public PyPIProjectManager(
string directory,
IManagerPackageActions <IManagerPackageVersionMetadata>?actions = null,
IHttpClientFactory?httpClientFactory = null)
: base(actions ?? new NoOpPackageActions(), httpClientFactory ?? new DefaultHttpClientFactory(), directory)
{
}
[DataRow("pkg:nuget/razorengine", "RazorEngine - A Templating Engine based on the Razor parser.", "Matthew Abbott, Ben Dornis, Matthias Dittrich", "4.5.1-alpha001")] // Normal package, no specified version
public async Task MetadataSucceeds(string purlString, string?description = null, string?authors = null, string?latestVersion = null)
{
PackageURL purl = new(purlString);
IManagerPackageActions <NuGetPackageVersionMetadata>?nugetPackageActions = PackageActionsHelper <NuGetPackageVersionMetadata> .SetupPackageActions(
purl,
JsonConvert.DeserializeObject <NuGetPackageVersionMetadata>(_metadata[purl.ToString()]),
JsonConvert.DeserializeObject <IEnumerable <string> >(_versions[purl.ToString()])?.Reverse());
_projectManager = new NuGetProjectManager(".", nugetPackageActions, _httpFactory);
PackageMetadata metadata = await _projectManager.GetPackageMetadataAsync(purl, useCache : false);
Assert.AreEqual(purl.Name, metadata.Name, ignoreCase: true);
// If a version was specified, assert the response is for this version, otherwise assert for the latest version.
Assert.AreEqual(!string.IsNullOrWhiteSpace(purl.Version) ? purl.Version : latestVersion,
metadata.PackageVersion);
Assert.AreEqual(description, metadata.Description);
if (!string.IsNullOrWhiteSpace(authors))
{
List <User> authorsList = authors.Split(", ").Select(author => new User()
{
Name = author
}).ToList();
CollectionAssert.AreEquivalent(authorsList, metadata.Authors);
}
}
public NuGetProjectManager(
string directory,
IManagerPackageActions <NuGetPackageVersionMetadata>?actions = null,
IHttpClientFactory?httpClientFactory = null)
: base(actions ?? new NuGetPackageActions(), httpClientFactory ?? new DefaultHttpClientFactory(), directory)
{
GetRegistrationEndpointAsync().Wait();
}
public async Task EnumerateVersionsSucceeds(
string purlString,
int count,
string latestVersion,
bool includePrerelease = true)
{
PackageURL purl = new(purlString);
IManagerPackageActions <NuGetPackageVersionMetadata>?nugetPackageActions = PackageActionsHelper <NuGetPackageVersionMetadata> .SetupPackageActions(
purl,
JsonConvert.DeserializeObject <NuGetPackageVersionMetadata>(_metadata[purl.ToString()]),
JsonConvert.DeserializeObject <IEnumerable <string> >(_versions[purl.ToString()])?.Reverse(),
includePrerelease : includePrerelease);
_projectManager = new NuGetProjectManager(".", nugetPackageActions, _httpFactory);
List <string> versions = (await _projectManager.EnumerateVersionsAsync(purl, false, includePrerelease)).ToList();
Assert.AreEqual(count, versions.Count);
Assert.AreEqual(latestVersion, versions.First());
}
public async Task NewtonsoftMutations_Succeeds_Async()
{
// arrange
PackageURL newtonsoft = new("pkg:nuget/[email protected]");
string[] squattingPackages = new[]
{
"pkg:nuget/newtons0ft.json", // ["AsciiHomoglyph","CloseLetters"]
"pkg:nuget/newtousoft.json", // ["AsciiHomoglyph"]
"pkg:nuget/newtonsoft.jsan", // ["AsciiHomoglyph","VowelSwap"]
"pkg:nuget/mewtonsoft.json", // ["AsciiHomoglyph","BitFlip","CloseLetters"]
"pkg:nuget/bewtonsoft.json", // ["CloseLetters"]
"pkg:nuget/newtohsoft.json", // ["CloseLetters"]
};
IHttpClientFactory httpClientFactory =
FindSquatsHelper.SetupHttpCalls(purl: newtonsoft, validSquats: squattingPackages);
IManagerPackageActions <NuGetPackageVersionMetadata> packageActions = PackageActionsHelper <NuGetPackageVersionMetadata> .SetupPackageActions(newtonsoft, validSquats : squattingPackages) ?? throw new InvalidOperationException();
Dictionary <string, ProjectManagerFactory.ConstructProjectManager> overrideDict = ProjectManagerFactory.GetDefaultManagers(httpClientFactory);
overrideDict[NuGetProjectManager.Type] = directory =>
new NuGetProjectManager(directory, packageActions, httpClientFactory);
FindPackageSquats findPackageSquats = new(new ProjectManagerFactory(overrideDict), newtonsoft);
// act
IDictionary <string, IList <Mutation> >?squatCandidates = findPackageSquats.GenerateSquatCandidates();
List <FindPackageSquatResult> existingMutations = await findPackageSquats.FindExistingSquatsAsync(squatCandidates, new MutateOptions()
{
UseCache = false
}).ToListAsync();
Assert.IsNotNull(existingMutations);
Assert.IsTrue(existingMutations.Any());
string[] resultingMutationNames = existingMutations.Select(m => m.MutatedPackageUrl.ToString()).ToArray();
CollectionAssert.AreEquivalent(squattingPackages, resultingMutationNames);
}
public async Task DetectSquats(string packageUrl, bool generateSquats, bool expectedToHaveSquats)
{
PackageURL purl = new(packageUrl);
IEnumerable <string>?validSquats = null;
// Only populate validSquats if we want to generate squats.
if (generateSquats)
{
validSquats = ProjectManagerFactory.GetDefaultManagers()[purl.Type].Invoke()?.EnumerateSquatCandidates(purl)?.Keys;
}
// Construct the mocked IHttpClientFactory
IHttpClientFactory httpClientFactory = FindSquatsHelper.SetupHttpCalls(purl: purl, validSquats: validSquats);
// Construct the manager overrides with the mocked IHttpClientFactory.
Dictionary <string, ProjectManagerFactory.ConstructProjectManager> managerOverrides = ProjectManagerFactory.GetDefaultManagers(httpClientFactory);
IManagerPackageActions <NuGetPackageVersionMetadata>?nugetPackageActions = PackageActionsHelper <NuGetPackageVersionMetadata> .SetupPackageActions(
purl);
// Override the NuGet constructor to add the mocked NuGetPackageActions.
managerOverrides[NuGetProjectManager.Type] =
_ => new NuGetProjectManager(".", nugetPackageActions, httpClientFactory);
ProjectManagerFactory projectManagerFactory = new(managerOverrides);
FindSquatsTool fst = new(projectManagerFactory);
FindSquatsTool.Options options = new()
{
Quiet = true,
Targets = new string[] { packageUrl }
};
(string output, int numSquats)result = await fst.RunAsync(options);
Assert.IsTrue(expectedToHaveSquats ? result.numSquats > 0 : result.numSquats == 0);
}
