-
Notifications
You must be signed in to change notification settings - Fork 14
Expand file tree
/
Copy pathartifacts.test.ts
More file actions
185 lines (167 loc) · 7.82 KB
/
artifacts.test.ts
File metadata and controls
185 lines (167 loc) · 7.82 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
#!/usr/bin/env node
import { test } from 'node:test'
import assert from 'node:assert'
import { deduplicateArtifacts } from './lib/artifacts.ts'
import type { ArtifactData } from './lib/artifacts.ts'
function makeArtifact (overrides: Partial<ArtifactData> = {}): ArtifactData {
return {
type: 'pypi',
name: 'numpy',
version: '1.26.0',
score: { overall: 0.95, supply_chain: 0.9, quality: 0.8, maintenance: 0.85, vulnerability: 1.0, license: 1.0 },
...overrides
}
}
test('deduplicateArtifacts', async (t) => {
await t.test('single artifact passes through unchanged', () => {
const artifacts = [makeArtifact({ release: 'numpy-1.26.0.tar.gz' })]
const result = deduplicateArtifacts(artifacts)
assert.strictEqual(result.length, 1)
assert.strictEqual(result[0]!.release, 'numpy-1.26.0.tar.gz')
})
await t.test('multiple artifacts for same package are deduplicated to one', () => {
const artifacts = [
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl' }),
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-macosx_14_0_arm64.whl' }),
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-win_amd64.whl' }),
makeArtifact({ release: 'numpy-1.26.0.tar.gz' }),
]
const result = deduplicateArtifacts(artifacts)
assert.strictEqual(result.length, 1)
})
await t.test('source dist is preferred over wheels when no platform specified', () => {
const artifacts = [
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-manylinux_2_17_x86_64.whl' }),
makeArtifact({ release: 'numpy-1.26.0.tar.gz' }),
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-win_amd64.whl' }),
]
const result = deduplicateArtifacts(artifacts)
assert.strictEqual(result.length, 1)
assert.strictEqual(result[0]!.release, 'numpy-1.26.0.tar.gz')
})
await t.test('universal wheel is preferred when no sdist available', () => {
const artifacts = [
makeArtifact({ release: 'requests-2.31.0-cp312-cp312-manylinux_2_17_x86_64.whl' }),
makeArtifact({ release: 'requests-2.31.0-py3-none-any.whl' }),
makeArtifact({ release: 'requests-2.31.0-cp312-cp312-win_amd64.whl' }),
]
const result = deduplicateArtifacts(artifacts)
assert.strictEqual(result.length, 1)
assert.strictEqual(result[0]!.release, 'requests-2.31.0-py3-none-any.whl')
})
await t.test('platform hint selects darwin-arm64 wheel', () => {
const artifacts = [
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-manylinux_2_17_x86_64.whl' }),
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-macosx_14_0_arm64.whl' }),
makeArtifact({ release: 'numpy-1.26.0.tar.gz' }),
]
const result = deduplicateArtifacts(artifacts, 'darwin-arm64')
assert.strictEqual(result.length, 1)
assert.strictEqual(result[0]!.release, 'numpy-1.26.0-cp312-cp312-macosx_14_0_arm64.whl')
})
await t.test('platform hint selects linux-x64 wheel', () => {
const artifacts = [
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl' }),
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-macosx_14_0_arm64.whl' }),
makeArtifact({ release: 'numpy-1.26.0.tar.gz' }),
]
const result = deduplicateArtifacts(artifacts, 'linux-x64')
assert.strictEqual(result.length, 1)
assert.strictEqual(result[0]!.release, 'numpy-1.26.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl')
})
await t.test('platform hint selects win32-x64 wheel', () => {
const artifacts = [
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-manylinux_2_17_x86_64.whl' }),
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-win_amd64.whl' }),
makeArtifact({ release: 'numpy-1.26.0.tar.gz' }),
]
const result = deduplicateArtifacts(artifacts, 'win32-x64')
