internal/ghsa/ghsa_test.go - vulndb - Git at Google

 // Copyright 2022 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 package ghsa

 import (
 	"context"
 	"flag"
 	"os"
 	"strings"
 	"testing"
 	"time"
 )

 var githubTokenFile = flag.String("ghtokenfile", "",
 	"path to file containing GitHub access token")

 func mustGetAccessToken(t *testing.T) string {
 	if *githubTokenFile == "" {
 		t.Skip("-ghtokenfile not provided")
 	}
 	bytes, err := os.ReadFile(*githubTokenFile)
 	if err != nil {
 		t.Fatal(err)
 	}
 	return strings.TrimSpace(string(bytes))
 }

 func TestList(t *testing.T) {
 	accessToken := mustGetAccessToken(t)
 	// There were at least three relevant SAs since this date.
 	since := time.Date(2022, 1, 1, 0, 0, 0, 0, time.UTC)
 	const withoutCVEs = false
 	got, err := List(context.Background(), accessToken, since, withoutCVEs)
 	if err != nil {
 		t.Fatal(err)
 	}
 	want := 3
 	if len(got) < want {
 		t.Errorf("got %d, want at least %d", len(got), want)
 	}
 	for _, g := range got {
 		if isCVE(g.Identifiers) {
 			t.Errorf("isCVE true, want false for %+v", g)
 		}
 	}
 }

 func TestFetchGHSA(t *testing.T) {
 	accessToken := mustGetAccessToken(t)
 	// Real GHSA that should be found.
 	const ghsaID string = "GHSA-g9mp-8g3h-3c5c"
 	got, err := FetchGHSA(context.Background(), accessToken, ghsaID)
 	if err != nil {
 		t.Fatal(err)
 	}
 	want := ghsaID
 	var gotID string
 	for _, id := range got.Identifiers {
 		if id.Type == "GHSA" {
 			gotID = id.Value
 			break
 		}
 	}
 	if gotID != want {
 		t.Errorf("got GHSA with id %q, want %q", got.ID, want)
 	}
 }
	// Copyright 2022 The Go Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	package ghsa

	import (
	"context"
	"flag"
	"os"
	"strings"
	"testing"
	"time"
	)

	var githubTokenFile = flag.String("ghtokenfile", "",
	"path to file containing GitHub access token")

	func mustGetAccessToken(t *testing.T) string {
	if *githubTokenFile == "" {
	t.Skip("-ghtokenfile not provided")
	}
	bytes, err := os.ReadFile(*githubTokenFile)
	if err != nil {
	t.Fatal(err)
	}
	return strings.TrimSpace(string(bytes))
	}

	func TestList(t *testing.T) {
	accessToken := mustGetAccessToken(t)
	// There were at least three relevant SAs since this date.
	since := time.Date(2022, 1, 1, 0, 0, 0, 0, time.UTC)
	const withoutCVEs = false
	got, err := List(context.Background(), accessToken, since, withoutCVEs)
	if err != nil {
	t.Fatal(err)
	}
	want := 3
	if len(got) < want {
	t.Errorf("got %d, want at least %d", len(got), want)
	}
	for _, g := range got {
	if isCVE(g.Identifiers) {
	t.Errorf("isCVE true, want false for %+v", g)
	}
	}
	}

	func TestFetchGHSA(t *testing.T) {
	accessToken := mustGetAccessToken(t)
	// Real GHSA that should be found.
	const ghsaID string = "GHSA-g9mp-8g3h-3c5c"
	got, err := FetchGHSA(context.Background(), accessToken, ghsaID)
	if err != nil {
	t.Fatal(err)
	}
	want := ghsaID
	var gotID string
	for _, id := range got.Identifiers {
	if id.Type == "GHSA" {
	gotID = id.Value
	break
	}
	}
	if gotID != want {
	t.Errorf("got GHSA with id %q, want %q", got.ID, want)
	}
	}