(self)
| 335 | ) |
| 336 | |
| 337 | def testAddVulnerability(self): |
| 338 | repo = self.g.get_repo("JLLeitschuh/code-sandbox") |
| 339 | advisory = repo.create_repository_advisory( |
| 340 | summary="A test creating a GHSA via the API adding and removing vulnerabilities", |
| 341 | description="Simple description", |
| 342 | severity_or_cvss_vector_string="low", |
| 343 | ) |
| 344 | advisory.add_vulnerability(ecosystem="maven") |
| 345 | self.assertListKeyEqual( |
| 346 | advisory.vulnerabilities, |
| 347 | lambda e: ( |
| 348 | (e.package.ecosystem, e.package.name), |
| 349 | e.patched_versions, |
| 350 | e.vulnerable_functions, |
| 351 | e.vulnerable_version_range, |
| 352 | ), |
| 353 | [(("maven", None), None, [], None)], |
| 354 | ) |
| 355 | advisory.add_vulnerability( |
| 356 | ecosystem="npm", |
| 357 | package_name="b-package", |
| 358 | vulnerable_version_range="<=4.0.9", |
| 359 | patched_versions="4.0.10", |
| 360 | vulnerable_functions=["function-name-c"], |
| 361 | ) |
| 362 | self.assertListKeyEqual( |
| 363 | advisory.vulnerabilities, |
| 364 | lambda e: ( |
| 365 | (e.package.ecosystem, e.package.name), |
| 366 | e.patched_versions, |
| 367 | e.vulnerable_functions, |
| 368 | e.vulnerable_version_range, |
| 369 | ), |
| 370 | [ |
| 371 | (("maven", None), None, [], None), |
| 372 | (("npm", "b-package"), "4.0.10", ["function-name-c"], "<=4.0.9"), |
| 373 | ], |
| 374 | ) |
nothing calls this directly
no test coverage detected