Skip to content

Commit d9be4d2

Browse files
dshafranskiy-r7dshafranskiy-r7
committed
tests update
1 parent aebbfe4 commit d9be4d2

1 file changed

Lines changed: 35 additions & 16 deletions

File tree

unittests/tools/test_snyk_issue_api_parser_with_json.py

Lines changed: 35 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -4,28 +4,29 @@
44

55
from dojo.models import Test
66
from dojo.tools.snyk_issue_api.parser import SnykIssueApiParser
7+
from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path
78

8-
9-
class TestSnykIssueApiParserWithJson(TestCase):
9+
class TestSnykIssueApiParserWithJson(DojoTestCase):
1010
def parse_json(self, filename):
11-
with Path(filename).open(encoding="utf-8") as testfile:
12-
parser = SnykIssueApiParser()
13-
return parser.get_findings(testfile, Test())
11+
testfile = (get_unit_tests_scans_path("snyk_issue_api") / filename).open(encoding="utf-8")
12+
parser = SnykIssueApiParser()
13+
return parser.get_findings(testfile, Test())
14+
1415

1516
def test_parse_sca_single_finding(self):
16-
findings = self.parse_json("unittests/scans/snyk_issue_api/snyk_sca_scan_api_single_vuln.json")
17+
findings = self.parse_json("snyk_sca_scan_api_single_vuln.json")
1718
self.assertEqual(1, len(findings))
1819

1920
def test_parse_sca_finding_count(self):
20-
findings = self.parse_json("unittests/scans/snyk_issue_api/snyk_sca_scan_api_many_vuln.json")
21+
findings = self.parse_json("snyk_sca_scan_api_many_vuln.json")
2122
self.assertEqual(5, len(findings))
2223

2324
def test_parse_code_findings_count(self):
24-
findings = self.parse_json("unittests/scans/snyk_issue_api/snyk_code_scan_api_many_vuln.json")
25+
findings = self.parse_json("snyk_code_scan_api_many_vuln.json")
2526
self.assertEqual(3, len(findings))
2627

2728
def test_parse_code_finding_csrf_open(self):
28-
findings = self.parse_json("unittests/scans/snyk_issue_api/snyk_code_scan_api_many_vuln.json")
29+
findings = self.parse_json("snyk_code_scan_api_many_vuln.json")
2930

3031
finding = findings[0]
3132
# Basic identification
@@ -81,7 +82,7 @@ def test_parse_code_finding_csrf_open(self):
8182
self.assertIsNone(finding.cvssv4)
8283

8384
def test_parse_code_finding_xss_ignored(self):
84-
findings = self.parse_json("unittests/scans/snyk_issue_api/snyk_code_scan_api_many_vuln.json")
85+
findings = self.parse_json("snyk_code_scan_api_many_vuln.json")
8586

8687
# Ignored - Not Vulnerable, does not expire
8788
finding = findings[1]
@@ -122,7 +123,7 @@ def test_parse_code_finding_xss_ignored(self):
122123
self.assertEqual("Cross-site Scripting (XSS)", finding.title)
123124

124125
def test_parse_code_finding_hardcoded_password_temp_ignored(self):
125-
findings = self.parse_json("unittests/scans/snyk_issue_api/snyk_code_scan_api_many_vuln.json")
126+
findings = self.parse_json("snyk_code_scan_api_many_vuln.json")
126127

127128
# Ignored Temporary - expires
128129
finding = findings[2]
@@ -165,7 +166,7 @@ def test_parse_code_finding_hardcoded_password_temp_ignored(self):
165166
self.assertEqual("Use of Hardcoded Passwords", finding.title)
166167

167168
def test_parse_sca_findings_status_open(self):
168-
findings = self.parse_json("unittests/scans/snyk_issue_api/snyk_sca_scan_api_many_vuln.json")
169+
findings = self.parse_json("snyk_sca_scan_api_many_vuln.json")
169170

