From 7d98d9960dfe9fe58105b5fc0b87a48c08621acd Mon Sep 17 00:00:00 2001 From: Brianna Ren Date: Tue, 3 Jan 2023 17:52:32 -0800 Subject: [PATCH 1/5] improve message for language version check --- lib/salus/scanners/language_version/base.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/salus/scanners/language_version/base.rb b/lib/salus/scanners/language_version/base.rb index 4023527e..f37ed56c 100644 --- a/lib/salus/scanners/language_version/base.rb +++ b/lib/salus/scanners/language_version/base.rb @@ -22,14 +22,16 @@ def run if min_version && (version < min_version) error_msg = "Repository language version (#{version}) is less " \ - "than minimum configured version (#{min_version})" + "than minimum configured version (#{min_version}). " \ + "Please upgrade the language version." report_error(error_msg) return report_failure end if max_version && (version > max_version) error_msg = "Repository language version (#{version}) is greater " \ - "than maximum configured version (#{max_version})" + "than maximum configured version (#{max_version}). " \ + "Please downgrapde the language version." report_error(error_msg) return report_failure end From f1bdc3b166cea76ad5b1b30b65e51cd04772fb4e Mon Sep 17 00:00:00 2001 From: Brianna Ren Date: Tue, 3 Jan 2023 17:53:21 -0800 Subject: [PATCH 2/5] fix typo --- lib/salus/scanners/language_version/base.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/salus/scanners/language_version/base.rb b/lib/salus/scanners/language_version/base.rb index f37ed56c..046bbb01 100644 --- a/lib/salus/scanners/language_version/base.rb +++ b/lib/salus/scanners/language_version/base.rb @@ -31,7 +31,7 @@ def run if max_version && (version > max_version) error_msg = "Repository language version (#{version}) is greater " \ "than maximum configured version (#{max_version}). " \ - "Please downgrapde the language version." + "Please downgrade the language version." report_error(error_msg) return report_failure end From 47d498f80adae0b68f6ac43ded16ce0bef1845f3 Mon Sep 17 00:00:00 2001 From: Brianna Ren Date: Tue, 3 Jan 2023 19:04:43 -0800 Subject: [PATCH 3/5] fix spec --- .../sarif/language_version/ruby_version_scanner_sarif_spec.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/spec/lib/sarif/language_version/ruby_version_scanner_sarif_spec.rb b/spec/lib/sarif/language_version/ruby_version_scanner_sarif_spec.rb index 0d10c60e..510faa8d 100644 --- a/spec/lib/sarif/language_version/ruby_version_scanner_sarif_spec.rb +++ b/spec/lib/sarif/language_version/ruby_version_scanner_sarif_spec.rb @@ -9,7 +9,8 @@ 'ruby_version_scanner/invalid_version_1' error_msg = 'Repository language version (2.1.0) is less '\ - 'than minimum configured version (2.6.0)' + 'than minimum configured version (2.6.0). ' \ + 'Please upgrade the language version.' it_behaves_like "language version scanner sarif", Salus::Scanners::LanguageVersion::RubyVersionScanner, From 88ce9473a564af9dcd81ae34161bc4fdff7d351c Mon Sep 17 00:00:00 2001 From: Brianna Ren Date: Tue, 3 Jan 2023 22:16:28 -0800 Subject: [PATCH 4/5] fix failed specs --- spec/lib/salus/processor_spec.rb | 4 +++- spec/lib/salus/scanners/gosec_spec.rb | 10 +--------- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/spec/lib/salus/processor_spec.rb b/spec/lib/salus/processor_spec.rb index f7cbe5d5..862f3ebb 100644 --- a/spec/lib/salus/processor_spec.rb +++ b/spec/lib/salus/processor_spec.rb @@ -7,6 +7,9 @@ def remove_key(json_string, key = 'running_time') json['scans'].each do |scanner, _| json['scans'][scanner].delete(key) end + # Trufflehog outputs the newest available version, even if + # it is not the installed version, so just don't compare Trufflehog version + json['scans']['Trufflehog']&.delete('version') return json if json.dig('config', 'report_uris').nil? @@ -292,7 +295,6 @@ def remove_key(json_string, encoded = false) processor = Salus::Processor.new(repo_path: 'spec/fixtures/processor/local_uri') processor.scan_project processor.export_report - expect(File.read(local_uri)).to match_report_json(expected_report, true) # remove report file that was generated from Salus execution diff --git a/spec/lib/salus/scanners/gosec_spec.rb b/spec/lib/salus/scanners/gosec_spec.rb index 5ebde1ca..f9066a86 100644 --- a/spec/lib/salus/scanners/gosec_spec.rb +++ b/spec/lib/salus/scanners/gosec_spec.rb @@ -259,16 +259,12 @@ let(:repo) { Salus::Repo.new('spec/fixtures/gosec/gosec_rules') } let(:exceptions) do [{ 'advisory_id' => "G101", - 'expiration' => '2022-12-31', + 'expiration' => '3022-12-31', 'changed_by' => 'appsec', 'notes' => 'foo' }] end let(:config) { { "exceptions" => exceptions, "nosec" => "true" } } - before(:each) do - allow(Date).to receive(:today).and_return Date.new(2021, 12, 31) - end - it 'should honor active exceptions' do expect(config_scanner.report.passed?).to eq(true) end @@ -284,10 +280,6 @@ end let(:config) { { "exceptions" => exceptions, "nosec" => "true" } } - before(:each) do - allow(Date).to receive(:today).and_return Date.new(2021, 12, 31) - end - it 'should ignore expired exceptions' do expect(config_scanner.report.passed?).to eq(false) end From ff4dfad77e57a6a94953bc36937a74800fc65f5f Mon Sep 17 00:00:00 2001 From: Brianna Ren Date: Tue, 3 Jan 2023 22:43:47 -0800 Subject: [PATCH 5/5] fix spec --- .../sarif/language_version/go_version_scanner_sarif_spec.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/spec/lib/sarif/language_version/go_version_scanner_sarif_spec.rb b/spec/lib/sarif/language_version/go_version_scanner_sarif_spec.rb index 85735055..7c6073bb 100644 --- a/spec/lib/sarif/language_version/go_version_scanner_sarif_spec.rb +++ b/spec/lib/sarif/language_version/go_version_scanner_sarif_spec.rb @@ -9,7 +9,8 @@ 'go_version_scanner/invalid_version_1' error_msg = 'Repository language version (1.14) is less '\ - 'than minimum configured version (1.15.0)' + 'than minimum configured version (1.15.0). '\ + 'Please upgrade the language version.' it_behaves_like "language version scanner sarif", Salus::Scanners::LanguageVersion::GoVersionScanner,