Description
The test_csv2cve_valid_file test tests a valid .csv file and expects to find some components with known CVEs. Since these are real components and it's always possible new CVEs found will affect them, sometimes the test needs to be updated.
It's currently looking for lines like "10 CVE(s) in mit.kerberos_5 v1.15.1" in the complete output. Because of the way that assert works, when it fails it shows the expected string and then the entire log, which gets truncated so we can't easily tell what got changed.
It would be nice to change the assert so it compared against a smaller subset of the log, such as only comparing the lines that include the string " CVE(s) in " or lines that included the targeted component name. (e.g. show me all the liens that include "mit.kerberos_5")
It also might be viable to skip specific numbers and change the test so that as long as the new number is bigger than the original expected one it should still pass. (that won't always help because sometimes CVEs are removed, but that tends to be more rare than having them added)