x/vulndb: add a check to ensure that GHSAs and CVEs are not repeated across reports

Change-Id: Ibbde79bb08d4c540202ac6dca9e9fff0221e0c0d Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/451286 TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Tatiana Bradley <tatiana@golang.org> Run-TryBot: Maceo Thompson <maceothompson@google.com>
2022-11-18 13:35:03 -05:00 · 2022-11-18 13:35:03 -05:00 · e2eba22a51
--- a/all_test.go
+++ b/all_test.go
@ -76,6 +76,8 @@ func TestLintReports(t *testing.T) {
 			reports = append(reports, filename)
 		}
 	}
+	// Map from aliases (CVEs/GHSAS) to report paths, used to check for duplicate aliases.
+	aliases := make(map[string]string)
 	sort.Strings(reports)
 	for _, filename := range reports {
 		t.Run(filename, func(t *testing.T) {
@ -87,6 +89,13 @@ func TestLintReports(t *testing.T) {
 			if len(lints) > 0 {
 				t.Errorf(strings.Join(lints, "\n"))
 			}
+			for _, alias := range r.GetAliases() {
+				if report, ok := aliases[alias]; ok {
+					t.Errorf("report %s shares duplicate alias %s with report %s", filename, alias, report)
+				} else {
+					aliases[alias] = filename
+				}
+			}
 			// Check that a correct OSV file was generated for each YAML report.
 			if r.Excluded == "" {
 				generated := database.GenerateOSVEntry(filename, time.Time{}, r)