Compare commits
1 Commits
step35/108
...
step35/88-
| Author | SHA1 | Date | |
|---|---|---|---|
|
fe517158a0 |
@@ -1,351 +0,0 @@
|
||||
#!/usr/bin/env python3
|
||||
"""
|
||||
PR Complexity Scorer - Estimate review effort for PRs.
|
||||
"""
|
||||
|
||||
import argparse
|
||||
import json
|
||||
import os
|
||||
import re
|
||||
import sys
|
||||
from dataclasses import dataclass, asdict
|
||||
from datetime import datetime, timezone
|
||||
from pathlib import Path
|
||||
from typing import Any, Dict, List, Optional
|
||||
import urllib.request
|
||||
import urllib.error
|
||||
|
||||
GITEA_BASE = "https://forge.alexanderwhitestone.com/api/v1"
|
||||
|
||||
DEPENDENCY_FILES = {
|
||||
"requirements.txt", "pyproject.toml", "setup.py", "setup.cfg",
|
||||
"Pipfile", "poetry.lock", "package.json", "yarn.lock", "Gemfile",
|
||||
"go.mod", "Cargo.toml", "pom.xml", "build.gradle"
|
||||
}
|
||||
|
||||
TEST_PATTERNS = [
|
||||
r"tests?/.*\.py$", r".*_test\.py$", r"test_.*\.py$",
|
||||
r"spec/.*\.rb$", r".*_spec\.rb$",
|
||||
r"__tests__/", r".*\.test\.(js|ts|jsx|tsx)$"
|
||||
]
|
||||
|
||||
WEIGHT_FILES = 0.25
|
||||
WEIGHT_LINES = 0.25
|
||||
WEIGHT_DEPS = 0.30
|
||||
WEIGHT_TEST_COV = 0.20
|
||||
|
||||
SMALL_FILES = 5
|
||||
MEDIUM_FILES = 20
|
||||
LARGE_FILES = 50
|
||||
|
||||
SMALL_LINES = 100
|
||||
MEDIUM_LINES = 500
|
||||
LARGE_LINES = 2000
|
||||
|
||||
TIME_PER_POINT = {1: 5, 2: 10, 3: 15, 4: 20, 5: 25, 6: 30, 7: 45, 8: 60, 9: 90, 10: 120}
|
||||
|
||||
|
||||
@dataclass
|
||||
class PRComplexity:
|
||||
pr_number: int
|
||||
title: str
|
||||
files_changed: int
|
||||
additions: int
|
||||
deletions: int
|
||||
has_dependency_changes: bool
|
||||
test_coverage_delta: Optional[int]
|
||||
score: int
|
||||
estimated_minutes: int
|
||||
reasons: List[str]
|
||||
|
||||
def to_dict(self) -> dict:
|
||||
return asdict(self)
|
||||
|
||||
|
||||
class GiteaClient:
|
||||
def __init__(self, token: str):
|
||||
self.token = token
|
||||
self.base_url = GITEA_BASE.rstrip("/")
|
||||
|
||||
def _request(self, path: str, params: Dict = None) -> Any:
|
||||
url = f"{self.base_url}{path}"
|
||||
if params:
|
||||
qs = "&".join(f"{k}={v}" for k, v in params.items() if v is not None)
|
||||
url += f"?{qs}"
|
||||
|
||||
req = urllib.request.Request(url)
|
||||
req.add_header("Authorization", f"token {self.token}")
|
||||
req.add_header("Content-Type", "application/json")
|
||||
|
||||
try:
|
||||
with urllib.request.urlopen(req, timeout=30) as resp:
|
||||
return json.loads(resp.read().decode())
|
||||
except urllib.error.HTTPError as e:
|
||||
print(f"API error {e.code}: {e.read().decode()[:200]}", file=sys.stderr)
|
||||
return None
|
||||
except urllib.error.URLError as e:
|
||||
print(f"Network error: {e}", file=sys.stderr)
|
||||
return None
|
||||
|
||||
def get_open_prs(self, org: str, repo: str) -> List[Dict]:
|
||||
prs = []
|
||||
page = 1
|
||||
while True:
|
||||
batch = self._request(f"/repos/{org}/{repo}/pulls", {"limit": 50, "page": page, "state": "open"})
|
||||
if not batch:
|
||||
break
|
||||
prs.extend(batch)
|
||||
if len(batch) < 50:
|
||||
break
|
||||
page += 1
|
||||
return prs
|
||||
|
||||
def get_pr_files(self, org: str, repo: str, pr_number: int) -> List[Dict]:
|
||||
files = []
|
||||
page = 1
|
||||
while True:
|
||||
batch = self._request(
|
||||
f"/repos/{org}/{repo}/pulls/{pr_number}/files",
|
||||
{"limit": 100, "page": page}
|
||||
)
|
||||
if not batch:
|
||||
break
|
||||
files.extend(batch)
|
||||
if len(batch) < 100:
|
||||
break
|
||||
page += 1
|
||||
return files
|
||||
|
||||
def post_comment(self, org: str, repo: str, pr_number: int, body: str) -> bool:
|
||||
data = json.dumps({"body": body}).encode("utf-8")
|
||||
req = urllib.request.Request(
|
||||
f"{self.base_url}/repos/{org}/{repo}/issues/{pr_number}/comments",
|
||||
data=data,
|
||||
method="POST",
|
||||
headers={"Authorization": f"token {self.token}", "Content-Type": "application/json"}
|
||||
)
|
||||
try:
|
||||
with urllib.request.urlopen(req, timeout=30) as resp:
|
||||
return resp.status in (200, 201)
|
||||
except urllib.error.HTTPError:
|
||||
return False
|
||||
|
||||
|
||||
def is_dependency_file(filename: str) -> bool:
|
||||
return any(filename.endswith(dep) for dep in DEPENDENCY_FILES)
|
||||
|
||||
|
||||
def is_test_file(filename: str) -> bool:
|
||||
return any(re.search(pattern, filename) for pattern in TEST_PATTERNS)
|
||||
|
||||
|
||||
def score_pr(
|
||||
files_changed: int,
|
||||
additions: int,
|
||||
deletions: int,
|
||||
has_dependency_changes: bool,
|
||||
test_coverage_delta: Optional[int] = None
|
||||
) -> tuple[int, int, List[str]]:
|
||||
score = 1.0
|
||||
reasons = []
|
||||
|
||||
# Files changed
|
||||
if files_changed <= SMALL_FILES:
|
||||
fscore = 1.0
|
||||
reasons.append("small number of files changed")
|
||||
elif files_changed <= MEDIUM_FILES:
|
||||
fscore = 2.0
|
||||
reasons.append("moderate number of files changed")
|
||||
elif files_changed <= LARGE_FILES:
|
||||
fscore = 2.5
|
||||
reasons.append("large number of files changed")
|
||||
else:
|
||||
fscore = 3.0
|
||||
reasons.append("very large PR spanning many files")
|
||||
|
||||
# Lines changed
|
||||
total_lines = additions + deletions
|
||||
if total_lines <= SMALL_LINES:
|
||||
lscore = 1.0
|
||||
reasons.append("small change size")
|
||||
elif total_lines <= MEDIUM_LINES:
|
||||
lscore = 2.0
|
||||
reasons.append("moderate change size")
|
||||
elif total_lines <= LARGE_LINES:
|
||||
lscore = 3.0
|
||||
reasons.append("large change size")
|
||||
else:
|
||||
lscore = 4.0
|
||||
reasons.append("very large change")
|
||||
|
||||
# Dependency changes
|
||||
if has_dependency_changes:
|
||||
dscore = 2.5
|
||||
reasons.append("dependency changes (architectural impact)")
|
||||
else:
|
||||
dscore = 0.0
|
||||
|
||||
# Test coverage delta
|
||||
tscore = 0.0
|
||||
if test_coverage_delta is not None:
|
||||
if test_coverage_delta > 0:
|
||||
reasons.append(f"test additions (+{test_coverage_delta} test files)")
|
||||
tscore = -min(2.0, test_coverage_delta / 2.0)
|
||||
elif test_coverage_delta < 0:
|
||||
reasons.append(f"test removals ({abs(test_coverage_delta)} test files)")
|
