public async Task ScopedPackage_Succeeds_Async() { // arrange PackageURL angularCore = new PackageURL("pkg:npm/angular/[email protected]"); string[] squattingPackages = new[] { "pkg:npm/anngular/core", // ["DoubleHit","Duplicator"] "pkg:npm/angullar/core", // ["DoubleHit","Duplicator"] "pkg:npm/angu1ar/core", // ["AsciiHomoglyph"] "pkg:npm/anbular/core", // ["CloseLetters"] "pkg:npm/angula/core", // ["RemovedCharacter"] "pkg:npm/angularjs/core", // ["Suffix"] "pkg:npm/core", // ["RemovedNamespace"] }; IHttpClientFactory httpClientFactory = FindSquatsHelper.SetupHttpCalls(purl: angularCore, validSquats: squattingPackages); FindPackageSquats findPackageSquats = new(new ProjectManagerFactory(httpClientFactory), angularCore); // act IDictionary <string, IList <Mutation> >?squatCandidates = findPackageSquats.GenerateSquatCandidates(); List <FindPackageSquatResult> existingMutations = await findPackageSquats.FindExistingSquatsAsync(squatCandidates, new MutateOptions() { UseCache = false }).ToListAsync(); Assert.IsNotNull(existingMutations); Assert.IsTrue(existingMutations.Any()); string[] resultingMutationNames = existingMutations.Select(m => m.MutatedPackageUrl.ToString()).ToArray(); CollectionAssert.AreEquivalent(squattingPackages, resultingMutationNames); }
public async Task FooMutations_Succeeds_Async() { // arrange PackageURL foo = new("pkg:npm/foo"); string[] squattingPackages = new[] { "pkg:npm/too", // ["AsciiHomoglyph", "CloseLetters"] "pkg:npm/goo", // ["CloseLetters"] "pkg:npm/foojs", // ["Suffix"] "pkg:npm/fooo", // ["DoubleHit"] }; IHttpClientFactory httpClientFactory = FindSquatsHelper.SetupHttpCalls(purl: foo, validSquats: squattingPackages); FindPackageSquats findPackageSquats = new(new ProjectManagerFactory(httpClientFactory), foo); // act IDictionary <string, IList <Mutation> >?squatCandidates = findPackageSquats.GenerateSquatCandidates(); List <FindPackageSquatResult> existingMutations = await findPackageSquats.FindExistingSquatsAsync(squatCandidates, new MutateOptions() { UseCache = false }).ToListAsync(); Assert.IsNotNull(existingMutations); Assert.IsTrue(existingMutations.Any()); string[] resultingMutationNames = existingMutations.Select(m => m.MutatedPackageUrl.ToString()).ToArray(); CollectionAssert.AreEquivalent(squattingPackages, resultingMutationNames); }
public async Task LodashMutations_NoCache_Succeeds_Async() { // arrange PackageURL lodash = new("pkg:npm/[email protected]"); string[] squattingPackages = new[] { "pkg:npm/iodash", // ["AsciiHomoglyph","CloseLetters"] "pkg:npm/jodash", // ["AsciiHomoglyph"] "pkg:npm/1odash", // ["AsciiHomoglyph"] "pkg:npm/ledash", // ["AsciiHomoglyph","VowelSwap"] "pkg:npm/ladash", // ["AsciiHomoglyph","VowelSwap"] "pkg:npm/l0dash", // ["AsciiHomoglyph","CloseLetters"] }; IHttpClientFactory httpClientFactory = FindSquatsHelper.SetupHttpCalls(purl: lodash, validSquats: squattingPackages); FindPackageSquats findPackageSquats = new(new ProjectManagerFactory(httpClientFactory), lodash); // act IDictionary <string, IList <Mutation> >?squatCandidates = findPackageSquats.GenerateSquatCandidates(); List <FindPackageSquatResult> existingMutations = await findPackageSquats.FindExistingSquatsAsync(squatCandidates, new MutateOptions() { UseCache = false }).ToListAsync(); Assert.IsNotNull(existingMutations); Assert.IsTrue(existingMutations.Any()); string[] resultingMutationNames = existingMutations.Select(m => m.MutatedPackageUrl.ToString()).ToArray(); CollectionAssert.AreEquivalent(squattingPackages, resultingMutationNames); }
