;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (test-cve)
  #:use-module (guix cve)
  #:use-module (srfi srfi-1)
  #:use-module (srfi srfi-64))

(define %sample
  (search-path %load-path "tests/cve-sample.xml"))

(define (vulnerability id packages)
  (make-struct (@@ (guix cve) <vulnerability>) 0 id packages))

(define %expected-vulnerabilities
  ;; What we should get when reading %SAMPLE.
  (list
   ;; CVE-2003-0001 has no "/a" in its product list so it is omitted.
   ;; CVE-2004-0230 lists "tcp" as an application, but lacks a version number.
   (vulnerability "CVE-2008-2335" '(("phpvid" "1.2" "1.1")))
   (vulnerability "CVE-2008-3522" '(("enterprise_virtualization" "3.5")
                                    ("jasper" "1.900.1")))
   (vulnerability "CVE-2009-3301" '(("openoffice.org" "2.3.0" "2.2.1" "2.1.0")))
   ;; CVE-2015-8330 has no software list.
   ))


(test-begin "cve")

(test-equal "xml->vulnerabilities"
  %expected-vulnerabilities
  (call-with-input-file %sample xml->vulnerabilities))

(test-equal "vulnerabilities->lookup-proc"
  (list (list (first %expected-vulnerabilities))
        '()
        '()
        (list (second %expected-vulnerabilities))
        (list (third %expected-vulnerabilities)))
  (let* ((vulns  (call-with-input-file %sample xml->vulnerabilities))
         (lookup (vulnerabilities->lookup-proc vulns)))
    (list (lookup "phpvid")
          (lookup "jasper" "2.0")
          (lookup "foobar")
          (lookup "jasper" "1.900.1")
          (lookup "openoffice.org" "2.3.0"))))

(test-end "cve")
6e87c7498dd9cc739978fa7f6311820'>packages</a>/<a href='/guix/log/gnu/packages/patchutils.scm?id=80e4e9dda6e87c7498dd9cc739978fa7f6311820'>patchutils.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/patchutils.scm?id=80e4e9dda6e87c7498dd9cc739978fa7f6311820&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2019-07-05 07:52:44 +0100'>2019-07-05</span></td><td><a href='/guix/commit/gnu/packages/patchutils.scm?id=4add773e8c7ae7e7730a8cdef7d69d441a9888fb'>gnu: patchwork: Update to 2.1.4.</a><span class='msg-avail'>...</span></td><td>Christopher Baines</td></tr>
<tr><td><span title='2019-05-31 20:22:23 +0100'>2019-05-31</span></td><td><a href='/guix/commit/gnu/packages/patchutils.scm?id=4764c6cc4671c06a2dd6be41b4b512fd80fa759a'>gnu: Add patchwork.</a><span class='msg-avail'>...</span></td><td>Christopher Baines</td></tr>
<tr><td><span title='2019-04-15 11:00:13 +0200'>2019-04-15</span></td><td><a href='/guix/commit/gnu/packages/patchutils.scm?id=eea75c435ab7d7b4f44b1aa4e900e2abf5ba430f'>gnu: quilt: Update to 0.66.</a><span class='msg-avail'>...</span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2019-04-15 11:00:13 +0200'>2019-04-15</span></td><td><a href='/guix/commit/gnu/packages/patchutils.scm?id=d2f477ba82923301e4a7a65c7cc77d8c41a98b90'>gnu: quilt: Don't use NAME in source URI.</a><span class='msg-avail'>...</span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2019-04-15 11:00:13 +0200'>2019-04-15</span></td><td><a href='/guix/commit/gnu/packages/patchutils.scm?id=730ad095373b006f515131d984590daf95b75f6a'>gnu: meld: Update to 3.20.1.</a><span class='msg-avail'>...</span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2019-03-31 20:51:10 +0300'>2019-03-31</span></td><td><a href='/guix/commit/gnu/packages/patchutils.scm?id=36a4366d79a310d05db0de2cf6d5bb3c5e861d4b'>gnu: Fix descriptions to not use quotes.</a><span class='msg-avail'>...</span></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2019-01-16 10:44:23 +0100'>2019-01-16</span></td><td><a href='/guix/commit/gnu/packages/patchutils.scm?id=be0be3dee0ec30b9b00a223deedfe1b877b829ee'>gnu: Add meld.</a><span class='msg-avail'>...</span></td><td>Pierre Neidhardt</td></tr>
<tr><td><span title='2019-01-15 14:46:44 +0100'>2019-01-15</span></td><td><a href='/guix/commit/gnu/packages/patchutils.scm?id=44d10b1f722856ab8e9b942804aa7ef33e2ef739'>gnu: Separate Python core packages from the rest.</a><span class='msg-avail'>...</span></td><td>Ricardo Wurmus</td></tr>
<tr><td><span title='2018-12-05 00:08:28 +0100'>2018-12-05</span></td><td><a href='/guix/commit/gnu/packages/patchutils.scm?id=c16c119d0a7894c42bbe816ec381a0f458f26e6a'>gnu: quilt: Use shorter file names for patches.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2018-11-30 00:21:25 -0600'>2018-11-30</span></td><td><a href='/guix/commit/gnu/packages/patchutils.scm?id=5f230fb2798e9862fba67228b9de89df8f36e8e0'>patchutils: Update to 0.3.4.</a><span class='msg-avail'>...</span></td><td>Eric Bavier</td></tr>