Skip to content

Commit

Permalink
feat: add support for reachability analysis call
Browse files Browse the repository at this point in the history
  • Loading branch information
@ArturSnyk
ArturSnyk committed Apr 19, 2021
1 parent 1ba1b61 commit c02f343
Show file tree
Hide file tree
Showing 4 changed files with 97 additions and 48 deletions.
6 changes: 6 additions & 0 deletions src/analysis.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ async function pollAnalysis(
username,
limitToFiles,
source,
reachability,
}: {
baseURL: string;
sessionToken: string;
Expand All @@ -65,6 +66,7 @@ async function pollAnalysis(
username?: string;
limitToFiles?: string[];
source: string;
reachability?: boolean;
},
requestOptions?: RequestOptions,
): Promise<IResult<AnalysisFailedResponse | AnalysisFinishedResponse, GetAnalysisErrorCodes>> {
Expand All @@ -90,6 +92,7 @@ async function pollAnalysis(
severity,
limitToFiles,
source,
reachability,
},
requestOptions,
);
Expand Down Expand Up @@ -132,6 +135,7 @@ export async function analyzeBundle(
username,
limitToFiles,
source,
reachability = false,
}: {
baseURL: string;
sessionToken: string;
Expand All @@ -142,6 +146,7 @@ export async function analyzeBundle(
username?: string;
limitToFiles?: string[];
source: string;
reachability?: boolean;
},
requestOptions?: RequestOptions,
): Promise<IBundleResult> {
Expand All @@ -157,6 +162,7 @@ export async function analyzeBundle(
severity,
limitToFiles,
source,
reachability,
},
requestOptions,
);
Expand Down
5 changes: 4 additions & 1 deletion src/http.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,6 +424,7 @@ export async function getAnalysis(
readonly oAuthToken?: string;
readonly username?: string;
readonly source: string;
readonly reachability?: boolean;
},
requestOptions?: RequestOptions,
): Promise<IResult<GetAnalysisResponseDto, GetAnalysisErrorCodes>> {
Expand All @@ -437,9 +438,11 @@ export async function getAnalysis(
severity,
limitToFiles,
source,
reachability,
} = options;
// ?linters=false is still a truthy query value, if(includeLint === false) we have to avoid sending the value altogether
const params = { severity, linters: includeLint || undefined };
// the same applies for reachability
const params = { severity, linters: includeLint || undefined, reachability: reachability || undefined };

const headers = { ...requestOptions?.headers, 'Session-Token': sessionToken, source };
if (oAuthToken) {
Expand Down
1 change: 1 addition & 0 deletions src/interfaces/analysis-options.interface.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ export interface Options {
baseURL?: string;
sessionToken: string;
includeLint?: boolean;
reachability?: boolean;
severity?: AnalysisSeverity;
sarif?: boolean;
source?: string;
Expand Down
133 changes: 86 additions & 47 deletions tests/api.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,60 +424,99 @@ describe('Requests to public API', () => {
TEST_TIMEOUT,
);

describe('git analysis', () => {
let goofBundleId: string;

it('create git bundle', async () => {
const bundleResponse = await createGitBundle({
baseURL,
sessionToken,
gitUri: '[email protected]:snyk/goof.git',
source: 'atom',
});
expect(bundleResponse.type).toEqual('success');
if (bundleResponse.type === 'error') return;
expect(bundleResponse.value.bundleId).toBeTruthy();
goofBundleId = bundleResponse.value.bundleId;
});
describe('git analysis', () => {
let goofBundleId: string;

it(
'git analysis',
async () => {
// Get analysis results
const response = await getAnalysis({
it('create git bundle', async () => {
const bundleResponse = await createGitBundle({
baseURL,
sessionToken,
bundleId: goofBundleId,
includeLint: false,
severity: 1,
gitUri: '[email protected]:snyk/goof.git',
source: 'atom',
});
expect(response.type).toEqual('success');
if (response.type === 'error') return;
expect(response.value.status !== AnalysisStatus.failed).toBeTruthy();
expect(bundleResponse.type).toEqual('success');
if (bundleResponse.type === 'error') return;
expect(bundleResponse.value.bundleId).toBeTruthy();
goofBundleId = bundleResponse.value.bundleId;
});