||||
tscore = min(2.0, abs(test_coverage_delta) * 0.5)
|
||||
else:
|
||||
reasons.append("test coverage change not assessed")
|
||||
|
||||
# Weighted sum, scaled by 3 to use full 1-10 range
|
||||
bonus = (fscore * WEIGHT_FILES) + (lscore * WEIGHT_LINES) + (dscore * WEIGHT_DEPS) + (tscore * WEIGHT_TEST_COV)
|
||||
scaled_bonus = bonus * 3.0
|
||||
score = 1.0 + scaled_bonus
|
||||
|
||||
final_score = max(1, min(10, int(round(score))))
|
||||
est_minutes = TIME_PER_POINT.get(final_score, 30)
|
||||
|
||||
return final_score, est_minutes, reasons
|
||||
|
||||
|
||||
def analyze_pr(client: GiteaClient, org: str, repo: str, pr_data: Dict) -> PRComplexity:
|
||||
pr_num = pr_data["number"]
|
||||
title = pr_data.get("title", "")
|
||||
files = client.get_pr_files(org, repo, pr_num)
|
||||
|
||||
additions = sum(f.get("additions", 0) for f in files)
|
||||
deletions = sum(f.get("deletions", 0) for f in files)
|
||||
filenames = [f.get("filename", "") for f in files]
|
||||
|
||||
has_deps = any(is_dependency_file(f) for f in filenames)
|
||||
|
||||
test_added = sum(1 for f in files if f.get("status") == "added" and is_test_file(f.get("filename", "")))
|
||||
test_removed = sum(1 for f in files if f.get("status") == "removed" and is_test_file(f.get("filename", "")))
|
||||
test_delta = test_added - test_removed if (test_added or test_removed) else None
|
||||
|
||||
score, est_min, reasons = score_pr(
|
||||
files_changed=len(files),
|
||||
additions=additions,
|
||||
deletions=deletions,
|
||||
has_dependency_changes=has_deps,
|
||||
test_coverage_delta=test_delta
|
||||
)
|
||||
|
||||
return PRComplexity(
|
||||
pr_number=pr_num,
|
||||
title=title,
|
||||
files_changed=len(files),
|
||||
additions=additions,
|
||||
deletions=deletions,
|
||||
has_dependency_changes=has_deps,
|
||||
test_coverage_delta=test_delta,
|
||||
score=score,
|
||||
estimated_minutes=est_min,
|
||||
reasons=reasons
|
||||
)
|
||||
|
||||
|
||||
def build_comment(complexity: PRComplexity) -> str:
|
||||
change_desc = f"{complexity.files_changed} files, +{complexity.additions}/-{complexity.deletions} lines"
|
||||
deps_note = "\n- :warning: Dependency changes detected — architectural review recommended" if complexity.has_dependency_changes else ""
|
||||
test_note = ""
|
||||
if complexity.test_coverage_delta is not None:
|
||||
if complexity.test_coverage_delta > 0:
|
||||
test_note = f"\n- :+1: {complexity.test_coverage_delta} test file(s) added"
|
||||
elif complexity.test_coverage_delta < 0:
|
||||
test_note = f"\n- :warning: {abs(complexity.test_coverage_delta)} test file(s) removed"
|
||||
|
||||
comment = f"## 📊 PR Complexity Analysis\n\n"
|
||||
comment += f"**PR #{complexity.pr_number}: {complexity.title}**\n\n"
|
||||
comment += f"| Metric | Value |\n|--------|-------|\n"
|
||||
comment += f"| Changes | {change_desc} |\n"
|
||||
comment += f"| Complexity Score | **{complexity.score}/10** |\n"
|
||||
comment += f"| Estimated Review Time | ~{complexity.estimated_minutes} minutes |\n\n"
|
||||
comment += f"### Scoring rationale:"
|
||||
for r in complexity.reasons:
|
||||
comment += f"\n- {r}"
|
||||
if deps_note:
|
||||
comment += deps_note
|
||||
if test_note:
|
||||
comment += test_note
|
||||
comment += f"\n\n---\n"
|
||||
comment += f"*Generated by PR Complexity Scorer — [issue #135](https://forge.alexanderwhitestone.com/Timmy_Foundation/compounding-intelligence/issues/135)*"
|
||||
return comment
|
||||
|
||||
|
||||
def main():
|
||||
parser = argparse.ArgumentParser(description="PR Complexity Scorer")
|
||||
parser.add_argument("--org", default="Timmy_Foundation")
|
||||
parser.add_argument("--repo", default="compounding-intelligence")
|
||||
parser.add_argument("--token", default=os.environ.get("GITEA_TOKEN") or os.path.expanduser("~/.config/gitea/token"))
|
||||
parser.add_argument("--dry-run", action="store_true")
|
||||
parser.add_argument("--apply", action="store_true")
|
||||
parser.add_argument("--output", default="metrics/pr_complexity.json")
|
||||
args = parser.parse_args()
|
||||
|
||||
token_path = args.token
|
||||
if os.path.exists(token_path):
|
||||
with open(token_path) as f:
|
||||
token = f.read().strip()
|
||||
else:
|
||||
token = args.token
|
||||
|
||||
if not token:
|
||||
print("ERROR: No Gitea token provided", file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
client = GiteaClient(token)
|
||||
|
||||
print(f"Fetching open PRs for {args.org}/{args.repo}...")
|
||||
prs = client.get_open_prs(args.org, args.repo)
|
||||
if not prs:
|
||||
print("No open PRs found.")
|
||||
sys.exit(0)
|
||||
|
||||
print(f"Found {len(prs)} open PR(s). Analyzing...")
|
||||
|
||||
results = []
|
||||
Path(args.output).parent.mkdir(parents=True, exist_ok=True)
|
||||
|
||||
for pr in prs:
|
||||
pr_num = pr["number"]
|
||||
title = pr.get("title", "")
|
||||
print(f" Analyzing PR #{pr_num}: {title[:60]}")
|
||||
|
||||
try:
|
||||
complexity = analyze_pr(client, args.org, args.repo, pr)
|
||||
results.append(complexity.to_dict())
|
||||
|
||||
comment = build_comment(complexity)
|
||||
|
||||
if args.dry_run:
|
||||
print(f" → Score: {complexity.score}/10, Est: {complexity.estimated_minutes}min [DRY-RUN]")
|
||||
elif args.apply:
|
||||
success = client.post_comment(args.org, args.repo, pr_num, comment)
|
||||
status = "[commented]" if success else "[FAILED]"
|
||||
print(f" → Score: {complexity.score}/10, Est: {complexity.estimated_minutes}min {status}")
|
||||
else:
|
||||
print(f" → Score: {complexity.score}/10, Est: {complexity.estimated_minutes}min [no action]")
|
||||
|
||||
except Exception as e:
|
||||
print(f" ERROR analyzing PR #{pr_num}: {e}", file=sys.stderr)
|
||||
|
||||
with open(args.output, "w") as f:
|
||||
json.dump({
|
||||
"org": args.org,
|
||||
"repo": args.repo,
|
||||
"timestamp": datetime.now(timezone.utc).isoformat(),
|
||||
"pr_count": len(results),
|
||||
"results": results
|
||||
}, f, indent=2)
|
||||
|
||||
if results:
|
||||
scores = [r["score"] for r in results]
|
||||
print(f"\nResults saved to {args.output}")
|
||||
print(f"Summary: {len(results)} PRs, scores range {min(scores):.0f}-{max(scores):.0f}")
|
||||
else:
|
||||
print("\nNo results to save.")
