Skip to content

Commit d6fb292

Browse files
afsmeiraafsmeira
committed
tests: Add unit tests and fix faulty implementations
1 parent d6f2a33 commit d6fb292

File tree

2 files changed

+668
-3
lines changed

2 files changed

+668
-3
lines changed

internal/tool/malicious_packages_scanner.go

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -65,8 +65,14 @@ func (r maliciousPackageRange) matchesVersion(version string) bool {
6565
return false
6666
}
6767

68-
for _, event := range r.Events {
69-
if event.matchesVersion(version) {
68+
// Assumes events are ordered with an item with an introduced event being followed by an item with a fixed event.
69+
// This is true for the data we've collected so far.
70+
evtPairs := lo.Chunk(r.Events, 2)
71+
for _, introducedAndFixedPair := range evtPairs {
72+
matchesRange := lo.EveryBy(introducedAndFixedPair, func(e maliciousPackageRangeEvent) bool {
73+
return e.matchesVersion(version)
74+
})
75+
if matchesRange {
7076
return true
7177
}
7278
}
@@ -88,7 +94,7 @@ type maliciousPackageRangeEvent struct {
8894
// [OSV schema]: https://ossf.github.io/osv-schema/#requirements
8995
func (e maliciousPackageRangeEvent) matchesVersion(version string) bool {
9096
if e.Introduced != "" {
91-
return semverCompare(version, e.Fixed) >= 0
97+
return semverCompare(version, e.Introduced) >= 0
9298
}
9399
if e.Fixed != "" {
94100
return semverCompare(version, e.Fixed) < 0

0 commit comments

Comments
 (0)