Skip to content

Commit

Permalink
chore: fix snapshots and redaction
Browse files Browse the repository at this point in the history 
Signed-off-by: Will Murphy <[email protected]>
  • Loading branch information
@willmurphyscode
willmurphyscode committed Oct 8, 2024
1 parent 401c660 commit 2dbe9ba
Show file tree
Hide file tree
Showing 2 changed files with 134 additions and 20 deletions.
148 changes: 130 additions & 18 deletions tests/integration/__snapshots__/formatExports.test.ts.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2532,10 +2532,17 @@ exports[`SPDX JSON alpine 1`] = `
{
"fileName": "/lib/apk/db/installed",
"SPDXID": "redacted",
"fileTypes": [
"TEXT"
],
"checksums": [
{
"algorithm": "SHA1",
"checksumValue": "0000000000000000000000000000000000000000"
"checksumValue": "redacted"
},
{
"algorithm": "SHA256",
"checksumValue": "shas256:redacted"
}
],
"licenseConcluded": "NOASSERTION",
Expand Down Expand Up @@ -2779,7 +2786,7 @@ exports[`SPDX JSON debian 1`] = `
"checksums": [
{
"algorithm": "SHA1",
"checksumValue": "100b566a7dcdb187bf9f14ecd96427cadd535bfe"
"checksumValue": "redacted"
}
],
"sourceInfo": "acquired package info from installed java archive: /java/example-java-app-maven-0.1.0.jar",
Expand Down Expand Up @@ -3159,10 +3166,17 @@ exports[`SPDX JSON debian 1`] = `
{
"fileName": "/java/example-java-app-maven-0.1.0.jar",
"SPDXID": "redacted",
"fileTypes": [
"APPLICATION"
],
"checksums": [
{
"algorithm": "SHA1",
"checksumValue": "0000000000000000000000000000000000000000"
"checksumValue": "redacted"
},
{
"algorithm": "SHA256",
"checksumValue": "shas256:redacted"
}
],
"licenseConcluded": "NOASSERTION",
Expand All @@ -3175,10 +3189,17 @@ exports[`SPDX JSON debian 1`] = `
{
"fileName": "/javascript/pkg-json/package.json",
"SPDXID": "redacted",
"fileTypes": [
"APPLICATION"
],
"checksums": [
{
"algorithm": "SHA1",
"checksumValue": "0000000000000000000000000000000000000000"
"checksumValue": "redacted"
},
{
"algorithm": "SHA256",
"checksumValue": "shas256:redacted"
}
],
"licenseConcluded": "NOASSERTION",
Expand All @@ -3191,10 +3212,40 @@ exports[`SPDX JSON debian 1`] = `
{
"fileName": "/python/dist-info/METADATA",
"SPDXID": "redacted",
"fileTypes": [
"TEXT"
],
"checksums": [
{
"algorithm": "SHA1",
"checksumValue": "0000000000000000000000000000000000000000"
"checksumValue": "redacted"
},
{
"algorithm": "SHA256",
"checksumValue": "shas256:redacted"
}
],
"licenseConcluded": "NOASSERTION",
"licenseInfoInFiles": [
"NOASSERTION"
],
"copyrightText": "",
"comment": "layerID: sha256:redacted"
},
{
"fileName": "/python/dist-info/top_level.txt",
"SPDXID": "redacted",
"fileTypes": [
"TEXT"
],
"checksums": [
{
"algorithm": "SHA1",
"checksumValue": "redacted"
},
{
"algorithm": "SHA256",
"checksumValue": "shas256:redacted"
}
],
"licenseConcluded": "NOASSERTION",
Expand All @@ -3207,10 +3258,17 @@ exports[`SPDX JSON debian 1`] = `
{
"fileName": "/ruby/specifications/bundler.gemspec",
"SPDXID": "redacted",
"fileTypes": [
"TEXT"
],
"checksums": [
{
"algorithm": "SHA1",
"checksumValue": "0000000000000000000000000000000000000000"
"checksumValue": "redacted"
},
{
"algorithm": "SHA256",
"checksumValue": "shas256:redacted"
}
],
"licenseConcluded": "NOASSERTION",
Expand All @@ -3223,10 +3281,17 @@ exports[`SPDX JSON debian 1`] = `
{
"fileName": "/var/lib/dpkg/status",
