fix: use paths for classic/berry version in tests

Signed-off-by: Quinn Turner <quinnturnertech@gmail.com>
IBM · Dec 30, 2022 · 440db6b · 440db6b
1 parent 01e821f
commit 440db6b
Showing 1 changed file with 58 additions and 36 deletions.
diff --git a/test/yarn-auditer.spec.js b/test/yarn-auditer.spec.js
@@ -1,6 +1,7 @@
 // @ts-check
 const { expect } = require("chai");
 const childProcess = require("child_process");
+const path = require("path");
 const semver = require("semver");
 const { default: audit } = require("../dist/audit");
 const { default: Allowlist } = require("../dist/allowlist");
@@ -14,6 +15,20 @@ function config(additions) {
   return baseConfig({ ...additions, "package-manager": "yarn" });
 }
 
+function classicConfig(additions) {
+  return config({
+    ...additions,
+    _yarn: path.resolve(__dirname, "../.yarn/releases/yarn-1.22.19.cjs"),
+  });
+}
+
+function berryConfig(additions) {
+  return config({
+    ...additions,
+    _yarn: path.resolve(__dirname, "yarn-berry.cjs"),
+  });
+}
+
 const canRunYarnBerry = semver.gte(
   childProcess.execSync("node -v").toString().replace("\n", ""),
   "12.13.0"
@@ -25,7 +40,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   this.slow(3000);
   it("prints full report with critical severity", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-critical"),
         levels: { critical: true },
         "report-type": "full",
@@ -42,7 +57,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("does not report critical severity if it set to false", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-critical"),
         levels: { critical: false },
       }),
@@ -52,7 +67,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("reports summary with high severity", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-high"),
         levels: { high: true },
         "report-type": "summary",
@@ -69,7 +84,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("reports important info with moderate severity", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-moderate"),
         levels: { moderate: true },
         "report-type": "important",
@@ -86,7 +101,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("does not report moderate severity if it set to false", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-moderate"),
         levels: { moderate: false },
       }),
@@ -96,7 +111,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("ignores an advisory if it is allowlisted", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-moderate"),
         levels: { moderate: true },
         allowlist: new Allowlist(["GHSA-rvg8-pwq2-xj7q"]),
@@ -111,7 +126,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("ignores an advisory if it is allowlisted using a NSPRecord", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-moderate"),
         levels: { moderate: true },
         allowlist: new Allowlist([
@@ -132,7 +147,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("does not ignore an advisory that is not allowlisted", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-moderate"),
         levels: { moderate: true },
         allowlist: new Allowlist(["GHSA-cff4-rrq6-h78w"]),
@@ -150,7 +165,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("does not ignore an advisory that is not allowlisted using a NSPRecord", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-moderate"),
         levels: { moderate: true },
         allowlist: new Allowlist([
@@ -175,7 +190,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("ignores an advisory that has not expired", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-moderate"),
         levels: { moderate: true },
         allowlist: new Allowlist([
@@ -197,7 +212,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("does not ignore an advisory that has expired", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-moderate"),
         levels: { moderate: true },
         allowlist: new Allowlist([
@@ -223,7 +238,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("reports low severity", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-low"),
         levels: { low: true },
       }),
@@ -239,7 +254,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("passes with no vulnerabilities", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-none"),
         levels: { low: true },
       }),
@@ -249,7 +264,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   });
   it("doesn't use the registry flag since it's not supported in Yarn yet", () =>
     audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-low"),
         levels: { low: true },
         registry: "https://example.com",
@@ -260,10 +275,11 @@ describe("yarn-auditer", function testYarnAuditer() {
     "[Yarn Berry] reports important info with moderate severity",
     async () => {
       const summary = await audit(
-        config({
+        berryConfig({
           directory: testDirectory("yarn-berry-moderate"),
           levels: { moderate: true },
           "report-type": "important",
+          _yarn: path.resolve(__dirname, "yarn-berry.cjs"),
         }),
         (_summary) => _summary
       );
@@ -280,9 +296,10 @@ describe("yarn-auditer", function testYarnAuditer() {
     "[Yarn Berry] does not report moderate severity if it set to false",
     async () => {
       const summary = await audit(
-        config({
+        berryConfig({
           directory: testDirectory("yarn-berry-moderate"),
           levels: { moderate: false },
+          _yarn: path.resolve(__dirname, "yarn-berry.cjs"),
         }),
         (_summary) => _summary
       );
@@ -293,10 +310,11 @@ describe("yarn-auditer", function testYarnAuditer() {
     "[Yarn Berry] ignores an advisory if it is allowlisted",
     async () => {
       const summary = await audit(
-        config({
+        berryConfig({
           directory: testDirectory("yarn-berry-moderate"),
           levels: { moderate: true },
           allowlist: new Allowlist(["GHSA-rvg8-pwq2-xj7q"]),
+          _yarn: path.resolve(__dirname, "yarn-berry.cjs"),
         }),
         (_summary) => _summary
       );
@@ -311,7 +329,7 @@ describe("yarn-auditer", function testYarnAuditer() {
     "[Yarn Berry] ignores an advisory if it is allowlisted using a NSPRecord",
     async () => {
       const summary = await audit(
-        config({
+        berryConfig({
           directory: testDirectory("yarn-berry-moderate"),
           levels: { moderate: true },
           allowlist: new Allowlist([
@@ -321,6 +339,7 @@ describe("yarn-auditer", function testYarnAuditer() {
               },
             },
           ]),
+          _yarn: path.resolve(__dirname, "yarn-berry.cjs"),
         }),
         (_summary) => _summary
       );
@@ -332,21 +351,23 @@ describe("yarn-auditer", function testYarnAuditer() {
     }
   );
   it("reports summary with no vulnerabilities when critical devDependency and skip-dev is true", async () => {
-    const summary = await audit(
-      config({
-        directory: testDirectory(
-          canRunYarnBerry ? "yarn-berry-skip-dev" : "yarn-skip-dev"
-        ),
-        "skip-dev": true,
-        "report-type": "important",
-      }),
-      (_summary) => _summary
-    );
+    const auditConfig = canRunYarnBerry
+      ? berryConfig({
+          directory: testDirectory("yarn-berry-skip-dev"),
+          "skip-dev": true,
+          "report-type": "important",
+        })
+      : classicConfig({
+          directory: testDirectory("yarn-skip-dev"),
+          "skip-dev": true,
+          "report-type": "important",
+        });
+    const summary = await audit(auditConfig, (_summary) => _summary);
     expect(summary).to.eql(summaryWithDefault());
   });
   it("reports summary with no vulnerabilities in yarn v1 workspace", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-workspace-empty"),
         levels: { moderate: true },
         "report-type": "important",
@@ -362,7 +383,7 @@ describe("yarn-auditer", function testYarnAuditer() {
     // It doesn't report any vulnerabilities at all. The following directory should
     // contain a critical vulnerability in devDependencies.
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-workspace"),
         levels: { moderate: true },
         "report-type": "important",
@@ -384,10 +405,11 @@ describe("yarn-auditer", function testYarnAuditer() {
     "reports summary with no vulnerabilities in yarn berry workspace",
     async () => {
       const summary = await audit(
-        config({
+        berryConfig({
           directory: testDirectory("yarn-berry-workspace-empty"),
           levels: { moderate: true },
           "report-type": "important",
+          _yarn: path.resolve(__dirname, "yarn-berry.cjs"),
         }),
         (_summary) => _summary
       );
@@ -398,7 +420,7 @@ describe("yarn-auditer", function testYarnAuditer() {
     "reports summary with vulnerabilities in yarn berry workspaces",
     async () => {
       const summary = await audit(
-        config({
+        berryConfig({
           directory: testDirectory("yarn-berry-workspace"),
           levels: { moderate: true },
           "report-type": "important",
@@ -426,7 +448,7 @@ describe("yarn-auditer", function testYarnAuditer() {
     "reports summary with vulnerabilities in yarn berry workspaces with skip-dev=true",
     async () => {
       const summary = await audit(
-        config({
+        berryConfig({
           directory: testDirectory("yarn-berry-workspace"),
           levels: { moderate: true },
           "skip-dev": true,
@@ -448,7 +470,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   );
   it("does not report duplicate paths", async () => {
     const summary = await audit(
-      config({
+      classicConfig({
         directory: testDirectory("yarn-duplicate-paths"),
         levels: { high: true },
         "report-type": "summary",
@@ -466,7 +488,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   //   const errorMessage = require(errorMessagePath); // eslint-disable-line
 
   //   return audit(
-  //     config({
+  //     classicConfig({
   //       directory,
   //       _yarn: path.join(directory, 'yarn'),
   //     })
@@ -482,7 +504,7 @@ describe("yarn-auditer", function testYarnAuditer() {
   // it("passes using --pass-enoaudit", () => {
   //   const directory = testDirectory("yarn-503");
   //   return audit(
-  //     config({
+  //     classicConfig({
   //       directory,
   //       "pass-enoaudit": true,
   //       _yarn: path.join(directory, "yarn"),