Skip to content

Commit b135abf

Browse files
OsamaMahmoodOsamaMahmood
committed
updated unit test to reflect latest cahnges in the parser
1 parent f7e40d3 commit b135abf

3 files changed

Lines changed: 132 additions & 103 deletions

File tree

unittests/tools/test_wizcli_dir_parser.py

Lines changed: 48 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -16,64 +16,68 @@ def test_one_findings(self):
1616
findings = parser.get_findings(testfile, Test())
1717
self.assertEqual(1, len(findings))
1818
finding = findings[0]
19-
self.assertEqual("google.golang.org/protobuf - CVE-2024-24786", finding.title)
20-
self.assertEqual("Medium", finding.severity)
21-
self.assertEqual("/grpc/proto/go.mod", finding.file_path)
19+
self.assertEqual("github.com/golang-jwt/jwt/v4 4.5.1 - CVE-2025-30204", finding.title)
20+
self.assertEqual("High", finding.severity)
21+
self.assertEqual("/settlements/go.mod", finding.file_path)
2222
self.assertIn(
23-
"**Library Name**: google.golang.org/protobuf\n"
24-
"**Library Version**: 1.28.1\n"
25-
"**Library Path**: /grpc/proto/go.mod\n"
26-
"**Vulnerability Name**: CVE-2024-24786\n"
27-
"**Fixed Version**: 1.33.0\n"
28-
"**Source**: https://github.com/advisories/GHSA-8r3f-844c-mc37\n"
29-
"**Description**: None\n"
30-
"**Score**: None\n"
31-
"**Exploitability Score**: None\n"
32-
"**Has Exploit**: False\n"
33-
"**Has CISA KEV Exploit**: False\n",
23+
"**Vulnerability**: `CVE-2025-30204`\n"
24+
"**Severity**: High\n"
25+
"**Library**: `github.com/golang-jwt/jwt/v4`\n"
26+
"**Version**: `4.5.1`\n"
27+
"**Path/Manifest**: `/settlements/go.mod`\n"
28+
"**Fixed Version**: 4.5.2\n"
29+
"**Source**: https://github.com/advisories/GHSA-mh63-6h87-95cp\n"
30+
"**Has Exploit (Known)**: False\n"
31+
"**In CISA KEV**: False",
3432
finding.description,
3533
)
34+
self.assertEqual("Update `github.com/golang-jwt/jwt/v4` to version `4.5.2` or later in path/manifest `/settlements/go.mod`.", finding.mitigation)
35+
self.assertEqual("CVE-2025-30204", finding.cve)
36+
self.assertEqual("https://github.com/advisories/GHSA-mh63-6h87-95cp", finding.references)
37+
self.assertTrue(finding.static_finding)
38+
self.assertFalse(finding.dynamic_finding)
39+
self.assertTrue(finding.active)
3640

3741
def test_multiple_findings(self):
3842
with (get_unit_tests_scans_path("wizcli_dir") / "wizcli_dir_many_vul.json").open(encoding="utf-8") as testfile:
3943
parser = WizcliDirParser()
4044
findings = parser.get_findings(testfile, Test())
4145
self.assertEqual(7, len(findings))
46+
47+
# Test first finding
4248
finding = findings[0]
43-
self.assertEqual("golang.org/x/net - CVE-2023-44487", finding.title)
44-
self.assertEqual("Medium", finding.severity)
45-
self.assertEqual("/grpc/proto/go.mod", finding.file_path)
49+
self.assertEqual("github.com/golang-jwt/jwt/v4 4.5.1 - CVE-2025-30204", finding.title)
50+
self.assertEqual("High", finding.severity)
51+
self.assertEqual("/settlements/go.mod", finding.file_path)
4652
self.assertIn(
47-
"**Library Name**: golang.org/x/net\n"
48-
"**Library Version**: 0.14.0\n"
49-
"**Library Path**: /grpc/proto/go.mod\n"
50-
"**Vulnerability Name**: CVE-2023-44487\n"
51-
"**Fixed Version**: 0.17.0\n"
52-
"**Source**: https://github.com/advisories/GHSA-qppj-fm5r-hxr3\n"
53-
"**Description**: None\n"
54-
"**Score**: 7.5\n"
55-
"**Exploitability Score**: 3.9\n"
56-
"**Has Exploit**: True\n"
57-
"**Has CISA KEV Exploit**: True\n",
53+
"**Vulnerability**: `CVE-2025-30204`\n"
54+
"**Severity**: High\n"
55+
"**Library**: `github.com/golang-jwt/jwt/v4`\n"
56+
"**Version**: `4.5.1`\n"
57+
"**Path/Manifest**: `/settlements/go.mod`\n"
58+
"**Fixed Version**: 4.5.2\n"
59+
"**Source**: https://github.com/advisories/GHSA-mh63-6h87-95cp",
5860
finding.description,
5961
)
60-
62+
self.assertEqual("CVE-2025-30204", finding.cve)
63+
self.assertEqual("https://github.com/advisories/GHSA-mh63-6h87-95cp", finding.references)
64+
65+
# Test second finding
6166
finding = findings[1]
62-
self.assertEqual("golang.org/x/net - CVE-2023-45288", finding.title)
63-
self.assertEqual("Medium", finding.severity)
64-
self.assertEqual("/grpc/proto/go.mod", finding.file_path)
65-
self.assertEqual(None, finding.line)
67+
self.assertEqual("github.com/golang-jwt/jwt/v5 5.2.1 - CVE-2025-30204", finding.title)
68+
self.assertEqual("High", finding.severity)
69+
self.assertEqual("/settlements/go.mod", finding.file_path)
6670
self.assertIn(
67-
"**Library Name**: golang.org/x/net\n"
68-
"**Library Version**: 0.14.0\n"
69-
"**Library Path**: /grpc/proto/go.mod\n"
70-
"**Vulnerability Name**: CVE-2023-45288\n"
71-
"**Fixed Version**: 0.23.0\n"
72-
"**Source**: https://github.com/advisories/GHSA-4v7x-pqxf-cx7m\n"
73-
"**Description**: None\n"
74-
"**Score**: None\n"
75-
"**Exploitability Score**: None\n"
76-
"**Has Exploit**: False\n"
77-
"**Has CISA KEV Exploit**: False\n",
71+
"**Vulnerability**: `CVE-2025-30204`\n"
72+
"**Severity**: High\n"
73+
"**Library**: `github.com/golang-jwt/jwt/v5`\n"
74+
"**Version**: `5.2.1`\n"
75+
"**Path/Manifest**: `/settlements/go.mod`\n"
76+
"**Fixed Version**: 5.2.2\n"
77+
"**Source**: https://github.com/advisories/GHSA-mh63-6h87-95cp",
7878
finding.description,
7979
)
80+
self.assertEqual("CVE-2025-30204", finding.cve)
81+
self.assertTrue(finding.static_finding)
82+
self.assertFalse(finding.dynamic_finding)
83+
self.assertTrue(finding.active)

