Add comprehensive tests for Go and Python version conflict detection and licensing normalization

- Implemented GoVersionConflictDetectorTests to validate pseudo-version detection, conflict analysis, and conflict retrieval for Go modules. - Created VersionConflictDetectorTests for Python to assess conflict detection across various version scenarios, including major, minor, and patch differences. - Added SpdxLicenseNormalizerTests to ensure accurate normalization of SPDX license strings and classifiers. - Developed VendoredPackageDetectorTests to identify vendored packages and extract embedded packages from Python packages, including handling of vendor directories and known vendored packages.
2025-12-07 01:51:37 +02:00
parent 98934170ca
commit e0f6efecce
66 changed files with 7591 additions and 451 deletions
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Bun/Internal/BunConfigHelper.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Bun/Internal/BunConfigHelper.cs
@@ -134,7 +134,7 @@ internal static partial class BunConfigHelper
            scopeRegistries.ToImmutableDictionary(StringComparer.Ordinal));
    }

-    private static string StripQuotes(string value)
+    internal static string StripQuotes(string value)
    {
        if (value.Length >= 2)
        {
@@ -148,7 +148,7 @@ internal static partial class BunConfigHelper
        return value;
    }

-    private static string? ExtractRegistryUrl(string value)
+    internal static string? ExtractRegistryUrl(string value)
    {
        // Simple case: just a URL string
        if (value.StartsWith("http", StringComparison.OrdinalIgnoreCase))
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Bun/Internal/BunLockParser.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Bun/Internal/BunLockParser.cs
@@ -104,7 +104,7 @@ internal static class BunLockParser
        }
    }

-    private static (string Name, string Version) ParsePackageKey(string key)
+    internal static (string Name, string Version) ParsePackageKey(string key)
    {
        // Format: name@version or @scope/name@version
        // Need to find the last @ that is not at position 0 (for scoped packages)
@@ -219,7 +219,7 @@ internal static class BunLockParser
    /// <summary>
    /// Classifies the resolved URL to detect git, tarball, file, or npm sources.
    /// </summary>
-    private static (string SourceType, string? GitCommit, string? Specifier) ClassifyResolvedUrl(string? resolved)
+    internal static (string SourceType, string? GitCommit, string? Specifier) ClassifyResolvedUrl(string? resolved)
    {
        if (string.IsNullOrEmpty(resolved))
        {
@@ -277,7 +277,7 @@ internal static class BunLockParser
    /// <summary>
    /// Extracts git commit hash from a git URL (after # or @).
    /// </summary>
-    private static string? ExtractGitCommit(string url)
+    internal static string? ExtractGitCommit(string url)
    {
        // Format: git+https://github.com/user/repo#commit
        // or: github:user/repo#tag
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Bun/StellaOps.Scanner.Analyzers.Lang.Bun.csproj
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Bun/StellaOps.Scanner.Analyzers.Lang.Bun.csproj
@@ -8,6 +8,10 @@
    <EnableDefaultItems>false</EnableDefaultItems>
  </PropertyGroup>

+  <ItemGroup>
+    <InternalsVisibleTo Include="StellaOps.Scanner.Analyzers.Lang.Bun.Tests" />
+  </ItemGroup>
+
  <ItemGroup>
    <Compile Include="**\*.cs" Exclude="obj\**;bin\**" />
    <EmbeddedResource Include="**\*.json" Exclude="obj\**;bin\**" />