From b7b9088bdc7b1ac52754e1e9480d1025de0ade3e Mon Sep 17 00:00:00 2001 From: anthogez Date: Wed, 24 Jun 2020 18:10:30 +0300 Subject: [PATCH] fix: options passed to snyk wizard Fix incorrect option passed for targetFileRelativePath Add test for wizard and supported package manager --- src/cli/commands/protect/wizard.ts | 1 - .../cli-wizard/cli-monitor.acceptance.test.ts | 46 +++-- test/acceptance/fake-server.ts | 5 + .../node_modules/ms/index.js | 162 ++++++++++++++++++ .../node_modules/ms/license.md | 21 +++ .../node_modules/ms/package.json | 69 ++++++++ .../node_modules/ms/readme.md | 60 +++++++ .../npm-package-no-vulns/package-lock.json | 13 ++ .../npm-package-no-vulns/package.json | 15 ++ 9 files changed, 373 insertions(+), 19 deletions(-) create mode 100644 test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/index.js create mode 100644 test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/license.md create mode 100644 test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/package.json create mode 100644 test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/readme.md create mode 100644 test/acceptance/workspaces/npm-package-no-vulns/package-lock.json create mode 100644 test/acceptance/workspaces/npm-package-no-vulns/package.json diff --git a/src/cli/commands/protect/wizard.ts b/src/cli/commands/protect/wizard.ts index b23306b658b..1aa33e20b24 100644 --- a/src/cli/commands/protect/wizard.ts +++ b/src/cli/commands/protect/wizard.ts @@ -595,7 +595,6 @@ function processAnswers(answers, policy, options) { (inspectRes as MultiProjectResult).scannedProjects[0], options, inspectRes.plugin, - options, ); }) // clear spinner in case of success or failure diff --git a/test/acceptance/cli-wizard/cli-monitor.acceptance.test.ts b/test/acceptance/cli-wizard/cli-monitor.acceptance.test.ts index d478c9f1476..f69099d3cc9 100644 --- a/test/acceptance/cli-wizard/cli-monitor.acceptance.test.ts +++ b/test/acceptance/cli-wizard/cli-monitor.acceptance.test.ts @@ -1,5 +1,5 @@ import * as tap from 'tap'; -import * as sinon from 'sinon'; +import * as fs from 'fs'; import * as cli from '../../../src/cli/commands'; import { fakeServer } from '../fake-server'; import { getVersion } from '../../../src/lib/version'; @@ -55,6 +55,33 @@ before('prime config', async (t) => { t.end(); }); +test('`wizard` for supported package managers', async (t) => { + chdirWorkspaces('npm-package-no-vulns'); + // TODO(boost): confirm that monitor is called with correct params + // this currently fails as fake-server is not called? + // const monitorSpy = sinon.stub(snykMonitor, 'monitor').callThrough(); + const result = await cli.wizard({ file: 'package-lock.json' }); + t.contains( + result, + 'You can see a snapshot of your dependencies here', + 'wizard saves snapshot', + ); + // t.equal(monitorSpy.calledOnceWith( + // 'npm-package-no-vulns', + // {} as MonitorMeta, + // [] as ScannedProject, + // {} as Options, + // {} as PluginMetadata, + // ), true); + try { + fs.unlinkSync('./.snyk'); + } catch (err) { + throw new Error( + 'Failed to delete test/acceptance/workspaces/npm-package-no-vulns/.snyk', + ); + } +}); + test('`wizard` for unsupported package managers', async (t) => { chdirWorkspaces(); async function testUnsupported(data) { @@ -120,20 +147,3 @@ after('teardown', async (t) => { t.end(); } }); - -// fixture can be fixture path or object -function stubDockerPluginResponse(fixture: string | object, t) { - const plugin = { - async inspect() { - return typeof fixture === 'object' ? fixture : require(fixture); - }, - }; - const spyPlugin = sinon.spy(plugin, 'inspect'); - const loadPlugin = sinon.stub(plugins, 'loadPlugin'); - loadPlugin - .withArgs(sinon.match.any, sinon.match({ docker: true })) - .returns(plugin); - t.teardown(loadPlugin.restore); - - return spyPlugin; -} diff --git a/test/acceptance/fake-server.ts b/test/acceptance/fake-server.ts index c93d1177bf2..c3619f67ebb 100644 --- a/test/acceptance/fake-server.ts +++ b/test/acceptance/fake-server.ts @@ -144,6 +144,11 @@ export function fakeServer(root, apikey) { }, ); + server.get(root + '/authorization/:action', (req, res, next) => { + res.send({ result: { allowed: true } }); + return next(); + }); + server.put(root + '/monitor/:registry/graph', (req, res, next) => { res.send({ id: 'monitor', diff --git a/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/index.js b/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/index.js new file mode 100644 index 00000000000..c4498bcc212 --- /dev/null +++ b/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/index.js @@ -0,0 +1,162 @@ +/** + * Helpers. + */ + +var s = 1000; +var m = s * 60; +var h = m * 60; +var d = h * 24; +var w = d * 7; +var y = d * 365.25; + +/** + * Parse or format the given `val`. + * + * Options: + * + * - `long` verbose formatting [false] + * + * @param {String|Number} val + * @param {Object} [options] + * @throws {Error} throw an error if val is not a non-empty string or a number + * @return {String|Number} + * @api public + */ + +module.exports = function(val, options) { + options = options || {}; + var type = typeof val; + if (type === 'string' && val.length > 0) { + return parse(val); + } else if (type === 'number' && isFinite(val)) { + return options.long ? fmtLong(val) : fmtShort(val); + } + throw new Error( + 'val is not a non-empty string or a valid number. val=' + + JSON.stringify(val) + ); +}; + +/** + * Parse the given `str` and return milliseconds. + * + * @param {String} str + * @return {Number} + * @api private + */ + +function parse(str) { + str = String(str); + if (str.length > 100) { + return; + } + var match = /^(-?(?:\d+)?\.?\d+) *(milliseconds?|msecs?|ms|seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)?$/i.exec( + str + ); + if (!match) { + return; + } + var n = parseFloat(match[1]); + var type = (match[2] || 'ms').toLowerCase(); + switch (type) { + case 'years': + case 'year': + case 'yrs': + case 'yr': + case 'y': + return n * y; + case 'weeks': + case 'week': + case 'w': + return n * w; + case 'days': + case 'day': + case 'd': + return n * d; + case 'hours': + case 'hour': + case 'hrs': + case 'hr': + case 'h': + return n * h; + case 'minutes': + case 'minute': + case 'mins': + case 'min': + case 'm': + return n * m; + case 'seconds': + case 'second': + case 'secs': + case 'sec': + case 's': + return n * s; + case 'milliseconds': + case 'millisecond': + case 'msecs': + case 'msec': + case 'ms': + return n; + default: + return undefined; + } +} + +/** + * Short format for `ms`. + * + * @param {Number} ms + * @return {String} + * @api private + */ + +function fmtShort(ms) { + var msAbs = Math.abs(ms); + if (msAbs >= d) { + return Math.round(ms / d) + 'd'; + } + if (msAbs >= h) { + return Math.round(ms / h) + 'h'; + } + if (msAbs >= m) { + return Math.round(ms / m) + 'm'; + } + if (msAbs >= s) { + return Math.round(ms / s) + 's'; + } + return ms + 'ms'; +} + +/** + * Long format for `ms`. + * + * @param {Number} ms + * @return {String} + * @api private + */ + +function fmtLong(ms) { + var msAbs = Math.abs(ms); + if (msAbs >= d) { + return plural(ms, msAbs, d, 'day'); + } + if (msAbs >= h) { + return plural(ms, msAbs, h, 'hour'); + } + if (msAbs >= m) { + return plural(ms, msAbs, m, 'minute'); + } + if (msAbs >= s) { + return plural(ms, msAbs, s, 'second'); + } + return ms + ' ms'; +} + +/** + * Pluralization helper. + */ + +function plural(ms, msAbs, n, name) { + var isPlural = msAbs >= n * 1.5; + return Math.round(ms / n) + ' ' + name + (isPlural ? 's' : ''); +} diff --git a/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/license.md b/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/license.md new file mode 100644 index 00000000000..69b61253a38 --- /dev/null +++ b/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/license.md @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2016 Zeit, Inc. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/package.json b/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/package.json new file mode 100644 index 00000000000..d3ac1cc9bb7 --- /dev/null +++ b/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/package.json @@ -0,0 +1,69 @@ +{ + "_from": "ms@^2.1.2", + "_id": "ms@2.1.2", + "_inBundle": false, + "_integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "_location": "/ms", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "ms@^2.1.2", + "name": "ms", + "escapedName": "ms", + "rawSpec": "^2.1.2", + "saveSpec": null, + "fetchSpec": "^2.1.2" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "_shasum": "d09d1f357b443f493382a8eb3ccd183872ae6009", + "_spec": "ms@^2.1.2", + "_where": "/Users/phill/code/snyk/test/acceptance/workspaces/npm-package-no-vulns", + "bugs": { + "url": "https://github.com/zeit/ms/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Tiny