public async Task NewtonsoftMutations_Succeeds_Async() { // arrange PackageURL newtonsoft = new("pkg:nuget/[email protected]"); string[] squattingPackages = new[] { "pkg:nuget/newtons0ft.json", // ["AsciiHomoglyph","CloseLetters"] "pkg:nuget/newtousoft.json", // ["AsciiHomoglyph"] "pkg:nuget/newtonsoft.jsan", // ["AsciiHomoglyph","VowelSwap"] "pkg:nuget/mewtonsoft.json", // ["AsciiHomoglyph","BitFlip","CloseLetters"] "pkg:nuget/bewtonsoft.json", // ["CloseLetters"] "pkg:nuget/newtohsoft.json", // ["CloseLetters"] }; IHttpClientFactory httpClientFactory = FindSquatsHelper.SetupHttpCalls(purl: newtonsoft, validSquats: squattingPackages); IManagerPackageActions <NuGetPackageVersionMetadata> packageActions = PackageActionsHelper <NuGetPackageVersionMetadata> .SetupPackageActions(newtonsoft, validSquats : squattingPackages) ?? throw new InvalidOperationException(); Dictionary <string, ProjectManagerFactory.ConstructProjectManager> overrideDict = ProjectManagerFactory.GetDefaultManagers(httpClientFactory); overrideDict[NuGetProjectManager.Type] = directory => new NuGetProjectManager(directory, packageActions, httpClientFactory); FindPackageSquats findPackageSquats = new(new ProjectManagerFactory(overrideDict), newtonsoft); // act IDictionary <string, IList <Mutation> >?squatCandidates = findPackageSquats.GenerateSquatCandidates(); List <FindPackageSquatResult> existingMutations = await findPackageSquats.FindExistingSquatsAsync(squatCandidates, new MutateOptions() { UseCache = false }).ToListAsync(); Assert.IsNotNull(existingMutations); Assert.IsTrue(existingMutations.Any()); string[] resultingMutationNames = existingMutations.Select(m => m.MutatedPackageUrl.ToString()).ToArray(); CollectionAssert.AreEquivalent(squattingPackages, resultingMutationNames); }
public async Task DetectSquats(string packageUrl, bool generateSquats, bool expectedToHaveSquats) { PackageURL purl = new(packageUrl); IEnumerable <string>?validSquats = null; // Only populate validSquats if we want to generate squats. if (generateSquats) { validSquats = ProjectManagerFactory.GetDefaultManagers()[purl.Type].Invoke()?.EnumerateSquatCandidates(purl)?.Keys; } // Construct the mocked IHttpClientFactory IHttpClientFactory httpClientFactory = FindSquatsHelper.SetupHttpCalls(purl: purl, validSquats: validSquats); // Construct the manager overrides with the mocked IHttpClientFactory. Dictionary <string, ProjectManagerFactory.ConstructProjectManager> managerOverrides = ProjectManagerFactory.GetDefaultManagers(httpClientFactory); IManagerPackageActions <NuGetPackageVersionMetadata>?nugetPackageActions = PackageActionsHelper <NuGetPackageVersionMetadata> .SetupPackageActions( purl); // Override the NuGet constructor to add the mocked NuGetPackageActions. managerOverrides[NuGetProjectManager.Type] = _ => new NuGetProjectManager(".", nugetPackageActions, httpClientFactory); ProjectManagerFactory projectManagerFactory = new(managerOverrides); FindSquatsTool fst = new(projectManagerFactory); FindSquatsTool.Options options = new() { Quiet = true, Targets = new string[] { packageUrl } }; (string output, int numSquats)result = await fst.RunAsync(options); Assert.IsTrue(expectedToHaveSquats ? result.numSquats > 0 : result.numSquats == 0); }