Skip to content

test_ouput_cyclonedx is failing #4402

New issue
New issue
Closed
Closed
test_ouput_cyclonedx is failing#4402
@terriko

Description

@terriko
terriko
opened on Aug 29, 2024

Mostly for @anthonyharrison -- I think maybe you did the lib4vex release and it's causing a minor problem? I'm guessing we should just fix our test.

=========================== short test summary info ============================
FAILED test/test_vex.py::TestVexGeneration::test_output_cyclonedx - AssertionError: assert {'$schema': '...': '1.6', ...} == {'$schema': '...': '1.6', ...}
  
  Omitting 5 identical items, use -vv to show
  Differing items:
  {'metadata': {'component': {'bom-ref': 'CDXRef-DOCUMENT', 'name': 'dummy-product', 'supplier': {'name': 'dummy-vendor'...alue': 'Initial version'}], 'tools': {'components': [{'name': 'lib4vex', 'type': 'application', 'version': '0.2.0'}]}}} != {'metadata': {'component': {'bom-ref': 'CDXRef-DOCUMENT', 'name': 'dummy-product', 'type': 'application'}, 'properties...alue': 'Initial version'}], 'tools': {'components': [{'name': 'lib4vex', 'type': 'application', 'version': '0.1.0'}]}}}
  
  Full diff:
    {
        '$schema': 'http://cyclonedx.org/schema/bom-1.6.schema.json',
        'bomFormat': 'CycloneDX',
        'metadata': {
            'component': {
                'bom-ref': 'CDXRef-DOCUMENT',
                'name': 'dummy-product',
  +             'supplier': {
  +                 'name': 'dummy-vendor',
  +             },
                'type': 'application',
  +             'version': '1.0',
            },
            'properties': [
                {
                    'name': 'Revision_1',
                    'value': 'Initial version',
                },
            ],
            'tools': {
                'components': [
                    {
                'description': '',
                'id': 'CVE-1234-1005',
                'source': {
                    'name': 'NVD',
                    'url': 'https://nvd.nist.gov/vuln/detail/CVE-1234-1005',
                },
            },
            {
                'affects': [
                    {
                        'ref': 'urn:cbt:1/vendor0#product0:2.8.6',
                        'versions': {
                            'status': 'affected',
                            'version': '2.8.6',
                        },
                    },
                ],
                'analysis': {
                    'detail': 'Data field populated.',
                    'state': 'resolved',
                },
                'bom-ref': '[email protected]',
                'description': '',
                'id': 'CVE-1234-1007',
                'source': {
                    'name': 'NVD',
                    'url': 'https://nvd.nist.gov/vuln/detail/CVE-1234-1007',
                },
            },
            {
                'affects': [
                    {
                        'ref': 'urn:cbt:1/vendor0#product0:2.8.6',
                    },
                ],
                'analysis': {
                    'detail': '',
                    'state': 'in_triage',
                },
                'bom-ref': '[email protected]',
                'description': '',
                'id': 'CVE-1234-1008',
                'source': {
                    'name': 'NVD',
                    'url': 'https://nvd.nist.gov/vuln/detail/CVE-1234-1008',
                },
            },
        ],
    }
===== 1 failed, 246 passed, 1795 skipped, 11 warnings in 143.39s (0:02:23) =====

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions