mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-03-21 16:49:43 +01:00
added test cases to ensure setting the base flag will prevent the identifier from being added to the suppressedIdentifiers collection
Former-commit-id: d369797a3b14fc2c42621d273d6f314e968848b9
This commit is contained in:
Jeremy Long
@@ -146,6 +146,17 @@ public class SuppressionRuleTest {
|
|||||||
List<String> result = instance.getCve();
|
List<String> result = instance.getCve();
|
||||||
assertEquals(cve, result);
|
assertEquals(cve, result);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test of Cve property, of class SuppressionRule.
|
||||||
|
*/
|
||||||
|
@Test
|
||||||
|
public void testBase() {
|
||||||
|
SuppressionRule instance = new SuppressionRule();
|
||||||
|
assertFalse(instance.isBase());
|
||||||
|
instance.setBase(true);
|
||||||
|
assertTrue(instance.isBase());
|
||||||
|
}
|
||||||
//</editor-fold>
|
//</editor-fold>
|
||||||
|
|
||||||
//<editor-fold defaultstate="collapsed" desc="Ignored duplicate tests, left in, as empty tests, so IDE doesn't re-generate them">
|
//<editor-fold defaultstate="collapsed" desc="Ignored duplicate tests, left in, as empty tests, so IDE doesn't re-generate them">
|
||||||
@@ -424,33 +435,33 @@ public class SuppressionRuleTest {
|
|||||||
instance.setSha1(sha1);
|
instance.setSha1(sha1);
|
||||||
instance.addCwe("287");
|
instance.addCwe("287");
|
||||||
instance.process(dependency);
|
instance.process(dependency);
|
||||||
assertTrue(dependency.getVulnerabilities().size() == 1);
|
assertEquals(1, dependency.getVulnerabilities().size());
|
||||||
dependency.setSha1sum(sha1);
|
dependency.setSha1sum(sha1);
|
||||||
instance.process(dependency);
|
instance.process(dependency);
|
||||||
assertTrue(dependency.getVulnerabilities().isEmpty());
|
assertTrue(dependency.getVulnerabilities().isEmpty());
|
||||||
assertTrue(dependency.getSuppressedVulnerabilities().size() == 1);
|
assertEquals(1, dependency.getSuppressedVulnerabilities().size());
|
||||||
|
|
||||||
//cvss
|
//cvss
|
||||||
dependency.addVulnerability(v);
|
dependency.addVulnerability(v);
|
||||||
instance = new SuppressionRule();
|
instance = new SuppressionRule();
|
||||||
instance.addCvssBelow(5f);
|
instance.addCvssBelow(5f);
|
||||||
instance.process(dependency);
|
instance.process(dependency);
|
||||||
assertTrue(dependency.getVulnerabilities().size() == 1);
|
assertEquals(1, dependency.getVulnerabilities().size());
|
||||||
instance.addCvssBelow(8f);
|
instance.addCvssBelow(8f);
|
||||||
instance.process(dependency);
|
instance.process(dependency);
|
||||||
assertTrue(dependency.getVulnerabilities().isEmpty());
|
assertTrue(dependency.getVulnerabilities().isEmpty());
|
||||||
assertTrue(dependency.getSuppressedVulnerabilities().size() == 1);
|
assertEquals(1, dependency.getSuppressedVulnerabilities().size());
|
||||||
|
|
||||||
//cve
|
//cve
|
||||||
dependency.addVulnerability(v);
|
dependency.addVulnerability(v);
|
||||||
instance = new SuppressionRule();
|
instance = new SuppressionRule();
|
||||||
instance.addCve("CVE-2012-1337");
|
instance.addCve("CVE-2012-1337");
|
||||||
instance.process(dependency);
|
instance.process(dependency);
|
||||||
assertTrue(dependency.getVulnerabilities().size() == 1);
|
assertEquals(1, dependency.getVulnerabilities().size());
|
||||||
instance.addCve("CVE-2013-1337");
|
instance.addCve("CVE-2013-1337");
|
||||||
instance.process(dependency);
|
instance.process(dependency);
|
||||||
assertTrue(dependency.getVulnerabilities().isEmpty());
|
assertTrue(dependency.getVulnerabilities().isEmpty());
|
||||||
assertTrue(dependency.getSuppressedVulnerabilities().size() == 1);
|
assertEquals(1, dependency.getSuppressedVulnerabilities().size());
|
||||||
|
|
||||||
//cpe
|
//cpe
|
||||||
instance = new SuppressionRule();
|
instance = new SuppressionRule();
|
||||||
@@ -468,18 +479,21 @@ public class SuppressionRuleTest {
|
|||||||
instance.setFilePath(pt);
|
instance.setFilePath(pt);
|
||||||
instance.process(dependency);
|
instance.process(dependency);
|
||||||
assertTrue(dependency.getIdentifiers().isEmpty());
|
assertTrue(dependency.getIdentifiers().isEmpty());
|
||||||
assertTrue(dependency.getSuppressedIdentifiers().size() == 1);
|
assertEquals(1, dependency.getSuppressedIdentifiers().size());
|
||||||
|
|
||||||
|
instance = new SuppressionRule();
|
||||||
dependency.addIdentifier("cpe", "cpe:/a:microsoft:.net_framework:4.0", "some url not needed for this test");
|
dependency.addIdentifier("cpe", "cpe:/a:microsoft:.net_framework:4.0", "some url not needed for this test");
|
||||||
dependency.addIdentifier("cpe", "cpe:/a:microsoft:.net_framework:4.5", "some url not needed for this test");
|
dependency.addIdentifier("cpe", "cpe:/a:microsoft:.net_framework:4.5", "some url not needed for this test");
|
||||||
dependency.addIdentifier("cpe", "cpe:/a:microsoft:.net_framework:5.0", "some url not needed for this test");
|
dependency.addIdentifier("cpe", "cpe:/a:microsoft:.net_framework:5.0", "some url not needed for this test");
|
||||||
pt = new PropertyType();
|
pt = new PropertyType();
|
||||||
pt.setValue("cpe:/a:microsoft:.net_framework");
|
pt.setValue("cpe:/a:microsoft:.net_framework");
|
||||||
instance.addCpe(pt);
|
instance.addCpe(pt);
|
||||||
assertTrue(dependency.getIdentifiers().size() == 3);
|
instance.setBase(true);
|
||||||
|
assertEquals(3, dependency.getIdentifiers().size());
|
||||||
|
assertEquals(1, dependency.getSuppressedIdentifiers().size());
|
||||||
instance.process(dependency);
|
instance.process(dependency);
|
||||||
assertTrue(dependency.getIdentifiers().isEmpty());
|
assertTrue(dependency.getIdentifiers().isEmpty());
|
||||||
assertTrue(dependency.getSuppressedIdentifiers().size() == 3);
|
assertEquals(1, dependency.getSuppressedIdentifiers().size());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Reference in New Issue
Block a user