Convert from using string paths to using Pathname

* Extract a ./bin/run script * Extract defintion for NEWLINE * Add specs for matching yarn.lock * Add specs for Report * Convert package_manager to pathname * Display path in report * matches? to match?
author: mo khan <mo.khan@gmail.com> 2020-05-22 09:28:44 -0600
committer: mo khan <mo.khan@gmail.com> 2020-05-25 18:31:06 -0600
commit: 1ca2a951d05480759af1668ed586793ff5d36a26 (patch)
tree: ca16267ec26b1d8c3b1a1346a1ab9e8689992116 /spec/unit/core
parent: f8092c7f0ad26d04c8137b3b7d4faea5508a53ce (diff)
4 files changed, 124 insertions, 17 deletions
diff --git a/spec/unit/core/dependency_spec.rb b/spec/unit/core/dependency_spec.rb
index 648ade2..4fe328a 100644
--- a/spec/unit/core/dependency_spec.rb
+++ b/spec/unit/core/dependency_spec.rb
@@ -1,30 +1,43 @@
 # frozen_string_literal: true
 
 RSpec.describe Spandx::Core::Dependency do
-  subject { described_class.new(package_manager: :nuget, name: 'jive', version: '0.1.0') }
+  subject { described_class.new(name: 'jive', version: '0.1.0', path: path) }
 
-  describe '#licenses' do
-    specify { expect(subject.licenses).to be_empty }
+  let(:path) { Pathname.new('Gemfile.lock') }
+
+  def build(name, version, path: 'Gemfile.lock')
+    described_class.new(name: name, version: version, path: Pathname.new(path))
   end
 
-  describe '#managed_by?' do
-    specify { expect(subject).to be_managed_by(:nuget) }
-    specify { expect(subject).to be_managed_by('nuget') }
-    specify { expect(subject).not_to be_managed_by('rubygems') }
-    specify { expect(subject).not_to be_managed_by(nil) }
-    specify { expect(subject).not_to be_managed_by(:rubygems) }
+  describe '#licenses' do
+    specify { expect(subject.licenses).to be_empty }
   end
 
   describe '<=>' do
-    def build(name, version)
-      described_class.new(package_manager: :rubygems, name: name, version: version)
-    end
-
     specify { expect(build('abc', '0.1.0') <=> build('bcd', '0.1.0')).to be < 0 }
+    specify { expect(build('abc', '0.1.0', path: './CHANGELOG.md') <=> build('bcd', '0.1.0', path: 'Gemfile.lock')).to be < 0 }
     specify { expect(build('Abc', '0.1.0') <=> build('acd', '0.1.0')).to be < 0 }
     specify { expect(build('spandx', '1.0.0') <=> build('spandx', '2.0.0')).to be < 0 }
-    specify { expect(build('spandx', '1.0.0') <=> build('spandx', nil)).to be > 0 }
+    specify { expect(build('spandx', '1.0.0') <=> build('spandx', nil)).to be < 0 }
     specify { expect(build('spandx', '1.0.0') <=> build(nil, '1.0.0')).to be > 0 }
     specify { expect(build('spandx', '1.0.0') <=> nil).to be > 0 }
   end
+
+  describe '#eql?' do
+    specify { expect(build('abc', '0.1.0', path: './Gemfile.lock')).to eql(build('abc', '0.1.0', path: './Gemfile.lock')) }
+    specify { expect(build('abc', '0.1.0', path: './Gemfile.lock')).not_to eql(build('abc', '0.1.0', path: './LICENSE.txt')) }
+    specify { expect(build('abc', '0.1.0')).not_to eql(build('abc', '0.2.0')) }
+    specify { expect(build('abc', '0.1.0')).not_to eql(build('xyz', '0.1.0')) }
+  end
+
+  describe '#inspect' do
+    specify { expect(build('abc', '0.1.0', path: path).inspect).to eql("#<#{described_class} name=abc version=0.1.0 path=#{path}>") }
+  end
+
+  describe '#hash' do
+    specify { expect(build('abc', '0.1.0').hash).to eql(build('abc', '0.1.0').hash) }
+    specify { expect(build('abc', '0.1.0', path: Pathname.new('Gemfile.lock')).hash).to eql(build('abc', '0.1.0', path: './Gemfile.lock').hash) }
+    specify { expect(build('abc', '0.1.0').hash).not_to eql(build('abc', '0.0.0').hash) }
+    specify { expect(build('xyz', '0.1.0').hash).not_to eql(build('abc', '0.1.0').hash) }
+  end
 end
diff --git a/spec/unit/core/license_plugin_spec.rb b/spec/unit/core/license_plugin_spec.rb
index ed36838..19ed0e6 100644
--- a/spec/unit/core/license_plugin_spec.rb
+++ b/spec/unit/core/license_plugin_spec.rb
@@ -7,7 +7,7 @@ RSpec.describe Spandx::Core::LicensePlugin do
 
   describe '#enhance' do
     context 'when the dependency is not managed by a known package manager' do
-      let(:dependency) { ::Spandx::Core::Dependency.new(package_manager: :unknown, name: 'spandx', version: '0.1.0') }
+      let(:dependency) { ::Spandx::Core::Dependency.new(name: 'spandx', version: '0.1.0', path: Pathname('./logo.gif')) }
 
