From 388715286994faf039de344906f323391ba5f794 Mon Sep 17 00:00:00 2001 From: Al Snow Date: Sun, 23 Nov 2025 08:48:39 -0500 Subject: [PATCH] Reimplement PR#585 --- spec/advisories_spec.rb | 10 ++++++++++ spec/advisory_dir_example.rb | 27 +++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 spec/advisory_dir_example.rb diff --git a/spec/advisories_spec.rb b/spec/advisories_spec.rb index f8d8229734..6bf706723a 100644 --- a/spec/advisories_spec.rb +++ b/spec/advisories_spec.rb @@ -1,12 +1,17 @@ require 'spec_helper' require 'gem_advisory_example' require 'ruby_advisory_example' +require 'advisory_dir_example' describe "gems" do Dir.glob(File.join(ROOT,'gems/*/*')) do |path| include_examples 'Gem Advisory', path end + Dir.glob(File.join(File.dirname(__FILE__), '../gems/*')) do |dir| + include_examples 'Advisory Directory', dir + end + let(:dir) { File.join(ROOT,'gems') } let(:advisory_dirs) { Dir.glob('*', base: dir) } @@ -31,4 +36,9 @@ Dir.glob(File.join(ROOT, 'rubies/*/*')) do |path| include_examples 'Rubies Advisory', path end + + Dir.glob(File.join(File.dirname(__FILE__), '../rubies/*')) do |dir| + include_examples 'Advisory Directory', dir + end end + diff --git a/spec/advisory_dir_example.rb b/spec/advisory_dir_example.rb new file mode 100644 index 0000000000..44e1e606bd --- /dev/null +++ b/spec/advisory_dir_example.rb @@ -0,0 +1,27 @@ +require 'rspec' +require 'date' + +shared_examples_for "Advisory Directory" do |dir| + describe dir do + let(:advisory_paths) { Dir.glob(File.join(dir,'*.yml')) } + let(:advisories) do + advisory_paths.map do |path| + YAML.safe_load_file(path, permitted_classes: [Date]) + end + end + + it "must not contain duplicate CVE IDs" do + cve_ids = advisories.map { |advisory| advisory['cve'] } + cve_ids.compact! + + expect(cve_ids).to eq(cve_ids.uniq) + end + + it "must not contain duplicate GHSA IDs" do + ghsa_ids = advisories.map { |advisory| advisory['ghsa'] }.compact + ghsa_ids.compact! + + expect(ghsa_ids).to match_array(ghsa_ids.uniq) + end + end +end