data: add the saved CVE 5.0 JSON records and associated testing
Tests now enforce that a CVE JSON 5.0 record is stored in data/cve/v5 for each YAML report that sets cve_metadata.
The now-required files for all existing reports are added.
Fixes golang/go#56302
Change-Id: I0731792cd80e672d5be7e753370d6f97e450562d
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/444576
Reviewed-by: Maceo Thompson <maceothompson@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Maceo Thompson <maceothompson@google.com>
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
diff --git a/all_test.go b/all_test.go
index a8ad8ef..061ca58 100644
--- a/all_test.go
+++ b/all_test.go
@@ -23,6 +23,7 @@
"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"
vulnc "golang.org/x/vuln/client"
+ "golang.org/x/vulndb/internal/cveschema5"
"golang.org/x/vulndb/internal/database"
"golang.org/x/vulndb/internal/report"
)
@@ -97,6 +98,21 @@
t.Errorf("data/osv/%v.json does not match report:\n%v", generated.ID, diff)
}
}
+ if r.CVEMetadata != nil {
+ generated, err := report.ToCVE5(filename)
+ if err != nil {
+ t.Fatal(err)
+ }
+ cvePath := fmt.Sprintf("data/cve/v5/%v.json", report.GetGoIDFromFilename(filename))
+ current, err := cveschema5.Read(cvePath)
+ if err != nil {
+ t.Fatal(err)
+ }
+ if diff := cmp.Diff(generated, current, cmpopts.EquateEmpty()); diff != "" {
+ t.Errorf("%s does not match report:\n%v", cvePath, diff)
+ }
+
+ }
})
}
}
