fix: scanner now handles real guarddog v2 JSON format

2026-05-09 04:55:58 +03:00
parent 4ce99d3c85
commit 4bfead8d6e
9 changed files with 201 additions and 116 deletions
--- a/tests/test_harvester.py
+++ b/tests/test_harvester.py
@@ -34,7 +34,7 @@ async def test_harvest_new_package(db_session, guarddog_normalized_flagged):
    assert scan.ecosystem == "pypi"
    assert scan.status == "completed"
    assert scan.flagged is True
-    assert scan.total_findings == 2
+    assert scan.total_findings == 3
    assert scan.sha256 == "abc123"

    findings = (
@@ -42,7 +42,7 @@ async def test_harvest_new_package(db_session, guarddog_normalized_flagged):
        .scalars()
        .all()
    )
-    assert len(findings) == 2
+    assert len(findings) == 3


@pytest.mark.asyncio
@@ -58,11 +58,17 @@ async def test_harvest_skips_duplicate(db_session, guarddog_normalized_flagged):

        first = await harvest(
            "http://nexus:8081/repo/pypi-proxy/packages/x/1.0/x-1.0.tar.gz",
-            "pypi-proxy", "pypi", "packages/x/1.0/x-1.0.tar.gz", db_session,
+            "pypi-proxy",
+            "pypi",
+            "packages/x/1.0/x-1.0.tar.gz",
+            db_session,
        )
        second = await harvest(
            "http://nexus:8081/repo/pypi-proxy/packages/x/1.0/x-1.0.tar.gz",
-            "pypi-proxy", "pypi", "packages/x/1.0/x-1.0.tar.gz", db_session,
+            "pypi-proxy",
+            "pypi",
+            "packages/x/1.0/x-1.0.tar.gz",
+            db_session,
        )

    assert first is not None
@@ -82,7 +88,10 @@ async def test_harvest_clean_package(db_session, guarddog_normalized_clean):

        scan = await harvest(
            "http://nexus:8081/repo/pypi-proxy/packages/django/4.2/django-4.2.tar.gz",
-            "pypi-proxy", "pypi", "packages/django/4.2/django-4.2.tar.gz", db_session,
+            "pypi-proxy",
+            "pypi",
+            "packages/django/4.2/django-4.2.tar.gz",
+            db_session,
        )

    assert scan is not None
@@ -97,7 +106,10 @@ async def test_harvest_download_failure(db_session):

        scan = await harvest(
            "http://nexus:8081/repo/pypi-proxy/packages/fail/1.0/fail-1.0.tar.gz",
-            "pypi-proxy", "pypi", "packages/fail/1.0/fail-1.0.tar.gz", db_session,
+            "pypi-proxy",
+            "pypi",
+            "packages/fail/1.0/fail-1.0.tar.gz",
+            db_session,
        )

    assert scan is not None
@@ -109,6 +121,9 @@ async def test_harvest_download_failure(db_session):
 async def test_harvest_skips_non_package_asset(db_session):
    scan = await harvest(
        "http://nexus:8081/repo/pypi-proxy/simple/index.html",
-        "pypi-proxy", "pypi", "simple/index.html", db_session,
+        "pypi-proxy",
+        "pypi",
+        "simple/index.html",
+        db_session,
    )
    assert scan is None