millisecond conversion utility", + "devDependencies": { + "eslint": "4.12.1", + "expect.js": "0.3.1", + "husky": "0.14.3", + "lint-staged": "5.0.0", + "mocha": "4.0.1" + }, + "eslintConfig": { + "extends": "eslint:recommended", + "env": { + "node": true, + "es6": true + } + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/zeit/ms#readme", + "license": "MIT", + "lint-staged": { + "*.js": [ + "npm run lint", + "prettier --single-quote --write", + "git add" + ] + }, + "main": "./index", + "name": "ms", + "repository": { + "type": "git", + "url": "git+https://github.com/zeit/ms.git" + }, + "scripts": { + "lint": "eslint lib/* bin/*", + "precommit": "lint-staged", + "test": "mocha tests.js" + }, + "version": "2.1.2" +} diff --git a/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/readme.md b/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/readme.md new file mode 100644 index 00000000000..9a1996b17e0 --- /dev/null +++ b/test/acceptance/workspaces/npm-package-no-vulns/node_modules/ms/readme.md @@ -0,0 +1,60 @@ +# ms + +[![Build Status](https://travis-ci.org/zeit/ms.svg?branch=master)](https://travis-ci.org/zeit/ms) +[![Join the community on Spectrum](https://withspectrum.github.io/badge/badge.svg)](https://spectrum.chat/zeit) + +Use this package to easily convert various time formats to milliseconds. + +## Examples + +```js +ms('2 days') // 172800000 +ms('1d') // 86400000 +ms('10h') // 36000000 +ms('2.5 hrs') // 9000000 +ms('2h') // 7200000 +ms('1m') // 60000 +ms('5s') // 5000 +ms('1y') // 31557600000 +ms('100') // 100 +ms('-3 days') // -259200000 +ms('-1h') // -3600000 +ms('-200') // -200 +``` + +### Convert from Milliseconds + +```js +ms(60000) // "1m" +ms(2 * 60000) // "2m" +ms(-3 * 60000) // "-3m" +ms(ms('10 hours')) // "10h" +``` + +### Time Format Written-Out + +```js +ms(60000, { long: true }) // "1 minute" +ms(2 * 60000, { long: true }) // "2 minutes" +ms(-3 * 60000, { long: true }) // "-3 minutes" +ms(ms('10 hours'), { long: true }) // "10 hours" +``` + +## Features + +- Works both in [Node.js](https://nodejs.org) and in the browser +- If a number is supplied to `ms`, a string with a unit is returned +- If a string that contains the number is supplied, it returns it as a number (e.g.: it returns `100` for `'100'`) +- If you pass a string with a number and a valid unit, the number of equivalent milliseconds is returned + +## Related Packages + +- [ms.macro](https://github.com/knpwrs/ms.macro) - Run `ms` as a macro at build-time. + +## Caught a Bug? + +1. [Fork](https://help.github.com/articles/fork-a-repo/) this repository to your own GitHub account and then [clone](https://help.github.com/articles/cloning-a-repository/) it to your local device +2. Link the package to the global module directory: `npm link` +3. Within the module you want to test your local development instance of ms, just link it to the dependencies: `npm link ms`. Instead of the default one from npm, Node.js will now use your clone of ms! + +As always, you can run the tests using: `npm test` diff --git a/test/acceptance/workspaces/npm-package-no-vulns/package-lock.json b/test/acceptance/workspaces/npm-package-no-vulns/package-lock.json new file mode 100644 index 00000000000..18b44f8f57f --- /dev/null +++ b/test/acceptance/workspaces/npm-package-no-vulns/package-lock.json @@ -0,0 +1,13 @@ +{ + "name": "npm-package-no-vulns", + "version": "1.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + } + } +} diff --git a/test/acceptance/workspaces/npm-package-no-vulns/package.json b/test/acceptance/workspaces/npm-package-no-vulns/package.json new file mode 100644 index 00000000000..97beb5604df --- /dev/null +++ b/test/acceptance/workspaces/npm-package-no-vulns/package.json @@ -0,0 +1,15 @@ +{ + "name": "npm-package-no-vulns", + "version": "1.0.0", + "description": "Simple NPM package with no vulnerabilities", + "main": "index.js", + "scripts": { + "test": "snyk test" + }, + "author": "snyk", + "license": "ISC", + "dependencies": { + "ms": "^2.1.2" + }, + "devDependencies": {} +}