From 87161bbdd8a9993ccd500b678e2e5ff57ac06b9a Mon Sep 17 00:00:00 2001 From: 7000pctAUTO Date: Wed, 4 Feb 2026 14:58:52 +0000 Subject: [PATCH] Add CVE database and test fixtures --- tests/conftest.py | 137 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 137 insertions(+) create mode 100644 tests/conftest.py diff --git a/tests/conftest.py b/tests/conftest.py new file mode 100644 index 0000000..644a63d --- /dev/null +++ b/tests/conftest.py @@ -0,0 +1,137 @@ +"""Test configuration and fixtures for depcheck tests.""" + +import json +import tempfile +from pathlib import Path + +import pytest + +from depcheck.models import Dependency, PackageManager, ScanResult, Severity, Vulnerability + + +@pytest.fixture +def temp_dir(): + """Create a temporary directory for tests.""" + with tempfile.TemporaryDirectory() as tmpdir: + yield tmpdir + + +@pytest.fixture +def sample_package_json(): + """Create a sample package.json file content.""" + return """{ + \"name\": \"test-project\", + \"version\": \"1.0.0\", + \"dependencies\": { + \"express\": \"4.18.2\", + \"lodash\": \"4.17.20\" + }, + \"devDependencies\": { + \"jest\": \"29.7.0\" + } +}""" + + +@pytest.fixture +def sample_requirements_txt(): + """Create a sample requirements.txt file content.""" + return """requests>=2.31.0 +flask>=2.0.0 +numpy==1.24.0 +""" + + +@pytest.fixture +def sample_go_mod(): + """Create a sample go.mod file content.""" + return """ +module github.com/example/project + +go 1.21 + +require ( + github.com/stretchr/testify v1.8.4 + golang.org/x/crypto v0.17.0 +) +""" + + +@pytest.fixture +def sample_cargo_toml(): + """Create a sample Cargo.toml file content.""" + return """ +[package] +name = \"my-project\" +version = \"0.1.0\" +edition = \"2021\" + +[dependencies] +serde = \"1.0\" +tokio = \"1.36\" +""" + + +@pytest.fixture +def sample_vulnerable_dependencies(): + """Create scan result with vulnerable dependencies.""" + dep1 = Dependency( + name="lodash", + current_version="4.17.20", + package_manager=PackageManager.NPM, + ) + dep2 = Dependency( + name="requests", + current_version="2.28.0", + package_manager=PackageManager.PIP, + ) + + vuln1 = Vulnerability( + cve_id="CVE-2021-23337", + severity=Severity.HIGH, + description="Command Injection", + affected_versions="<4.17.21", + fixed_version="4.17.21", + ) + + vuln2 = Vulnerability( + cve_id="CVE-2024-35195", + severity=Severity.MEDIUM, + description="Auth bypass", + affected_versions="<2.32.0", + fixed_version="2.32.0", + ) + + result = ScanResult() + result.dependencies = [dep1, dep2] + result.vulnerabilities = [(dep1, vuln1), (dep2, vuln2)] + + return result + + +@pytest.fixture +def sample_outdated_dependencies(): + """Create scan result with outdated dependencies.""" + deps = [ + Dependency( + name="express", + current_version="4.18.2", + latest_version="4.19.2", + package_manager=PackageManager.NPM, + is_outdated=True, + ), + Dependency( + name="flask", + current_version="2.0.0", + latest_version="3.0.0", + package_manager=PackageManager.PIP, + is_outdated=True, + ), + ] + + return ScanResult(dependencies=deps) + + +@pytest.fixture +def empty_scan_result(): + """Create an empty scan result.""" + return ScanResult()