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
@@ -73,12 +73,14 @@ Binary files a/img.png and b/img.png differ
|
||||
|
||||
|
||||
def test_empty():
|
||||
"""Verifies behavior with empty or None input."""
|
||||
a = DiffAnalyzer()
|
||||
s = a.analyze("")
|
||||
assert s.total_files_changed == 0
|
||||
print("PASS: test_empty")
|
||||
|
||||
def test_addition():
|
||||
"""Verifies addition logic."""
|
||||
a = DiffAnalyzer()
|
||||
s = a.analyze(SAMPLE_ADD)
|
||||
assert s.total_files_changed == 1
|
||||
@@ -89,6 +91,7 @@ def test_addition():
|
||||
print("PASS: test_addition")
|
||||
|
||||
def test_deletion():
|
||||
"""Verifies deletion logic."""
|
||||
a = DiffAnalyzer()
|
||||
s = a.analyze(SAMPLE_DELETE)
|
||||
assert s.total_deleted == 2
|
||||
@@ -97,6 +100,7 @@ def test_deletion():
|
||||
print("PASS: test_deletion")
|
||||
|
||||
def test_modification():
|
||||
"""Verifies modification logic."""
|
||||
a = DiffAnalyzer()
|
||||
s = a.analyze(SAMPLE_MODIFY)
|
||||
assert s.total_added == 2
|
||||
@@ -105,6 +109,7 @@ def test_modification():
|
||||
print("PASS: test_modification")
|
||||
|
||||
def test_rename():
|
||||
"""Verifies rename logic."""
|
||||
a = DiffAnalyzer()
|
||||
s = a.analyze(SAMPLE_RENAME)
|
||||
assert s.renamed_files == 1
|
||||
@@ -114,6 +119,7 @@ def test_rename():
|
||||
print("PASS: test_rename")
|
||||
|
||||
def test_multiple_files():
|
||||
"""Verifies multiple files logic."""
|
||||
a = DiffAnalyzer()
|
||||
s = a.analyze(SAMPLE_MULTI)
|
||||
assert s.total_files_changed == 2
|
||||
@@ -121,6 +127,7 @@ def test_multiple_files():
|
||||
print("PASS: test_multiple_files")
|
||||
|
||||
def test_binary():
|
||||
"""Verifies binary logic."""
|
||||
a = DiffAnalyzer()
|
||||
s = a.analyze(SAMPLE_BINARY)
|
||||
assert s.binary_files == 1
|
||||
@@ -129,6 +136,7 @@ def test_binary():
|
||||
print("PASS: test_binary")
|
||||
|
||||
def test_to_dict():
|
||||
"""Verifies to dict logic."""
|
||||
a = DiffAnalyzer()
|
||||
s = a.analyze(SAMPLE_MODIFY)
|
||||
d = s.to_dict()
|
||||
@@ -138,6 +146,7 @@ def test_to_dict():
|
||||
print("PASS: test_to_dict")
|
||||
|
||||
def test_context_only():
|
||||
"""Verifies context only logic."""
|
||||
diff = """diff --git a/f.py b/f.py
|
||||
--- a/f.py
|
||||
+++ b/f.py
|
||||
@@ -154,6 +163,7 @@ def test_context_only():
|
||||
print("PASS: test_context_only")
|
||||
|
||||
def test_multi_hunk():
|
||||
"""Verifies multi hunk logic."""
|
||||
diff = """diff --git a/f.py b/f.py
|
||||
--- a/f.py
|
||||
+++ b/f.py
|
||||
|
||||
207
scripts/test_documentation_generator.py
Normal file
207
scripts/test_documentation_generator.py
Normal file
@@ -0,0 +1,207 @@
|
||||
#!/usr/bin/env python3
|
||||
"""Test Documentation Generator — adds module and function docstrings to test files.
|
||||
|
||||
Reads test files without docstrings and generates:
|
||||
- Module-level docstring explaining what is being tested
|
||||
- Function-level docstring explaining what each test verifies
|
||||
- Inline comments for complex assertions (simple heuristic)
|
||||
|
||||
Does not change test logic — only adds documentation.
|
||||
Processes 20+ test files per run.
|
||||
"""
|
||||
|
||||
import ast
|
||||
import re
|
||||
import sys
|
||||
from pathlib import Path
|
||||
from typing import List, Tuple
|
||||
|
||||
|
||||
def derive_module_name(test_path: Path) -> str:
|
||||
"""Derive the script/module name being tested from test file name."""
|
||||
name = test_path.stem
|
||||
if name.startswith("test_"):
|
||||
name = name[5:] # strip 'test_' (5 chars: t-e-s-t-_, not 6)
|
||||
mapping = {
|
||||
"bootstrapper": "bootstrapper.py",
|
||||
"harvester": "harvester.py",
|
||||
"diff_analyzer": "diff_analyzer.py",
|
||||
"gitea_issue_parser": "gitea_issue_parser.py",
|
||||
"harvest_prompt": "harvest_prompt.py",
|
||||
"harvest_prompt_comprehensive": "harvest_prompt_comprehensive.py",
|
||||
"harvester_pipeline": "harvester_pipeline.py",
|
||||
"improvement_proposals": "improvement_proposals.py",
|
||||
"knowledge_staleness": "knowledge_staleness_check.py",
|
||||
"priority_rebalancer": "priority_rebalancer.py",
|
||||
"refactoring_opportunity_finder": "refactoring_opportunity_finder.py",
|
||||
"session_pair_harvester": "session_pair_harvester.py",
|
||||
"session_reader": "session_reader.py",
|
||||
"automation_opportunity_finder": "automation_opportunity_finder.py",
|
||||
"dedup": "dedup.py",
|
||||
"freshness": "freshness.py",
|
||||
"knowledge_gap_identifier": "knowledge_gap_identifier.py",
|
||||
"perf_bottleneck_finder": "perf_bottleneck_finder.py",
|
||||
"ci_config": "CI configuration",
|
||||
"quality_gate": "quality_gate.py",
|
||||
}
|
||||
base = name.replace("_", " ")
|
||||
if name in mapping:
|
||||
base = mapping[name].replace(".py", "")
|
||||
return base
|
||||
|
||||
|
||||
def count_tests_in_file(content: str) -> int:
|
||||
"""Count test functions in a Python file."""
|
||||
return len(re.findall(r'^def (test_\w+)\s*\(', content, re.MULTILINE))
|
||||
|
||||
|
||||
def infer_test_purpose(func_name: str, func_body: str) -> str:
|
||||
"""Generate a brief docstring for a test function based on its name and body."""
