github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-24 01:51:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Normalize Ruby analyzers

Browse Source
This commit is contained in:
brianf
2017-09-21 21:44:49 -04:00
parent 69323bf0a4
commit 1564f11b89
4 changed files with 33 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundlerAnalyzerTest.java
View File

@@ -80,6 +80,7 @@ public class RubyBundlerAnalyzerTest extends BaseTest {
public void testSupportsFiles() {
assertThat(analyzer.accept(new File("test.gemspec")), is(false));
assertThat(analyzer.accept(new File("specifications" + File.separator + "test.gemspec")), is(true));
assertThat(analyzer.accept(new File("gemspec.lock")), is(false));
}
/**
@@ -100,7 +101,12 @@ public class RubyBundlerAnalyzerTest extends BaseTest {
assertThat(vendorString, containsString("https://github.com/petergoldstein/dalli"));
assertThat(vendorString, containsString("MIT"));
assertThat(result.getProductEvidence().toString(), containsString("dalli"));
assertEquals("dalli",result.getName());
assertThat(result.getProductEvidence().toString(), containsString("High performance memcached client for Ruby"));
assertThat(result.getVersionEvidence().toString(), containsString("2.7.5"));
assertEquals("2.7.5",result.getVersion());
assertEquals(RubyBundlerAnalyzer.DEPENDENCY_ECOSYSTEM, result.getDependencyEcosystem());
assertEquals("dalli:2.7.5",result.getDisplayFileName());
}
}

12
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/RubyGemspecAnalyzerTest.java
View File

@@ -79,6 +79,7 @@ public class RubyGemspecAnalyzerTest extends BaseTest {
@Test
public void testSupportsFiles() {
assertThat(analyzer.accept(new File("test.gemspec")), is(true));
assertThat(analyzer.accept(new File("gemspec.lock")), is(false));
// assertThat(analyzer.accept(new File("Rakefile")), is(true));
}
@@ -93,12 +94,16 @@ public class RubyGemspecAnalyzerTest extends BaseTest {
"ruby/vulnerable/gems/specifications/rest-client-1.7.2.gemspec"));
analyzer.analyze(result, null);
final String vendorString = result.getVendorEvidence().toString();
assertEquals(RubyGemspecAnalyzer.DEPENDENCY_ECOSYSTEM, result.getDependencyEcosystem());
assertThat(vendorString, containsString("REST Client Team"));
assertThat(vendorString, containsString("rest-client_project"));
assertThat(vendorString, containsString("rest.client@librelist.com"));
assertThat(vendorString, containsString("https://github.com/rest-client/rest-client"));
assertThat(result.getProductEvidence().toString(), containsString("rest-client"));
assertEquals("rest-client",result.getName());
assertThat(result.getVersionEvidence().toString(), containsString("1.7.2"));
assertEquals("1.7.2",result.getVersion());
assertEquals("rest-client:1.7.2",result.getDisplayFileName());
}
/**
@@ -106,11 +111,16 @@ public class RubyGemspecAnalyzerTest extends BaseTest {
*
* @throws AnalysisException is thrown when an exception occurs.
*/
//@Test TODO: place holder to test Rakefile support
//@Test
//TODO: place holder to test Rakefile support
public void testAnalyzeRakefile() throws AnalysisException {
final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
"ruby/vulnerable/gems/rails-4.1.15/vendor/bundle/ruby/2.2.0/gems/pg-0.18.4/Rakefile"));
analyzer.analyze(result, null);
assertTrue(result.getEvidence().size()>0);
assertEquals(RubyGemspecAnalyzer.DEPENDENCY_ECOSYSTEM, result.getDependencyEcosystem());
assertEquals("pg",result.getName());
assertEquals("0.18.4",result.getVersion());
assertEquals("pg:0.18.4",result.getDisplayFileName());
}
}