oracle
diff --git a/‎src/macaron/malware_analyzer/pypi_heuristics/metadata/closer_release_join_date.py‎
Lines changed: 3 additions & 0 deletions b/‎src/macaron/malware_analyzer/pypi_heuristics/metadata/closer_release_join_date.py‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎tests/malware_analyzer/pypi/test_anomalous_version.py‎
Lines changed: 67 additions & 3 deletions b/‎tests/malware_analyzer/pypi/test_anomalous_version.py‎
Lines changed: 67 additions & 3 deletions
diff --git a/‎tests/malware_analyzer/pypi/test_closer_release_join_date.py‎
Lines changed: 51 additions & 7 deletions b/‎tests/malware_analyzer/pypi/test_closer_release_join_date.py‎
Lines changed: 51 additions & 7 deletions
diff --git a/‎tests/malware_analyzer/pypi/test_empty_project_link_analyzer.py‎
Lines changed: 17 additions & 16 deletions b/‎tests/malware_analyzer/pypi/test_empty_project_link_analyzer.py‎
Lines changed: 17 additions & 16 deletions
diff --git a/‎tests/malware_analyzer/pypi/test_high_release_frequency.py‎
Lines changed: 8 additions & 8 deletions b/‎tests/malware_analyzer/pypi/test_high_release_frequency.py‎
Lines changed: 8 additions & 8 deletions
diff --git a/‎tests/malware_analyzer/pypi/test_one_release_analyzer.py‎
Lines changed: 24 additions & 6 deletions b/‎tests/malware_analyzer/pypi/test_one_release_analyzer.py‎
Lines changed: 24 additions & 6 deletions
@@ -99,12 +99,15 @@ def analyze(self, pypi_package_json: PyPIPackageJsonAsset) -> tuple[HeuristicRes
         maintainers_join_date: list[datetime] | None = self._get_maintainers_join_date(
             pypi_package_json.pypi_registry, pypi_package_json.component_name
         )
+        # If there is no maintainer join date information, then it is malformed package metadata
         if not maintainers_join_date:
             error_msg = "Metadata has no maintainers or join dates for them"
             logger.debug(error_msg)
             raise HeuristicAnalyzerValueError(error_msg)
 
         latest_release_date: datetime | None = self._get_latest_release_date(pypi_package_json)
+        # Upload time is standardized by PyPI, so if it is not in the expected format then it is
+        # malformed package metadata
         if not latest_release_date:
             error_msg = "Unable to parse latest upload time"
             logger.debug(error_msg)
 
@@ -12,7 +12,13 @@
 
 
 def test_analyze_no_information(pypi_package_json: MagicMock) -> None:
-    """Test for when there is no release information, so error"""
+    """Test for when there is no release information (should error)
+
+    Parameters
+    ----------
+    pypi_package_json: MagicMock
+        The PyPIPackageJsonAsset MagicMock fixture.
+    """
     analyzer = AnomalousVersionAnalyzer()
 
     pypi_package_json.get_releases.return_value = None
@@ -22,7 +28,13 @@ def test_analyze_no_information(pypi_package_json: MagicMock) -> None:
 
 
 def test_analyze_invalid_time(pypi_package_json: MagicMock) -> None:
-    """Test for when the supplied upload time does not conform with PEP 440, so error."""
+    """Test for when the supplied upload time does not conform with PEP 440 (should error).
+
+    Parameters
+    ----------
+    pypi_package_json: MagicMock
+        The PyPIPackageJsonAsset MagicMock fixture.
+    """
     analyzer = AnomalousVersionAnalyzer()
     version = "1.1"
     release = {
@@ -60,7 +72,13 @@ def test_analyze_invalid_time(pypi_package_json: MagicMock) -> None:
 
 
 def test_analyze_no_time(pypi_package_json: MagicMock) -> None:
-    """Test for when there is no supplied upload time, so error."""
+    """Test for when there is no supplied upload time (should error).
+
+    Parameters
+    ----------
+    pypi_package_json: MagicMock
+        The PyPIPackageJsonAsset MagicMock fixture.
+    """
     analyzer = AnomalousVersionAnalyzer()
     version = "1.1"
     release = {
@@ -253,6 +271,8 @@ def test_analyze(
 