if (response.value.status === AnalysisStatus.done) {
expect(response.value.analysisURL.includes(goofBundleId)).toBeTruthy();
expect(response.value.analysisResults.suggestions).toBeTruthy();
it(
'git analysis',
async () => {
// Get analysis results
const response = await getAnalysis({
baseURL,
sessionToken,
bundleId: goofBundleId,
includeLint: false,
severity: 1,
source: 'atom',
});
expect(response.type).toEqual('success');
if (response.type === 'error') return;
expect(response.value.status !== AnalysisStatus.failed).toBeTruthy();

const suggestion = response.value.analysisResults.suggestions[0];
expect(suggestion.categories).toEqual(['Security']);
expect(suggestion).toHaveProperty('exampleCommitDescriptions');
expect(suggestion).toHaveProperty('exampleCommitFixes');
expect(suggestion.leadURL).toEqual('');
expect(suggestion.id).toEqual('javascript%2Fdc_interfile_project%2FHttpToHttps');
expect(suggestion.message).toContain(
'http (used in require) is an insecure protocol and should not be used in new code.',
);
expect(suggestion.rule).toEqual('HttpToHttps');
expect(suggestion.severity).toEqual(2);
expect(suggestion.tags).toEqual(['maintenance', 'http', 'server']);
expect(Object.keys(response.value.analysisResults.files).length).toEqual(3);
}
},
TEST_TIMEOUT,
);
});
if (response.value.status === AnalysisStatus.done) {
expect(response.value.analysisURL.includes(goofBundleId)).toBeTruthy();
expect(response.value.analysisResults.suggestions).toBeTruthy();

const suggestion = response.value.analysisResults.suggestions[0];
expect(suggestion.categories).toEqual(['Security']);
expect(suggestion).toHaveProperty('exampleCommitDescriptions');
expect(suggestion).toHaveProperty('exampleCommitFixes');
expect(suggestion.leadURL).toEqual('');
expect(suggestion.id).toEqual('javascript%2Fdc_interfile_project%2FHttpToHttps');
expect(suggestion.message).toContain(
'http (used in require) is an insecure protocol and should not be used in new code.',
);
expect(suggestion.rule).toEqual('HttpToHttps');
expect(suggestion.severity).toEqual(2);
expect(suggestion.tags).toEqual(['maintenance', 'http', 'server']);
expect(Object.keys(response.value.analysisResults.files).length).toEqual(3);
}
},
TEST_TIMEOUT,
);
//TODO(Artur): need to adjust this test after we introduce the required changes in api server
it.skip(
'git analysis with reachability flag',
async () => {
// Get analysis results
const response = await getAnalysis({
baseURL,
sessionToken,
bundleId: goofBundleId,
includeLint: false,
severity: 1,
source: 'atom',
reachability: true,
});
expect(response.type).toEqual('success');
if (response.type === 'error') return;
expect(response.value.status !== AnalysisStatus.failed).toBeTruthy();

if (response.value.status === AnalysisStatus.done) {
expect(response.value.analysisURL.includes(goofBundleId)).toBeTruthy();
expect(response.value.analysisResults.suggestions).toBeTruthy();

const suggestion = response.value.analysisResults.suggestions[0];
expect(suggestion.categories).toEqual(['Security']);
expect(suggestion).toHaveProperty('exampleCommitDescriptions');
expect(suggestion).toHaveProperty('exampleCommitFixes');
expect(suggestion.leadURL).toEqual('');
expect(suggestion.id).toEqual('javascript%2Fdc_interfile_project%2FHttpToHttps');
expect(suggestion.message).toContain(
'http (used in require) is an insecure protocol and should not be used in new code.',
);
expect(suggestion.rule).toEqual('HttpToHttps');
expect(suggestion.severity).toEqual(2);
expect(suggestion.tags).toEqual(['maintenance', 'http', 'server']);
expect(Object.keys(response.value.analysisResults.files).length).toEqual(3);
}
},
TEST_TIMEOUT,
);
});

it(
'git analysis with empty results',
Expand Down

0 comments on commit c02f343

Please sign in to comment.