internal/{database,osv}: add more robust validation for osv entries Adds functions to validate OSV entries, and calls these functions in both unit tests and pre-deploy checks. Change-Id: Id5ddbb6c1a5c81b9176491d5cf1a88fbae928606 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/495498 Run-TryBot: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>

commit: 0cbf4ffdb4e70fce663ec8d59198745b04e7801b [log] [tgz]
author: Tatiana Bradley <tatianabradley@google.com> Fri May 12 16:14:27 2023 -0400
committer: Tatiana Bradley <tatianabradley@google.com> Mon May 22 18:05:20 2023 +0000
tree: a6ac11cec3d4ca4ab40a8639ef27240db76ac26a
parent: 55f14e2dc5763d078302af190702865099482d49 [diff] [blame]
diff --git a/all_test.go b/all_test.go
index d632c29..2e16df4 100644
--- a/all_test.go
+++ b/all_test.go

@@ -21,6 +21,7 @@
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-cmp/cmp/cmpopts"
 	"golang.org/x/vulndb/internal/cveschema5"
+	"golang.org/x/vulndb/internal/osvutils"
 	"golang.org/x/vulndb/internal/report"
 )
 
@@ -99,6 +100,9 @@
 				if diff := cmp.Diff(generated, current, cmpopts.EquateEmpty()); diff != "" {
 					t.Errorf("%s does not match report:\n%v", osvFilename, diff)
 				}
+				if err := osvutils.ValidateExceptTimestamps(&current); err != nil {
+					t.Error(err)
+				}
 			}
 			if r.CVEMetadata != nil {
 				generated, err := r.ToCVE5(goID)
commit	0cbf4ffdb4e70fce663ec8d59198745b04e7801b	[log] [tgz]
author	Tatiana Bradley <tatianabradley@google.com>	Fri May 12 16:14:27 2023 -0400
committer	Tatiana Bradley <tatianabradley@google.com>	Mon May 22 18:05:20 2023 +0000
tree	a6ac11cec3d4ca4ab40a8639ef27240db76ac26a
parent	55f14e2dc5763d078302af190702865099482d49 [diff] [blame]