8000 add test_purl_decode by chisaka12 · Pull Request #816 · nttcom/threatconnectome · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

add test_purl_decode #816

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Jul 8, 2025
Merged

add test_purl_decode #816

merged 6 commits into from
Jul 8, 2025

Conversation

chisaka12
Copy link
Collaborator
@chisaka12 chisaka12 commented Jul 4, 2025
edited
Loading

PR の目的

  • SBOM投入時にPURL(Package URL)のアンエスケープ処理(デコード処理)が正しく行われているかを検証するためのテストを追加
    • 下記の2パターンのPURLを入力し、正しくパッケージ名が解釈できることを検証
      • pkg:npm/%40nextui-org/button@2.0.26
      • pkg:npm/@nextui-org/button@2.0.26

経緯・意図・意思決定

  • SBOM投入時のpurl解釈において、エスケープ文字がどうなるか未確認であったため

@chisaka12 chisaka12 marked this pull request as ready for review July 4, 2025 08:34
@Copilot Copilot AI review requested due to automatic review settings July 4, 2025 08:34
@chisaka12 chisaka12 changed the title add test_purl_escape_and_decode add test_purl_decode Jul 4, 2025
Copilot
Copilot AI reviewed Jul 4, 2025
View reviewed changes
Copy link
@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds an integration test to verify that Package URLs (PURLs) with and without percent-encoded characters are correctly unescaped and decoded when creating service dependencies from an SBOM.

  • Introduces test_purl_escape_and_decode with two PURL variants.
  • Asserts that the decoded package name appears in the created dependencies.
  • Uses existing SBOM JSON generation helpers to drive the test.
Comments suppressed due to low confidence (1)

api/app/tests/integrations/test_pteams.py:1340

  • [nitpick] The variable name service1 is ambiguous here; consider renaming it to matched_service or simply service to clarify its purpose.
            service1 = next(filter(lambda x: x["service_name"] == service_name, services), None)

mshim03
mshim03 reviewed Jul 4, 2025
View reviewed changes
Copy link
Collaborator
@mshim03 mshim03 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

テストの方法について確認しました

10000
mshim03
mshim03 reviewed Jul 7, 2025
View reviewed changes
Copy link
Collaborator
@mshim03 mshim03 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

テスト対象について確認お願いします

mshim03
mshim03 reviewed Jul 8, 2025
View reviewed changes
Copy link
Collaborator
@mshim03 mshim03 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

APIテストについてコメントしました

mshim03
mshim03 approved these changes Jul 8, 2025
View reviewed changes
Co B76A py link
Collaborator
@mshim03 mshim03 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mshim03 mshim03 merged commit b662a6a into main Jul 8, 2025
5 checks passed
@mshim03 mshim03 deleted the topic/Addition-of-tests-for-escape-character-handling-in-SBOM-parsing-logic branch July 8, 2025 05:17
@chisaka12 chisaka12 mentioned this pull request Jul 8, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@mshim03 mshim03 mshim03 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@chisaka12 @mshim03
0