internal/report: update test cases to prep for new lint check
To prepare for a lint check that will require summaries to mention
module/package paths, update test cases to have correct summaries in the
base reports, and modify test cases to add modules/packages
to the base valid report instead of changing their existing values (which
can invalidate the base summary).
Change-Id: I6983e7f62ffd9aa3ea406abcb2d85c8038d2342f
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/543795
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Damien Neil <dneil@google.com>
diff --git a/internal/report/lint_test.go b/internal/report/lint_test.go
index 8c0422d..4045f09 100644
--- a/internal/report/lint_test.go
+++ b/internal/report/lint_test.go
@@ -50,7 +50,7 @@
}},
}},
Description: "description",
- Summary: "A summary",
+ Summary: "A summary of the issue in golang.org/x/net",
CVEs: []string{"CVE-1234-0000"},
}
f(&r)
@@ -68,7 +68,7 @@
}},
}},
Description: "description",
- Summary: "A summary",
+ Summary: "A summary of the problem with net/http",
References: validStdLibReferences,
}
f(&r)
@@ -202,7 +202,9 @@
name: "no_module_path",
desc: "Every module must have a path.",
report: validReport(func(r *Report) {
- r.Modules[0].Module = ""
+ r.Modules = append(r.Modules, &Module{
+ // no path
+ })
}),
wantNumLints: 1,
},
@@ -272,7 +274,7 @@
name: "summary_too_long",
desc: "The summary must be 100 characters or less.",
report: validReport(func(r *Report) {
- r.Summary = "This summary is too long; it needs to be shortened to less than 101 characters to pass the lint check"
+ r.Summary = "This summary of golang.org/x/net is too long; it needs to be shortened to less than 101 characters to pass the lint check"
}),
wantNumLints: 1,
},
@@ -280,7 +282,7 @@
name: "summary_period",
desc: "The summary should not end in a period. It should be a phrase, not a sentence.",
report: validReport(func(r *Report) {
- r.Summary = "This summary is a sentence, not a phrase."
+ r.Summary = "This summary of golang.org/x/net is a sentence, not a phrase."
}),
wantNumLints: 1,
},
@@ -288,7 +290,10 @@
name: "no_package_path",
desc: "All packages must have a path.",
report: validReport(func(r *Report) {
- r.Modules[0].Packages[0].Package = ""
+ r.Modules[0].Packages = append(r.Modules[0].Packages,
+ &Package{
+ // No package path.
+ })
}),
wantNumLints: 1,
},
@@ -344,8 +349,13 @@
name: "module_package_prefix",
desc: "In third party reports, module names must be prefixes of package names.",
report: validReport(func(r *Report) {
- r.Modules[0].Module = "example.com/module"
- r.Modules[0].Packages[0].Package = "example.com/package"
+ r.Modules = append(r.Modules, &Module{
+ Module: "example.com/module",
+ VulnerableAt: "1.0.0",
+ Packages: []*Package{{
+ Package: "example.com/package",
+ }},
+ })
}),
wantNumLints: 1,
},
@@ -353,8 +363,12 @@
name: "invalid_package_path",
desc: "In third party reports, package paths must pass validity checks in x/mod/module.CheckImportPath.",
report: validReport(func(r *Report) {
- r.Modules[0].Module = "invalid."
- r.Modules[0].Packages[0].Package = "invalid."
+ r.Modules = append(r.Modules, &Module{
+ Module: "invalid.",
+ VulnerableAt: "1.0.0",
+ Packages: []*Package{{
+ Package: "invalid.",
+ }}})
}),
wantNumLints: 1,
},
@@ -370,7 +384,13 @@
name: "no_package_stdlib",
desc: "In standard library reports, all modules must contain at least one package.",
report: validStdReport(func(r *Report) {
- r.Modules[0].Packages = nil
+ r.Modules = append(r.Modules,
+ &Module{
+ Module: "std",
+ VulnerableAt: "1.0.0",
+ // No packages.
