diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index c81bb85e8a..74dd965864 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -156,7 +156,7 @@ jobs: with: path: cache key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }} - - uses: technote-space/get-diff-action@f27caffdd0fb9b13f4fc191c016bb4e0632844af # v6.1.2 + - uses: technote-space/get-diff-action@32707cfc11d81d19dfe37ec5201c269b32b15139 # v6.1.3 with: PATTERNS: | cve_bin_tool/checkers/*.py @@ -253,7 +253,7 @@ jobs: with: path: cache key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }} - - uses: technote-space/get-diff-action@f27caffdd0fb9b13f4fc191c016bb4e0632844af # v6.1.2 + - uses: technote-space/get-diff-action@32707cfc11d81d19dfe37ec5201c269b32b15139 # v6.1.3 with: PATTERNS: | cve_bin_tool/data_sources/*.py diff --git a/test/language_data/fail_pom.xml b/test/language_data/fail_pom.xml index 8d104ce7c2..42ff70065a 100644 --- a/test/language_data/fail_pom.xml +++ b/test/language_data/fail_pom.xml @@ -27,11 +27,6 @@ - - commons-io - commons-io - 2.11.0 - org.apache.maven maven-plugin-api @@ -61,12 +56,6 @@ 1.1.0 test - - org.hamcrest - hamcrest - 2.2 - test - org.junit.jupiter junit-jupiter-engine @@ -500,4 +489,4 @@ - \ No newline at end of file + diff --git a/test/test_language_scanner.py b/test/test_language_scanner.py index 62fd1917cb..1ed18bd455 100644 --- a/test/test_language_scanner.py +++ b/test/test_language_scanner.py @@ -162,17 +162,17 @@ def setup_class(cls): print("Database setup complete.") @pytest.mark.parametrize( - "filename, product_name", - (((str(TEST_FILE_PATH / "pom.xml")), "commons_io"),), + "filename, product_list", + (((str(TEST_FILE_PATH / "pom.xml")), ["commons-io", "hamcrest"]),), ) - def test_java_package(self, filename: str, product_name: str) -> None: + def test_java_package(self, filename: str, product_list: set[str]) -> None: scanner = VersionScanner() scanner.file_stack.append(filename) - # Only expecting to get one product with a vendor in the database + # check list of product_names for product in scanner.scan_file(filename): if product: product_info, file_path = product - assert product_info.product == product_name + assert product_info.product in product_list assert file_path == filename @pytest.mark.parametrize( @@ -217,7 +217,7 @@ def test_language_package_none_found(self, filename: str) -> None: (str(TEST_FILE_PATH / "cpanfile"), PERL_PRODUCTS), ], ) - def test_language_package(self, filename: str, products) -> None: + def test_language_package(self, filename: str, products: set[str]) -> None: scanner = VersionScanner() scanner.file_stack.append(filename) found_product = [] diff --git a/test/test_package_list_parser.py b/test/test_package_list_parser.py index 96a9fef880..625cd8be29 100644 --- a/test/test_package_list_parser.py +++ b/test/test_package_list_parser.py @@ -59,19 +59,19 @@ class TestPackageListParser: UBUNTU_PARSED_TRIAGE_DATA = { ProductInfo( - vendor="gnu*", product="bash", version=UBUNTU_PACKAGE_VERSIONS[0] + vendor="unknown", product="bash", version=UBUNTU_PACKAGE_VERSIONS[0] ): { "default": {"remarks": Remarks.NewFound, "comments": "", "severity": ""}, "paths": {""}, }, ProductInfo( - vendor="gnu*", product="binutils", version=UBUNTU_PACKAGE_VERSIONS[1] + vendor="unknown", product="binutils", version=UBUNTU_PACKAGE_VERSIONS[1] ): { "default": {"remarks": Remarks.NewFound, "comments": "", "severity": ""}, "paths": {""}, }, ProductInfo( - vendor="gnu*", product="wget", version=UBUNTU_PACKAGE_VERSIONS[2] + vendor="unknown", product="wget", version=UBUNTU_PACKAGE_VERSIONS[2] ): { "default": {"remarks": Remarks.NewFound, "comments": "", "severity": ""}, "paths": {""},