mirrors/bun.sh
1
0
Fork 0
mirror of https://github.com/oven-sh/bun synced 2026-02-14 12:51:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

rm for now

Browse Source
This commit is contained in:
Alistair Smith
2025-07-30 15:35:42 -07:00
parent 9b806aa501
commit e2f60b2085
1 changed files with 98 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

196
test/cli/install/bun-install-security-provider.test.ts
View File

@@ -609,107 +609,107 @@ describe("Edge Cases", () => {
});
});
describe("Transitive Dependencies", () => {
test("scanner receives direct and transitive dependencies", {
scanner: async ({ packages }) => {
for (const pkg of packages) {
console.log("Scanning:", pkg.name);
}
// describe("Transitive Dependencies", () => {
// test("scanner receives direct and transitive dependencies", {
// scanner: async ({ packages }) => {
// for (const pkg of packages) {
// console.log("Scanning:", pkg.name);
// }
return [];
},
packages: ["bar"],
expectedExitCode: 0,
expect: ({ out }) => {
expect(out).toContain("Scanning: baz");
expect(out).toContain("Scanning: bar");
},
});
// return [];
// },
// packages: ["bar"],
// expectedExitCode: 0,
// expect: ({ out }) => {
// expect(out).toContain("Scanning: baz");
// expect(out).toContain("Scanning: bar");
// },
// });
test("scanner receives all metadata for transitive dependencies", {
scanner: async ({ packages }) => {
console.log(JSON.stringify(packages, null, 2));
return [];
},
packages: ["@barn/moo"],
expectedExitCode: 0,
expect: ({ out }) => {
// Verify scanner output contains transitive dep info
expect(out).toContain('"name":"bar"');
expect(out).toContain('"version":"0.0.2"');
expect(out).toContain('"name":"baz"');
expect(out).toContain('"registryUrl"');
},
});
// test("scanner receives all metadata for transitive dependencies", {
// scanner: async ({ packages }) => {
// console.log(JSON.stringify(packages, null, 2));
// return [];
// },
// packages: ["@barn/moo"],
// expectedExitCode: 0,
// expect: ({ out }) => {
// // Verify scanner output contains transitive dep info
// expect(out).toContain('"name":"bar"');
// expect(out).toContain('"version":"0.0.2"');
// expect(out).toContain('"name":"baz"');
// expect(out).toContain('"registryUrl"');
// },
// });
test("scanner can flag vulnerabilities in transitive dependencies", {
scanner: async ({ packages }) => {
const transDep = packages.find(p => p.name === "bar");
if (transDep) {
return [
{
package: transDep.name,
description: "Vulnerability in transitive dependency bar",
level: "fatal",
url: "https://example.com/transitive-vuln",
},
];
}
return [];
},
packages: ["@barn/moo"],
fails: true,
expect: ({ out }) => {
expect(out).toContain("FATAL: bar");
expect(out).toContain("Vulnerability in transitive dependency bar");
},
});
// test("scanner can flag vulnerabilities in transitive dependencies", {
// scanner: async ({ packages }) => {
// const transDep = packages.find(p => p.name === "bar");
// if (transDep) {
// return [
// {
// package: transDep.name,
// description: "Vulnerability in transitive dependency bar",
// level: "fatal",
// url: "https://example.com/transitive-vuln",
// },
// ];
// }
// return [];
// },
// packages: ["@barn/moo"],
// fails: true,
// expect: ({ out }) => {
// expect(out).toContain("FATAL: bar");
// expect(out).toContain("Vulnerability in transitive dependency bar");
// },
// });
test("scanner handles multiple dependency trees", {
scanner: async ({ packages }) => {
console.log(`Received ${packages.length} packages:`);
for (const pkg of packages) {
console.log(`- ${pkg.name}@${pkg.version}`);
}
return [];
},
packages: ["@barn/moo", "qux"],
expectedExitCode: 0,
expect: ({ out }) => {
// Installing both @barn/moo and qux
// Should get: @barn/moo -> bar, baz, plus qux
expect(out).toContain("- @barn/moo@");
expect(out).toContain("- bar@0.0.2");
expect(out).toContain("- baz@");
expect(out).toContain("- qux@0.0.2");
},
});
// test("scanner handles multiple dependency trees", {
// scanner: async ({ packages }) => {
// console.log(`Received ${packages.length} packages:`);
// for (const pkg of packages) {
// console.log(`- ${pkg.name}@${pkg.version}`);
// }
// return [];
// },
// packages: ["@barn/moo", "qux"],
// expectedExitCode: 0,
// expect: ({ out }) => {
// // Installing both @barn/moo and qux
// // Should get: @barn/moo -> bar, baz, plus qux
// expect(out).toContain("- @barn/moo@");
// expect(out).toContain("- bar@0.0.2");
// expect(out).toContain("- baz@");
// expect(out).toContain("- qux@0.0.2");
// },
// });
test("scanner receives peer dependencies", {
scanner: async ({ packages }) => {
console.log("Packages with peer deps:");
for (const pkg of packages) {
console.log(`- ${pkg.name}@${pkg.version}`);
}
return [];
},
packages: ["boba"],
expectedExitCode: 0,
expect: ({ out }) => {
expect(out).toContain("- boba@0.0.2");
expect(out).toContain("- peer@");
},
});
// test("scanner receives peer dependencies", {
// scanner: async ({ packages }) => {
// console.log("Packages with peer deps:");
// for (const pkg of packages) {
// console.log(`- ${pkg.name}@${pkg.version}`);
// }
// return [];
// },
// packages: ["boba"],
// expectedExitCode: 0,
// expect: ({ out }) => {
// expect(out).toContain("- boba@0.0.2");
// expect(out).toContain("- peer@");
// },
// });
test("scanner counts all packages including transitive", {
scanner: async ({ packages }) => {
console.log(`Total packages scanned: ${packages.length}`);
return [];
},
packages: ["@barn/moo"],
expectedExitCode: 0,
expect: ({ out }) => {
expect(out).toContain("Total packages scanned: 3");
},
});
});
// test("scanner counts all packages including transitive", {
// scanner: async ({ packages }) => {
// console.log(`Total packages scanned: ${packages.length}`);
// return [];
// },
// packages: ["@barn/moo"],
// expectedExitCode: 0,
// expect: ({ out }) => {
// expect(out).toContain("Total packages scanned: 3");
// },
// });
// });