       specify { expect(subject.enhance(dependency)).to eql(dependency) }
     end
@@ -128,7 +128,18 @@ RSpec.describe Spandx::Core::LicensePlugin do
       { package_manager: :yarn, name: 'vary', version: '1.1.2', expected: ['MIT'] },
     ].each do |item|
       context "#{item[:package_manager]}-#{item[:name]}-#{item[:version]}" do
-        let(:dependency) { ::Spandx::Core::Dependency.new(package_manager: item[:package_manager], name: item[:name], version: item[:version]) }
+        let(:dependency) { ::Spandx::Core::Dependency.new(path: files[item[:package_manager]], name: item[:name], version: item[:version]) }
+        let(:files) do
+          {
+            composer: fixture_file('composer/composer.lock'),
+            maven: fixture_file('maven/pom.xml'),
+            npm: fixture_file('js/npm/package-lock.json'),
+            nuget: fixture_file('nuget/example.csproj'),
+            pypi: fixture_file('pip/Pipfile.lock'),
+            rubygems: fixture_file('bundler/Gemfile.lock'),
+            yarn: fixture_file('js/yarn.lock')
+          }
+        end
 
         let(:results) do
           VCR.use_cassette("#{item[:package_manager]}-#{item[:name]}-#{item[:version]}") do
@@ -141,7 +152,7 @@ RSpec.describe Spandx::Core::LicensePlugin do
     end
 
     context 'when the composer dependency metadata includes the detected license' do
-      let(:dependency) { ::Spandx::Core::Dependency.new(package_manager: :composer, name: 'spandx/example', version: '0.1.0', meta: { 'license' => ['MIT'] }) }
+      let(:dependency) { ::Spandx::Core::Dependency.new(name: 'spandx/example', version: '0.1.0', path: fixture_file('composer/composer.lock'), meta: { 'license' => ['MIT'] }) }
       let(:results) { subject.enhance(dependency).licenses }
 
       it 'skips the network lookup' do
diff --git a/spec/unit/core/path_traversal_spec.rb b/spec/unit/core/path_traversal_spec.rb
new file mode 100644
index 0000000..e9da697
--- /dev/null
+++ b/spec/unit/core/path_traversal_spec.rb
@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+RSpec.describe Spandx::Core::PathTraversal do
+  let(:result) do
+    [].tap do |items|
+      subject.each do |item|
+        items << item.to_s
+      end
+    end
+  end
+
+  around do |example|
+    within_tmp_dir do |directory|
+      directory.join('./00/01/02/03/04').mkpath
+      directory.join('./00/01/02/03/04/.04').write('04')
+      directory.join('./00/01/02/03/04/file.04').write('04')
+      directory.join('./00/01/02/03/file.03').write('03')
+      directory.join('./00/01/02/file.02').write('02')
+      directory.join('./00/01/file.01').write('01')
+      directory.join('./00/file.00').write('00')
+      directory.join('./file').write('.')
+
+      example.run
+    end
+  end
+
+  describe '#each' do
+    context 'when traversing a directory non-recursively' do
+      subject { described_class.new(Pathname.pwd, recursive: false) }
+
+      specify do
+        expect(result.map { |x| Pathname.new(x).basename.to_s }).to match_array(['file'])
+      end
+    end
+
+    context 'when traversing a directory recursively' do
+      subject { described_class.new(Pathname.pwd, recursive: true) }
+
+      specify do
+        expect(result.map { |x| Pathname.new(x).basename.to_s }).to match_array([
+          'file', 'file.00', 'file.01', 'file.02', 'file.03', 'file.04', '.04'
+        ])
+      end
+    end
+
+    context 'when traversing a file non-recursively' do
+      subject { described_class.new(path, recursive: false) }
+
+      let(:path) { Pathname.pwd.join('./file') }
+
+      specify do
+        expect(result.map { |x| Pathname.new(x).basename.to_s }).to match_array(['file'])
+      end
+    end
+
+    context 'when traversing a file recursively' do
+      subject { described_class.new(path, recursive: true) }
+
+      let(:path) { Pathname.pwd.join('./file') }
+
+      specify do
+        expect(result.map { |x| Pathname.new(x).basename.to_s }).to match_array(['file'])
+      end
+    end
+  end
+end
diff --git a/spec/unit/core/report_spec.rb b/spec/unit/core/report_spec.rb
new file mode 100644
index 0000000..d543087
--- /dev/null
+++ b/spec/unit/core/report_spec.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+RSpec.describe Spandx::Core::Report do
+  def build(name, version, path)
+    Spandx::Core::Dependency.new(name: name, version: version, path: path)
+  end
+
+  describe '#dependencies' do
+    before do
+      subject.add(build('spandx', '0.1.0', Pathname('./Gemfile.lock')))
+      subject.add(build('spandx', '0.1.0', Pathname('./Gemfile.lock')))
+    end
+
+    specify { expect(subject.dependencies.count).to be(1) }
+    specify { expect(subject.dependencies.to_a).to eql([build('spandx', '0.1.0', Pathname('./Gemfile.lock'))]) }
+  end
+end
author	mo khan <mo.khan@gmail.com>	2020-05-22 09:28:44 -0600
committer	mo khan <mo.khan@gmail.com>	2020-05-25 18:31:06 -0600
commit	1ca2a951d05480759af1668ed586793ff5d36a26 (patch)
tree	ca16267ec26b1d8c3b1a1346a1ab9e8689992116 /spec/unit/core
parent	f8092c7f0ad26d04c8137b3b7d4faea5508a53ce (diff)