forked from yarnpkg/yarn
/
audit.js
123 lines (111 loc) 路 3.48 KB
/
audit.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
/* @flow */
import {NoopReporter} from '../../src/reporters/index.js';
import {run as buildRun} from './_helpers.js';
import {run as audit} from '../../src/cli/commands/audit.js';
const path = require('path');
const fixturesLoc = path.join(__dirname, '..', 'fixtures', 'audit');
const setupMockRequestManager = function(config) {
const apiResponse = getAuditResponse(config);
// $FlowFixMe
config.requestManager.request = jest.fn();
config.requestManager.request.mockReturnValue(
new Promise(resolve => {
resolve(apiResponse);
}),
);
};
const setupMockReporter = function(reporter) {
// $FlowFixMe
reporter.auditAdvisory = jest.fn();
// $FlowFixMe
reporter.auditAction = jest.fn();
// $FlowFixMe
reporter.auditSummary = jest.fn();
};
const getAuditResponse = function(config): Object {
// $FlowFixMe
return require(path.join(config.cwd, 'audit-api-response.json'));
};
const runAudit = buildRun.bind(
null,
NoopReporter,
fixturesLoc,
async (args, flags, config, reporter, lockfile, getStdout): Promise<string> => {
setupMockRequestManager(config);
setupMockReporter(reporter);
await audit(config, reporter, flags, args);
return getStdout();
},
);
test.concurrent('sends correct dependency map to audit api for single dependency.', () => {
const expectedApiPost = {
name: 'yarn-test',
install: [],
remove: [],
metadata: {},
requires: {
minimatch: '^3.0.0',
},
dependencies: {
minimatch: {
version: '3.0.0',
integrity: 'sha1-UjYVelHk8ATBd/s8Un/33Xjw74M=',
requires: {
'brace-expansion': '^1.0.0',
},
dependencies: {},
},
'brace-expansion': {
version: '1.1.11',
integrity: 'sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==',
requires: {
'balanced-match': '^1.0.0',
'concat-map': '0.0.1',
},
dependencies: {},
},
'balanced-match': {
version: '1.0.0',
integrity: 'sha1-ibTRmasr7kneFk6gK4nORi1xt2c=',
requires: {},
dependencies: {},
},
'concat-map': {
version: '0.0.1',
integrity: 'sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=',
requires: {},
dependencies: {},
},
},
version: '0.0.0',
};
return runAudit([], {}, 'single-vulnerable-dep-installed', config => {
expect(config.requestManager.request).toBeCalledWith(
expect.objectContaining({
body: expectedApiPost,
}),
);
});
});
test('calls reporter auditAdvisory with correct data', () => {
return runAudit([], {}, 'single-vulnerable-dep-installed', (config, reporter) => {
const apiResponse = getAuditResponse(config);
expect(reporter.auditAdvisory).toBeCalledWith(apiResponse.actions[0].resolves[0], apiResponse.advisories['118']);
});
});
test('calls reporter auditAction with correct data', () => {
return runAudit([], {}, 'single-vulnerable-dep-installed', (config, reporter) => {
const apiResponse = getAuditResponse(config);
expect(reporter.auditAction).toBeCalledWith({
cmd: 'yarn upgrade minimatch@3.0.4',
isBreaking: false,
action: apiResponse.actions[0],
});
});
});
test('calls reporter auditSummary with correct data', () => {
return runAudit([], {}, 'single-vulnerable-dep-installed', (config, reporter) => {
const apiResponse = getAuditResponse(config);
expect(reporter.auditSummary).toBeCalledWith(apiResponse.metadata);
});
});