     Parameters
     ----------
+    pypi_package_json: MagicMock
+        The PyPIPackageJsonAsset MagicMock fixture.
     version : str
         the version number for the test package.
     upload_date : str
@@ -297,3 +317,47 @@ def test_analyze(
     actual_result = analyzer.analyze(pypi_package_json)
 
     assert actual_result == expected_result
+
+
+def test_multiple_releases(pypi_package_json: MagicMock) -> None:
+    """Test when there are multiple releases of the package (should skip).
+
+    Parameters
+    ----------
+    pypi_package_json: MagicMock
+        The PyPIPackageJsonAsset MagicMock fixture.
+    """
+    analyzer = AnomalousVersionAnalyzer()
+    release_content = [
+        {
+            "comment_text": "",
+            "digests": {
+                "blake2b_256": "defa2fbcebaeeb909511139ce28dac4a77ab2452ba72b49a22b12981b2f375b3",
+                "md5": "9203bbb130f8ddb38269f4861c170d04",
+                "sha256": "168bcccbf5106132e90b85659297700194369b8f6b3e5a03769614f0d200e370",
+            },
+            "downloads": -1,
+            "filename": "ttttttttest_nester.py-0.1.0.tar.gz",
+            "has_sig": False,
+            "md5_digest": "9203bbb130f8ddb38269f4861c170d04",
+            "packagetype": "sdist",
+            "python_version": "source",
+            "requires_python": None,
+            "size": 546,
+            "upload_time": "2016-10-13T05:42:27",
+            "upload_time_iso_8601": "2016-10-13T05:42:27.073842Z",
+            "url": "https://files.pythonhosted.org/packages/de/fa/"
+            + "2fbcebaeeb909511139ce28dac4a77ab2452ba72b49a22b12981b2f375b3/ttttttttest_nester.py-0.1.0.tar.gz",
+            "yanked": False,
+            "yanked_reason": None,
+        }
+    ]
+    releases = {  # this can just be the same content, as it'll be skipped anyway
+        "0.1": release_content,
+        "0.2": release_content,
+    }
+    pypi_package_json.get_releases.return_value = releases
+    expected_result: tuple[HeuristicResult, dict] = (HeuristicResult.SKIP, {})
+
+    actual_result = analyzer.analyze(pypi_package_json)
+    assert actual_result == expected_result
@@ -12,8 +12,14 @@
 from macaron.malware_analyzer.pypi_heuristics.metadata.closer_release_join_date import CloserReleaseJoinDateAnalyzer
 
 
-def test_analyze_pass(pypi_package_json: MagicMock) -> None:
-    """Test analyze method when the heuristic should pass."""
+def test_far_away_release_join_date(pypi_package_json: MagicMock) -> None:
+    """Test when the maintainer join date is far away from the upload date (should pass).
+
+    Parameters
+    ----------
+    pypi_package_json: MagicMock
+        The PyPIPackageJsonAsset MagicMock fixture.
+    """
     analyzer = CloserReleaseJoinDateAnalyzer()
 
     # Set up mock return values.
@@ -31,8 +37,14 @@ def test_analyze_pass(pypi_package_json: MagicMock) -> None:
     assert "latest_release_date" in detail_info
 
 
-def test_analyze_process(pypi_package_json: MagicMock) -> None:
-    """Test analyze method when the heuristic should fail."""
+def test_closer_release_join_date(pypi_package_json: MagicMock) -> None:
+    """Test when the maintainer join date is close to the upload date (should fail).
+
+    Parameters
+    ----------
+    pypi_package_json: MagicMock
+        The PyPIPackageJsonAsset MagicMock fixture.
+    """
     analyzer = CloserReleaseJoinDateAnalyzer()
 
     # Set up mock return values.
@@ -50,13 +62,45 @@ def test_analyze_process(pypi_package_json: MagicMock) -> None:
     assert "latest_release_date" in detail_info
 
