Add basic unit tests for get_vulnerabilities and get_vulnerabilities_from_latest_tag

ArBridgeman · ArBridgeman · commit f732bc156f4f · 2025-11-05T13:03:33.000+01:00
diff --git a/exasol/toolbox/util/dependencies/audit.py b/exasol/toolbox/util/dependencies/audit.py
@@ -149,6 +149,12 @@ def security_issue_dict(self) -> list[dict[str, str | list[str]]]:
         ]
 
 
+def get_vulnerabilities(working_directory: Path) -> list[Vulnerability]:
+    return Vulnerabilities.load_from_pip_audit(
+        working_directory=working_directory
+    ).vulnerabilities
+
+
 def get_vulnerabilities_from_latest_tag():
     with poetry_files_from_latest_tag() as tmp_dir:
-        return Vulnerabilities.load_from_pip_audit(working_directory=tmp_dir)
+        return get_vulnerabilities(working_directory=tmp_dir)
diff --git a/test/unit/util/dependencies/audit_test.py b/test/unit/util/dependencies/audit_test.py
@@ -11,7 +11,10 @@
     Vulnerabilities,
     Vulnerability,
     audit_poetry_files,
+    get_vulnerabilities,
+    get_vulnerabilities_from_latest_tag,
 )
+from noxconfig import PROJECT_CONFIG
 
 
 @pytest.fixture
@@ -133,3 +136,40 @@ def test_security_issue_dict(sample_vulnerability):
         )
         result = vulnerabilities.security_issue_dict
         assert result == [sample_vulnerability.security_issue_entry]
+
+
+def test_get_vulnerabilities(sample_vulnerability):
+    with mock.patch(
+        "exasol.toolbox.util.dependencies.audit.audit_poetry_files",
+        return_value=sample_vulnerability.pip_audit_json,
+    ):
+        result = get_vulnerabilities(PROJECT_CONFIG.root)
+    # if successful, no errors & should be non-empty due to mock
+    assert isinstance(result, list)
+    assert len(result) == 1
+
+
+class TestGetVulnerabilities:
+    def test_with_mock(self, sample_vulnerability):
+        with mock.patch(
+            "exasol.toolbox.util.dependencies.audit.audit_poetry_files",
+            return_value=sample_vulnerability.pip_audit_json,
+        ):
+            result = get_vulnerabilities(PROJECT_CONFIG.root)
+
+        # if successful, no errors & should be 1 due to mock
+        assert isinstance(result, list)
+        assert len(result) == 1
+
+
+class TestGetVulnerabilitiesFromLatestTag:
+    def test_with_mock(self, sample_vulnerability):
+        with mock.patch(
+            "exasol.toolbox.util.dependencies.audit.audit_poetry_files",
+            return_value=sample_vulnerability.pip_audit_json,
+        ):
+            result = get_vulnerabilities_from_latest_tag()
+
+        # if successful, no errors & should be 1 due to mock
+        assert isinstance(result, list)
+        assert len(result) == 1
