DeepSource MCP Server

/** * @vitest-environment node */ import { TestableDeepSourceClient } from './utils/test-utils'; describe('DeepSource Vulnerability Utils', () => { describe('processVulnerabilityEdge', () => { it('should return null for null input', () => { const result = TestableDeepSourceClient.testProcessVulnerabilityEdge(null); expect(result).toBeNull(); }); it('should return null for invalid input', () => { const result = TestableDeepSourceClient.testProcessVulnerabilityEdge('not an object'); expect(result).toBeNull(); }); it('should return null for object without node', () => { const edge = { cursor: 'cursor-1' }; const result = TestableDeepSourceClient.testProcessVulnerabilityEdge(edge); expect(result).toBeNull(); }); }); describe('isValidVulnerabilityNode', () => { it('should return false for null or undefined input', () => { const result1 = TestableDeepSourceClient.testIsValidVulnerabilityNode(null); expect(result1).toBe(false); const result2 = TestableDeepSourceClient.testIsValidVulnerabilityNode(undefined); expect(result2).toBe(false); }); it('should return false for non-object input', () => { const result = TestableDeepSourceClient.testIsValidVulnerabilityNode('not an object'); expect(result).toBe(false); }); it('should return false for object without required fields', () => { const incompleteNode = { id: 'vuln-1' }; const result = TestableDeepSourceClient.testIsValidVulnerabilityNode(incompleteNode); expect(result).toBe(false); }); }); describe('mapVulnerabilityOccurrence', () => { it('should map valid vulnerability data', () => { const validNode = { id: 'vuln-1', package: { name: 'lodash', ecosystem: 'npm', purl: 'pkg:npm/lodash', }, packageVersion: { version: '4.17.15', }, vulnerability: { identifier: 'CVE-2021-23337', severity: 'HIGH', cvss: { score: 7.5, vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N', }, }, isReachable: true, isFixable: true, fixVersion: '4.17.21', }; const result = TestableDeepSourceClient.testMapVulnerabilityOccurrence(validNode); expect(result).toBeDefined(); // Just verify the basic structure, not all fields to avoid circular reference issues expect(result.id).toBe('vuln-1'); }); }); describe('processVulnerabilityResponse', () => { it('should handle null or undefined response', () => { const nullResult = TestableDeepSourceClient.testProcessVulnerabilityResponse(null); expect(nullResult.vulnerabilities).toEqual([]); expect(nullResult.pageInfo).toBeDefined(); expect(nullResult.totalCount).toBe(0); }); it('should handle response without data field', () => { const invalidResponse = { errors: ['Some error'] }; const result = TestableDeepSourceClient.testProcessVulnerabilityResponse(invalidResponse); expect(result.vulnerabilities).toEqual([]); }); }); describe('getReportField', () => { it('should return the correct field for OWASP_TOP_10', () => { const field = TestableDeepSourceClient.testGetReportField('OWASP_TOP_10'); expect(field).toBeDefined(); expect(typeof field).toBe('string'); }); it('should return the correct field for SANS_TOP_25', () => { const field = TestableDeepSourceClient.testGetReportField('SANS_TOP_25'); expect(field).toBeDefined(); expect(typeof field).toBe('string'); }); it('should return the correct field for MISRA_C', () => { const field = TestableDeepSourceClient.testGetReportField('MISRA_C'); expect(field).toBeDefined(); expect(typeof field).toBe('string'); }); }); });