unittests/tools/test_wizcli_iac_parser.py

Lines changed: 46 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -17,47 +17,64 @@ def test_one_findings(self):
1717
self.assertEqual(1, len(findings))
1818
finding = findings[0]
1919
self.assertEqual(
20-
"Secret: Passwords And Secrets - Password in URL (postgres://postgres:---REDACTED---@db:5432/postgres?)",
20+
"Bucket usage logs should be enabled - google_storage_bucket[elastic-snapshots]",
2121
finding.title,
2222
)
23-
self.assertEqual("High", finding.severity)
24-
self.assertEqual("docker-compose.yml", finding.file_path)
25-
self.assertEqual(58, finding.line)
23+
self.assertEqual("Low", finding.severity)
24+
self.assertEqual("states/dev/storage.tf", finding.file_path)
25+
self.assertEqual(1, finding.line)
2626
self.assertIn(
27-
"**Secret ID**: None\n"
28-
"**Description**: Passwords And Secrets - Password in URL (postgres://postgres:---REDACTED---@db:5432/postgres?)\n"
29-
"**File Name**: docker-compose.yml\n"
30-
"**Line Number**: 58\n"
31-
"**Match Content**: PASSWORD\n",
27+
"**Rule**: Bucket usage logs should be enabled (ID: `bd9e69dd-93a1-4122-900a-992135c62572`)\n"
28+
"**Severity**: Low\n"
29+
"**Resource**: `google_storage_bucket[elastic-snapshots]`\n"
30+
"**File**: `states/dev/storage.tf`\n"
31+
"**Line**: 1\n"
32+
"**Code Snippet**: ```\nresource \"google_storage_bucket\" \"elastic-snapshots\" {\n```\n"
33+
"\n**Finding Details**:\n"
34+
"- **Expected**: 'logging' should be set\n"
35+
"- **Found**: 'logging' is undefined\n"
36+
"- **File Type**: TERRAFORM",
3237
finding.description,
3338
)
39+
self.assertTrue(finding.static_finding)
40+
self.assertFalse(finding.dynamic_finding)
41+
self.assertTrue(finding.active)
42+
self.assertEqual("bd9e69dd-93a1-4122-900a-992135c62572", finding.vuln_id_from_tool)
3443

3544
def test_multiple_findings(self):
3645
with (get_unit_tests_scans_path("wizcli_iac") / "wizcli_iac_many_vul.json").open(encoding="utf-8") as testfile:
3746
parser = WizcliIaCParser()
3847
findings = parser.get_findings(testfile, Test())
3948
self.assertEqual(25, len(findings))
49+
50+
# Test first finding
4051
finding = findings[0]
4152
self.assertEqual(
4253
"Apk Add Using Local Cache Path - FROM={{registry.gitlab.com/evilorg.com/infra/images/go-lang-1.18-alpine3.17:latest as builder}}.{{RUN apk add --update make git musl-dev gcc}}",
4354
finding.title,
4455
)
45-
self.assertEqual("Informational", finding.severity)
56+
self.assertEqual("Info", finding.severity)
4657
self.assertEqual("Dockerfile", finding.file_path)
4758
self.assertEqual(8, finding.line)
4859
self.assertIn(
49-
"**Rule ID**: 4ac84116-456f-4d60-9e12-187607266faf\n"
50-
"**Rule Name**: Apk Add Using Local Cache Path\n"
51-
"**Resource Name**: FROM={{registry.gitlab.com/evilorg.com/infra/images/go-lang-1.18-alpine3.17:latest as builder}}.{{RUN apk add --update make git musl-dev gcc}}\n"
52-
"**File Name**: Dockerfile\n"
53-
"**Line Number**: 8\n"
54-
"**Match Content**: RUN apk add --update make git musl-dev gcc\n"
55-
"**Expected**: 'RUN' should not contain 'apk add' command without '--no-cache' switch\n"
56-
"**Found**: 'RUN' contains 'apk add' command without '--no-cache' switch\n"
57-
"**File Type**: DOCKERFILE\n",
60+
"**Rule**: Apk Add Using Local Cache Path (ID: `4ac84116-456f-4d60-9e12-187607266faf`)\n"
61+
"**Severity**: Info\n"
62+
"**Resource**: `FROM={{registry.gitlab.com/evilorg.com/infra/images/go-lang-1.18-alpine3.17:latest as builder}}.{{RUN apk add --update make git musl-dev gcc}}`\n"
63+
"**File**: `Dockerfile`\n"
64+
"**Line**: 8\n"
65+
"**Code Snippet**: ```\nRUN apk add --update make git musl-dev gcc\n```\n"
66+
"\n**Finding Details**:\n"
67+
"- **Expected**: 'RUN' should not contain 'apk add' command without '--no-cache' switch\n"
68+
"- **Found**: 'RUN' contains 'apk add' command without '--no-cache' switch\n"
69+
"- **File Type**: DOCKERFILE",
5870
finding.description,
5971
)
72+
self.assertTrue(finding.static_finding)
73+
self.assertFalse(finding.dynamic_finding)
74+
self.assertTrue(finding.active)
75+
self.assertEqual("4ac84116-456f-4d60-9e12-187607266faf", finding.vuln_id_from_tool)
6076