assert.strictEqual(result.length, 1)
assert.strictEqual(result[0]!.release, 'numpy-1.26.0-cp312-cp312-win_amd64.whl')
})
await t.test('platform hint with no match falls back to source dist', () => {
const artifacts = [
makeArtifact({ release: 'numpy-1.26.0-cp312-cp312-manylinux_2_17_x86_64.whl' }),
makeArtifact({ release: 'numpy-1.26.0.tar.gz' }),
]
const result = deduplicateArtifacts(artifacts, 'win32-x64')
assert.strictEqual(result.length, 1)
assert.strictEqual(result[0]!.release, 'numpy-1.26.0.tar.gz')
})
await t.test('different packages are not deduplicated', () => {
const artifacts = [
makeArtifact({ name: 'numpy', release: 'numpy-1.26.0.tar.gz' }),
makeArtifact({ name: 'scipy', release: 'scipy-1.11.0.tar.gz' }),
]
const result = deduplicateArtifacts(artifacts)
assert.strictEqual(result.length, 2)
})
await t.test('different versions of same package are not deduplicated', () => {
const artifacts = [
makeArtifact({ version: '1.26.0', release: 'numpy-1.26.0.tar.gz' }),
makeArtifact({ version: '1.25.0', release: 'numpy-1.25.0.tar.gz' }),
]
const result = deduplicateArtifacts(artifacts)
assert.strictEqual(result.length, 2)
})
await t.test('artifacts without release field use first-in-group', () => {
const a1 = makeArtifact({ score: { overall: 0.9 } })
const a2 = makeArtifact({ score: { overall: 0.8 } })
const result = deduplicateArtifacts([a1, a2])
assert.strictEqual(result.length, 1)
assert.deepStrictEqual(result[0]!.score, { overall: 0.9 })
})
await t.test('works across different ecosystems', () => {
const artifacts = [
makeArtifact({ type: 'npm', name: 'express', version: '4.18.2' }),
makeArtifact({ type: 'pypi', name: 'numpy', version: '1.26.0', release: 'numpy-1.26.0-cp312-manylinux_x86_64.whl' }),
makeArtifact({ type: 'pypi', name: 'numpy', version: '1.26.0', release: 'numpy-1.26.0.tar.gz' }),
]
const result = deduplicateArtifacts(artifacts)
assert.strictEqual(result.length, 2)
const types = result.map(r => r.type)
assert.ok(types.includes('npm'))
assert.ok(types.includes('pypi'))
})
await t.test('zip source distributions are recognized', () => {
const artifacts = [
makeArtifact({ release: 'package-1.0.0-cp312-win_amd64.whl' }),
makeArtifact({ release: 'package-1.0.0.zip' }),
]
const result = deduplicateArtifacts(artifacts)
assert.strictEqual(result.length, 1)
assert.strictEqual(result[0]!.release, 'package-1.0.0.zip')
})
await t.test('darwin-x64 platform matching', () => {
const artifacts = [
makeArtifact({ release: 'pkg-1.0-cp312-cp312-macosx_10_9_x86_64.whl' }),
makeArtifact({ release: 'pkg-1.0-cp312-cp312-macosx_14_0_arm64.whl' }),
makeArtifact({ release: 'pkg-1.0.tar.gz' }),
]
const result = deduplicateArtifacts(artifacts, 'darwin-x64')
assert.strictEqual(result.length, 1)
assert.strictEqual(result[0]!.release, 'pkg-1.0-cp312-cp312-macosx_10_9_x86_64.whl')
})
await t.test('linux-arm64 platform matching', () => {
const artifacts = [
makeArtifact({ release: 'pkg-1.0-cp312-cp312-manylinux_2_17_aarch64.whl' }),
makeArtifact({ release: 'pkg-1.0-cp312-cp312-manylinux_2_17_x86_64.whl' }),
makeArtifact({ release: 'pkg-1.0.tar.gz' }),
]
const result = deduplicateArtifacts(artifacts, 'linux-arm64')
assert.strictEqual(result.length, 1)
assert.strictEqual(result[0]!.release, 'pkg-1.0-cp312-cp312-manylinux_2_17_aarch64.whl')
})
await t.test('empty array returns empty', () => {
const result = deduplicateArtifacts([])
assert.strictEqual(result.length, 0)
})
await t.test('namespace is included in grouping key', () => {
const artifacts = [
makeArtifact({ type: 'maven', namespace: 'org.apache', name: 'commons', version: '3.0' }),
makeArtifact({ type: 'maven', namespace: 'org.spring', name: 'commons', version: '3.0' }),
]
const result = deduplicateArtifacts(artifacts)
assert.strictEqual(result.length, 2)
})
})