milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into only-write-stdout-when-safe-chain-audited

Browse source
This commit is contained in:
Sander Declerck 2025-11-05 17:12:57 +01:00
commit 0b056e92de
No known key found for this signature in database
1 changed files with 10 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

14
test/e2e/pip.e2e.spec.js
View file

@ -28,7 +28,9 @@ describe("E2E: pip coverage", () => {
it(`successfully installs known safe packages with pip3`, async () => { it(`successfully installs known safe packages with pip3`, async () => {
const shell = await container.openShell("zsh"); const shell = await container.openShell("zsh");
const result = await shell.runCommand("pip3 install requests"); const result = await shell.runCommand(
"pip3 install --break-system-packages requests"
);
assert.ok( assert.ok(
result.output.includes("no malware found."), result.output.includes("no malware found."),
@ -58,7 +60,9 @@ describe("E2E: pip coverage", () => {
it(`pip3 install --dry-run is respected by scanner`, async () => { it(`pip3 install --dry-run is respected by scanner`, async () => {
const shell = await container.openShell("zsh"); const shell = await container.openShell("zsh");
const result = await shell.runCommand("pip3 install --dry-run requests"); const result = await shell.runCommand(
"pip3 install --dry-run --break-system-packages requests"
);
assert.ok( assert.ok(
result.output.includes("no malware found."), result.output.includes("no malware found."),
@ -69,7 +73,7 @@ describe("E2E: pip coverage", () => {
it(`pip3 install with extras such as requests[socks]`, async () => { it(`pip3 install with extras such as requests[socks]`, async () => {
const shell = await container.openShell("zsh"); const shell = await container.openShell("zsh");
const result = await shell.runCommand( const result = await shell.runCommand(
'pip3 install "requests[socks]==2.32.3"' 'pip3 install --break-system-packages "requests[socks]==2.32.3"'
); );
assert.ok( assert.ok(
@ -80,7 +84,9 @@ describe("E2E: pip coverage", () => {
it(`pip3 install with range version specifier`, async () => { it(`pip3 install with range version specifier`, async () => {
const shell = await container.openShell("zsh"); const shell = await container.openShell("zsh");
const result = await shell.runCommand('pip3 install "Jinja2>=3.1,<3.2"'); const result = await shell.runCommand(
'pip3 install --break-system-packages "Jinja2>=3.1,<3.2"'
);
assert.ok( assert.ok(
result.output.includes("no malware found."), result.output.includes("no malware found."),