Merge pull request #71 from GitGuardian/xblanchot/-/fix_sca_cassettes_and_tests

Xblanchot/ /fix sca cassettes and tests

Author: pierrelalanne

pygitguardian/client.py

@@ -618,7 +618,7 @@ def compute_sca_files(
         extra_headers: Optional[Dict[str, str]] = None,
     ) -> Union[Detail, ComputeSCAFilesResult]:
         if len(files) == 0:
-            result = ComputeSCAFilesResult(sca_files=[], potential_siblings=[])
+            result = ComputeSCAFilesResult(sca_files=[])
             result.status_code = 200
             return result
 

pygitguardian/sca_models.py

@@ -44,7 +44,6 @@ class SCAScanParameters(Base, FromDictMixin):
 @dataclass
 class ComputeSCAFilesResult(Base, FromDictMixin):
     sca_files: List[str]
-    potential_siblings: List[str]
 
 
 ComputeSCAFilesResult.SCHEMA = cast(

tests/cassettes/test_sca_scan_compute_files.yaml

@@ -13,25 +13,25 @@ interactions:
         Content-Type:
           - application/json
         User-Agent:
-          - pygitguardian/1.9.0 (Linux;py3.10.12)
+          - pygitguardian/1.9.0 (Linux;py3.10.13)
       method: POST
       uri: https://api.gitguardian.com/v1/sca/compute_sca_files/
     response:
       body:
-        string: '{"sca_files":["Pipfile"],"potential_siblings":["Pipfile.lock"]}'
+        string: '{"sca_files":["Pipfile"],"potential_siblings":[]}'
       headers:
         access-control-expose-headers:
           - X-App-Version
         allow:
           - POST, OPTIONS
         content-length:
-          - '63'
+          - '49'
         content-type:
           - application/json
         cross-origin-opener-policy:
           - same-origin
         date:
-          - Thu, 17 Aug 2023 08:43:29 GMT
+          - Tue, 26 Sep 2023 09:58:56 GMT
         referrer-policy:
           - strict-origin-when-cross-origin
         server:
@@ -41,7 +41,7 @@ interactions:
         vary:
           - Cookie
         x-app-version:
-          - v2.36.1
+          - v2.39.1
         x-content-type-options:
           - nosniff
           - nosniff
@@ -51,9 +51,9 @@ interactions:
           - DENY
           - SAMEORIGIN
         x-sca-engine-version:
-          - 1.16.1
+          - 1.17.0
         x-secrets-engine-version:
-          - 2.95.0
+          - 2.97.0
         x-xss-protection:
           - 1; mode=block
       status:

tests/cassettes/test_sca_scan_directory_valid.yaml

@@ -33,6 +33,7 @@
     SCAScanAllOutput,
     SCAScanDiffOutput,
     SCAScanParameters,
+    SCAVulnerability,
 )
 
 from .conftest import my_vcr
@@ -840,7 +841,6 @@ def test_compute_sca_files(client: GGClient):
     result = client.compute_sca_files(files=["Pipfile", "something_else"])
     assert isinstance(result, ComputeSCAFilesResult)
     assert result.sca_files == ["Pipfile"]
-    assert result.potential_siblings == ["Pipfile.lock"]
 
 
 @my_vcr.use_cassette("test_sca_scan_directory_valid.yaml", ignore_localhost=False)
@@ -866,7 +866,20 @@ def test_sca_scan_directory(client: GGClient):
         None,
     )
     assert vuln_pkg is not None
-    assert len(vuln_pkg.vulns) == 13
+    assert len(vuln_pkg.vulns) >= 13
+    assert (
+        SCAVulnerability.from_dict(
+            {
+                "cve_ids": [],
+                "identifier": "GHSA-22wc-c9wj-6q2v",
+                "severity": "medium",
+                "created_at": "2021-04-19T15:12:05Z",
+                "fixed_version": "0.2.12",
+                "summary": "VVE-2021-0001: Memory corruption using function calls within arrays",
+            }
+        )
+        in vuln_pkg.vulns
+    )
 
 
 @my_vcr.use_cassette("test_sca_scan_directory_invalid_tar.yaml", ignore_localhost=False)

tests/test_client.py

@@ -37,10 +37,7 @@ class TestModel:
             ),
             (
                 ComputeSCAFilesResult,
-                {
-                    "sca_files": ["Pipfile", "package-lock.json"],
-                    "potential_siblings": ["Pipfile.lock", "package.json"],
-                },
+                {"sca_files": ["Pipfile", "package-lock.json"]},
             ),
             (
                 SCAVulnerability,