Add a test for the JSON output of the analyze command

oracle / macaron

Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks or check conformance to frameworks, such as SLSA.

https://oracle.github.io/macaron/

Universal Permissive License v1.0

114 stars 18 forks source link

Add a test for the JSON output of the analyze command #769

Open behnazh-w opened 3 weeks ago

behnazh-w commented 3 weeks ago

With this PR merged, we have started using Datalog policies in the e2e tests to check the analyze command results. But we no longer check the JSON outputs. We need to add a test for the JSON outputs to catch regressions.

tromai commented 2 weeks ago

I wonder which test cases do you have in mind for checking the JSON outputs. What I think would work best is to convert the rest of integration test cases (leftover from #764 ). After that, we can go through all of them and pick specific test cases that we wan to check for JSON outputs, then I can update those test cases correspondingly.

behnazh-w commented 2 weeks ago

I wonder which test cases do you have in mind for checking the JSON outputs. What I think would work best is to convert the rest of integration test cases (leftover from #764 ). After that, we can go through all of them and pick specific test cases that we wan to check for JSON outputs, then I can update those test cases correspondingly.

Yes, sounds good. After converting the rest of the test cases, checking the JSON output for one of the test cases should be enough.