
| PkgIdentifier: ftypes.PkgIdentifier{ | ||
| UID: "b4bdd7e3e8cc94d", | ||
| PURL: &packageurl.PackageURL{ | ||
| Type: packageurl.TypeMaven, | ||
| Namespace: "com.example", | ||
| Name: "root", | ||
| Version: "1.0.0", | ||
| }, | ||
| BOMRef: "pkg:maven/com.example/[email protected]", | ||
| }, | ||
| }, | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000006"): { | ||
| Type: core.TypeLibrary, | ||
| Group: "org.apache.logging.log4j", | ||
| Name: "log4j-core", | ||
| Version: "2.6.1", | ||
| SrcFile: "pom.xml", | ||
| Properties: []core.Property{ | ||
| { | ||
| Name: core.PropertyPkgID, | ||
| Value: "2ff14136-e09f-4df9-80ea-000000000003", | ||
| }, | ||
| { | ||
| Name: core.PropertyPkgType, | ||
| Value: "pom", | ||
| }, | ||
| }, | ||
| PkgIdentifier: ftypes.PkgIdentifier{ | ||
| UID: "d249736f7ddaaf4f", | ||
| PURL: &packageurl.PackageURL{ | ||
| Type: packageurl.TypeMaven, | ||
| Namespace: "org.apache.logging.log4j", | ||
| Name: "log4j-core", | ||
| Version: "2.6.1", | ||
| }, | ||
| BOMRef: "3ff14136-e09f-4df9-80ea-000000000006", | ||
| }, | ||
| }, | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000007"): { | ||
| Type: core.TypeLibrary, | ||
| Group: "org.apache.logging.log4j", | ||
| Name: "log4j-core", | ||
| Version: "2.6.1", | ||
| SrcFile: "pom.xml", | ||
| Properties: []core.Property{ | ||
| { | ||
| Name: core.PropertyPkgID, | ||
| Value: "2ff14136-e09f-4df9-80ea-000000000005", | ||
| }, | ||
| { | ||
| Name: core.PropertyPkgType, | ||
| Value: "pom", | ||
| }, | ||
| }, | ||
| PkgIdentifier: ftypes.PkgIdentifier{ | ||
| UID: "2955bd45b32b9058", | ||
| PURL: &packageurl.PackageURL{ | ||
| Type: packageurl.TypeMaven, | ||
| Namespace: "org.apache.logging.log4j", | ||
| Name: "log4j-core", | ||
| Version: "2.6.1", | ||
| }, | ||
| BOMRef: "3ff14136-e09f-4df9-80ea-000000000007", | ||
| }, | ||
| }, | ||
| }, | ||
| wantRels: map[uuid.UUID][]core.Relationship{ | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000001"): { | ||
| { | ||
| Dependency: uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000002"), | ||
| Type: core.RelationshipContains, | ||
| }, | ||
| }, | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000002"): { | ||
| { | ||
| Dependency: uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000003"), | ||
| Type: core.RelationshipContains, | ||
| }, | ||
| }, | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000003"): { | ||
| { | ||
| Dependency: uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000006"), | ||
| Type: core.RelationshipContains, | ||
| }, | ||
| }, | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000004"): { | ||
| { | ||
| Dependency: uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000007"), | ||
| Type: core.RelationshipContains, | ||
| }, | ||
| }, | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000006"): nil, | ||
| uuid.MustParse("3ff14136-e09f-4df9-80ea-000000000007"): nil, | ||
| }, | ||
| wantVulns: make(map[uuid.UUID][]core.Vulnerability), | ||
| }, | ||
| { | ||
| name: "json file created from SBOM file (BOM is empty)", | ||
| report: types.Report{ | ||
|
|
||