tests: add npm-audit

PR-URL: #1672 Credit: @claudiahdz Close: #1672 Reviewed-by: @isaacs
npm · Aug 18, 2020 · 6e03e55 · 6e03e55
1 parent 85027f4
commit 6e03e55
Show file tree

Hide file tree

Showing 2 changed files with 125 additions and 1 deletion.
diff --git a/lib/audit.js b/lib/audit.js
@@ -38,8 +38,12 @@ const usage = usageUtil(
 const completion = (opts, cb) => {
   const argv = opts.conf.argv.remain
 
+  if (argv.length === 2) {
+    return cb(null, ['fix'])
+  }
+
   switch (argv[2]) {
-    case 'audit':
+    case 'fix':
       return cb(null, [])
     default:
       return cb(new Error(argv[2] + ' not recognized'))

diff --git a/test/lib/audit.js b/test/lib/audit.js
@@ -0,0 +1,120 @@
+const { test } = require('tap')
+const requireInject = require('require-inject')
+const audit = require('../../lib/audit.js')
+
+test('should audit using Arborist', t => {
+  let ARB_ARGS = null
+  let AUDIT_CALLED = false
+  let REIFY_OUTPUT_CALLED = false
+  let AUDIT_REPORT_CALLED = false
+  let OUTPUT_CALLED = false
+  let ARB_OBJ = null
+
+  const audit = requireInject('../../lib/audit.js', {
+    '../../lib/npm.js': {
+      prefix: 'foo',
+      flatOptions: {
+        json: false
+      },
+    },
+    'npm-audit-report': () => {
+      AUDIT_REPORT_CALLED = true
+      return {
+        report: 'there are vulnerabilities',
+        exitCode: 0
+      }
+    },
+    '@npmcli/arborist': function (args) {
+      ARB_ARGS = args
+      ARB_OBJ = this
+      this.audit = () => {
+        AUDIT_CALLED = true
+      }
+    },
+    '../../lib/utils/reify-output.js': arb => {
+      if (arb !== ARB_OBJ) {
+        throw new Error('got wrong object passed to reify-output')
+      }
+      REIFY_OUTPUT_CALLED = true
+    },
+    '../../lib/utils/output.js': () => {
+      OUTPUT_CALLED = true
+    }
+  })
+
+  t.test('audit', t => {
+    audit([], () => {
+      t.match(ARB_ARGS, { audit: true, path: 'foo' })
+      t.equal(AUDIT_CALLED, true, 'called audit')
+      t.equal(AUDIT_REPORT_CALLED, true, 'called audit report')
+      t.equal(OUTPUT_CALLED, true, 'called audit report')
+      t.end()
+    })
+  })
+
+  t.test('audit fix', t => {
+    audit(['fix'], () => {
+      t.equal(REIFY_OUTPUT_CALLED, true, 'called reify output')
+      t.end()
+    })
+  })
+
+  t.end()
+})
+
+test('should audit - json', t => {
+  const audit = requireInject('../../lib/audit.js', {
+    '../../lib/npm.js': {
+      prefix: 'foo',
+      flatOptions: {
+        json: true
+      },
+    },
+    'npm-audit-report': () => ({
+      report: 'there are vulnerabilities',
+      exitCode: 0
+    }),
+    '@npmcli/arborist': function () {
+      this.audit = () => {}
+    },
+    '../../lib/utils/reify-output.js': () => {},
+    '../../lib/utils/output.js': () => {}
+  })
+
+  audit([], (err) => {
+    t.notOk(err, 'no errors')
+    t.end()
+  })
+})
+
+test('completion', t => {
+  t.test('fix', t => {
+    audit.completion({
+      conf: { argv: { remain: ['npm', 'audit'] } }
+    }, (err, res) => {
+      const subcmd = res.pop()
+      t.equals('fix', subcmd, 'completes to fix')
+      t.end()
+    })
+  })
+
+  t.test('subcommand fix', t => {
+    audit.completion({
+      conf: { argv: { remain: ['npm', 'audit', 'fix'] } }
+    }, (err) => {
+      t.notOk(err, 'no errors')
+      t.end()
+    })
+  })
+
+  t.test('subcommand not recognized', t => {
+    audit.completion({
+      conf: { argv: { remain: ['npm', 'audit', 'repare'] } }
+    }, (err) => {
+      t.ok(err, 'not recognized')
+      t.end()
+    })
+  })
+
+  t.end()
+})