Skip to content

Commit

Permalink
Basic tests for PURL validation in config
Browse files Browse the repository at this point in the history
  • Loading branch information
juxtin authored Apr 27, 2024
1 parent 6406179 commit 7a330f2
Show file tree
Hide file tree
Showing 3 changed files with 49 additions and 5 deletions.
12 changes: 12 additions & 0 deletions __tests__/config.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,18 @@ test('it raises an error if an empty allow list is specified', async () => {
)
})

test('it raises an error when an invalid package-url is used for deny-packages', async () => {
setInput('deny-packages', 'not-a-purl')

await expect(readConfig()).rejects.toThrow(`Error parsing purl`)
})

test('it raises an error when an argument to deny-groups is missing a namespace', async () => {
setInput('deny-groups', 'pkg:npm/my-fun-org')

await expect(readConfig()).rejects.toThrow(`purl must have a namespace`)
})

test('it raises an error when given an unknown severity', async () => {
setInput('fail-on-severity', 'zombies')

Expand Down
4 changes: 3 additions & 1 deletion __tests__/test-helpers.ts
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,9 @@ export function clearInputs(): void {
'BASE-REF',
'HEAD-REF',
'COMMENT-SUMMARY-IN-PR',
'WARN-ONLY'
'WARN-ONLY',
'DENY-GROUPS',
'DENY-PACKAGES'
]

// eslint-disable-next-line github/array-foreach
Expand Down
38 changes: 34 additions & 4 deletions src/schemas.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,39 @@ export const SCOPES = ['unknown', 'runtime', 'development'] as const

export const SeveritySchema = z.enum(SEVERITIES).default('low')

const PackageURL = z.string().transform(purlString => {
return parsePURL(purlString)
})
const PackageURL = z
.string()
.transform(purlString => {
return parsePURL(purlString)
})
.superRefine((purl, context) => {
if (purl.error) {
context.addIssue({
code: z.ZodIssueCode.custom,
message: `Error parsing purl`
})
}
})

const PackageURLWithNamespace = z
.string()
.transform(purlString => {
return parsePURL(purlString)
})
.superRefine((purl, context) => {
if (purl.error) {
context.addIssue({
code: z.ZodIssueCode.custom,
message: `Error parsing purl`
})
}
if (purl.namespace === null) {
context.addIssue({
code: z.ZodIssueCode.custom,
message: `purl must have a namespace, and the namespace must be followed by '/'`
})
}
})

export const ChangeSchema = z.object({
change_type: z.enum(['added', 'removed']),
Expand Down Expand Up @@ -48,7 +78,7 @@ export const ConfigurationOptionsSchema = z
allow_dependencies_licenses: z.array(z.string()).optional(),
allow_ghsas: z.array(z.string()).default([]),
deny_packages: z.array(PackageURL).default([]),
deny_groups: z.array(PackageURL).default([]),
deny_groups: z.array(PackageURLWithNamespace).default([]),
license_check: z.boolean().default(true),
vulnerability_check: z.boolean().default(true),
config_file: z.string().optional(),
Expand Down

0 comments on commit 7a330f2

Please sign in to comment.