Initial commit

tests/test_dedupe_mitre.py

@@ -0,0 +1,53 @@
+from applepy.checks.mitre import _attack_technique_url, augment_mitre_worksheet
+from applepy.dedupe import dedupe_by_id
+from applepy.findings import Finding, Severity
+
+
+def test_dedupe_by_id() -> None:
+    a = Finding(
+        id="x",
+        title="t",
+        category="c",
+        severity=Severity.LOW,
+        description="d",
+        evidence="e",
+        worksheet="W",
+    )
+    b = Finding(
+        id="x",
+        title="other",
+        category="c",
+        severity=Severity.HIGH,
+        description="d",
+        evidence="e",
+        worksheet="W",
+    )
+    out = dedupe_by_id([a, b])
+    assert len(out) == 1
+    assert out[0].title == "t"
+
+
+def test_attack_technique_url_subtechnique() -> None:
+    assert _attack_technique_url("T1548.001") == "https://attack.mitre.org/techniques/T1548/001/"
+
+
+def test_attack_technique_url_parent() -> None:
+    assert _attack_technique_url("T1059") == "https://attack.mitre.org/techniques/T1059/"
+
+
+def test_augment_mitre_adds_rows() -> None:
+    f = Finding(
+        id="f1",
+        title="t",
+        category="c",
+        severity=Severity.INFORMATIONAL,
+        description="d",
+        evidence="e",
+        worksheet="Core",
+        mitre_techniques=("T1082",),
+    )
+    findings: list[Finding] = [f]
+    augment_mitre_worksheet(findings)
+    assert any(x.id == "map-T1082" for x in findings)
+    assert any(x.id == "map-summary" for x in findings)
+    assert any(x.id.startswith("map-defer-") for x in findings)