bundler:chore - improve tests and code cleaning #925

matheusalcantarazup · 2022-01-14T16:36:28Z

This commit add some new asserts on successful parsing bundler results
to verify that all fields of Vulnerability was filled.

Some code organization was also made, and the entities and enum packages
was removed and the bundler schema output was moved to bundler package.

This commit also fix a bug when parsing invalid output from Bundler.
The strings.Split(output, "Name:") on parseOutput return a list with
one element when the split fails, so when Bundler return an output that
is not expected we still try to parse this invalid output which results
invalid vulnerabilities. To fix this a validation was added before the
split to check if output contains the Name: field.

Updates #718

Signed-off-by: Matheus Alcantara [email protected]

- What I did

- How to verify it

- Description for the changelog

internal/services/formatters/ruby/bundler/formatter.go

This commit add some new asserts on successful parsing bundler results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities and enum packages was removed and the bundler schema output was moved to bundler package. This commit also fix a bug when parsing invalid output from Bundler. The `strings.Split(output, "Name:")` on `parseOutput` return a list with one element when the split fails, so when Bundler return an output that is not expected we still try to parse this invalid output which results invalid vulnerabilities. To fix this a validation was added before the split to check if output contains the `Name:` field. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>

This commit add some new asserts on successful parsing bundler results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities and enum packages was removed and the bundler schema output was moved to bundler package. This commit also fix a bug when parsing invalid output from Bundler. The `strings.Split(output, "Name:")` on `parseOutput` return a list with one element when the split fails, so when Bundler return an output that is not expected we still try to parse this invalid output which results invalid vulnerabilities. To fix this a validation was added before the split to check if output contains the `Name:` field. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]> (cherry picked from commit 112e82e)

matheusalcantarazup requested review from iancardosozup, lucasbrunozup, nathanmartinszup and wiliansilvazup as code owners January 14, 2022 16:36

matheusalcantarazup force-pushed the bundler-improvements branch from cc057c3 to 4d279b1 Compare January 14, 2022 16:50

nathanmartinszup reviewed Jan 14, 2022

View reviewed changes

internal/services/formatters/ruby/bundler/formatter.go Show resolved Hide resolved

matheusalcantarazup force-pushed the bundler-improvements branch from 4d279b1 to 652ead2 Compare January 14, 2022 17:43

matheusalcantarazup requested a review from nathanmartinszup January 14, 2022 17:43

nathanmartinszup approved these changes Jan 14, 2022

View reviewed changes

iancardosozup approved these changes Jan 14, 2022

View reviewed changes

wiliansilvazup approved these changes Jan 19, 2022

View reviewed changes

matheusalcantarazup merged commit 112e82e into main Jan 19, 2022

matheusalcantarazup deleted the bundler-improvements branch January 19, 2022 20:26

This was referenced Jan 20, 2022

bundler-audit: v2.7.0-rc.2 return a vulnerability with a internal error from Bundler #933

Closed

phpcs:chore - Update PHP_CodeSniffer to show severity and code #935

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

bundler:chore - improve tests and code cleaning #925

bundler:chore - improve tests and code cleaning #925

matheusalcantarazup commented Jan 14, 2022

bundler:chore - improve tests and code cleaning #925

bundler:chore - improve tests and code cleaning #925

Conversation

matheusalcantarazup commented Jan 14, 2022