diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2015-11-28 16:15:31 +0100 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2015-11-28 16:15:31 +0100 |
| commit | 4e70fe4d0efbb29d47e3d83d36d6c15f92baebb0 (patch) | |
| tree | 480c6ce53186ebd62be100a5f053d70c759f4603 /tests/lint.scm | |
| parent | f6c9fb1b38732fab867db086b0527b01adb03dce (diff) | |
| download | guix-4e70fe4d0efbb29d47e3d83d36d6c15f92baebb0.tar guix-4e70fe4d0efbb29d47e3d83d36d6c15f92baebb0.tar.gz | |
lint: Do not report already-patched vulnerabilities.
* guix/scripts/lint.scm (patch-file-name): New procedure.
(check-vulnerabilities): Use it to filter out patched vulnerabilities.
* tests/lint.scm ("cve: one patched vulnerability"): New test.
Diffstat (limited to 'tests/lint.scm')
| -rw-r--r-- | tests/lint.scm | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/tests/lint.scm b/tests/lint.scm index 50316ade9a..df82593a9e 100644 --- a/tests/lint.scm +++ b/tests/lint.scm @@ -529,6 +529,23 @@ requests." (check-vulnerabilities (dummy-package "pi" (version "3.14")))) "vulnerable to CVE-2015-1234"))) +(test-assert "cve: one patched vulnerability" + (mock ((guix scripts lint) package-vulnerabilities + (lambda (package) + (list (make-struct (@@ (guix cve) <vulnerability>) 0 + "CVE-2015-1234" + (list (cons (package-name package) + (package-version package))))))) + (string-null? + (with-warnings + (check-vulnerabilities + (dummy-package "pi" + (version "3.14") + (source + (dummy-origin + (patches + (list "/a/b/pi-CVE-2015-1234.patch")))))))))) + (test-assert "formatting: lonely parentheses" (string-contains (with-warnings |