stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

fix tests. new product advisories enhancements

Browse Source
This commit is contained in:
master
2026-01-25 19:11:36 +02:00
parent c70e83719e
commit 6e687b523a
504 changed files with 40610 additions and 3785 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/VexLens/__Libraries/__Tests/StellaOps.VexLens.Spdx3.Tests/CvssMapperTests.cs
View File

@@ -3,6 +3,7 @@
// </copyright>
using FluentAssertions;
using StellaOps.Spdx3.Model;
using StellaOps.Spdx3.Model.Security;
using Xunit;
@@ -66,7 +67,7 @@ public sealed class CvssMapperTests
result.Score.Should().Be(7.5m);
result.Severity.Should().Be(Spdx3CvssSeverity.High);
result.VectorString.Should().Be("CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
result.RelationshipType.Should().Be("hasAssessmentFor");
result.RelationshipType.Should().Be(Spdx3RelationshipType.HasAssessmentFor);
result.AssessedElement.Should().Be(ElementSpdxId);
}
@@ -87,7 +88,7 @@ public sealed class CvssMapperTests
// Assert
result.Probability.Should().Be(0.75m);
result.Percentile.Should().Be(0.95m);
result.RelationshipType.Should().Be("hasAssessmentFor");
result.RelationshipType.Should().Be(Spdx3RelationshipType.HasAssessmentFor);
result.SuppliedBy.Should().Contain("first.org");
}

9
src/VexLens/__Libraries/__Tests/StellaOps.VexLens.Spdx3.Tests/VexStatusMapperTests.cs
View File

@@ -3,6 +3,7 @@
// </copyright>
using FluentAssertions;
using StellaOps.Spdx3.Model;
using StellaOps.Spdx3.Model.Security;
using Xunit;
@@ -37,7 +38,7 @@ public sealed class VexStatusMapperTests
// Assert
result.Should().BeOfType<Spdx3VexAffectedVulnAssessmentRelationship>();
var affected = (Spdx3VexAffectedVulnAssessmentRelationship)result;
affected.RelationshipType.Should().Be("affects");
affected.RelationshipType.Should().Be(Spdx3RelationshipType.Affects);
affected.ActionStatement.Should().Be("Upgrade to version 4.17.21");
affected.ActionStatementTime.Should().Be(statement.ActionStatementTime);
}
@@ -62,7 +63,7 @@ public sealed class VexStatusMapperTests
// Assert
result.Should().BeOfType<Spdx3VexNotAffectedVulnAssessmentRelationship>();
var notAffected = (Spdx3VexNotAffectedVulnAssessmentRelationship)result;
notAffected.RelationshipType.Should().Be("doesNotAffect");
notAffected.RelationshipType.Should().Be(Spdx3RelationshipType.DoesNotAffect);
notAffected.JustificationType.Should().Be(Spdx3VexJustificationType.VulnerableCodeNotPresent);
notAffected.ImpactStatement.Should().Be("The vulnerable function is not used");
}
@@ -86,7 +87,7 @@ public sealed class VexStatusMapperTests
// Assert
result.Should().BeOfType<Spdx3VexFixedVulnAssessmentRelationship>();
var fixed_ = (Spdx3VexFixedVulnAssessmentRelationship)result;
fixed_.RelationshipType.Should().Be("fixedIn");
fixed_.RelationshipType.Should().Be(Spdx3RelationshipType.FixedIn);
fixed_.StatusNotes.Should().Be("Fixed in version 4.17.21");
}
@@ -109,7 +110,7 @@ public sealed class VexStatusMapperTests
// Assert
result.Should().BeOfType<Spdx3VexUnderInvestigationVulnAssessmentRelationship>();
var underInvestigation = (Spdx3VexUnderInvestigationVulnAssessmentRelationship)result;
underInvestigation.RelationshipType.Should().Be("underInvestigationFor");
underInvestigation.RelationshipType.Should().Be(Spdx3RelationshipType.UnderInvestigationFor);
}
[Theory]

6
src/VexLens/__Libraries/__Tests/StellaOps.VexLens.Spdx3.Tests/VexToSpdx3MapperTests.cs
View File

@@ -320,7 +320,7 @@ public sealed class VexToSpdx3MapperTests
Status = VexStatus.Affected,
CvssV3 = new CvssV3Data
{
BaseScore = 9.8,
BaseScore = 9.8m,
VectorString = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
}
@@ -359,8 +359,8 @@ public sealed class VexToSpdx3MapperTests
Status = VexStatus.Affected,
Epss = new EpssData
{
Probability = 0.85,
Percentile = 0.97
Probability = 0.85m,
Percentile = 0.97m
}
}
}

7
src/VexLens/__Libraries/__Tests/StellaOps.VexLens.Spdx3.Tests/VulnerabilityElementBuilderTests.cs
View File

@@ -3,6 +3,7 @@
// </copyright>
using FluentAssertions;
using StellaOps.Spdx3.Model;
using Xunit;
namespace StellaOps.VexLens.Spdx3.Tests;
@@ -27,7 +28,7 @@ public sealed class VulnerabilityElementBuilderTests
// Assert
result.Name.Should().Be("CVE-2026-1234");
result.SpdxId.Should().StartWith(SpdxIdPrefix);
result.ExternalIdentifiers.Should().ContainSingle(x => x.ExternalIdentifierType == "cve");
result.ExternalIdentifiers.Should().ContainSingle(x => x.ExternalIdentifierType == Spdx3ExternalIdentifierType.Cve);
}
[Fact]
@@ -40,7 +41,7 @@ public sealed class VulnerabilityElementBuilderTests
// Assert
result.Name.Should().Be("GHSA-1234-5678-abcd");
result.ExternalIdentifiers.Should().ContainSingle(x => x.ExternalIdentifierType == "ghsa");
result.ExternalIdentifiers.Should().ContainSingle(x => x.ExternalIdentifierType == Spdx3ExternalIdentifierType.SecurityOther);
}
[Fact]
@@ -67,7 +68,7 @@ public sealed class VulnerabilityElementBuilderTests
// Assert
result.ExternalRefs.Should().ContainSingle(x =>
x.ExternalRefType == "securityAdvisory" &&
x.ExternalRefType == Spdx3ExternalRefType.SecurityAdvisory &&
x.Locator[0].Contains("nvd.nist.gov"));
}