+ },
+ )
}),
wantNumLints: 1,
},
@@ -378,8 +398,13 @@
name: "wrong_module_cmd",
desc: "Packages beginning with 'cmd' should be in the 'cmd' module.",
report: validStdReport(func(r *Report) {
- r.Modules[0].Module = "std"
- r.Modules[0].Packages[0].Package = "cmd/go"
+ r.Modules = append(r.Modules, &Module{
+ Module: "std",
+ VulnerableAt: "1.0.0",
+ Packages: []*Package{{
+ Package: "cmd/go",
+ }},
+ })
}),
wantNumLints: 1,
},
diff --git a/internal/report/testdata/lint/TestLint/module_non_canonical.txtar b/internal/report/testdata/lint/TestLint/module_non_canonical.txtar
index 78b6996..6cb7d65 100644
--- a/internal/report/testdata/lint/TestLint/module_non_canonical.txtar
+++ b/internal/report/testdata/lint/TestLint/module_non_canonical.txtar
@@ -15,7 +15,7 @@
- module: github.com/golang/vuln
versions:
- introduced: 0.1.0
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLint/module_version_invalid.txtar b/internal/report/testdata/lint/TestLint/module_version_invalid.txtar
index ad647e8..fad86c9 100644
--- a/internal/report/testdata/lint/TestLint/module_version_invalid.txtar
+++ b/internal/report/testdata/lint/TestLint/module_version_invalid.txtar
@@ -15,7 +15,7 @@
- module: golang.org/x/net
versions:
- introduced: 0.2.5
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLint/module_version_ok.txtar b/internal/report/testdata/lint/TestLint/module_version_ok.txtar
index 0fc5e8d..7e5b750 100644
--- a/internal/report/testdata/lint/TestLint/module_version_ok.txtar
+++ b/internal/report/testdata/lint/TestLint/module_version_ok.txtar
@@ -15,7 +15,7 @@
- module: golang.org/x/net
versions:
- introduced: 0.2.0
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLint/multiple_problems.txtar b/internal/report/testdata/lint/TestLint/multiple_problems.txtar
index 337bb44..4bf9ec7 100644
--- a/internal/report/testdata/lint/TestLint/multiple_problems.txtar
+++ b/internal/report/testdata/lint/TestLint/multiple_problems.txtar
@@ -17,7 +17,7 @@
- introduced: 0.1.0
fixed: 0.2.5
- introduced: 0.2.6
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLint/no_proxy_client.txtar b/internal/report/testdata/lint/TestLint/no_proxy_client.txtar
index 6b162a4..f31271d 100644
--- a/internal/report/testdata/lint/TestLint/no_proxy_client.txtar
+++ b/internal/report/testdata/lint/TestLint/no_proxy_client.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/bad_cve.txtar b/internal/report/testdata/lint/TestLintOffline/bad_cve.txtar
index 2e134be..e9a9f32 100644
--- a/internal/report/testdata/lint/TestLintOffline/bad_cve.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/bad_cve.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE.1234.5678
diff --git a/internal/report/testdata/lint/TestLintOffline/bad_ghsa.txtar b/internal/report/testdata/lint/TestLintOffline/bad_ghsa.txtar
index b2d1a43..29a5390 100644
--- a/internal/report/testdata/lint/TestLintOffline/bad_ghsa.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/bad_ghsa.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/bad_related.txtar b/internal/report/testdata/lint/TestLintOffline/bad_related.txtar
index 1c7ab36..28c1194 100644
--- a/internal/report/testdata/lint/TestLintOffline/bad_related.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/bad_related.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-0000-1111
diff --git a/internal/report/testdata/lint/TestLintOffline/cve_and_cve_metadata_ok.txtar b/internal/report/testdata/lint/TestLintOffline/cve_and_cve_metadata_ok.txtar
index b82bce9..542f8ef 100644
--- a/internal/report/testdata/lint/TestLintOffline/cve_and_cve_metadata_ok.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/cve_and_cve_metadata_ok.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-0000-1111
diff --git a/internal/report/testdata/lint/TestLintOffline/cve_metadata_bad_fields.txtar b/internal/report/testdata/lint/TestLintOffline/cve_metadata_bad_fields.txtar
index 4d75954..1c339b9 100644
--- a/internal/report/testdata/lint/TestLintOffline/cve_metadata_bad_fields.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/cve_metadata_bad_fields.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cve_metadata:
id: CVE.0000.1111
