/
protect.spec.ts
96 lines (77 loc) · 3.23 KB
/
protect.spec.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
import * as fs from 'fs';
import protect from '../../src/lib';
import * as path from 'path';
import * as uuid from 'uuid';
import * as fse from 'fs-extra';
type TestProject = {
path: string;
file: (filePath: string) => Promise<string>;
};
describe('@snyk/protect', () => {
let tempFolder: string;
const createProject = async (fixture: string): Promise<TestProject> => {
const fixturePath = path.join(__dirname, '../fixtures', fixture);
const projectPath = path.join(tempFolder, fixture);
await fse.copy(fixturePath, projectPath);
return {
path: projectPath,
file: (filePath: string) => {
const fullFilePath = path.join(projectPath, filePath);
return fs.promises.readFile(fullFilePath, 'utf-8');
},
};
};
beforeAll(() => {
tempFolder = path.join(__dirname, '__output__', uuid.v4());
fs.mkdirSync(tempFolder, { recursive: true });
});
afterAll(() => {
fs.rmdirSync(tempFolder, { recursive: true });
});
afterEach(() => {
jest.restoreAllMocks();
});
describe('applies patch(es)', () => {
it('works for project with a single patchable module', async () => {
const project = await createProject('single-patchable-module');
await protect(project.path);
expect(
project.file('node_modules/nyc/node_modules/lodash/lodash.js'),
).resolves.toMatchSnapshot();
});
it('works for project with multiple patchable modules', async () => {
const project = await createProject('multiple-matching-paths');
await protect(project.path);
expect(
project.file('node_modules/nyc/node_modules/lodash/lodash.js'),
).resolves.toMatchSnapshot();
expect(
project.file('node_modules/lodash/lodash.js'),
).resolves.toMatchSnapshot();
});
});
describe('does not apply any patches and does not fail', () => {
// in this scenario .snyk file has a vulnId which corresponds to the `lodash` package, but there are not instances of lodash in the node_modules
it('for project with no modules with the target package name', async () => {
const project = await createProject('no-matching-paths');
const log = jest.spyOn(global.console, 'log');
await protect(project.path);
expect(log).toHaveBeenCalledWith('Nothing to patch, done');
});
// skipped because we need to check the versions of the found modules before we attempt to patch them which we don't currently do
// and in order to do that, we need to first switch over to the new endpoint
// it('for a project that has an instance of the target module but we have no patches for its version', async () => {
// const project = await createProject('target-module-exists-but-no-patches-for-version');
// const log = jest.spyOn(global.console, 'log');
// await protect(project.path);
// expect(log).toHaveBeenCalledWith('Nothing to patch, done');
// });
// fixture has a lodash@4.14.1 which we don't have patches for
it('for project with no .snyk file', async () => {
const project = await createProject('no-snyk-file');
const log = jest.spyOn(global.console, 'log');
await protect(project.path);
expect(log).toHaveBeenCalledWith('No .snyk file found');
});
});
});