socket-cli/src/commands/scan/cmd-scan-create.test.ts at 8e836f352d0398f74aa9bcdb776bc3e02147e79f · SocketDev/socket-cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
import path from 'node:path'

import { describe, expect } from 'vitest'

import constants from '../../../dist/constants.js'
import { cmdit, invokeNpm } from '../../../test/utils'

const { CLI } = constants

describe('socket scan create', async () => {
  // Lazily access constants.rootBinPath.
  const entryPath = path.join(constants.rootBinPath, `${CLI}.js`)

  cmdit(
    ['scan', 'create', '--help', '--config', '{}'],
    'should support --help',
    async cmd => {
      const { code, stderr, stdout } = await invokeNpm(entryPath, cmd)
      expect(stdout).toMatchInlineSnapshot(`
        "Create a scan

          Usage
            $ socket scan create [...options] <org> <TARGET> [TARGET...]

          API Token Requirements
            - Quota: 1 unit
            - Permissions: full-scans:create

          Uploads the specified "package.json" and lock files for JavaScript, Python,
          Go, Scala, Gradle, and Kotlin dependency manifests.
          If any folder is specified, the ones found in there recursively are uploaded.

          Supports globbing such as "**/package.json", "**/requirements.txt", etc.

          Ignores any file specified in your project's ".gitignore" and also has a
          sensible set of default ignores from the "ignore-by-default" module.

          TARGET should be a FILE or DIR that _must_ be inside the CWD.

          When a FILE is given only that FILE is targeted. Otherwise any eligible
          files in the given DIR will be considered.

          Note: for a first run you probably want to set --defaultBranch to indicate
                the default branch name, like "main" or "master".

          Note: --pendingHead is enabled by default and makes a scan show up in your
                dashboard. You can use \`--no-pendingHead\` to have it not show up.

          Options
            --branch          Branch name
            --commitHash      Commit hash
            --commitMessage   Commit message
            --committers      Committers
            --cwd             working directory, defaults to process.cwd()
            --defaultBranch   Set the default branch of the repository to the branch of this full-scan. Should only need to be done once, for example for the "main" or "master" branch.
            --dryRun          run input validation part of command without any concrete side effects
            --help            Print this help
            --json            Output result as json
            --markdown        Output result as markdown
            --pendingHead     Designate this full-scan as the latest scan of a given branch. This must be set to have it show up in the dashboard.
            --pullRequest     Commit hash
            --readOnly        Similar to --dry-run except it can read from remote, stops before it would create an actual report
            --repo            Repository name
            --report          Wait for the scan creation to complete, then basically run \`socket scan report\` on it
            --tmp             Set the visibility (true/false) of the scan in your dashboard
            --view            Will wait for and return the created scan details. Use --no-view to disable.

          Examples
            $ socket scan create --repo=test-repo --branch=main FakeOrg ./package.json"
      `)
      expect(`\n   ${stderr}`).toMatchInlineSnapshot(`
      "
         _____         _       _        /---------------
        |   __|___ ___| |_ ___| |_      | Socket.dev CLI ver <redacted>
        |__   | . |  _| '_| -_|  _|     | Node: <redacted>, API token set: <redacted>
        |_____|___|___|_,_|___|_|.dev   | Command: \`socket scan create\`, cwd: <redacted>"
    `)

      expect(code, 'help should exit with code 2').toBe(2)
      expect(stderr, 'banner includes base command').toContain(
        '`socket scan create`'
      )
    }
  )

  cmdit(
    [
      'scan',
      'create',
      'fakeorg',
      'target',
      '--dry-run',
      '--repo',
      'xyz',
      '--branch',
      'abc',
      '--config',
      '{"apiToken": "abc"}'
    ],
    'should require args with just dry-run',
    async cmd => {
      const { code, stderr, stdout } = await invokeNpm(entryPath, cmd)
      expect(stdout).toMatchInlineSnapshot(`"[DryRun]: Bailing now"`)
      expect(`\n   ${stderr}`).toMatchInlineSnapshot(`
        "
           _____         _       _        /---------------
          |   __|___ ___| |_ ___| |_      | Socket.dev CLI ver <redacted>
          |__   | . |  _| '_| -_|  _|     | Node: <redacted>, API token set: <redacted>
          |_____|___|___|_,_|___|_|.dev   | Command: \`socket scan create\`, cwd: <redacted>"
      `)

      expect(code, 'dry-run should exit with code 0 if input ok').toBe(0)
    }
  )
})