diff --git a/internal/report/testdata/lint/TestLintOffline/cve_metadata_missing_fields.txtar b/internal/report/testdata/lint/TestLintOffline/cve_metadata_missing_fields.txtar
index 5b705f3..f036c33 100644
--- a/internal/report/testdata/lint/TestLintOffline/cve_metadata_missing_fields.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/cve_metadata_missing_fields.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cve_metadata: {}
diff --git a/internal/report/testdata/lint/TestLintOffline/description_line_length.txtar b/internal/report/testdata/lint/TestLintOffline/description_line_length.txtar
index 0a29d8f..b8d622d 100644
--- a/internal/report/testdata/lint/TestLintOffline/description_line_length.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/description_line_length.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: This line is too long; it needs to be shortened to less than 80 characters to pass the lint check
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/description_long_word_ok.txtar b/internal/report/testdata/lint/TestLintOffline/description_long_word_ok.txtar
index f0f48f9..bd7e1cc 100644
--- a/internal/report/testdata/lint/TestLintOffline/description_long_word_ok.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/description_long_word_ok.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: http://1234567890.abcdefghijklmnopqrstuvwxyz.1234567890.abcdefghijklmnopqrstuvwxyz
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/invalid_package_path.txtar b/internal/report/testdata/lint/TestLintOffline/invalid_package_path.txtar
index 220a91c..eb645be 100644
--- a/internal/report/testdata/lint/TestLintOffline/invalid_package_path.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/invalid_package_path.txtar
@@ -8,14 +8,18 @@
-- data/reports/GO-0000-0000.yaml --
id: GO-0000-0000
modules:
- - module: invalid.
+ - module: golang.org/x/net
vulnerable_at: 1.2.3
packages:
+ - package: golang.org/x/net/http2
+ - module: invalid.
+ vulnerable_at: 1.0.0
+ packages:
- package: invalid.
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
-- golden --
-modules[0] "invalid.": packages[0] "invalid.": malformed import path "invalid.": trailing dot in path element
+modules[1] "invalid.": packages[0] "invalid.": malformed import path "invalid.": trailing dot in path element
diff --git a/internal/report/testdata/lint/TestLintOffline/invalid_semver.txtar b/internal/report/testdata/lint/TestLintOffline/invalid_semver.txtar
index e352f7e..e6e8be5 100644
--- a/internal/report/testdata/lint/TestLintOffline/invalid_semver.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/invalid_semver.txtar
@@ -14,7 +14,7 @@
vulnerable_at: 1.2.3
packages:
- package: net/http
-summary: A summary
+summary: A summary of the problem with net/http
description: description
references:
- fix: https://go.dev/cl/12345
diff --git a/internal/report/testdata/lint/TestLintOffline/module_package_prefix.txtar b/internal/report/testdata/lint/TestLintOffline/module_package_prefix.txtar
index d5c69cc..1bf230c 100644
--- a/internal/report/testdata/lint/TestLintOffline/module_package_prefix.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/module_package_prefix.txtar
@@ -8,14 +8,18 @@
-- data/reports/GO-0000-0000.yaml --
id: GO-0000-0000
modules:
- - module: example.com/module
+ - module: golang.org/x/net
vulnerable_at: 1.2.3
packages:
+ - package: golang.org/x/net/http2
+ - module: example.com/module
+ vulnerable_at: 1.0.0
+ packages:
- package: example.com/package
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
-- golden --
-modules[0] "example.com/module": packages[0] "example.com/package": module must be a prefix of package
+modules[1] "example.com/module": packages[0] "example.com/package": module must be a prefix of package
diff --git a/internal/report/testdata/lint/TestLintOffline/module_version_offline.txtar b/internal/report/testdata/lint/TestLintOffline/module_version_offline.txtar
index 394fe79..e1bc0ab 100644
--- a/internal/report/testdata/lint/TestLintOffline/module_version_offline.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/module_version_offline.txtar
@@ -15,7 +15,7 @@
- module: golang.org/x/net
versions:
- introduced: 0.2.5
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/no_ID.txtar b/internal/report/testdata/lint/TestLintOffline/no_ID.txtar