 
-def test_analyze_no_maintainers(pypi_package_json: MagicMock) -> None:
-    """Test analyze method when there are no maintainers, raising an error."""
+def test_no_maintainers(pypi_package_json: MagicMock) -> None:
+    """Test when there are no maintainers (should error).
+
+    Parameters
+    ----------
+    pypi_package_json: MagicMock
+        The PyPIPackageJsonAsset MagicMock fixture.
+    """
     analyzer = CloserReleaseJoinDateAnalyzer()
 
     # Set up mock return values.
     pypi_package_json.pypi_registry.get_maintainers_of_package.return_value = None
-    pypi_package_json.get_latest_release_upload_time.return_value = "2022-06-20T12:00:00"
+    pypi_package_json.component_name = "mock1"
+
+    # Call the method.
+    with pytest.raises(HeuristicAnalyzerValueError):
+        _ = analyzer.analyze(pypi_package_json)
+
+
+@pytest.mark.parametrize(
+    ("upload_time"),
+    [pytest.param("20 June 2022 at 12pm", id="test_incorrect_format"), pytest.param(None, id="test_no_upload_time")],
+)
+def test_malformed_upload_time(pypi_package_json: MagicMock, upload_time: str | None) -> None:
+    """Test when the upload time is not in the expected format (should error).
+
+    Parameters
+    ----------
+    pypi_package_json: MagicMock
+        The PyPIPackageJsonAsset MagicMock fixture.
+    upload_time: str | None
+        The upload time for the package in any format that isn't the expected one.
+    """
+    analyzer = CloserReleaseJoinDateAnalyzer()
+
+    # Set up mock return values.
+    pypi_package_json.pypi_registry.get_maintainers_of_package.return_value = ["maintainer1"]
+    pypi_package_json.pypi_registry.get_maintainer_join_date.side_effect = [datetime(2022, 6, 18)]
+    pypi_package_json.get_latest_release_upload_time.return_value = upload_time
     pypi_package_json.component_name = "mock1"
 
     # Call the method.
 
@@ -1,4 +1,4 @@
-# Copyright (c) 2024 - 2024, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2024 - 2025, Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
 
 """Tests for heuristic detecting malicious metadata from PyPI"""
@@ -36,8 +36,14 @@ def setup_empty_project_link_analyzer() -> dict:
     }
 
 
-def test_analyze_no_links(empty_project_link_analyzer: dict) -> None:
-    """Test for result failed."""
+def test_no_links(empty_project_link_analyzer: dict) -> None:
+    """Test with no links (should fail).
+
+    Parameters
+    ----------
+    empty_project_link_analyzer: dict
+        A configured EmptyProjectLinkAnalyzer from the fixture.
+    """
     mock_pypi_package_fail = empty_project_link_analyzer["mock_pypi_package_fail"]
     mock_pypi_package_fail.get_project_links.return_value = {}
     expected_result: tuple[HeuristicResult, dict] = (HeuristicResult.FAIL, {})
@@ -47,8 +53,14 @@ def test_analyze_no_links(empty_project_link_analyzer: dict) -> None:
     assert result == expected_result
 
 
-def test_analyze_with_links(empty_project_link_analyzer: dict) -> None:
-    """Test for result passed."""
+def test_with_links(empty_project_link_analyzer: dict) -> None:
+    """Test with links present (should pass).
+
+    Parameters
+    ----------
+    empty_project_link_analyzer: dict
+        A configured EmptyProjectLinkAnalyzer from the fixture.
+    """
     package_links = empty_project_link_analyzer["package_links"]
     mock_pypi_package_pass = empty_project_link_analyzer["mock_pypi_package_pass"]
     mock_pypi_package_pass.get_project_links.return_value = package_links
@@ -57,14 +69,3 @@ def test_analyze_with_links(empty_project_link_analyzer: dict) -> None:
     result = empty_project_link_analyzer["analyzer"].analyze(mock_pypi_package_pass)
 
     assert result == expected_result
-
-
-def test_analyze_none(empty_project_link_analyzer: dict) -> None:
-    """Test for result skip."""
-    mock_pypi_package_pass = empty_project_link_analyzer["mock_pypi_package_pass"]
-    mock_pypi_package_pass.get_project_links.return_value = None
-    expected_result: tuple[HeuristicResult, dict] = (HeuristicResult.FAIL, {})
-
-    result = empty_project_link_analyzer["analyzer"].analyze(mock_pypi_package_pass)
-
-    assert result == expected_result
 