77+
# Test second finding
6178
finding = findings[1]
6279
self.assertEqual(
6380
"Healthcheck Instruction Missing - FROM={{registry.gitlab.com/evilorg.com/infra/images/alpine-3.9:latest}}",
@@ -67,14 +84,15 @@ def test_multiple_findings(self):
6784
self.assertEqual("Dockerfile", finding.file_path)
6885
self.assertEqual(58, finding.line)
6986
self.assertIn(
70-
"**Rule ID**: ab1043e3-1eeb-4e38-9ca9-7ec0e99fe2ba\n"
71-
"**Rule Name**: Healthcheck Instruction Missing\n"
72-
"**Resource Name**: FROM={{registry.gitlab.com/evilorg.com/infra/images/alpine-3.9:latest}}\n"
73-
"**File Name**: Dockerfile\n"
74-
"**Line Number**: 58\n"
75-
"**Match Content**: FROM registry.gitlab.com/evilorg.com/infra/images/alpine-3.9:latest\n"
76-
"**Expected**: Dockerfile should contain instruction 'HEALTHCHECK'\n"
77-
"**Found**: Dockerfile doesn't contain instruction 'HEALTHCHECK'\n"
78-
"**File Type**: DOCKERFILE\n",
87+
"**Rule**: Healthcheck Instruction Missing (ID: `ab1043e3-1eeb-4e38-9ca9-7ec0e99fe2ba`)\n"
88+
"**Severity**: Low\n"
89+
"**Resource**: `FROM={{registry.gitlab.com/evilorg.com/infra/images/alpine-3.9:latest}}`\n"
90+
"**File**: `Dockerfile`\n"
91+
"**Line**: 58\n"
92+
"**Code Snippet**: ```\nFROM registry.gitlab.com/evilorg.com/infra/images/alpine-3.9:latest\n```\n"
93+
"\n**Finding Details**:\n"
94+
"- **Expected**: Dockerfile should contain instruction 'HEALTHCHECK'\n"
95+
"- **Found**: Dockerfile doesn't contain instruction 'HEALTHCHECK'\n"
96+
"- **File Type**: DOCKERFILE",
7997
finding.description,
8098
)

unittests/tools/test_wizcli_img_parser.py

Lines changed: 38 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -17,57 +17,64 @@ def test_one_findings(self):
1717
self.assertEqual(1, len(findings))
1818
finding = findings[0]
1919
self.assertEqual(
20-
"Secret: Password in URL (postgresql://postgres:---REDACTED---@localhost:5432/postgres?)", finding.title,
20+
"Secret Detected: GCP Service Account Key (ServiceAccount=test-dev-api-sa@testdev.iam.gserviceaccount.com) (CLOUD_KEY)",
21+
finding.title,
2122
)
2223
self.assertEqual("High", finding.severity)
23-
self.assertEqual("/app/testing.go", finding.file_path)
24+
self.assertEqual("/app/keys/gcp.json", finding.file_path)
25+
self.assertEqual(5, finding.line)
2426
self.assertIn(
25-
"**Secret ID**: None\n"
26-
"**Description**: Password in URL (postgresql://postgres:---REDACTED---@localhost:5432/postgres?)\n"
27-
"**File Name**: /app/testing.go\n"
28-
"**Line Number**: 35\n"
29-
"**Match Content**: PASSWORD\n",
27+
"**Type**: `CLOUD_KEY`\n"
28+
"**Description**: GCP Service Account Key (ServiceAccount=test-dev-api-sa@testdev.iam.gserviceaccount.com)\n"
29+
"**File**: `/app/keys/gcp.json`\n"
30+
"**Line**: 5",
3031
finding.description,
3132
)
33+
self.assertTrue(finding.static_finding)
34+
self.assertFalse(finding.dynamic_finding)
35+
self.assertTrue(finding.active)
3236