index 7d97c47..8741233 100644
--- a/internal/report/testdata/lint/TestLintOffline/no_ID.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/no_ID.txtar
@@ -11,7 +11,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/no_advisory.txtar b/internal/report/testdata/lint/TestLintOffline/no_advisory.txtar
index 94f9832..308a022 100644
--- a/internal/report/testdata/lint/TestLintOffline/no_advisory.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/no_advisory.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/no_description_go_cve.txtar b/internal/report/testdata/lint/TestLintOffline/no_description_go_cve.txtar
index a1d3ac3..a9bbbc7 100644
--- a/internal/report/testdata/lint/TestLintOffline/no_description_go_cve.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/no_description_go_cve.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
cve_metadata:
id: CVE-0000-1111
cwe: 'CWE XXX: A CWE description'
diff --git a/internal/report/testdata/lint/TestLintOffline/no_description_ok.txtar b/internal/report/testdata/lint/TestLintOffline/no_description_ok.txtar
index 8e2f29c..e2cebc8 100644
--- a/internal/report/testdata/lint/TestLintOffline/no_description_ok.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/no_description_ok.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
cves:
- CVE-1234-0000
references:
diff --git a/internal/report/testdata/lint/TestLintOffline/no_module_path.txtar b/internal/report/testdata/lint/TestLintOffline/no_module_path.txtar
index 226df20..7373679 100644
--- a/internal/report/testdata/lint/TestLintOffline/no_module_path.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/no_module_path.txtar
@@ -8,13 +8,15 @@
-- data/reports/GO-0000-0000.yaml --
id: GO-0000-0000
modules:
- - vulnerable_at: 1.2.3
+ - module: golang.org/x/net
+ vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+ - {}
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
-- golden --
-modules[0]: no module name
+modules[1]: no module name
diff --git a/internal/report/testdata/lint/TestLintOffline/no_modules.txtar b/internal/report/testdata/lint/TestLintOffline/no_modules.txtar
index 8f82c77..c51f12c 100644
--- a/internal/report/testdata/lint/TestLintOffline/no_modules.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/no_modules.txtar
@@ -7,7 +7,7 @@
-- data/reports/GO-0000-0000.yaml --
id: GO-0000-0000
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/no_package_path.txtar b/internal/report/testdata/lint/TestLintOffline/no_package_path.txtar
index 800cca0..134f683 100644
--- a/internal/report/testdata/lint/TestLintOffline/no_package_path.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/no_package_path.txtar
@@ -11,11 +11,12 @@
- module: golang.org/x/net
vulnerable_at: 1.2.3
packages:
+ - package: golang.org/x/net/http2
- {}
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
-- golden --
-modules[0] "golang.org/x/net": packages[0]: no package name
+modules[0] "golang.org/x/net": packages[1]: no package name
diff --git a/internal/report/testdata/lint/TestLintOffline/no_package_path_stdlib.txtar b/internal/report/testdata/lint/TestLintOffline/no_package_path_stdlib.txtar
index b01972f..ca8dee8 100644
--- a/internal/report/testdata/lint/TestLintOffline/no_package_path_stdlib.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/no_package_path_stdlib.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- {}
-summary: A summary
+summary: A summary of the problem with net/http
description: description
references:
- fix: https://go.dev/cl/12345
diff --git a/internal/report/testdata/lint/TestLintOffline/no_package_stdlib.txtar b/internal/report/testdata/lint/TestLintOffline/no_package_stdlib.txtar
index 1411e40..1aa70ab 100644
--- a/internal/report/testdata/lint/TestLintOffline/no_package_stdlib.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/no_package_stdlib.txtar
@@ -10,7 +10,11 @@
modules:
- module: std
vulnerable_at: 1.2.3
-summary: A summary
+ packages:
+ - package: net/http
+ - module: std
+ vulnerable_at: 1.0.0
+summary: A summary of the problem with net/http
description: description
references:
- fix: https://go.dev/cl/12345
@@ -18,4 +22,4 @@
- report: https://go.dev/issue/12345
-- golden --
-modules[0] "std": no packages
+modules[1] "std": no packages
