@@ -1351,118 +1351,4 @@ describe("buildResponse", () => {
13511351 } ) ;
13521352 } ) ;
13531353 } ) ;
1354-
1355- describe ( "supports exclude-base-image-vulns flag" , ( ) => {
1356- const defaultAnalysis = createMockAnalysis ( ) ;
1357- const baseDepTree = {
1358- ...defaultAnalysis . depTree ,
1359- targetOS : {
1360- name : "alpine" ,
1361- version : "3.12" ,
1362- prettyName : "Alpine 3.12" ,
1363- } ,
1364- dependencies : {
1365- basePkg : {
1366- name : "basePkg" ,
1367- version : "1.0.0" ,
1368- dependencies : { } ,
1369- } ,
1370- dockerfilePkg : {
1371- name : "dockerfilePkg" ,
1372- version : "2.0.0" ,
1373- dependencies : { } ,
1374- } ,
1375- } ,
1376- } ;
1377-
1378- const dockerfileAnalysisWithDockerfilePkgOnly = {
1379- baseImage : "alpine:3.12" ,
1380- dockerfilePackages : {
1381- dockerfilePkg : {
1382- instruction : "RUN apk add dockerfilePkg" ,
1383- installCommand : "apk add dockerfilePkg" ,
1384- } ,
1385- } ,
1386- dockerfileLayers : { } ,
1387- } ;
1388-
1389- function getDepPkgNames ( scanResult : {
1390- facts ?: Array < { type : string ; data : any } > ;
1391- } ) : string [ ] {
1392- const depGraphFact = scanResult . facts ?. find ( ( f ) => f . type === "depGraph" ) ;
1393- const depGraph = depGraphFact ?. data ;
1394- if ( ! depGraph || typeof depGraph . getPkgs !== "function" ) {
1395- return [ ] ;
1396- }
1397- return depGraph . getPkgs ( ) . map ( ( p : { name : string } ) => p . name ) ;
1398- }
1399-
1400- const rootPkgName = defaultAnalysis . depTree . name ;
1401-
1402- it ( "includes all dependencies in depGraph when excludeBaseImageVulns is false" , async ( ) => {
1403- const mockAnalysis = createMockAnalysis ( {
1404- depTree : JSON . parse ( JSON . stringify ( baseDepTree ) ) ,
1405- packageFormat : "apk" ,
1406- } ) ;
1407-
1408- const result = await buildResponse (
1409- mockAnalysis as any ,
1410- dockerfileAnalysisWithDockerfilePkgOnly as any ,
1411- false ,
1412- undefined ,
1413- undefined ,
1414- undefined ,
1415- ) ;
1416-
1417- const pkgNames = getDepPkgNames ( result . scanResults [ 0 ] ) ;
1418- expect ( pkgNames ) . toContain ( rootPkgName ) ;
1419- expect ( pkgNames ) . toContain ( "basePkg" ) ;
1420- expect ( pkgNames ) . toContain ( "dockerfilePkg" ) ;
1421- expect ( pkgNames ) . toHaveLength ( 3 ) ;
1422- } ) ;
1423-
1424- it ( "includes only dockerfile-introduced dependencies in depGraph when excludeBaseImageVulns is true" , async ( ) => {
1425- const mockAnalysis = createMockAnalysis ( {
1426- depTree : JSON . parse ( JSON . stringify ( baseDepTree ) ) ,
1427- packageFormat : "apk" ,
1428- } ) ;
1429-
1430- const result = await buildResponse (
1431- mockAnalysis as any ,
1432- dockerfileAnalysisWithDockerfilePkgOnly as any ,
1433- true ,
1434- undefined ,
1435- undefined ,
1436- undefined ,
1437- ) ;
1438-
1439- const pkgNames = getDepPkgNames ( result . scanResults [ 0 ] ) ;
1440- expect ( pkgNames ) . toContain ( rootPkgName ) ;
1441- expect ( pkgNames ) . toContain ( "dockerfilePkg" ) ;
1442- expect ( pkgNames ) . not . toContain ( "basePkg" ) ;
1443- expect ( pkgNames ) . toHaveLength ( 2 ) ;
1444- } ) ;
1445-
1446- it ( "includes all dependencies when excludeBaseImageVulns is true but dockerfileAnalysis is undefined" , async ( ) => {
1447- const mockAnalysis = createMockAnalysis ( {
1448- depTree : JSON . parse ( JSON . stringify ( baseDepTree ) ) ,
1449- packageFormat : "apk" ,
1450- } ) ;
1451-
1452- const result = await buildResponse (
1453- mockAnalysis as any ,
1454- undefined ,
1455- true ,
1456- undefined ,
1457- undefined ,
1458- undefined ,
1459- ) ;
1460-
1461- const pkgNames = getDepPkgNames ( result . scanResults [ 0 ] ) ;
1462- expect ( pkgNames ) . toContain ( rootPkgName ) ;
1463- expect ( pkgNames ) . toContain ( "basePkg" ) ;
1464- expect ( pkgNames ) . toContain ( "dockerfilePkg" ) ;
1465- expect ( pkgNames ) . toHaveLength ( 3 ) ;
1466- } ) ;
1467- } ) ;
14681354} ) ;
0 commit comments