From b1c1c1c69bbc378352431b316f33015881e14cc7 Mon Sep 17 00:00:00 2001
From: J08nY <johny@neuromancer.sk>
Date: Mon, 10 Jun 2024 18:51:37 +0200
Subject: [PATCH 1/3] Fix NVD tests.

---
 .github/workflows/tests.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 51b13b90..a8ae7d6c 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -8,6 +8,8 @@ env:
 jobs:
   test:
     runs-on: ubuntu-22.04
+    env:
+      SECCERTS_NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
     steps:
       - name: apt-get update
         run: sudo apt-get update
@@ -31,4 +33,6 @@ jobs:
       - name: Run tests
         run: pytest --cov=sec_certs tests
       - name: Code coverage upload
-        uses: codecov/codecov-action@v3
+        uses: codecov/codecov-action@v4
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}

From 54c9737a6536123501a012dd21548bb5eae8d599 Mon Sep 17 00:00:00 2001
From: J08nY <johny@neuromancer.sk>
Date: Mon, 10 Jun 2024 22:01:30 +0200
Subject: [PATCH 2/3] Use NVD api key in tests

---
 tests/test_nvd_dataset_builder.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/test_nvd_dataset_builder.py b/tests/test_nvd_dataset_builder.py
index 4868bfa7..e8adc845 100644
--- a/tests/test_nvd_dataset_builder.py
+++ b/tests/test_nvd_dataset_builder.py
@@ -62,7 +62,7 @@ def get_dataset_len(dset) -> int:
         return len(dset["match_strings"])
 
     config.preferred_source_nvd_datasets = "api"
-    with builder_class() as dataset_builder:
+    with builder_class(api_key=config.nvd_api_key) as dataset_builder:
         dataset = dataset_builder._init_new_dataset()
         assert dataset == default_dataset
         last_update = dataset_builder._get_last_update_from_previous_data(dataset)

From 77bf4d941260c871f4da37ed2f8cc1a04ea1a3b9 Mon Sep 17 00:00:00 2001
From: J08nY <johny@neuromancer.sk>
Date: Mon, 10 Jun 2024 23:47:30 +0200
Subject: [PATCH 3/3] Fix NVD CPE Match API usage.

NIST recently lowered the limit on resultsPerPage for the
CPE Match API, hence we have to adapt:

https://nvd.nist.gov/general/news/cpematch-resultsperpage-update
---
 src/sec_certs/utils/nvd_dataset_builder.py | 2 +-
 tests/test_nvd_dataset_builder.py          | 5 ++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/sec_certs/utils/nvd_dataset_builder.py b/src/sec_certs/utils/nvd_dataset_builder.py
index fe43bcb3..55132339 100644
--- a/src/sec_certs/utils/nvd_dataset_builder.py
+++ b/src/sec_certs/utils/nvd_dataset_builder.py
@@ -323,7 +323,7 @@ def _init_new_dataset() -> CVEDataset:
 class CpeMatchNvdDatasetBuilder(NvdDatasetBuilder[dict]):
     _ENDPOINT: Final[str] = "CPEMatch"
     _ENDPOINT_URL: Final[str] = "https://services.nvd.nist.gov/rest/json/cpematch/2.0"
-    _RESULTS_PER_PAGE: Final[int] = 5000
+    _RESULTS_PER_PAGE: Final[int] = 500
     _VERSION_KEYS: Final[list[str]] = [
         "versionStartIncluding",
         "versionStartExcluding",
diff --git a/tests/test_nvd_dataset_builder.py b/tests/test_nvd_dataset_builder.py
index e8adc845..fda94d1f 100644
--- a/tests/test_nvd_dataset_builder.py
+++ b/tests/test_nvd_dataset_builder.py
@@ -1,10 +1,9 @@
 from datetime import date, datetime, timedelta
-from importlib import resources
+from importlib.resources import files
 from typing import Any
 
 import pytest
 
-import tests.data.common
 from sec_certs.configuration import config
 from sec_certs.dataset import CCDataset, CPEDataset, CVEDataset
 from sec_certs.utils.nvd_dataset_builder import (
@@ -17,7 +16,7 @@
 
 @pytest.fixture(autouse=True)
 def load_test_config():
-    with resources.path(tests.data.common, "settings_tests.yml") as path:
+    with files("tests.data.common") / "settings_tests.yml" as path:
         config.load_from_yaml(path)