require 'spec_helper'
require 'bundler/plumber/database'
require 'bundler/plumber/advisory'
describe Bundler::Plumber::Advisory do
let(:root) { Bundler::Plumber::Database::VENDORED_PATH }
let(:gem) { 'therubyracer' }
let(:id) { '336' }
let(:path) { File.join(root,'gems',gem,"#{id}.yml") }
let(:an_unaffected_version) do
Bundler::Plumber::Advisory.load(path).unaffected_versions.map { |version_rule|
# For all the rules, get the individual constraints out and see if we
# can find a suitable one...
version_rule.requirements.select { |(constraint, gem_version)|
# We only want constraints where the version number specified is
# one of the unaffected version. I.E. we don't want ">", "<", or if
# such a thing exists, "!=" constraints.
['~>', '>=', '=', '<='].include?(constraint)
}.map { |(constraint, gem_version)|
# Fetch just the version component, which is a Gem::Version,
# and extract the string representation of the version.
gem_version.version
}
}.flatten.first
end
subject { described_class.load(path) }
describe "load" do
let(:data) { YAML.respond_to?(:unsafe_load) ? YAML.unsafe_load(File.read(path)) : YAML.load_file(path) }
describe '#id' do
subject { super().id }
it { is_expected.to eq(id) }
end
describe '#url' do
subject { super().url }
it { is_expected.to eq(data['url']) }
end
describe '#title' do
subject { super().title }
it { is_expected.to eq(data['title']) }
end
describe '#date' do
subject { super().date }
it { is_expected.to eq(data['date']) }
end
describe '#description' do
subject { super().description }
it { is_expected.to eq(data['description']) }
end
context "YAML data not representing a hash" do
it "should raise an exception" do
path = File.expand_path('../fixtures/not_a_hash.yml', __FILE__)
expect {
Advisory.load(path)
}.to raise_exception("advisory data in #{path.dump} was not a Hash")
end
end
describe "#patched_versions" do
subject { described_class.load(path).patched_versions }
it "should all be Gem::Requirement objects" do
expect(subject.all? { |version|
expect(version).to be_kind_of(Gem::Requirement)
}).to be_truthy
end
it "should parse the versions" do
expect(subject.map(&:to_s)).to eq(data['patched_versions'])
end
end
end
describe "#unaffected?" do
context "when passed a version that matches one unaffected version" do
let(:version) { Gem::Version.new(an_unaffected_version) }
it "should return true" do
expect(subject.unaffected?(version)).to be_truthy
end
end
context "when passed a version that matches no unaffected version" do
let(:version) { Gem::Version.new('3.0.9') }
it "should return false" do
expect(subject.unaffected?(version)).to be_falsey
end
end
end
describe "#patched?" do
context "when passed a version that matches one patched version" do
let(:version) { Gem::Version.new('0.12.4') }
it "should return true", doku: true do
expect(subject.patched?(version)).to be_truthy
end
end
context "when passed a version that matches no patched version" do
let(:version) { Gem::Version.new('2.9.0') }
it "should return false" do
expect(subject.patched?(version)).to be_falsey
end
end
end
describe "#leaky?" do
context "when passed a version that matches one patched version" do
let(:version) { Gem::Version.new('0.12.4') }
it "should return false" do
expect(subject.leaky?(version)).to be_falsey
end
end
context "when passed a version that matches no patched version" do
let(:version) { Gem::Version.new('2.9.0') }
it "should return true" do
expect(subject.leaky?(version)).to be_truthy
end
context "when unaffected_versions is not empty" do
subject { described_class.load(path) }
context "when passed a version that matches one unaffected version" do
let(:version) { Gem::Version.new(an_unaffected_version) }
it "should return false" do
expect(subject.leaky?(version)).to be_falsey
end
end
context "when passed a version that matches no unaffected version" do
let(:version) { Gem::Version.new('1.2.3') }
it "should return true" do
expect(subject.leaky?(version)).to be_truthy
end
end
end
end
end
end