|
||||
name = func_name.replace("test_", "").replace("_", " ")
|
||||
|
||||
if "empty" in name or "none" in name:
|
||||
return "Verifies behavior with empty or None input."
|
||||
if "parsing" in name or "parse" in name:
|
||||
return f"Verifies parsing logic for {name}."
|
||||
if "filter" in name:
|
||||
return f"Verifies knowledge filtering by {name}."
|
||||
if "hash" in name:
|
||||
return "Verifies file hash computation correctness."
|
||||
if "freshness" in name or "staleness" in name:
|
||||
return "Verifies knowledge freshness detection."
|
||||
if "error" in name or "exception" in name:
|
||||
return f"Verifies error handling for {name}."
|
||||
if "boundary" in name or "edge" in name:
|
||||
return "Verifies boundary case handling."
|
||||
return f"Verifies {name} logic."
|
||||
|
||||
|
||||
def has_module_docstring(content: str) -> bool:
|
||||
"""Check if file (after shebang) starts with a docstring."""
|
||||
lines = content.split('\n')
|
||||
start_idx = 1 if lines and lines[0].startswith('#!') else 0
|
||||
for line in lines[start_idx:start_idx + 5]:
|
||||
stripped = line.strip()
|
||||
if stripped.startswith('"""') or stripped.startswith("'''"):
|
||||
return True
|
||||
if stripped == "" or stripped.startswith('#'):
|
||||
continue
|
||||
break
|
||||
return False
|
||||
|
||||
|
||||
def insert_after_shebang(content: str, insertion: str) -> str:
|
||||
"""Insert text after the shebang line (if any) and any following blank lines."""
|
||||
lines = content.split('\n')
|
||||
insert_idx = 0
|
||||
if lines and lines[0].startswith('#!'):
|
||||
insert_idx = 1
|
||||
while insert_idx < len(lines) and lines[insert_idx].strip() == '':
|
||||
insert_idx += 1
|
||||
new_lines = lines[:insert_idx] + [insertion] + lines[insert_idx:]
|
||||
return '\n'.join(new_lines)
|
||||
|
||||
|
||||
def add_function_docstring(content: str, func_lineno: int, docstring: str) -> str:
|
||||
"""Add a docstring to a function at the given line number."""
|
||||
lines = content.split('\n')
|
||||
idx = func_lineno - 1
|
||||
indent = re.match(r'^(\s*)', lines[idx]).group(1)
|
||||
doc_line = f'{indent} """{docstring}"""'
|
||||
new_lines = lines[:idx + 1] + [doc_line] + lines[idx + 1:]
|
||||
return '\n'.join(new_lines)
|
||||
|
||||
|
||||
def generate_module_docstring(test_path: Path) -> str:
|
||||
"""Generate a module-level docstring for a test file."""
|
||||
module = derive_module_name(test_path)
|
||||
count = count_tests_in_file(test_path.read_text())
|
||||
if count > 0:
|
||||
return f"Tests for {module} — {count} tests."
|
||||
return f"Tests for {module}."
|
||||
|
||||
|
||||
def process_test_file(test_path: Path, dry_run: bool = False) -> Tuple[bool, List[str]]:
|
||||
"""Process a single test file, adding missing docstrings. Returns (changed, messages)."""
|
||||
content = test_path.read_text()
|
||||
original = content
|
||||
messages = []
|
||||
|
||||
if not has_module_docstring(content):
|
||||
mod_doc = generate_module_docstring(test_path)
|
||||
content = insert_after_shebang(content, f'''"""{mod_doc}"""''')
|
||||
messages.append(f"Added module docstring: {mod_doc}")
|
||||
|
||||
try:
|
||||
tree = ast.parse(content)
|
||||
except SyntaxError as e:
|
||||
messages.append(f"SKIP (syntax error): {e}")
|
||||
return False, messages
|
||||
|
||||
funcs_to_doc: List[Tuple[int, str, str]] = []
|
||||
|
||||
for node in ast.walk(tree):
|
||||
if isinstance(node, ast.FunctionDef) and node.name.startswith('test_'):
|
||||
has_docstring = (
|
||||
len(node.body) > 0 and
|
||||
isinstance(node.body[0], ast.Expr) and
|
||||
isinstance(node.body[0].value, ast.Constant) and
|
||||
isinstance(node.body[0].value.value, str)
|
||||
)
|
||||
if not has_docstring:
|
||||
func_body = ast.get_source_segment(content, node) or ""
|
||||
doc = infer_test_purpose(node.name, func_body)
|
||||
funcs_to_doc.append((node.lineno, node.name, doc))
|
||||
|
||||
funcs_to_doc.sort(key=lambda x: -x[0])
|
||||
for lineno, func_name, doc in funcs_to_doc:
|
||||
content = add_function_docstring(content, lineno, doc)
|
||||
messages.append(f"Added docstring to {func_name}: {doc}")
|
||||
|
||||
changed = content != original
|
||||
if changed and not dry_run:
|
||||
test_path.write_text(content)
|
||||
|
||||
return changed, messages
|
||||
|
||||
|
||||
def find_test_files(root: Path, max_files: int = 25) -> List[Path]:
|
||||
"""Find test files under scripts/ and tests/ directories."""
|
||||
test_files = []
|
||||
for subdir in [root / "scripts", root / "tests"]:
|
||||
if subdir.exists():
|
||||
test_files.extend(subdir.glob("test_*.py"))
|
||||
test_files.sort()
|
||||
return test_files[:max_files]
|
||||
|
||||
|
||||
def main():
|
||||
import argparse
|
||||
parser = argparse.ArgumentParser(description="Generate documentation for test files")
|
||||
parser.add_argument("--dry-run", action="store_true", help="Show changes without writing")
|
||||
parser.add_argument("--root", type=Path, default=Path.cwd(),
|
||||
help="Repo root (default: current directory)")
|
||||
parser.add_argument("--limit", type=int, default=25,
|
||||
help="Max files to process per run (handles 20+ requirement)")
|
||||
args = parser.parse_args()
|
||||
|
||||
root = args.root
|
||||
test_files = find_test_files(root, args.limit)
|
||||
print(f"Found {len(test_files)} test files to process (limit={args.limit}):")
|
||||
|
||||
total_changed = 0
|
||||
for tf in test_files:
|
||||
changed, msgs = process_test_file(tf, dry_run=args.dry_run)
|
||||
if changed:
|
||||
total_changed += 1
|
||||
status = "CHANGED" if changed else "OK"
|
||||
print(f" [{status}] {tf.relative_to(root)}")
|
||||
for msg in msgs:
|
||||
print(f" {msg}")
|
||||
|
||||
print(f"\nCompleted: {total_changed} file(s) modified, {len(test_files) - total_changed} already up-to-date.")
|
||||
return 0
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
sys.exit(main())
|
||||
@@ -14,6 +14,7 @@ parse_issue_body = mod.parse_issue_body
|
||||
|
||||
|
||||
def test_basic_parsing():
|
||||
"""Verifies parsing logic for basic parsing."""
|
||||
body = """## Context
|
||||
|
||||
This is the background info.
|
||||
@@ -40,6 +41,7 @@ Some description.
|
||||
|
||||
|
||||
def test_numbered_criteria():
|
||||
"""Verifies numbered criteria logic."""
|
||||
body = """## Acceptance Criteria
|
||||
|
||||
1. First item
|
||||
@@ -53,6 +55,7 @@ def test_numbered_criteria():
|
||||
|
||||
|
||||
def test_epic_ref_from_body():
|
||||
"""Verifies epic ref from body logic."""
