add integrity extractor test

viveksahu26 · viveksahu26 · commit 913b9fc406e5 · 2025-10-10T12:29:03.000+05:30
diff --git a/pkg/scorer/v2/engine/farmulas.go b/pkg/scorer/v2/engine/farmulas.go
@@ -14,12 +14,20 @@
 
 package engine
 
-import "github.com/interlynk-io/sbomqs/pkg/scorer/v2/config"
+import (
+	"fmt"
 
+	"github.com/interlynk-io/sbomqs/pkg/scorer/v2/config"
+)
+
+func NoComponentsNA() string           { return "N/A (no components)" }
 func MissingField(field string) string { return "missing " + field }
 func PresentField(field string) string { return "present " + field }
 func NonSupportedSPDXField() string    { return "N/A (SPDX)" }
 func UnknownSpec() string              { return "N/A (unknown spec)" }
+func CompDescription(have, total int, field string) string {
+	return fmt.Sprintf("%d/%d have %s", have, total, field)
+}
 
 // perComponentScore returns 10 × (have/total)
 func PerComponentScore(have, total int) float64 {
diff --git a/pkg/scorer/v2/extractors/identification.go b/pkg/scorer/v2/extractors/identification.go
@@ -30,7 +30,7 @@ func CompWithName(doc sbom.Document) config.FeatureScore {
 	if total == 0 {
 		return config.FeatureScore{
 			Score:  engine.PerComponentScore(0, total),
-			Desc:   "N/A (no components)",
+			Desc:   engine.NoComponentsNA(),
 			Ignore: true,
 		}
 	}
@@ -40,8 +40,9 @@ func CompWithName(doc sbom.Document) config.FeatureScore {
 	})
 
 	return config.FeatureScore{
-		Score:  engine.PerComponentScore(have, total),
-		Desc:   fmt.Sprintf("%d/%d have names", have, total),
+		Score: engine.PerComponentScore(have, total),
+		Desc:  engine.CompDescription(have, total, "names"),
+
 		Ignore: false,
 	}
 }
@@ -52,7 +53,7 @@ func CompWithVersion(doc sbom.Document) config.FeatureScore {
 	if total == 0 {
 		return config.FeatureScore{
 			Score:  engine.PerComponentScore(0, total),
-			Desc:   "N/A (no components)",
+			Desc:   engine.NoComponentsNA(),
 			Ignore: true,
 		}
 	}
@@ -63,7 +64,7 @@ func CompWithVersion(doc sbom.Document) config.FeatureScore {
 
 	return config.FeatureScore{
 		Score:  engine.PerComponentScore(have, total),
-		Desc:   fmt.Sprintf("%d/%d have versions", have, total),
+		Desc:   engine.CompDescription(have, total, "versions"),
 		Ignore: false,
 	}
 }
@@ -74,7 +75,7 @@ func CompWithUniqLocalIDs(doc sbom.Document) config.FeatureScore {
 	if total == 0 {
 		return config.FeatureScore{
 			Score:  engine.PerComponentScore(0, total),
-			Desc:   "N/A (no components)",
+			Desc:   engine.NoComponentsNA(),
 			Ignore: true,
 		}
 	}
@@ -90,7 +91,7 @@ func CompWithUniqLocalIDs(doc sbom.Document) config.FeatureScore {
 
 	return config.FeatureScore{
 		Score:  engine.PerComponentScore(len(have), total),
-		Desc:   fmt.Sprintf("%d/%d have unique IDs", len(have), total),
+		Desc:   engine.CompDescription(len(have), total, "unique IDs"),
 		Ignore: false,
 	}
 }
diff --git a/pkg/scorer/v2/extractors/integrity.go b/pkg/scorer/v2/extractors/integrity.go
@@ -33,21 +33,21 @@ func CompWithSHA1Plus(doc sbom.Document) config.FeatureScore {
 	if total == 0 {
 		return config.FeatureScore{
 			Score:  engine.PerComponentScore(0, 0),
-			Desc:   "N/A (no components)",
+			Desc:   engine.NoComponentsNA(),
 			Ignore: true,
 		}
 	}
 
-	withSHA1p := 0
+	have := 0
 	for _, comp := range comps {
 		if hasSHA1Plus(comp) {
-			withSHA1p++
+			have++
 		}
 	}
 
 	return config.FeatureScore{
-		Score:  engine.PerComponentScore(withSHA1p, total),
-		Desc:   fmt.Sprintf("%d/%d have SHA-1+", withSHA1p, total),
+		Score:  engine.PerComponentScore(have, total),
+		Desc:   engine.CompDescription(have, total, "SHA-1+"),
 		Ignore: false,
 	}
 }
@@ -59,21 +59,21 @@ func CompWithSHA256Plus(doc sbom.Document) config.FeatureScore {
 	if total == 0 {
 		return config.FeatureScore{
 			Score:  engine.PerComponentScore(0, 0),
-			Desc:   "N/A (no components)",
+			Desc:   engine.NoComponentsNA(),
 			Ignore: true,
 		}
 	}
 
