Closed Rebits closed 1 week ago
They have been looking for other vulnerable packages to replace in the test cases. Packages such as axios, lodash, firebase, etc. have been found. It remains to decide which one is appropriate for the respective case and to check the test functionality.
Moved to On hold in favor of 4.8.0 - RC 1 testing.
Finally, it has been decided to use the Axios package so that, in the upgrade_package_add_vulnerability
case Axios 0.6.0 (3 vulnerabilities) will be installed and upgraded to Axios 0.10.0 (4 vulnerabilities), and in the upgrade_package_maintain_add_vulnerability
case Systeminformation will be kept but it will be necessary to add a precondition for the package to be installed before.
The test has been launched to test this but has failed due to an error which needs to be further investigated.
Tests have been launched with the changes made. The results and the conclusion can be seen here
LGTM
Description
macOS tests cases
upgrade_package_maintain_add_vulnerability
andupgrade_package_add_vulnerability
for Vulnerability Detection E2E tests make use of the same packages leading to test case failure:Tests Case