|
||||
body = "Closes #123\n\nSome description."
|
||||
result = parse_issue_body(body)
|
||||
assert result["epic_ref"] == 123
|
||||
@@ -60,6 +63,7 @@ def test_epic_ref_from_body():
|
||||
|
||||
|
||||
def test_empty_body():
|
||||
"""Verifies behavior with empty or None input."""
|
||||
result = parse_issue_body("")
|
||||
assert result["criteria"] == []
|
||||
assert result["context"] == ""
|
||||
@@ -68,6 +72,7 @@ def test_empty_body():
|
||||
|
||||
|
||||
def test_no_sections():
|
||||
"""Verifies no sections logic."""
|
||||
body = "Just a plain issue body with no headings."
|
||||
result = parse_issue_body(body)
|
||||
assert result["context"] == "Just a plain issue body with no headings."
|
||||
@@ -75,6 +80,7 @@ def test_no_sections():
|
||||
|
||||
|
||||
def test_multiple_sections():
|
||||
"""Verifies multiple sections logic."""
|
||||
body = """## Problem
|
||||
|
||||
Something is broken.
|
||||
|
||||
@@ -46,22 +46,27 @@ def check_test_sessions():
|
||||
return True, f"{len(files)} valid sessions"
|
||||
|
||||
def test_prompt_structure():
|
||||
"""Verifies prompt structure logic."""
|
||||
passed, msg = check_prompt_structure()
|
||||
assert passed, msg
|
||||
|
||||
def test_confidence_scoring():
|
||||
"""Verifies confidence scoring logic."""
|
||||
passed, msg = check_confidence_scoring()
|
||||
assert passed, msg
|
||||
|
||||
def test_example_quality():
|
||||
"""Verifies example quality logic."""
|
||||
passed, msg = check_example_quality()
|
||||
assert passed, msg
|
||||
|
||||
def test_constraint_coverage():
|
||||
"""Verifies constraint coverage logic."""
|
||||
passed, msg = check_constraint_coverage()
|
||||
assert passed, msg
|
||||
|
||||
def test_test_sessions():
|
||||
"""Verifies sessions logic."""
|
||||
passed, msg = check_test_sessions()
|
||||
assert passed, msg
|
||||
|
||||
|
||||
@@ -47,12 +47,14 @@ def _make_tool_calls(repeats):
|
||||
# ── Tests ─────────────────────────────────────────────────────
|
||||
|
||||
def test_empty_sessions():
|
||||
"""Verifies behavior with empty or None input."""
|
||||
patterns = analyze_sessions([])
|
||||
assert patterns == []
|
||||
print("PASS: test_empty_sessions")
|
||||
|
||||
|
||||
def test_no_patterns_on_clean_sessions():
|
||||
"""Verifies no patterns on clean sessions logic."""
|
||||
sessions = [
|
||||
_make_session("s1", tool_calls=[{"tool": "read_file", "latency_ms": 50}]),
|
||||
_make_session("s2", tool_calls=[{"tool": "write_file", "latency_ms": 80}]),
|
||||
|
||||
@@ -17,6 +17,7 @@ compute_file_hash = mod.compute_file_hash
|
||||
|
||||
|
||||
def test_fresh_entry():
|
||||
"""Verifies fresh entry logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
src = os.path.join(tmpdir, "source.py")
|
||||
with open(src, "w") as f:
|
||||
@@ -31,6 +32,7 @@ def test_fresh_entry():
|
||||
|
||||
|
||||
def test_stale_entry():
|
||||
"""Verifies stale entry logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
src = os.path.join(tmpdir, "source.py")
|
||||
with open(src, "w") as f:
|
||||
@@ -47,6 +49,7 @@ def test_stale_entry():
|
||||
|
||||
|
||||
def test_missing_source():
|
||||
"""Verifies missing source logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
idx = os.path.join(tmpdir, "index.json")
|
||||
with open(idx, "w") as f:
|
||||
@@ -57,6 +60,7 @@ def test_missing_source():
|
||||
|
||||
|
||||
def test_no_hash():
|
||||
"""Verifies file hash computation correctness."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
src = os.path.join(tmpdir, "source.py")
|
||||
with open(src, "w") as f:
|
||||
@@ -71,6 +75,7 @@ def test_no_hash():
|
||||
|
||||
|
||||
def test_no_source_field():
|
||||
"""Verifies no source field logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
idx = os.path.join(tmpdir, "index.json")
|
||||
with open(idx, "w") as f:
|
||||
@@ -81,6 +86,7 @@ def test_no_source_field():
|
||||
|
||||
|
||||
def test_fix_hashes():
|
||||
"""Verifies file hash computation correctness."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
src = os.path.join(tmpdir, "source.py")
|
||||
with open(src, "w") as f:
|
||||
@@ -98,6 +104,7 @@ def test_fix_hashes():
|
||||
|
||||
|
||||
def test_empty_index():
|
||||
"""Verifies behavior with empty or None input."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
idx = os.path.join(tmpdir, "index.json")
|
||||
with open(idx, "w") as f:
|
||||
@@ -108,6 +115,7 @@ def test_empty_index():
|
||||
|
||||
|
||||
def test_compute_hash_nonexistent():
|
||||
"""Verifies behavior with empty or None input."""
|
||||
h = compute_file_hash("/nonexistent/path/file.py")
|
||||
assert h is None
|
||||
print("PASS: test_compute_hash_nonexistent")
|
||||
|
||||
@@ -1,170 +0,0 @@
|
||||
#!/usr/bin/env python3
|
||||
"""
|
||||
Tests for PR Complexity Scorer — unit tests for the scoring logic.