170171
# 1 - Open issue - following JSON structure order
171172
finding = findings[0]
@@ -232,7 +233,7 @@ def test_parse_sca_findings_status_open(self):
232233
self.assertIsNone(finding.references)
233234

234235
def test_parse_sca_findings_status_ignored_not_vuln(self):
235-
findings = self.parse_json("unittests/scans/snyk_issue_api/snyk_sca_scan_api_many_vuln.json")
236+
findings = self.parse_json("snyk_sca_scan_api_many_vuln.json")
236237

237238
# 2 - Ignored - Not Vulnerable, does not expire - following JSON structure order
238239
finding = findings[1]
@@ -296,7 +297,7 @@ def test_parse_sca_findings_status_ignored_not_vuln(self):
296297
self.assertIsNone(finding.references)
297298

298299
def test_parse_sca_findings_status_ignored_temporary(self):
299-
findings = self.parse_json("unittests/scans/snyk_issue_api/snyk_sca_scan_api_many_vuln.json")
300+
findings = self.parse_json("snyk_sca_scan_api_many_vuln.json")
300301

301302
# 3 - Ignored Temporary - expires - following JSON structure order
302303
finding = findings[2]
@@ -355,7 +356,7 @@ def test_parse_sca_findings_status_ignored_temporary(self):
355356
self.assertIsNone(finding.references)
356357

357358
def test_parse_sca_findings_status_wont_be_fixed(self):
358-
findings = self.parse_json("unittests/scans/snyk_issue_api/snyk_sca_scan_api_many_vuln.json")
359+
findings = self.parse_json("snyk_sca_scan_api_many_vuln.json")
359360

360361
# 4 - Won't fixed issue - without date - following JSON structure order
361362
finding = findings[3]
@@ -414,7 +415,7 @@ def test_parse_sca_findings_status_wont_be_fixed(self):
414415
self.assertIsNone(finding.references)
415416

416417
def test_parse_sca_findings_status_resolved(self):
417-
findings = self.parse_json("unittests/scans/snyk_issue_api/snyk_sca_scan_api_many_vuln.json")
418+
findings = self.parse_json("snyk_sca_scan_api_many_vuln.json")
418419

419420
# 5 - Resolved issue ( fixed, and does not appear in UI) - following JSON structure order
420421
finding = findings[4]
@@ -478,3 +479,21 @@ def test_parse_sca_findings_status_resolved(self):
478479

479480
# Validate no references field for single CWE
480481
self.assertIsNone(finding.references)
482+
483+
def test_deduplication_fields_match_other_snyk_scans_for_sca(self):
484+
findings = self.parse_json("snyk_sca_scan_api_many_vuln.json")
485+
finding = findings[0]
486+
# currently deduplication is done via 4 fields 'vuln_id_from_tool' 'file_path' 'component_name' and 'component_version'
487+
self.assertEqual("SNYK-PYTHON-PILLOW-6219984", finding.vuln_id_from_tool)
488+
# !!! there is no way to make this field match Sarif value chain 'python-tool > watchgod > anyio'
489+
self.assertEqual("pillow", finding.file_path)
490+
self.assertEqual("pillow", finding.component_name)
491+
self.assertEqual("9.5.0", finding.component_version)
492+
493+
def test_deduplication_fields_match_other_snyk_scans_for_code(self):
494+
findings = self.parse_json("snyk_code_scan_api_many_vuln.json")
495+
finding = findings[0]
496+
# currently deduplication is only done via 2 fields 'vuln_id_from_tool' and 'file_path'
497+
# !!! sarif value is something like 'python/CodeInjection', cannot be matched
498+
self.assertEqual("9a29d87f-aa94-47eb-b46f-375b293a8631", finding.vuln_id_from_tool)
499+
self.assertEqual("path/path/file.abc", finding.file_path)

0 commit comments

Comments
 (0)