lint: vulnerabilities: Avoid 'mock' in test.

* guix/lint.scm (check-vulnerabilities): Add 'package-vulnerabilities' optional parameter. * tests/lint.scm ("cve: one vulnerability"): Use it instead of 'mock'.
2020-01-17 11:27:37 +01:00 · 2020-01-17 11:27:37 +01:00 · fcb2318e51
parent fd4c832bdb
commit fcb2318e51
2 changed files with 15 additions and 10 deletions
--- a/guix/lint.scm
+++ b/guix/lint.scm
@ -1029,8 +1029,11 @@ the NIST server non-fatal."
                         (package-version package))))
        ((force lookup) name version)))))

-(define (check-vulnerabilities package)
-  "Check for known vulnerabilities for PACKAGE."
+(define* (check-vulnerabilities package
+                                #:optional (package-vulnerabilities
+                                            package-vulnerabilities))
+  "Check for known vulnerabilities for PACKAGE.  Obtain the list of
+vulnerability records for PACKAGE by calling PACKAGE-VULNERABILITIES."
  (let ((package (or (package-replacement package) package)))
    (match (package-vulnerabilities package)
      (()
--- a/tests/lint.scm
+++ b/tests/lint.scm
@ -1,7 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2012, 2013 Cyril Roelandt <tipecaml@gmail.com>
 ;;; Copyright © 2014, 2015, 2016 Eric Bavier <bavier@member.fsf.org>
-;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2015, 2016 Mathieu Lirzin <mthl@gnu.org>
 ;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
 ;;; Copyright © 2017 Alex Kost <alezost@gmail.com>
@ -756,14 +756,16 @@

 (test-equal "cve: one vulnerability"
  "probably vulnerable to CVE-2015-1234"
-  (mock ((guix lint) package-vulnerabilities
+  (let ((dummy-vulnerabilities
         (lambda (package)
-           (list (make-struct/no-tail (@@ (guix cve) <vulnerability>)
-                                      "CVE-2015-1234"
-                                      (list (cons (package-name package)
-                                                  (package-version package)))))))
-        (single-lint-warning-message
-         (check-vulnerabilities (dummy-package "pi" (version "3.14"))))))
+           (list (make-struct/no-tail
+                  (@@ (guix cve) <vulnerability>)
+                  "CVE-2015-1234"
+                  (list (cons (package-name package)
+                              (package-version package))))))))
+    (single-lint-warning-message
+     (check-vulnerabilities (dummy-package "pi" (version "3.14"))
+                            dummy-vulnerabilities))))

 (test-equal "cve: one patched vulnerability"
  '()