|
||||
"""
|
||||
|
||||
import sys
|
||||
from pathlib import Path
|
||||
|
||||
sys.path.insert(0, str(Path(__file__).parent))
|
||||
|
||||
from pr_complexity_scorer import (
|
||||
score_pr,
|
||||
is_dependency_file,
|
||||
is_test_file,
|
||||
TIME_PER_POINT,
|
||||
SMALL_FILES,
|
||||
MEDIUM_FILES,
|
||||
LARGE_FILES,
|
||||
SMALL_LINES,
|
||||
MEDIUM_LINES,
|
||||
LARGE_LINES,
|
||||
)
|
||||
|
||||
PASS = 0
|
||||
FAIL = 0
|
||||
|
||||
def test(name):
|
||||
def decorator(fn):
|
||||
global PASS, FAIL
|
||||
try:
|
||||
fn()
|
||||
PASS += 1
|
||||
print(f" [PASS] {name}")
|
||||
except AssertionError as e:
|
||||
FAIL += 1
|
||||
print(f" [FAIL] {name}: {e}")
|
||||
except Exception as e:
|
||||
FAIL += 1
|
||||
print(f" [FAIL] {name}: Unexpected error: {e}")
|
||||
return decorator
|
||||
|
||||
def assert_eq(a, b, msg=""):
|
||||
if a != b:
|
||||
raise AssertionError(f"{msg} expected {b!r}, got {a!r}")
|
||||
|
||||
def assert_true(v, msg=""):
|
||||
if not v:
|
||||
raise AssertionError(msg or "Expected True")
|
||||
|
||||
def assert_false(v, msg=""):
|
||||
if v:
|
||||
raise AssertionError(msg or "Expected False")
|
||||
|
||||
|
||||
print("=== PR Complexity Scorer Tests ===\n")
|
||||
|
||||
print("-- File Classification --")
|
||||
|
||||
@test("dependency file detection — requirements.txt")
|
||||
def _():
|
||||
assert_true(is_dependency_file("requirements.txt"))
|
||||
assert_true(is_dependency_file("src/requirements.txt"))
|
||||
assert_false(is_dependency_file("requirements_test.txt"))
|
||||
|
||||
@test("dependency file detection — pyproject.toml")
|
||||
def _():
|
||||
assert_true(is_dependency_file("pyproject.toml"))
|
||||
assert_false(is_dependency_file("myproject.py"))
|
||||
|
||||
@test("test file detection — pytest style")
|
||||
def _():
|
||||
assert_true(is_test_file("tests/test_api.py"))
|
||||
assert_true(is_test_file("test_module.py"))
|
||||
assert_true(is_test_file("src/module_test.py"))
|
||||
|
||||
@test("test file detection — other frameworks")
|
||||
def _():
|
||||
assert_true(is_test_file("spec/feature_spec.rb"))
|
||||
assert_true(is_test_file("__tests__/component.test.js"))
|
||||
assert_false(is_test_file("testfixtures/helper.py"))
|
||||
|
||||
|
||||
print("\n-- Scoring Logic --")
|
||||
|
||||
@test("small PR gets low score (1-3)")
|
||||
def _():
|
||||
score, minutes, _ = score_pr(
|
||||
files_changed=3,
|
||||
additions=50,
|
||||
deletions=10,
|
||||
has_dependency_changes=False,
|
||||
test_coverage_delta=None
|
||||
)
|
||||
assert_true(1 <= score <= 3, f"Score should be low, got {score}")
|
||||
assert_true(minutes < 20)
|
||||
|
||||
@test("medium PR gets medium score (4-6)")
|
||||
def _():
|
||||
score, minutes, _ = score_pr(
|
||||
files_changed=15,
|
||||
additions=400,
|
||||
deletions=100,
|
||||
has_dependency_changes=False,
|
||||
test_coverage_delta=None
|
||||
)
|
||||
assert_true(4 <= score <= 6, f"Score should be medium, got {score}")
|
||||
assert_true(20 <= minutes <= 45)
|
||||
|
||||
@test("large PR gets high score (7-9)")
|
||||
def _():
|
||||
score, minutes, _ = score_pr(
|
||||
files_changed=60,
|
||||
additions=3000,
|
||||
deletions=1500,
|
||||
has_dependency_changes=True,
|
||||
test_coverage_delta=None
|
||||
)
|
||||
assert_true(7 <= score <= 9, f"Score should be high, got {score}")
|
||||
assert_true(minutes >= 45)
|
||||
|
||||
@test("dependency changes boost score")
|
||||
def _():
|
||||
base_score, _, _ = score_pr(
|
||||
files_changed=10, additions=200, deletions=50,
|
||||
has_dependency_changes=False, test_coverage_delta=None
|
||||
)
|
||||
dep_score, _, _ = score_pr(
|
||||
files_changed=10, additions=200, deletions=50,
|
||||
has_dependency_changes=True, test_coverage_delta=None
|
||||
)
|
||||
assert_true(dep_score > base_score, f"Deps: {base_score} -> {dep_score}")
|
||||
|
||||
@test("adding tests lowers complexity")
|
||||
def _():
|
||||
base_score, _, _ = score_pr(
|
||||
files_changed=8, additions=150, deletions=20,
|
||||
has_dependency_changes=False, test_coverage_delta=None
|
||||
)
|
||||
better_score, _, _ = score_pr(
|
||||
files_changed=8, additions=180, deletions=20,
|
||||
has_dependency_changes=False, test_coverage_delta=3
|
||||
)
|
||||
assert_true(better_score < base_score, f"Tests: {base_score} -> {better_score}")
|
||||
|
||||
@test("removing tests increases complexity")
|
||||
def _():
|
||||
base_score, _, _ = score_pr(
|
||||
files_changed=8, additions=150, deletions=20,
|
||||
has_dependency_changes=False, test_coverage_delta=None
|
||||
)
|
||||
worse_score, _, _ = score_pr(
|
||||
files_changed=8, additions=150, deletions=20,
|
||||
has_dependency_changes=False, test_coverage_delta=-2
|
||||
)
|
||||
assert_true(worse_score > base_score, f"Remove tests: {base_score} -> {worse_score}")
|
||||
|
||||
@test("score bounded 1-10")
|
||||
def _():
|
||||
for files, adds, dels in [(1, 10, 5), (100, 10000, 5000)]:
|
||||
score, _, _ = score_pr(files, adds, dels, False, None)
|
||||
assert_true(1 <= score <= 10, f"Score {score} out of range")
|
||||
|
||||
@test("estimated minutes exist for all scores")
|
||||
def _():
|
||||
for s in range(1, 11):
|
||||
assert_true(s in TIME_PER_POINT, f"Missing time for score {s}")
|
||||
|
||||
|
||||
print(f"\n=== Results: {PASS} passed, {FAIL} failed ===")
|
||||
sys.exit(0 if FAIL == 0 else 1)
|
||||
@@ -11,6 +11,7 @@ from session_pair_harvester import extract_pairs_from_session, deduplicate_pairs
|
||||
|
||||
|
||||
def test_basic_extraction():
|
||||
"""Verifies basic extraction logic."""
|
||||
session = {
|
||||
"id": "test_001",
|
||||
"model": "test-model",
|
||||
@@ -29,6 +30,7 @@ def test_basic_extraction():
|
||||
|
||||
|
||||
def test_filters_short_responses():
|
||||
"""Verifies knowledge filtering by filters short responses."""
|
||||
session = {
|
||||
"id": "test_002",
|
||||
"model": "test",
|
||||
@@ -43,6 +45,7 @@ def test_filters_short_responses():
|
||||
|
||||
|
||||
def test_skips_tool_results():
|
||||
"""Verifies skips tool results logic."""
|
||||
session = {
|
||||
"id": "test_003",
|
||||
"model": "test",
|
||||
@@ -57,6 +60,7 @@ def test_skips_tool_results():
|
||||
|
||||
|
||||
def test_deduplication():
|
||||
"""Verifies deduplication logic."""
|
||||
pairs = [
|
||||
{"terse": "What is X?", "rich": "X is Y.", "source": "s1", "model": "m"},
|
||||
{"terse": "What is X?", "rich": "X is Y.", "source": "s2", "model": "m"},
|
||||
@@ -68,6 +72,7 @@ def test_deduplication():
|
||||
|
||||
|
||||
def test_ratio_filter():
|
||||
"""Verifies knowledge filtering by ratio filter."""
|
||||
session = {
|
||||
"id": "test_005",
|
||||
"model": "test",
|
||||
|
||||
@@ -1,470 +0,0 @@
|
||||
#!/usr/bin/env python3
|
||||
"""
|
||||
vulnerability_scanner.py — Check Python dependencies against CVE databases (Issue #108)
|
||||
|
||||
Scans requirements.txt (or any pip-compatible dependency file) and queries
|
||||
the Open Source Vulnerability (OSV) database for known security issues.