3337
def test_multiple_findings(self):
3438
with (get_unit_tests_scans_path("wizcli_img") / "wizcli_img_many_vul.json").open(encoding="utf-8") as testfile:
3539
parser = WizcliImgParser()
3640
findings = parser.get_findings(testfile, Test())
3741
self.assertEqual(9, len(findings))
42+
43+
# Test first finding
3844
finding = findings[0]
39-
self.assertEqual("libcrypto3 - CVE-2024-5535", finding.title)
45+
self.assertEqual("OS Pkg: libcrypto3 3.3.1-r0 - CVE-2024-5535", finding.title)
4046
self.assertEqual("Low", finding.severity)
41-
self.assertEqual(None, finding.file_path)
47+
self.assertIsNone(finding.file_path)
4248
self.assertIn(
43-
"**OS Package Name**: libcrypto3\n"
44-
"**OS Package Version**: 3.3.1-r0\n"
45-
"**Vulnerability Name**: CVE-2024-5535\n"
49+
"**Vulnerability**: `CVE-2024-5535`\n"
50+
"**Severity**: Low\n"
51+
"**OS Package**: `libcrypto3`\n"
52+
"**Version**: `3.3.1-r0`\n"
4653
"**Fixed Version**: 3.3.1-r1\n"
47-
"**Source**: https://security.alpinelinux.org/vuln/CVE-2024-5535\n"
48-
"**Description**: None\n"
49-
"**Score**: None\n"
50-
"**Exploitability Score**: None\n"
51-
"**Has Exploit**: False\n"
52-
"**Has CISA KEV Exploit**: False\n",
54+
"**Source**: https://security.alpinelinux.org/vuln/CVE-2024-5535",
5355
finding.description,
5456
)
55-
57+
self.assertEqual("CVE-2024-5535", finding.cve)
58+
self.assertEqual("https://security.alpinelinux.org/vuln/CVE-2024-5535", finding.references)
59+
self.assertTrue(finding.static_finding)
60+
self.assertFalse(finding.dynamic_finding)
61+
self.assertTrue(finding.active)
62+
63+
# Test second finding
5664
finding = findings[1]
57-
self.assertEqual("libssl3 - CVE-2024-5535", finding.title)
65+
self.assertEqual("OS Pkg: libssl3 3.3.1-r0 - CVE-2024-5535", finding.title)
5866
self.assertEqual("Low", finding.severity)
59-
self.assertEqual(None, finding.file_path)
60-
self.assertEqual(None, finding.line)
67+
self.assertIsNone(finding.file_path)
6168
self.assertIn(
62-
"**OS Package Name**: libssl3\n"
63-
"**OS Package Version**: 3.3.1-r0\n"
64-
"**Vulnerability Name**: CVE-2024-5535\n"
69+
"**Vulnerability**: `CVE-2024-5535`\n"
70+
"**Severity**: Low\n"
71+
"**OS Package**: `libssl3`\n"
72+
"**Version**: `3.3.1-r0`\n"
6573
"**Fixed Version**: 3.3.1-r1\n"
66-
"**Source**: https://security.alpinelinux.org/vuln/CVE-2024-5535\n"
67-
"**Description**: None\n"
68-
"**Score**: None\n"
69-
"**Exploitability Score**: None\n"
70-
"**Has Exploit**: False\n"
71-
"**Has CISA KEV Exploit**: False\n",
74+
"**Source**: https://security.alpinelinux.org/vuln/CVE-2024-5535",
7275
finding.description,
7376
)
77+
self.assertEqual("CVE-2024-5535", finding.cve)
78+
self.assertTrue(finding.static_finding)
79+
self.assertFalse(finding.dynamic_finding)
80+
self.assertTrue(finding.active)

0 commit comments

Comments
 (0)