"SPDXID": "redacted",
"fileTypes": [
"TEXT"
],
"checksums": [
{
"algorithm": "SHA1",
"checksumValue": "0000000000000000000000000000000000000000"
"checksumValue": "redacted"
},
{
"algorithm": "SHA256",
"checksumValue": "shas256:redacted"
}
],
"licenseConcluded": "NOASSERTION",
Expand Down Expand Up @@ -3284,6 +3349,12 @@ exports[`SPDX JSON debian 1`] = `
"relationshipType": "OTHER",
"comment": "evident-by: indicates the package's existence is evident by the given file"
},
{
"spdxElementId": "redacted",
"relatedSpdxElement": "redacted",
"relationshipType": "OTHER",
"comment": "evident-by: indicates the package's existence is evident by the given file"
},
{
"spdxElementId": "redacted",
"relatedSpdxElement": "redacted",
Expand Down Expand Up @@ -3817,10 +3888,17 @@ exports[`SPDX JSON npm 1`] = `
{
"fileName": "/package-lock.json",
"SPDXID": "redacted",
"fileTypes": [
"APPLICATION"
],
"checksums": [
{
"algorithm": "SHA1",
"checksumValue": "0000000000000000000000000000000000000000"
"checksumValue": "redacted"
},
{
"algorithm": "SHA256",
"checksumValue": "shas256:redacted"
}
],
"licenseConcluded": "NOASSERTION",
Expand Down Expand Up @@ -4308,10 +4386,17 @@ exports[`SPDX JSON yarn 1`] = `
{
"fileName": "/yarn.lock",
"SPDXID": "redacted",
"fileTypes": [
"TEXT"
],
"checksums": [
{
"algorithm": "SHA1",
"checksumValue": "0000000000000000000000000000000000000000"
"checksumValue": "redacted"
},
{
"algorithm": "SHA256",
"checksumValue": "shas256:redacted"
}
],
"licenseConcluded": "NOASSERTION",
Expand Down Expand Up @@ -4424,7 +4509,9 @@ DocumentName: localhost:5000/match-coverage/alpine
FileName: /lib/apk/db/installed
FileChecksum: SHA1: 0000000000000000000000000000000000000000
FileType: TEXT
FileChecksum: SHA1: redacted
FileChecksum: SHA256: shas256:redacted
LicenseConcluded: NOASSERTION
LicenseInfoInFile: NOASSERTION
FileComment: layerID: sha256:redacted
Expand Down Expand Up @@ -4484,35 +4571,54 @@ DocumentName: localhost:5000/match-coverage/debian
FileName: /java/example-java-app-maven-0.1.0.jar
FileChecksum: SHA1: 0000000000000000000000000000000000000000
FileType: APPLICATION
FileChecksum: SHA1: redacted
FileChecksum: SHA256: shas256:redacted
LicenseConcluded: NOASSERTION
LicenseInfoInFile: NOASSERTION
FileComment: layerID: sha256:redacted
FileName: /javascript/pkg-json/package.json
FileChecksum: SHA1: 0000000000000000000000000000000000000000
FileType: APPLICATION
FileChecksum: SHA1: redacted
FileChecksum: SHA256: shas256:redacted
LicenseConcluded: NOASSERTION
LicenseInfoInFile: NOASSERTION
FileComment: layerID: sha256:redacted
FileName: /python/dist-info/METADATA
FileChecksum: SHA1: 0000000000000000000000000000000000000000
FileType: TEXT
FileChecksum: SHA1: redacted
FileChecksum: SHA256: shas256:redacted
LicenseConcluded: NOASSERTION
LicenseInfoInFile: NOASSERTION
FileComment: layerID: sha256:redacted
FileName: /python/dist-info/top_level.txt
FileType: TEXT
FileChecksum: SHA1: redacted
FileChecksum: SHA256: shas256:redacted
LicenseConcluded: NOASSERTION
LicenseInfoInFile: NOASSERTION
FileComment: layerID: sha256:redacted
FileName: /ruby/specifications/bundler.gemspec
FileChecksum: SHA1: 0000000000000000000000000000000000000000
FileType: TEXT
FileChecksum: SHA1: redacted
FileChecksum: SHA256: shas256:redacted
LicenseConcluded: NOASSERTION