diff --git a/internal/report/testdata/lint/TestLintOffline/no_vulnerable_at_or_skip_fix.txtar b/internal/report/testdata/lint/TestLintOffline/no_vulnerable_at_or_skip_fix.txtar
index 443d931..53d16db 100644
--- a/internal/report/testdata/lint/TestLintOffline/no_vulnerable_at_or_skip_fix.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/no_vulnerable_at_or_skip_fix.txtar
@@ -11,7 +11,7 @@
- module: golang.org/x/net
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/reference_invalid_URL.txtar b/internal/report/testdata/lint/TestLintOffline/reference_invalid_URL.txtar
index 29c0c82..aa3d60e 100644
--- a/internal/report/testdata/lint/TestLintOffline/reference_invalid_URL.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/reference_invalid_URL.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/reference_invalid_type.txtar b/internal/report/testdata/lint/TestLintOffline/reference_invalid_type.txtar
index 7f77cb2..9c598bb 100644
--- a/internal/report/testdata/lint/TestLintOffline/reference_invalid_type.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/reference_invalid_type.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/references_incorrect_stdlib.txtar b/internal/report/testdata/lint/TestLintOffline/references_incorrect_stdlib.txtar
index 83c20b8..2e40e5a 100644
--- a/internal/report/testdata/lint/TestLintOffline/references_incorrect_stdlib.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/references_incorrect_stdlib.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: net/http
-summary: A summary
+summary: A summary of the problem with net/http
description: description
references:
- advisory: http://www.example.com
diff --git a/internal/report/testdata/lint/TestLintOffline/references_missing_stdlib.txtar b/internal/report/testdata/lint/TestLintOffline/references_missing_stdlib.txtar
index 611ea4f..c696e22 100644
--- a/internal/report/testdata/lint/TestLintOffline/references_missing_stdlib.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/references_missing_stdlib.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: net/http
-summary: A summary
+summary: A summary of the problem with net/http
description: description
-- golden --
diff --git a/internal/report/testdata/lint/TestLintOffline/references_multiple_advisories.txtar b/internal/report/testdata/lint/TestLintOffline/references_multiple_advisories.txtar
index 57d4182..7cabcaa 100644
--- a/internal/report/testdata/lint/TestLintOffline/references_multiple_advisories.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/references_multiple_advisories.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/references_redundant_web_advisories.txtar b/internal/report/testdata/lint/TestLintOffline/references_redundant_web_advisories.txtar
index 84c6c9c..e95eef8 100644
--- a/internal/report/testdata/lint/TestLintOffline/references_redundant_web_advisories.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/references_redundant_web_advisories.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-0000-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/references_unfixed.txtar b/internal/report/testdata/lint/TestLintOffline/references_unfixed.txtar
index 6ed2673..91113ca 100644
--- a/internal/report/testdata/lint/TestLintOffline/references_unfixed.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/references_unfixed.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/skip_fix_ok.txtar b/internal/report/testdata/lint/TestLintOffline/skip_fix_ok.txtar
index 2994fb0..368a961 100644
--- a/internal/report/testdata/lint/TestLintOffline/skip_fix_ok.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/skip_fix_ok.txtar
@@ -12,7 +12,7 @@
packages:
- package: golang.org/x/net/http2
skip_fix: a reason
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/summary_period.txtar b/internal/report/testdata/lint/TestLintOffline/summary_period.txtar
index e40df93..d677beb 100644
--- a/internal/report/testdata/lint/TestLintOffline/summary_period.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/summary_period.txtar
@@ -12,7 +12,7 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: This summary is a sentence, not a phrase.
+summary: This summary of golang.org/x/net is a sentence, not a phrase.
