public async Task FindSource_NonExistentPackage(string purl, string targetResult)
{
FindSourceTool tool = new FindSourceTool();
var results = await tool.FindSource(new PackageURL(purl));
Assert.IsTrue(results.Count() == 0, $"Result {results} obtained from non-existent {purl}");
}
public async Task Check_Sarif(string purl, string targetResult)
{
// for initialization
FindSourceTool tool = new FindSourceTool();
RepoSearch searchTool = new RepoSearch();
var results = await searchTool.ResolvePackageLibraryAsync(new PackageURL(purl));
List <Result> sarifResults = new List <Result>();
foreach (var result in results)
{
var confidence = result.Value * 100.0;
Result sarifResult = new Result()
{
Message = new Message()
{
Text = $"https://github.com/{result.Key.Namespace}/{result.Key.Name}"
},
Kind = ResultKind.Informational,
Level = FailureLevel.None,
Rank = confidence,
Locations = SarifOutputBuilder.BuildPurlLocation(new PackageURL(purl))
};
sarifResults.Add(sarifResult);
}
IOutputBuilder outputBuilder = OutputBuilderFactory.CreateOutputBuilder("sarifv2");
outputBuilder.AppendOutput(sarifResults);
string sarifJSON = outputBuilder.GetOutput();
SarifLog sarif = JsonConvert.DeserializeObject <SarifLog>(sarifJSON);
Assert.IsNotNull(sarif);
var sarifRun = sarif.Runs.FirstOrDefault();
Assert.IsNotNull(sarifRun?.Tool.Driver.Name);
// make sure atleast one of the result repos match the actual one
bool found = false;
if (sarifRun != null)
{
foreach (var result in sarifRun.Results)
{
if (result.Message.Text == targetResult)
{
found = true;
}
}
}
Assert.IsTrue(found);
}
public async Task FindSource_NonExistentPackage(string purl, string targetResult)
{
// for initialization
FindSourceTool tool = new FindSourceTool();
RepoSearch searchTool = new RepoSearch();
var results = await searchTool.ResolvePackageLibraryAsync(new PackageURL(purl));
Assert.IsTrue(results.Count() == 0, $"Result {results} obtained from non-existent {purl}");
}
public async Task FindSource_Success(string purl, string targetResult)
{
FindSourceTool tool = new FindSourceTool();
var results = await tool.FindSource(new PackageURL(purl));
var targetPurl = new PackageURL(targetResult);
var success = false;
foreach (var resultPurl in results)
{
if (resultPurl.Equals(targetPurl))
{
success = true;
}
}
Assert.IsTrue(success, $"Result {targetResult} not found from {purl}");
}
public async Task FindSource_Success(string purl, string targetResult)
{
// for initialization
FindSourceTool tool = new FindSourceTool();
RepoSearch searchTool = new RepoSearch();
var results = await searchTool.ResolvePackageLibraryAsync(new PackageURL(purl));
var targetPurl = new PackageURL(targetResult);
var success = false;
foreach (var resultEntry in results)
{
if (resultEntry.Key.Equals(targetPurl))
{
success = true;
}
}
Assert.IsTrue(success, $"Result {targetResult} not found from {purl}");
}
