Add tests for compute_content_id_v2

keshav-space · keshav-space · commit 04326f644511 · 2026-02-27T12:20:25.000+05:30
Signed-off-by: Keshav Priyadarshi &lt;git@keshav.space&gt;
diff --git a/vulnerabilities/tests/test_utils.py b/vulnerabilities/tests/test_utils.py
@@ -7,12 +7,27 @@
 # See https://aboutcode.org for more information about nexB OSS projects.
 #
 
+from datetime import datetime
+from datetime import timedelta
+
+from django.test import TestCase
 from fetchcode.package_versions import PackageVersion
 from packageurl import PackageURL
 from univers.version_constraint import VersionConstraint
 from univers.version_range import GemVersionRange
+from univers.version_range import VersionRange
 from univers.versions import RubygemsVersion
 
+from vulnerabilities import utils
+from vulnerabilities.importer import AdvisoryDataV2
+from vulnerabilities.importer import AffectedPackageV2
+from vulnerabilities.importer import PackageCommitPatchData
+from vulnerabilities.importer import PatchData
+from vulnerabilities.importer import VulnerabilitySeverity
+from vulnerabilities.models import AdvisoryV2
+from vulnerabilities.pipelines import insert_advisory_v2
+from vulnerabilities.references import XsaReferenceV2
+from vulnerabilities.references import ZbxReferenceV2
 from vulnerabilities.utils import AffectedPackage
 from vulnerabilities.utils import get_item
 from vulnerabilities.utils import get_severity_range
@@ -151,3 +166,88 @@ def test_resolve_version_range_without_ignorable_versions():
 def test_get_severity_range():
     assert get_severity_range({""}) is None
     assert get_severity_range({}) is None
+
+
+class TestComputeContentIdV2(TestCase):
+    def setUp(self):
+        self.advisory1 = AdvisoryDataV2(
+            summary="Test advisory",
+            aliases=["CVE-2025-0001", "CVE-2024-0001"],
+            references=[
+                XsaReferenceV2.from_number(248),
+                ZbxReferenceV2.from_id("ZBX-000"),
+            ],
+            severities=[
+                VulnerabilitySeverity.from_dict(
+                    {
+                        "system": "cvssv4",
+                        "value": "7.5",
+                        "scoring_elements": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+                    }
+                ),
+                VulnerabilitySeverity.from_dict(
+                    {
+                        "system": "cvssv3",
+                        "value": "6.5",
+                        "scoring_elements": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+                    }
+                ),
+            ],
+            weaknesses=[296, 233],
+            affected_packages=[
+                AffectedPackageV2(
+                    package=PackageURL.from_string("pkg:npm/foobar"),
+                    affected_version_range=VersionRange.from_string("vers:npm/<=1.2.3"),
+                    fixed_version_range=VersionRange.from_string("vers:npm/1.2.4"),
+                    introduced_by_commit_patches=[],
+                    fixed_by_commit_patches=[],
+                ),
+                AffectedPackageV2(
+                    package=PackageURL.from_string("pkg:npm/foobar"),
+                    affected_version_range=VersionRange.from_string("vers:npm/<=0.2.3"),
+                    fixed_version_range=VersionRange.from_string("vers:npm/0.2.4"),
+                    introduced_by_commit_patches=[
+                        PackageCommitPatchData(
+                            vcs_url="https://foobar.vcs/",
+                            commit_hash="662f801f",
+                        ),
+                        PackageCommitPatchData(
+                            vcs_url="https://foobar.vcs/",
+                            commit_hash="001f801f",
+                        ),
+                    ],
+                    fixed_by_commit_patches=[
+                        PackageCommitPatchData(
+                            vcs_url="https://foobar.vcs/",
+                            commit_hash="982f801f",
+                        ),
+                        PackageCommitPatchData(
+                            vcs_url="https://foobar.vcs/",
+                            commit_hash="081f801f",
+                        ),
+                    ],
+                ),
+            ],
+            patches=[
+                PatchData(patch_url="https://foo.bar/", patch_text="test patch"),
+                PatchData(patch_url="https://yet-another-foo.bar/", patch_text="some test patch"),
+            ],
+            advisory_id="ADV-001",
+            date_published=datetime.now() - timedelta(days=10),
+            url="https://example.com/advisory/1",
+        )
+        insert_advisory_v2(
+            advisory=self.advisory1,
+            pipeline_id="test_pipeline_v2",
+        )
+
+    def test_compute_content_id_v2(self):
+        result = utils.compute_content_id_v2(self.advisory1)
+        self.assertEqual(result, "5211f1e6c3d935759fb288d79a865eeacc06e3e0e352ab7f5b4cb0e76a43a955")
+
+    def test_content_id_from_adv_data_and_adv_model_are_same(self):
+        id_from_data = utils.compute_content_id_v2(self.advisory1)
+        advisory_model = AdvisoryV2.objects.first()
+        id_from_model = utils.compute_content_id_v2(advisory_model)
+
+        self.assertEqual(id_from_data, id_from_model)
