(t *testing.T)
| 212 | } |
| 213 | |
| 214 | func TestLabelRepositorySecurityAdvisory(t *testing.T) { |
| 215 | t.Parallel() |
| 216 | |
| 217 | t.Run("public repo with all published advisories is untrusted and public", func(t *testing.T) { |
| 218 | t.Parallel() |
| 219 | label := LabelRepositorySecurityAdvisory(false, true) |
| 220 | assert.Equal(t, IntegrityUntrusted, label.Integrity) |
| 221 | assert.Equal(t, ConfidentialityPublic, label.Confidentiality) |
| 222 | }) |
| 223 | |
| 224 | t.Run("public repo with an unpublished advisory is untrusted and private", func(t *testing.T) { |
| 225 | t.Parallel() |
| 226 | // draft/triage/closed advisories are not world-readable even on a |
| 227 | // public repo, so confidentiality must be private. |
| 228 | label := LabelRepositorySecurityAdvisory(false, false) |
| 229 | assert.Equal(t, IntegrityUntrusted, label.Integrity) |
| 230 | assert.Equal(t, ConfidentialityPrivate, label.Confidentiality) |
| 231 | }) |
| 232 | |
| 233 | t.Run("private repo advisory is untrusted and private", func(t *testing.T) { |
| 234 | t.Parallel() |
| 235 | label := LabelRepositorySecurityAdvisory(true, true) |
| 236 | assert.Equal(t, IntegrityUntrusted, label.Integrity) |
| 237 | assert.Equal(t, ConfidentialityPrivate, label.Confidentiality) |
| 238 | }) |
| 239 | |
| 240 | t.Run("private repo with unpublished advisory is untrusted and private", func(t *testing.T) { |
| 241 | t.Parallel() |
| 242 | label := LabelRepositorySecurityAdvisory(true, false) |
| 243 | assert.Equal(t, IntegrityUntrusted, label.Integrity) |
| 244 | assert.Equal(t, ConfidentialityPrivate, label.Confidentiality) |
| 245 | }) |
| 246 | } |
| 247 | |
| 248 | func TestLabelGist(t *testing.T) { |
| 249 | t.Parallel() |
nothing calls this directly
no test coverage detected