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/summary_too_long.txtar b/internal/report/testdata/lint/TestLintOffline/summary_too_long.txtar
index 8e189d9..33a1930 100644
--- a/internal/report/testdata/lint/TestLintOffline/summary_too_long.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/summary_too_long.txtar
@@ -12,10 +12,10 @@
vulnerable_at: 1.2.3
packages:
- package: golang.org/x/net/http2
-summary: This summary is too long; it needs to be shortened to less than 101 characters to pass the lint check
+summary: This summary of golang.org/x/net is too long; it needs to be shortened to less than 101 characters to pass the lint check
description: description
cves:
- CVE-1234-0000
-- golden --
-summary: too long (found 101 characters, want <=100)
+summary: too long (found 121 characters, want <=100)
diff --git a/internal/report/testdata/lint/TestLintOffline/unsupported_versions.txtar b/internal/report/testdata/lint/TestLintOffline/unsupported_versions.txtar
index e69a3ad..e9034bf 100644
--- a/internal/report/testdata/lint/TestLintOffline/unsupported_versions.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/unsupported_versions.txtar
@@ -15,7 +15,7 @@
vulnerable_at: 1.2.3
packages:
- package: net/http
-summary: A summary
+summary: A summary of the problem with net/http
description: description
references:
- fix: https://go.dev/cl/12345
diff --git a/internal/report/testdata/lint/TestLintOffline/versions_checked_no_vulnerable_at.txtar b/internal/report/testdata/lint/TestLintOffline/versions_checked_no_vulnerable_at.txtar
index a79a0b4..78cd01d 100644
--- a/internal/report/testdata/lint/TestLintOffline/versions_checked_no_vulnerable_at.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/versions_checked_no_vulnerable_at.txtar
@@ -14,7 +14,7 @@
- fixed: 1.3.2
packages:
- package: net/http
-summary: A summary
+summary: A summary of the problem with net/http
description: description
references:
- fix: https://go.dev/cl/12345
diff --git a/internal/report/testdata/lint/TestLintOffline/versions_fixed_before_introduced.txtar b/internal/report/testdata/lint/TestLintOffline/versions_fixed_before_introduced.txtar
index 68034da..480548e 100644
--- a/internal/report/testdata/lint/TestLintOffline/versions_fixed_before_introduced.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/versions_fixed_before_introduced.txtar
@@ -15,7 +15,7 @@
vulnerable_at: 1.2.3
packages:
- package: net/http
-summary: A summary
+summary: A summary of the problem with net/http
description: description
references:
- fix: https://go.dev/cl/12345
diff --git a/internal/report/testdata/lint/TestLintOffline/versions_overlapping_ranges.txtar b/internal/report/testdata/lint/TestLintOffline/versions_overlapping_ranges.txtar
index 3c64016..975f22c 100644
--- a/internal/report/testdata/lint/TestLintOffline/versions_overlapping_ranges.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/versions_overlapping_ranges.txtar
@@ -15,7 +15,7 @@
vulnerable_at: 1.2.3
packages:
- package: net/http
-summary: A summary
+summary: A summary of the problem with net/http
description: description
references:
- fix: https://go.dev/cl/12345
diff --git a/internal/report/testdata/lint/TestLintOffline/vulnerable_at_and_skip_fix_ok.txtar b/internal/report/testdata/lint/TestLintOffline/vulnerable_at_and_skip_fix_ok.txtar
index 2e226e3..a2e409e 100644
--- a/internal/report/testdata/lint/TestLintOffline/vulnerable_at_and_skip_fix_ok.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/vulnerable_at_and_skip_fix_ok.txtar
@@ -13,7 +13,7 @@
packages:
- package: golang.org/x/net/http2
skip_fix: a reason
-summary: A summary
+summary: A summary of the issue in golang.org/x/net
description: description
cves:
- CVE-1234-0000
diff --git a/internal/report/testdata/lint/TestLintOffline/vulnerable_at_out_of_range.txtar b/internal/report/testdata/lint/TestLintOffline/vulnerable_at_out_of_range.txtar
index 0425453..f5ee85a 100644
--- a/internal/report/testdata/lint/TestLintOffline/vulnerable_at_out_of_range.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/vulnerable_at_out_of_range.txtar
@@ -14,7 +14,7 @@
vulnerable_at: 2.0.0
packages:
- package: net/http
-summary: A summary
+summary: A summary of the problem with net/http
description: description
references:
- fix: https://go.dev/cl/12345
diff --git a/internal/report/testdata/lint/TestLintOffline/wrong_module_cmd.txtar b/internal/report/testdata/lint/TestLintOffline/wrong_module_cmd.txtar
index 5ea4e92..538aa85 100644
--- a/internal/report/testdata/lint/TestLintOffline/wrong_module_cmd.txtar
+++ b/internal/report/testdata/lint/TestLintOffline/wrong_module_cmd.txtar
@@ -11,8 +11,12 @@
- module: std
vulnerable_at: 1.2.3
packages:
+ - package: net/http
+ - module: std
+ vulnerable_at: 1.0.0
+ packages:
- package: cmd/go
-summary: A summary
+summary: A summary of the problem with net/http
description: description
references:
- fix: https://go.dev/cl/12345
@@ -20,4 +24,4 @@
- report: https://go.dev/issue/12345
-- golden --
-modules[0] "std": packages[0] "cmd/go": must be in module cmd
+modules[1] "std": packages[0] "cmd/go": must be in module cmd
