spec/integration/ruby/bundler_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe 'bundler' do
  include_examples 'each report version', 'ruby', 'bundler'

  context 'when a project depends on an older version of bundler' do
    it 'produces a valid report' do
      runner.add_file('Gemfile') do
        <<~RAW
          source 'https://rubygems.org'

          gem 'saml-kit'
        RAW
      end
      runner.add_file('Gemfile.lock') do
        <<~RAW
          GEM
            remote: https://rubygems.org/
            specs:
              activemodel (6.0.2.1)
                activesupport (= 6.0.2.1)
              activesupport (6.0.2.1)
                concurrent-ruby (~> 1.0, >= 1.0.2)
                i18n (>= 0.7, < 2)
                minitest (~> 5.1)
                tzinfo (~> 1.1)
                zeitwerk (~> 2.2)
              builder (3.2.4)
              concurrent-ruby (1.1.5)
              i18n (1.7.1)
                concurrent-ruby (~> 1.0)
              mini_portile2 (2.4.0)
              minitest (5.13.0)
              net-hippie (0.2.7)
              nokogiri (1.10.7)
                mini_portile2 (~> 2.4.0)
              saml-kit (1.1.0)
                activemodel (>= 4.2.0)
                net-hippie (~> 0.1)
                xml-kit (>= 0.3.0, < 1.0.0)
              thread_safe (0.3.6)
              tilt (2.0.10)
              tzinfo (1.2.6)
                thread_safe (~> 0.1)
              xml-kit (0.4.0)
                activemodel (>= 4.2.0)
                builder (~> 3.2)
                nokogiri (~> 1.10)
                tilt (>= 1.4.1)
                xmldsig (~> 0.6)
              xmldsig (0.6.6)
                nokogiri (>= 1.6.8, < 2.0.0)
              zeitwerk (2.2.2)

          PLATFORMS
            ruby

          DEPENDENCIES
            saml-kit

          BUNDLED WITH
             1.17.3
        RAW
      end

      report = runner.scan

      expect(report).to match_schema(version: '2.0')
      expect(report[:licenses]).not_to be_empty
      expect(report.dependency_names).to include('saml-kit')
    end
  end

  context 'when a project depends on bundler `~> 2.0`' do
    it 'produces a valid report' do
      runner.add_file('Gemfile') do
        <<~RAW
          source 'https://rubygems.org'

          gem 'net-hippie'
        RAW
      end
      runner.add_file('Gemfile.lock') do
        <<~RAW
          GEM
            remote: https://rubygems.org/
            specs:
              net-hippie (0.3.2)

          PLATFORMS
            ruby

          DEPENDENCIES
            net-hippie

          BUNDLED WITH
             2.1.4
        RAW
      end

      report = runner.scan

      expect(report).to match_schema(version: '2.0')
      expect(report[:licenses]).not_to be_empty
      expect(report.find('net-hippie')).to eql(name: 'net-hippie', licenses: ['MIT'])
    end
  end
end