getInsecureVersions example

  protected function matchesExistingVersion(SecurityAdvisory $sa): bool {
    if ($existing_version = $this->getProjectExistingVersion($sa)) {
      $existing_project_version = ExtensionVersion::createFromVersionString($existing_version);
      $insecure_versions = $sa->getInsecureVersions();
      // If a site codebase has a development version of any project, including       // core, we cannot be certain if their development build has the security       // vulnerabilities that make any of the versions in $insecure_versions       // insecure. Therefore, we should err on the side of assuming the site's       // code does have the security vulnerabilities and show the advisories.       // This will result in some sites seeing advisories that do not affect       // their versions, but it will make it less likely that sites with the       // security vulnerabilities will not see the advisories.       if ($existing_project_version->getVersionExtra() === 'dev') {
        foreach ($insecure_versions as $insecure_version) {
          try {
            

public function testCreateFromArray(array $changes, array $expected = []): void {
    $data = $changes;
    $data += $this->getValidData();
    $expected += $data;

    $sa = SecurityAdvisory::createFromArray($data);
    $this->assertInstanceOf(SecurityAdvisory::class, $sa);
    $this->assertSame($expected['title'], $sa->getTitle());
    $this->assertSame($expected['project'], $sa->getProject());
    $this->assertSame($expected['type'], $sa->getProjectType());
    $this->assertSame($expected['link'], $sa->getUrl());
    $this->assertSame($expected['insecure'], $sa->getInsecureVersions());
    $this->assertSame($expected['is_psa'], $sa->isPsa());
    $this->assertSame($expected['type'] === 'core', $sa->isCoreAdvisory());
  }

  /** * Data provider for testCreateFromArray(). */
  public function providerCreateFromArray(): array {
    return [
      // For 'is_psa' the return value should converted to any array.       [
        [