|
||||
|
||||
OSV API: https://api.osv.dev/v1/query (free, no auth, PyPI ecosystem supported)
|
||||
|
||||
Output:
|
||||
- Human-readable summary on stdout
|
||||
- JSON report with full vulnerability details
|
||||
- Exit code: 0 if no vulnerabilities found, 1 if critical/high found, 2 otherwise
|
||||
|
||||
Usage:
|
||||
python3 scripts/vulnerability_scanner.py
|
||||
python3 scripts/vulnerability_scanner.py --deps requirements.txt --output json
|
||||
python3 scripts/vulnerability_scanner.py --min-severity high
|
||||
python3 scripts/vulnerability_scanner.py --deps requirements.txt --report-format markdown
|
||||
"""
|
||||
|
||||
import argparse
|
||||
import json
|
||||
import os
|
||||
import re
|
||||
import sys
|
||||
import urllib.request
|
||||
import urllib.error
|
||||
from dataclasses import dataclass
|
||||
from pathlib import Path
|
||||
from typing import Dict, List, Optional, Tuple
|
||||
|
||||
# --- Configuration ---
|
||||
|
||||
OSV_API_URL = "https://api.osv.dev/v1/query"
|
||||
DEFAULT_REQUIREMENTS_PATH = "requirements.txt"
|
||||
SEVERITY_LEVELS = ["critical", "high", "medium", "low", "unknown"]
|
||||
|
||||
# Map OSV severities to our buckets
|
||||
CVSS_SEVERITY_MAP = {
|
||||
"CRITICAL": "critical",
|
||||
"HIGH": "high",
|
||||
"MEDIUM": "medium",
|
||||
"LOW": "low",
|
||||
"NONE": "none",
|
||||
}
|
||||
|
||||
# --- Data Structures ---
|
||||
|
||||
|
||||
@dataclass
|
||||
class Vulnerability:
|
||||
"""A single vulnerability finding."""
|
||||
package: str
|
||||
version: str
|
||||
vuln_id: str
|
||||
severity: str
|
||||
cvss_score: Optional[float]
|
||||
summary: str
|
||||
details_url: str
|
||||
fixed_versions: List[str]
|
||||
|
||||
|
||||
@dataclass
|
||||
class ScanResult:
|
||||
"""Results from a vulnerability scan."""
|
||||
scanned_packages: int
|
||||
vulnerabilities: List[Vulnerability]
|
||||
errors: List[Tuple[str, str]] # (package, error_message)
|
||||
|
||||
|
||||
# --- Requirement Parsing ---
|
||||
|
||||
|
||||
def parse_requirements_file(path: str) -> Dict[str, str]:
|
||||
"""
|
||||
Parse a requirements.txt file into {package_name: version_spec}.
|
||||
|
||||
Handles:
|
||||
- pkg==1.2.3
|
||||
- pkg>=1.0.0
|
||||
- pkg[extra]==1.2.3
|
||||
- -e/--editable entries (skipped)
|
||||
- -r inclusions (recursive, limited depth)
|
||||
- comments and blank lines
|
||||
"""
|
||||
packages = {}
|
||||
processed_includes = set()
|
||||
|
||||
def parse_line(line: str, filename: str, depth: int = 0) -> None:
|
||||
if depth > 3:
|
||||
print(f"WARNING: Max include depth exceeded in {filename}", file=sys.stderr)
|
||||
return
|
||||
|
||||
line = line.strip()
|
||||
if not line or line.startswith('#'):
|
||||
return
|
||||
|
||||
# Handle -r or --requirement includes
|
||||
if line.startswith('-r ') or line.startswith('--requirement '):
|
||||
if depth >= 3:
|
||||
return
|
||||
include_path = line.split(None, 1)[1].strip()
|
||||
# Resolve relative to current file's directory
|
||||
base_dir = os.path.dirname(os.path.abspath(filename))
|
||||
full_path = os.path.join(base_dir, include_path)
|
||||
if full_path not in processed_includes:
|
||||
processed_includes.add(full_path)
|
||||
try:
|
||||
with open(full_path, 'r', encoding='utf-8') as f:
|
||||
for incl_line in f:
|
||||
parse_line(incl_line, full_path, depth + 1)
|
||||
except FileNotFoundError:
|
||||
print(f"WARNING: Could not read included file: {full_path}", file=sys.stderr)
|
||||
return
|
||||
|
||||
# Skip editable installs and other flags
|
||||
if line.startswith('-e ') or line.startswith('--editable ') or line.startswith('-'):
|
||||
return
|
||||
|
||||
# Extract package name and version spec
|
||||
# Handles: pkg==1.2.3, pkg>=1.0, pkg[extra]==1.2.3, pkg ~= 1.0
|
||||
# Strip inline comment first
|
||||
line = line.split('#', 1)[0].strip()
|
||||
if not line:
|
||||
return
|
||||
|
||||
# Skip editable installs and other option lines
|
||||
if line.startswith('-e ') or line.startswith('--editable ') or (line.startswith('-') and not re.match(r'^[a-zA-Z0-9]', line[1:])):
|
||||
return
|
||||
|
||||
# Extract package name: leading identifier before any extras or version spec
|
||||
pkg_match = re.match(r'^([a-zA-Z0-9]([a-zA-Z0-9._-]*[a-zA-Z0-9])?)', line)
|
||||
if not pkg_match:
|
||||
return
|
||||
pkg_name = pkg_match.group(1).lower()
|
||||
|
||||
# Strip extras [extra] from remainder
|
||||
remainder = line[pkg_match.end():]
|
||||
remainder = re.sub(r'\[.*?\]', '', remainder)
|
||||
|
||||
# Extract version comparison
|
||||
version = ""
|
||||
ver_match = re.search(r'(===|==|~=|>=|<=|!=)\s*([^\s;]+)', remainder)
|
||||
if ver_match:
|
||||
version = ver_match.group(1) + ver_match.group(2)
|
||||
|
||||
packages[pkg_name] = version
|
||||
|
||||
# Read and parse the file
|
||||
try:
|
||||
with open(path, 'r', encoding='utf-8') as f:
|
||||
for line in f:
|
||||
parse_line(line, path, 0)
|
||||
except FileNotFoundError:
|
||||
print(f"ERROR: Requirements file not found: {path}", file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
return packages
|
||||
|
||||
|
||||
# --- OSV API Queries ---
|
||||
|
||||
|
||||
def query_osv(package: str, version: str) -> List[dict]:
|
||||
"""
|
||||
Query the OSV API for vulnerabilities affecting a specific package version.
|
||||
|
||||
Returns list of vulnerability dicts (raw API response) or empty list on error.
|
||||
"""
|
||||
# Normalize version spec for OSV query
|
||||
# OSV expects a specific version, not a range. We query for the exact version
|
||||
# if available, otherwise we query without version to get all vulns for the package
|
||||
# and let the caller filter.
|
||||
query_version = version if re.match(r'^[0-9]', version) else None
|
||||
|
||||
payload = {
|
||||
"package": {
|
||||
"name": package,
|
||||
"ecosystem": "PyPI"
|
||||
}
|
||||
}
|
||||
if query_version:
|
||||
payload["version"] = query_version
|
||||
|
||||
data = json.dumps(payload).encode('utf-8')
|
||||
req = urllib.request.Request(
|
||||
OSV_API_URL,
|
||||
data=data,
|
||||
headers={'Content-Type': 'application/json'},
|
||||
method='POST'
|
||||
)
|
||||
|
||||
try:
|
||||
with urllib.request.urlopen(req, timeout=15) as response:
|
||||
result = json.loads(response.read().decode('utf-8'))
|
||||
return result.get('vulns', []) + result.get('vulnerabilities', [])
|
||||
except urllib.error.HTTPError as e:
|
||||
if e.code == 404:
|
||||
return [] # No vulnerabilities found
|
||||
print(f"WARNING: OSV query failed for {package}: HTTP {e.code}", file=sys.stderr)
|
||||
except (urllib.error.URLError, json.JSONDecodeError, TimeoutError) as e:
|
||||
print(f"WARNING: OSV query failed for {package}: {e}", file=sys.stderr)
|
||||
|
||||
return []
|
||||
|
||||
|
||||
def parse_osv_vuln(raw_vulns: List[dict], package: str, version_spec: str) -> List[Vulnerability]:
|
||||
"""
|
||||
Parse raw OSV API responses into Vulnerability objects.
