Merge pull request #1867 from snyk/test/update-acceptance-tests

Update acceptance tests for @snyk/protect
snyk · May 4, 2021 · 8e4862d · 8e4862d
2 parents 2220db1 + 99900c8
commit 8e4862d
Show file tree

Hide file tree

Showing 15 changed files with 53,402 additions and 18,747 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -24,3 +24,4 @@ src/lib/errors/unsupported-options-iac-error.ts @snyk/cloudconfig
 help/commands-docs/iac-examples.md @snyk/cloudconfig
 help/commands-docs/iac.md @snyk/cloudconfig
 packages/snyk-fix/ @snyk/tech-services
+packages/snyk-protect/ @snyk/hammer
diff --git a/package.json b/package.json
@@ -143,10 +143,11 @@
   "devDependencies": {
     "@types/agent-base": "^4.2.1",
     "@types/diff": "^3.5.2",
+    "@types/fs-extra": "^9.0.11",
     "@types/jest": "^26.0.20",
     "@types/lodash": "^4.14.161",
     "@types/needle": "^2.0.4",
-    "@types/node": "^10.0.0",
+    "@types/node": "^14.14.31",
     "@types/restify": "^8.4.2",
     "@types/sarif": "^2.1.2",
     "@types/sinon": "^7.5.0",
@@ -155,6 +156,7 @@
     "@typescript-eslint/parser": "^2.0.0",
     "eslint": "6.8.0",
     "eslint-config-prettier": "^6.1.0",
+    "fs-extra": "^9.1.0",
     "jest": "^26.6.3",
     "lodash": "^4.17.20",
     "lodash.countby": "^4.6.0",

diff --git a/packages/snyk-protect/src/lib/index.ts b/packages/snyk-protect/src/lib/index.ts
@@ -9,6 +9,11 @@ import { PhysicalModuleToPatch } from './types';
 async function protect(projectFolderPath: string) {
   const snykFilePath = path.resolve(projectFolderPath, '.snyk');
 
+  if (!fs.existsSync(snykFilePath)) {
+    console.log('No .snyk file found');
+    return;
+  }
+
   const snykFileContents = fs.readFileSync(snykFilePath, 'utf8');
   const snykFilePatchMetadata = extractPatchMetadata(snykFileContents);
 

diff --git a/packages/snyk-protect/test/acceptance/__snapshots__/protect.spec.ts.snap b/packages/snyk-protect/test/acceptance/__snapshots__/protect.spec.ts.snap
diff --git a/packages/snyk-protect/test/acceptance/protect-acceptance-tests.spec.ts b/packages/snyk-protect/test/acceptance/protect-acceptance-tests.spec.ts
diff --git a/packages/snyk-protect/test/acceptance/protect.spec.ts b/packages/snyk-protect/test/acceptance/protect.spec.ts
@@ -0,0 +1,96 @@
+import * as fs from 'fs';
+import protect from '../../src/lib';
+import * as path from 'path';
+import * as uuid from 'uuid';
+import * as fse from 'fs-extra';
+
+type TestProject = {
+  path: string;
+  file: (filePath: string) => Promise<string>;
+};
+
+describe('@snyk/protect', () => {
+  let tempFolder: string;
+
+  const createProject = async (fixture: string): Promise<TestProject> => {
+    const fixturePath = path.join(__dirname, '../fixtures', fixture);
+    const projectPath = path.join(tempFolder, fixture);
+    await fse.copy(fixturePath, projectPath);
+    return {
+      path: projectPath,
+      file: (filePath: string) => {
+        const fullFilePath = path.join(projectPath, filePath);
+        return fs.promises.readFile(fullFilePath, 'utf-8');
+      },
+    };
+  };
+
+  beforeAll(() => {
+    tempFolder = path.join(__dirname, '__output__', uuid.v4());
+    fs.mkdirSync(tempFolder, { recursive: true });
+  });
+
+  afterAll(() => {
+    fs.rmdirSync(tempFolder, { recursive: true });
+  });
+
+  afterEach(() => {
+    jest.restoreAllMocks();
+  });
+
+  describe('applies patch(es)', () => {
+    it('works for project with a single patchable module', async () => {
+      const project = await createProject('single-patchable-module');
+
+      await protect(project.path);
+
+      expect(
+        project.file('node_modules/nyc/node_modules/lodash/lodash.js'),
+      ).resolves.toMatchSnapshot();
+    });
+
+    it('works for project with multiple patchable modules', async () => {
+      const project = await createProject('multiple-matching-paths');
+
+      await protect(project.path);
+
+      expect(
+        project.file('node_modules/nyc/node_modules/lodash/lodash.js'),
+      ).resolves.toMatchSnapshot();
+      expect(
+        project.file('node_modules/lodash/lodash.js'),
+      ).resolves.toMatchSnapshot();
+    });
+  });
+
+  describe('does not apply any patches and does not fail', () => {
+    // in this scenario .snyk file has a vulnId which corresponds to the `lodash` package, but there are not instances of lodash in the node_modules
+    it('for project with no modules with the target package name', async () => {
+      const project = await createProject('no-matching-paths');
+      const log = jest.spyOn(global.console, 'log');
+
+      await protect(project.path);
+
+      expect(log).toHaveBeenCalledWith('Nothing to patch, done');
+    });
+
+    // skipped because we need to check the versions of the found modules before we attempt to patch them which we don't currently do
+    // and in order to do that, we need to first switch over to the new endpoint
+    // it('for a project that has an instance of the target module but we have no patches for its version', async () => {
+    //   const project = await createProject('target-module-exists-but-no-patches-for-version');
+    //   const log = jest.spyOn(global.console, 'log');
+    //   await protect(project.path);
+    //   expect(log).toHaveBeenCalledWith('Nothing to patch, done');
+    // });
+
+    // fixture has a lodash@4.14.1 which we don't have patches for
+    it('for project with no .snyk file', async () => {
+      const project = await createProject('no-snyk-file');
+      const log = jest.spyOn(global.console, 'log');
+
+      await protect(project.path);
+
+      expect(log).toHaveBeenCalledWith('No .snyk file found');
+    });
+  });
+});