@@ -12,8 +12,8 @@
 from macaron.malware_analyzer.pypi_heuristics.metadata.high_release_frequency import HighReleaseFrequencyAnalyzer
 
 
-def test_analyze_high_frequency_pass(pypi_package_json: MagicMock) -> None:
-    """Test HighReleaseFrequencyAnalyzer with low release frequency (should pass).
+def test_low_release_frequency(pypi_package_json: MagicMock) -> None:
+    """Test with low release frequency (should pass).
 
     Parameters
     ----------
@@ -37,8 +37,8 @@ def test_analyze_high_frequency_pass(pypi_package_json: MagicMock) -> None:
     assert detail_info == {"frequency": 9}
 
 
-def test_analyze_low_frequency_fail(pypi_package_json: MagicMock) -> None:
-    """Test HighReleaseFrequencyAnalyzer with high release frequency (should fail).
+def test_high_release_frequency(pypi_package_json: MagicMock) -> None:
+    """Test with high release frequency (should fail).
 
     Parameters
     ----------
@@ -62,8 +62,8 @@ def test_analyze_low_frequency_fail(pypi_package_json: MagicMock) -> None:
     assert detail_info == {"frequency": 1}
 
 
-def test_analyze_no_releases(pypi_package_json: MagicMock) -> None:
-    """Test HighReleaseFrequencyAnalyzer when no releases are available (should error for a malformed package).
+def test_no_releases(pypi_package_json: MagicMock) -> None:
+    """Test when no releases are available (should error).
 
     Parameters
     ----------
@@ -80,8 +80,8 @@ def test_analyze_no_releases(pypi_package_json: MagicMock) -> None:
         _ = analyzer.analyze(pypi_package_json)
 
 
-def test_analyze_single_release_skip(pypi_package_json: MagicMock) -> None:
-    """Test HighReleaseFrequencyAnalyzer with a single release (should skip).
+def test_single_release(pypi_package_json: MagicMock) -> None:
+    """Test with a single release (should skip).
 
     Parameters
     ----------
 
@@ -32,17 +32,29 @@ def setup_one_release_analyzer() -> dict:
     }
 
 
-def test_analyze_no_releases(one_release_analyzer: dict) -> None:
-    """No release information available, should error for a malformed package."""
+def test_no_releases(one_release_analyzer: dict) -> None:
+    """No release information available (should error).
+
+    Parameters
+    ----------
+    one_release_analyzer: dict
+        A configured OneReleaseAnalyzer from the fixture.
+    """
     mock_pypi_package_pass = one_release_analyzer["mock_pypi_package_pass"]
     mock_pypi_package_pass.get_releases.return_value = None
 
     with pytest.raises(HeuristicAnalyzerValueError):
         _ = one_release_analyzer["analyzer"].analyze(mock_pypi_package_pass)
 
 
-def test_analyze_one_release(one_release_analyzer: dict) -> None:
-    """Test for result failed."""
+def test_one_release(one_release_analyzer: dict) -> None:
+    """Test for a single release (should fail).
+
+    Parameters
+    ----------
+    one_release_analyzer: dict
+        A configured OneReleaseAnalyzer from the fixture.
+    """
     release = {
         "0.1.0": [
             {
@@ -78,8 +90,14 @@ def test_analyze_one_release(one_release_analyzer: dict) -> None:
     assert result == expected_result
 
 
-def test_analyze_multiple_releases(one_release_analyzer: dict) -> None:
-    """Test for result passed."""
+def test_multiple_releases(one_release_analyzer: dict) -> None:
+    """Test with multiple releases (should pass).
+
+    Parameters
+    ----------
+    one_release_analyzer: dict
+        A configured OneReleaseAnalyzer from the fixture.
+    """
     releases = {
         "0.0.1": [],
         "0.10.0": [