diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerTest.java index 4f5f24c1f9a..331b13b115d 100644 --- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerTest.java +++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerTest.java @@ -103,17 +103,25 @@ public void testAnalyzePackageJson() throws Exception { engine.addDependency(result); analyzer.analyze(result, engine); assertFalse(ArrayUtils.contains(engine.getDependencies(), result)); - assertEquals(23, engine.getDependencies().length); - boolean found = false; + assertEquals(24, engine.getDependencies().length); + boolean foundPyYAML = false; + boolean foundCryptography = false; for (Dependency d : engine.getDependencies()) { if ("PyYAML".equals(d.getName())) { - found = true; + foundPyYAML = true; assertEquals("3.12", d.getVersion()); assertThat(d.getDisplayFileName(), equalTo("PyYAML:3.12")); assertEquals(PythonDistributionAnalyzer.DEPENDENCY_ECOSYSTEM, d.getEcosystem()); } + if ("cryptography".equals(d.getName())) { + foundCryptography = true; + assertEquals("1.8.2", d.getVersion()); + assertThat(d.getDisplayFileName(), equalTo("cryptography:1.8.2")); + assertEquals(PythonDistributionAnalyzer.DEPENDENCY_ECOSYSTEM, d.getEcosystem()); + } } - assertTrue("Expeced to find PyYAML", found); + assertTrue("Expected to find PyYAML", foundPyYAML); + assertTrue("Expected to find cryptography", foundCryptography); } } } diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfileAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfileAnalyzerTest.java index 1a38ef6c2b5..f19c62fad24 100644 --- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfileAnalyzerTest.java +++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfileAnalyzerTest.java @@ -101,17 +101,25 @@ public void testAnalyzePackageJson() throws Exception { engine.addDependency(result); analyzer.analyze(result, engine); assertFalse(ArrayUtils.contains(engine.getDependencies(), result)); - assertEquals(39, engine.getDependencies().length); - boolean found = false; + assertEquals(40, engine.getDependencies().length); + boolean foundUrllib3 = false; + boolean foundCryptography = false; for (Dependency d : engine.getDependencies()) { if ("urllib3".equals(d.getName())) { - found = true; + foundUrllib3 = true; assertEquals("1.25.9", d.getVersion()); assertThat(d.getDisplayFileName(), equalTo("urllib3:1.25.9")); assertEquals(PythonDistributionAnalyzer.DEPENDENCY_ECOSYSTEM, d.getEcosystem()); } + if ("cryptography".equals(d.getName())) { + foundCryptography = true; + assertEquals("1.8.2", d.getVersion()); + assertThat(d.getDisplayFileName(), equalTo("cryptography:1.8.2")); + assertEquals(PythonDistributionAnalyzer.DEPENDENCY_ECOSYSTEM, d.getEcosystem()); + } } - assertTrue("Expeced to find urllib3", found); + assertTrue("Expeced to find urllib3", foundUrllib3); + assertTrue("Expeced to find cryptography", foundCryptography); } } } diff --git a/src/test/resources/Pipfile b/src/test/resources/Pipfile index 185efcd3f25..42eff047f41 100644 --- a/src/test/resources/Pipfile +++ b/src/test/resources/Pipfile @@ -46,6 +46,7 @@ py-flags = "==1.1.2" CacheControl = "==0.12.5" prometheus_client = "==0.7.1" PyYAML = "==5.3.1" +cryptography = "~=1.8.2" [requires] python_version = "3.6" diff --git a/src/test/resources/requirements.txt b/src/test/resources/requirements.txt index 3a73a505d13..8e5544b98b4 100644 --- a/src/test/resources/requirements.txt +++ b/src/test/resources/requirements.txt @@ -20,4 +20,5 @@ six==1.11.0 spyne==2.12.14 suds-jurko==0.6 urllib3 -Werkzeug>=0.14.1 \ No newline at end of file +Werkzeug>=0.14.1 +cryptography~=1.8.2 \ No newline at end of file