summaryrefslogtreecommitdiff
path: root/tests/cve.scm
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2016-05-28 00:44:36 +0200
committerLudovic Courtès <ludo@gnu.org>2016-05-28 01:07:12 +0200
commit870bf71eb0983f0f7f7221434db3ff5f785b3b2c (patch)
treec7556c43f2545dba2b5224b3bb24b3f633e1f9b1 /tests/cve.scm
parent494dc2fc628b754a9cc86a54c90202b13e0b68c6 (diff)
downloadpatches-870bf71eb0983f0f7f7221434db3ff5f785b3b2c.tar
patches-870bf71eb0983f0f7f7221434db3ff5f785b3b2c.tar.gz
cve: Use a more compact format for the list of package/versions.
On a warm cache, "guix lint -c cve vorbis-tools" goes down from 6.5s to 2.4s. * guix/cve.scm (cpe->package-name): Change to return two values instead of a pair. (cpe->product-alist): New procedure. (%parse-vulnerability-feed): Use it instead of 'filter-map'. (fetch-vulnerabilities): Bump sexp format version to 1. (vulnerabilities->lookup-proc): Adjust accordingly. When #:version is omitted, return a list of vulnerabilities instead of a list of version/vulnerability pairs. * tests/cve.scm (%expected-vulnerabilities) ("vulnerabilities->lookup-proc): Adjust accordingly.
Diffstat (limited to 'tests/cve.scm')
-rw-r--r--tests/cve.scm17
1 files changed, 7 insertions, 10 deletions
diff --git a/tests/cve.scm b/tests/cve.scm
index 26e710ce70..3fbb22d3c6 100644
--- a/tests/cve.scm
+++ b/tests/cve.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -32,12 +32,10 @@
(list
;; CVE-2003-0001 has no "/a" in its product list so it is omitted.
;; CVE-2004-0230 lists "tcp" as an application, but lacks a version number.
- (vulnerability "CVE-2008-2335" '(("phpvid" . "1.1") ("phpvid" . "1.2")))
- (vulnerability "CVE-2008-3522" '(("enterprise_virtualization" . "3.5")
- ("jasper" . "1.900.1")))
- (vulnerability "CVE-2009-3301" '(("openoffice.org" . "2.1.0")
- ("openoffice.org" . "2.3.0")
- ("openoffice.org" . "2.2.1")))
+ (vulnerability "CVE-2008-2335" '(("phpvid" "1.2" "1.1")))
+ (vulnerability "CVE-2008-3522" '(("enterprise_virtualization" "3.5")
+ ("jasper" "1.900.1")))
+ (vulnerability "CVE-2009-3301" '(("openoffice.org" "2.3.0" "2.2.1" "2.1.0")))
;; CVE-2015-8330 has no software list.
))
@@ -48,9 +46,8 @@
%expected-vulnerabilities
(call-with-input-file %sample xml->vulnerabilities))
-(test-equal ""
- (list `(("1.1" . ,(first %expected-vulnerabilities))
- ("1.2" . ,(first %expected-vulnerabilities)))
+(test-equal "vulnerabilities->lookup-proc"
+ (list (list (first %expected-vulnerabilities))
'()
'()
(list (second %expected-vulnerabilities))