-	with256p := 0
+	have := 0
 	for _, c := range comps {
 		if hasSHA256Plus(c) {
-			with256p++
+			have++
 		}
 	}
 
 	return config.FeatureScore{
-		Score:  engine.PerComponentScore(with256p, total),
-		Desc:   fmt.Sprintf("%d/%d have SHA-256+", with256p, total),
+		Score:  engine.PerComponentScore(have, total),
+		Desc:   engine.CompDescription(have, total, "SHA-256+"),
 		Ignore: false,
 	}
 }
@@ -88,18 +88,18 @@ var verifySignature = common.VerifySignature
 //	 5 = signature present but verification failed
 //	 0 = no signature / incomplete bundle
 func SBOMSignature(doc sbom.Document) config.FeatureScore {
-	s := doc.Signature()
-	if s == nil {
+	sig := doc.Signature()
+	if sig == nil {
 		return config.FeatureScore{
 			Score:  0,
-			Desc:   "no signature",
+			Desc:   engine.MissingField("signature"),
 			Ignore: false,
 		}
 	}
 
-	pubKeyPath := strings.TrimSpace(s.GetPublicKey())
-	blobPath := strings.TrimSpace(s.GetBlob())
-	sigPath := strings.TrimSpace(s.GetSigValue())
+	pubKeyPath := strings.TrimSpace(sig.GetPublicKey())
+	blobPath := strings.TrimSpace(sig.GetBlob())
+	sigPath := strings.TrimSpace(sig.GetSigValue())
 
 	// Incomplete bundle → treat as missing
 	if pubKeyPath == "" || blobPath == "" || sigPath == "" {
diff --git a/pkg/scorer/v2/extractors/integrity_test.go b/pkg/scorer/v2/extractors/integrity_test.go

Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ func CompWithName(doc sbom.Document) config.FeatureScore {`
`30`	`30`	`if total == 0 {`
`31`	`31`	`return config.FeatureScore{`
`32`	`32`	`Score: engine.PerComponentScore(0, total),`
`33`		`- Desc: "N/A (no components)",`
	`33`	`+ Desc: engine.NoComponentsNA(),`
`34`	`34`	`Ignore: true,`
`35`	`35`	`}`
`36`	`36`	`}`
`@@ -40,8 +40,9 @@ func CompWithName(doc sbom.Document) config.FeatureScore {`
`40`	`40`	`})`
`41`	`41`
`42`	`42`	`return config.FeatureScore{`
`43`		`- Score: engine.PerComponentScore(have, total),`
`44`		`- Desc: fmt.Sprintf("%d/%d have names", have, total),`
	`43`	`+ Score: engine.PerComponentScore(have, total),`
	`44`	`+ Desc: engine.CompDescription(have, total, "names"),`
	`45`	`+`
`45`	`46`	`Ignore: false,`
`46`	`47`	`}`
`47`	`48`	`}`
`@@ -52,7 +53,7 @@ func CompWithVersion(doc sbom.Document) config.FeatureScore {`
`52`	`53`	`if total == 0 {`
`53`	`54`	`return config.FeatureScore{`
`54`	`55`	`Score: engine.PerComponentScore(0, total),`
`55`		`- Desc: "N/A (no components)",`
	`56`	`+ Desc: engine.NoComponentsNA(),`
`56`	`57`	`Ignore: true,`
`57`	`58`	`}`
`58`	`59`	`}`
`@@ -63,7 +64,7 @@ func CompWithVersion(doc sbom.Document) config.FeatureScore {`
`63`	`64`
`64`	`65`	`return config.FeatureScore{`
`65`	`66`	`Score: engine.PerComponentScore(have, total),`
`66`		`- Desc: fmt.Sprintf("%d/%d have versions", have, total),`
	`67`	`+ Desc: engine.CompDescription(have, total, "versions"),`
`67`	`68`	`Ignore: false,`
`68`	`69`	`}`
`69`	`70`	`}`
`@@ -74,7 +75,7 @@ func CompWithUniqLocalIDs(doc sbom.Document) config.FeatureScore {`
`74`	`75`	`if total == 0 {`
`75`	`76`	`return config.FeatureScore{`
`76`	`77`	`Score: engine.PerComponentScore(0, total),`
`77`		`- Desc: "N/A (no components)",`
	`78`	`+ Desc: engine.NoComponentsNA(),`
`78`	`79`	`Ignore: true,`
`79`	`80`	`}`
`80`	`81`	`}`
`@@ -90,7 +91,7 @@ func CompWithUniqLocalIDs(doc sbom.Document) config.FeatureScore {`
`90`	`91`
`91`	`92`	`return config.FeatureScore{`
`92`	`93`	`Score: engine.PerComponentScore(len(have), total),`
`93`		`- Desc: fmt.Sprintf("%d/%d have unique IDs", len(have), total),`
	`94`	`+ Desc: engine.CompDescription(len(have), total, "unique IDs"),`
`94`	`95`	`Ignore: false,`
`95`	`96`	`}`
`96`	`97`	`}`
Original file line number	Diff line number	Diff line change
`@@ -33,21 +33,21 @@ func CompWithSHA1Plus(doc sbom.Document) config.FeatureScore {`
`33`	`33`	`if total == 0 {`
`34`	`34`	`return config.FeatureScore{`
`35`	`35`	`Score: engine.PerComponentScore(0, 0),`
`36`		`- Desc: "N/A (no components)",`
	`36`	`+ Desc: engine.NoComponentsNA(),`
`37`	`37`	`Ignore: true,`
`38`	`38`	`}`
`39`	`39`	`}`
`40`	`40`
`41`		`- withSHA1p := 0`
	`41`	`+ have := 0`
`42`	`42`	`for _, comp := range comps {`
`43`	`43`	`if hasSHA1Plus(comp) {`
`44`		`- withSHA1p++`
	`44`	`+ have++`
`45`	`45`	`}`
`46`	`46`	`}`
`47`	`47`
`48`	`48`	`return config.FeatureScore{`
`49`		`- Score: engine.PerComponentScore(withSHA1p, total),`
`50`		`- Desc: fmt.Sprintf("%d/%d have SHA-1+", withSHA1p, total),`
	`49`	`+ Score: engine.PerComponentScore(have, total),`
	`50`	`+ Desc: engine.CompDescription(have, total, "SHA-1+"),`
`51`	`51`	`Ignore: false,`
`52`	`52`	`}`
`53`	`53`	`}`
`@@ -59,21 +59,21 @@ func CompWithSHA256Plus(doc sbom.Document) config.FeatureScore {`
`59`	`59`	`if total == 0 {`
`60`	`60`	`return config.FeatureScore{`
`61`	`61`	`Score: engine.PerComponentScore(0, 0),`
`62`		`- Desc: "N/A (no components)",`
	`62`	`+ Desc: engine.NoComponentsNA(),`
`63`	`63`	`Ignore: true,`
`64`	`64`	`}`
`65`	`65`	`}`
`66`	`66`
`67`		`- with256p := 0`
	`67`	`+ have := 0`
`68`	`68`	`for _, c := range comps {`
`69`	`69`	`if hasSHA256Plus(c) {`
`70`		`- with256p++`
	`70`	`+ have++`
`71`	`71`	`}`
`72`	`72`	`}`
`73`	`73`
`74`	`74`	`return config.FeatureScore{`
`75`		`- Score: engine.PerComponentScore(with256p, total),`
`76`		`- Desc: fmt.Sprintf("%d/%d have SHA-256+", with256p, total),`
	`75`	`+ Score: engine.PerComponentScore(have, total),`
	`76`	`+ Desc: engine.CompDescription(have, total, "SHA-256+"),`
`77`	`77`	`Ignore: false,`
`78`	`78`	`}`
`79`	`79`	`}`
`@@ -88,18 +88,18 @@ var verifySignature = common.VerifySignature`
`88`	`88`	`// 5 = signature present but verification failed`
`89`	`89`	`// 0 = no signature / incomplete bundle`
`90`	`90`	`func SBOMSignature(doc sbom.Document) config.FeatureScore {`
`91`		`- s := doc.Signature()`
`92`		`- if s == nil {`
	`91`	`+ sig := doc.Signature()`
	`92`	`+ if sig == nil {`
`93`	`93`	`return config.FeatureScore{`
`94`	`94`	`Score: 0,`
`95`		`- Desc: "no signature",`
	`95`	`+ Desc: engine.MissingField("signature"),`
`96`	`96`	`Ignore: false,`
`97`	`97`	`}`
`98`	`98`	`}`
`99`	`99`
`100`		`- pubKeyPath := strings.TrimSpace(s.GetPublicKey())`
`101`		`- blobPath := strings.TrimSpace(s.GetBlob())`
`102`		`- sigPath := strings.TrimSpace(s.GetSigValue())`
	`100`	`+ pubKeyPath := strings.TrimSpace(sig.GetPublicKey())`
	`101`	`+ blobPath := strings.TrimSpace(sig.GetBlob())`
	`102`	`+ sigPath := strings.TrimSpace(sig.GetSigValue())`
`103`	`103`
`104`	`104`	`// Incomplete bundle → treat as missing`
`105`	`105`	`if pubKeyPath == "" \|\| blobPath == "" \|\| sigPath == "" {`