blob: fb55cc5ea67a16579d5912882300dc7aa91d5552 [file] [log] [blame]
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package audit
import (
"testing"
"golang.org/x/tools/go/packages/packagestest"
)
func TestPackageVersionInfo(t *testing.T) {
// Export package testdata with a program depending on a vulnerability package
// vuln with version "v1.0.1".
e := packagestest.Export(t, packagestest.Modules, []packagestest.Module{
{
Name: "golang.org/vulntest",
Files: map[string]interface{}{
"testdata/testdata.go": `
package testdata
import (
"thirdparty.org/vulnerabilities/vuln"
)
func Lib1() {
vuln.Vuln()
}
`,
},
},
{
Name: "thirdparty.org/vulnerabilities@v1.0.1",
Files: map[string]interface{}{
"vuln/vuln.go": `
package vuln
import (
"abc.org/xyz/foo"
)
func Vuln() { foo.Foo() }
`,
},
},
{
Name: "abc.org/xyz@v0.0.0-20201002170205-7f63de1d35b0",
Files: map[string]interface{}{
"foo/foo.go": `
package foo
func Foo() { }
`,
},
},
})
defer e.Cleanup()
_, _, pkgs, err := loadAndBuildPackages(e, "/vulntest/testdata/testdata.go")
if err != nil {
t.Fatal(err)
}
v := PackageVersions(pkgs)
for _, test := range []struct {
path string
version string
in bool
}{
{"command-line-arguments", "", false},
{"thirdparty.org/vulnerabilities/vuln", "v1.0.1", true},
{"abc.org/xyz/foo", "v0.0.0-20201002170205-7f63de1d35b0", true},
} {
if version, ok := v[test.path]; ok != test.in || version != test.version {
t.Errorf("want package %s at version %s in=%t package-version map; got %s and %t", test.path, test.version, test.in, version, ok)
}
}
}