diff --git a/go.mod b/go.mod index c0459a6cc..a3b9105ad 100644 --- a/go.mod +++ b/go.mod @@ -128,7 +128,7 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect ) -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240110073910-2461fe7e7b4f +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240116074500-2653d8805fcc // replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20231220102935-c8776c613ad8 diff --git a/go.sum b/go.sum index 09ec6fdbc..49226870e 100644 --- a/go.sum +++ b/go.sum @@ -135,8 +135,8 @@ github.com/jfrog/gofrog v1.5.0 h1:OLaXpNaEniliE4Kq8lJ5evVYzzt3zdYtpMIBu6TO++c= github.com/jfrog/gofrog v1.5.0/go.mod h1:wQqagqq2VpuCWRPlq/65GbH9gsRz+7Bgc1Q+PKD4Y+k= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240110073910-2461fe7e7b4f h1:UETEUtFCOm0bhd7AeRgaf9QxPsSgnPgHgjfo7OHOOXQ= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240110073910-2461fe7e7b4f/go.mod h1:dFpRoGR5/Qe+bvszvRPYGqMEdwmjNhjFLXlovGs9sII= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240116074500-2653d8805fcc h1:YAW8UfyS3lKchgXgPMSYIIrUu0q4FM3ovpNc3Mc0/1A= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240116074500-2653d8805fcc/go.mod h1:dFpRoGR5/Qe+bvszvRPYGqMEdwmjNhjFLXlovGs9sII= github.com/jfrog/jfrog-client-go v1.35.6 h1:nVS94x6cwSRkhtj8OM3elbUcGgQhqsK8YMPvC/gf5sk= github.com/jfrog/jfrog-client-go v1.35.6/go.mod h1:V+XKC27k6GA5OcWIAItpnxZAZnCigg8xCkpXKP905Fk= github.com/jszwec/csvutil v1.9.0 h1:iTmq9G1P0e+AUq/MkFg6tetJ+1BH3fOX8Xi0RAcwiGc= diff --git a/xray_test.go b/xray_test.go index 8e19cd5b6..1c8baabba 100644 --- a/xray_test.go +++ b/xray_test.go @@ -1123,3 +1123,40 @@ func clearOrRedirectLocalCacheIfNeeded(t *testing.T, projectType project.Project } return } + +func TestXrayRecursiveScan(t *testing.T) { + initXrayTest(t, scangraph.GraphScanMinXrayVersion) + + tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) + defer createTempDirCallback() + + // Creating an inner NPM project + npmDirPath, err := os.MkdirTemp(tempDirPath, "npm-project") + assert.NoError(t, err) + npmProjectToCopyPath := filepath.Join("testdata", "npm", "npmproject") + assert.NoError(t, biutils.CopyDir(npmProjectToCopyPath, npmDirPath, true, nil)) + + // Creating an inner .NET project + dotnetDirPath, err := os.MkdirTemp(tempDirPath, "dotnet-project") + assert.NoError(t, err) + dotnetProjectToCopyPath := filepath.Join("testdata", "nuget", "simple-dotnet") + assert.NoError(t, biutils.CopyDir(dotnetProjectToCopyPath, dotnetDirPath, true, nil)) + + curWd, err := os.Getwd() + assert.NoError(t, err) + + chDirCallback := clientTestUtils.ChangeDirWithCallback(t, curWd, tempDirPath) + defer chDirCallback() + + // We anticipate the execution of a recursive scan to encompass both the inner NPM project and the inner .NET project. + output := xrayCli.RunCliCmdWithOutput(t, "audit", "--format=json") + + // We anticipate the identification of five vulnerabilities: four originating from the .NET project and one from the NPM project. + verifyJsonScanResults(t, output, 0, 5, 0) + + var results []services.ScanResponse + err = json.Unmarshal([]byte(output), &results) + assert.NoError(t, err) + // We anticipate receiving an array with a length of 2 to confirm that we have obtained results from two distinct inner projects. + assert.Len(t, results, 2) +}