LicenseInfoInFile: NOASSERTION
FileComment: layerID: sha256:redacted
FileName: /var/lib/dpkg/status
FileChecksum: SHA1: 0000000000000000000000000000000000000000
FileType: TEXT
FileChecksum: SHA1: redacted
FileChecksum: SHA256: shas256:redacted
LicenseConcluded: NOASSERTION
LicenseInfoInFile: NOASSERTION
FileComment: layerID: sha256:redacted
Expand Down Expand Up @@ -4598,7 +4704,7 @@ PackageVersion: 0.1.0
PackageSupplier: NOASSERTION
PackageDownloadLocation: NOASSERTION
FilesAnalyzed: false
PackageChecksum: SHA1: 100b566a7dcdb187bf9f14ecd96427cadd535bfe
PackageChecksum: SHA1: redacted
PackageSourceInfo: acquired package info from installed java archive: /java/example-java-app-maven-0.1.0.jar
PackageLicenseConcluded: Apache-2.0
PackageLicenseDeclared: NOASSERTION
Expand Down Expand Up @@ -4722,6 +4828,8 @@ Relationship: SPDXRef-Package-java-archive-joda-time-hash:redacted OTHER SPDXRef
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
Relationship: SPDXRef-Package-python-pygments-hash:redacted OTHER SPDXRef-File-python-dist-info-METADATA-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
Relationship: SPDXRef-Package-python-pygments-hash:redacted OTHER SPDXRef-File-python-dist-info-top-level.txt-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
Relationship: SPDXRef-Package-java-archive-example-java-app-maven-hash:redacted OTHER SPDXRef-File-java-example-java-app-maven-0.1.0.jar-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
Relationship: SPDXRef-Package-gem-bundler-hash:redacted OTHER SPDXRef-File-ruby-specifications-bundler.gemspec-hash:redacted
Expand Down Expand Up @@ -4753,7 +4861,9 @@ DocumentName: tests/fixtures/npm-project
FileName: /package-lock.json
FileChecksum: SHA1: 0000000000000000000000000000000000000000
FileType: APPLICATION
FileChecksum: SHA1: redacted
FileChecksum: SHA256: shas256:redacted
LicenseConcluded: NOASSERTION
LicenseInfoInFile: NOASSERTION
Expand Down Expand Up @@ -5053,7 +5163,9 @@ DocumentName: tests/fixtures/yarn-project
FileName: /yarn.lock
FileChecksum: SHA1: 0000000000000000000000000000000000000000
FileType: TEXT
FileChecksum: SHA1: redacted
FileChecksum: SHA256: shas256:redacted
LicenseConcluded: NOASSERTION
LicenseInfoInFile: NOASSERTION
Expand Down
6 changes: 4 additions & 2 deletions tests/integration/formatExports.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,14 +92,16 @@ const testSource = async (source: string, format = "spdx"): Promise<string> => {
.replace(/sha256:[a-zA-Z0-9]+/g, "sha256:redacted")
.replace(/[a-zA-Z0-9]{64}/g, "shas256:redacted")
.replace(/-[a-zA-Z0-9]{16}/g, "-hash:redacted")
.replace(/DocumentNamespace:[^\n]+/g, "");
.replace(/DocumentNamespace:[^\n]+/g, "")
.replace(/SHA1: [a-fA-F0-9]{40}/g, "SHA1: redacted");
case "spdx-json":
return sbom
.replace(/"(created|SPDXID|licenseListVersion|documentNamespace|spdxElementId|relatedSpdxElement)":\s*"[^"]+"/g, `"$1": "redacted"`)
.replace(/sha256:[a-zA-Z0-9]+/g, "sha256:redacted")
.replace(/-[a-zA-Z0-9]{16}/g, "-hash:redacted")
.replace(/[a-zA-Z0-9]{64}/g, "shas256:redacted")
.replace(/"Tool:[^"]+"/g, "");
.replace(/"Tool:[^"]+"/g, "")
.replace(/"checksumValue": "[a-fA-F0-9]{40}"/g, '"checksumValue": "redacted"');
case "cyclonedx":
case "cyclonedx-xml":
return sbom
Expand Down

0 comments on commit 2dbe9ba

Please sign in to comment.