Skip to content

Commit

Permalink
use "github.com/knqyf263/go-apk-version" to sort the versions for adv…
Browse files Browse the repository at this point in the history 
…isory validate (#696)
  • Loading branch information
@cpanato
cpanato committed Mar 13, 2024
1 parent b8c5277 commit a9341ec
Show file tree
Hide file tree
Showing 3 changed files with 56 additions and 3 deletions.
12 changes: 12 additions & 0 deletions pkg/advisory/testdata/validate/fixed-version/mo.advisories.yaml
View file
@@ -0,0 +1,12 @@
schema-version: 2.0.1

package:
name: mo

advisories:
- id: GHSA-2222-2222-2222
events:
- timestamp: 1970-01-01T00:00:00Z
type: fixed
data:
fixed-version: 1.0.0-r10
7 changes: 4 additions & 3 deletions pkg/advisory/validate.go
View file
Expand Up @@ -9,14 +9,15 @@ import (
"strings"
"time"

goapkversion "github.com/knqyf263/go-apk-version"

"chainguard.dev/melange/pkg/config"
"github.com/chainguard-dev/clog"
"github.com/chainguard-dev/go-apk/pkg/apk"
"github.com/samber/lo"
"github.com/wolfi-dev/wolfictl/pkg/configs"
v2 "github.com/wolfi-dev/wolfictl/pkg/configs/advisory/v2"
"github.com/wolfi-dev/wolfictl/pkg/internal/errorhelpers"
"github.com/wolfi-dev/wolfictl/pkg/versions"
)

type ValidateOptions struct {
Expand Down Expand Up @@ -310,11 +311,11 @@ func (opts ValidateOptions) validateFixedVersionIsNotFirstVersionInAPKINDEX(ctx
}

sort.Slice(packageVersions, func(i, j int) bool {
iVer, err := versions.NewVersion(packageVersions[i].Version)
iVer, err := goapkversion.NewVersion(packageVersions[i].Version)
if err != nil {
return true
}
jVer, err := versions.NewVersion(packageVersions[j].Version)
jVer, err := goapkversion.NewVersion(packageVersions[j].Version)
if err != nil {
return false
}
Expand Down
40 changes: 40 additions & 0 deletions pkg/advisory/validate_test.go
View file
Expand Up @@ -308,6 +308,46 @@ func TestValidate(t *testing.T) {
Name: "ko",
Version: "1.0.0-r2",
},
{
Name: "mo",
Version: "1.0.0-r8",
},
{
Name: "mo",
Version: "1.0.0-r9",
},
{
Name: "mo",
Version: "1.0.0-r10",
},
},
},
shouldBeValid: true,
},
{
name: "fixed-version-present-and-not-first-missing-rs",
apkindex: &apk.APKIndex{
Packages: []*apk.Package{
{
Name: "ko",
Version: "1.0.0-r1",
},
{
Name: "ko",
Version: "1.0.0-r2",
},
{
Name: "mo",
Version: "1.0.0-r8",
},
{
Name: "mo",
Version: "1.0.0-r9",
},
{
Name: "mo",
Version: "1.0.0-r10",
},
},
},
shouldBeValid: true,
Expand Down

0 comments on commit a9341ec

Please sign in to comment.