|
||||
"""
|
||||
vulns = []
|
||||
for v in raw_vulns:
|
||||
vuln_id = v.get('id', 'UNKNOWN')
|
||||
summary = v.get('summary', 'No summary provided.')
|
||||
|
||||
# Severity from CVSS or ecosystem-specific
|
||||
severity = "unknown"
|
||||
cvss_score = None
|
||||
if 'severity' in v:
|
||||
for sev_info in v['severity']:
|
||||
if sev_info.get('type') == 'CVSS_V3':
|
||||
score = sev_info.get('score', '')
|
||||
if isinstance(score, dict):
|
||||
cvss_score = score.get('baseScore')
|
||||
sev_str = score.get('baseSeverity', '').upper()
|
||||
severity = CVSS_SEVERITY_MAP.get(sev_str, 'unknown')
|
||||
break
|
||||
elif sev_info.get('type') == 'CVSS_V2':
|
||||
# Fallback
|
||||
score = sev_info.get('score', '')
|
||||
if isinstance(score, dict):
|
||||
cvss_score = score.get('baseScore')
|
||||
sev_str = sev_info.get('type', '').upper()
|
||||
severity = "unknown"
|
||||
|
||||
# Affected packages/ranges
|
||||
affected = v.get('affected', [])
|
||||
fixed_versions = []
|
||||
for aff in affected:
|
||||
for r in aff.get('ranges', []):
|
||||
for event in r.get('events', []):
|
||||
if event.get('introduced'):
|
||||
# We have the version, fixed would be in 'fixed' events
|
||||
pass
|
||||
if event.get('fixed'):
|
||||
fixed_versions.append(event['fixed'])
|
||||
|
||||
# Build details URL
|
||||
details_url = f"https://osv.dev/vulnerability/{vuln_id}"
|
||||
|
||||
vuln = Vulnerability(
|
||||
package=package,
|
||||
version=version_spec,
|
||||
vuln_id=vuln_id,
|
||||
severity=severity,
|
||||
cvss_score=cvss_score,
|
||||
summary=summary,
|
||||
details_url=details_url,
|
||||
fixed_versions=list(set(fixed_versions))
|
||||
)
|
||||
vulns.append(vuln)
|
||||
|
||||
return vulns
|
||||
|
||||
|
||||
# --- Filtering & Reporting ---
|
||||
|
||||
|
||||
def filter_by_severity(vulns: List[Vulnerability], min_severity: str) -> List[Vulnerability]:
|
||||
"""Filter vulnerabilities to include only those at or above the given severity."""
|
||||
if min_severity.lower() not in SEVERITY_LEVELS:
|
||||
return vulns # No filtering if invalid
|
||||
|
||||
min_idx = SEVERITY_LEVELS.index(min_severity.lower())
|
||||
filtered = []
|
||||
for v in vulns:
|
||||
sev_idx = SEVERITY_LEVELS.index(v.severity.lower())
|
||||
if sev_idx <= min_idx: # lower index = more severe
|
||||
filtered.append(v)
|
||||
return filtered
|
||||
|
||||
|
||||
def generate_text_report(result: ScanResult, packages: Dict[str, str]) -> str:
|
||||
"""Generate human-readable text report."""
|
||||
lines = []
|
||||
lines.append("=" * 60)
|
||||
lines.append("Vulnerability Scan Report")
|
||||
lines.append("=" * 60)
|
||||
lines.append(f"Packages scanned: {result.scanned_packages}")
|
||||
lines.append(f"Vulnerabilities found: {len(result.vulnerabilities)}")
|
||||
|
||||
if result.errors:
|
||||
lines.append(f"Errors: {len(result.errors)}")
|
||||
|
||||
# Group by severity
|
||||
by_severity: Dict[str, List[Vulnerability]] = {}
|
||||
for v in result.vulnerabilities:
|
||||
by_severity.setdefault(v.severity.upper(), []).append(v)
|
||||
|
||||
for sev in ["CRITICAL", "HIGH", "MEDIUM", "LOW", "UNKNOWN"]:
|
||||
vuln_list = by_severity.get(sev, [])
|
||||
if vuln_list:
|
||||
lines.append(f"\n{sev}: {len(vuln_list)}")
|
||||
for v in vuln_list:
|
||||
lines.append(f" [{v.package} {packages.get(v.package, '')}] {v.vuln_id}")
|
||||
lines.append(f" {v.summary[:80]}")
|
||||
if v.cvss_score:
|
||||
lines.append(f" CVSS: {v.cvss_score}")
|
||||
if v.fixed_versions:
|
||||
lines.append(f" Fixed in: {', '.join(v.fixed_versions[:3])}")
|
||||
lines.append(f" {v.details_url}")
|
||||
|
||||
if result.errors:
|
||||
lines.append("\nERRORS:")
|
||||
for pkg, err in result.errors[:10]:
|
||||
lines.append(f" {pkg}: {err}")
|
||||
|
||||
lines.append("\n" + "=" * 60)
|
||||
return "\n".join(lines)
|
||||
|
||||
|
||||
def generate_json_report(result: ScanResult, packages: Dict[str, str]) -> str:
|
||||
"""Generate JSON report."""
|
||||
report = {
|
||||
"scanned_packages": result.scanned_packages,
|
||||
"vulnerabilities": [
|
||||
{
|
||||
"package": v.package,
|
||||
"version_spec": packages.get(v.package, v.version),
|
||||
"vulnerability_id": v.vuln_id,
|
||||
"severity": v.severity,
|
||||
"cvss_score": v.cvss_score,
|
||||
"summary": v.summary,
|
||||
"details_url": v.details_url,
|
||||
"fixed_versions": v.fixed_versions,
|
||||
}
|
||||
for v in result.vulnerabilities
|
||||
],
|
||||
"errors": [{"package": p, "error": e} for p, e in result.errors],
|
||||
}
|
||||
return json.dumps(report, indent=2)
|
||||
|
||||
|
||||
# --- Main Orchestration ---
|
||||
|
||||
|
||||
def run_scan(
|
||||
deps_path: str,
|
||||
min_severity: str = "low",
|
||||
query_osv_api: bool = True
|
||||
) -> ScanResult:
|
||||
"""
|
||||
Execute the full vulnerability scan pipeline.
|
||||
|
||||
Args:
|
||||
deps_path: Path to requirements-style file
|
||||
min_severity: Minimum severity to include in results
|
||||
query_osv_api: If False, skip API calls (for testing/dry-run)
|
||||
|
||||
Returns:
|
||||
ScanResult with all findings
|
||||
"""
|
||||
# 1. Parse dependencies
|
||||
packages = parse_requirements_file(deps_path)
|
||||
if not packages:
|
||||
return ScanResult(scanned_packages=0, vulnerabilities=[], errors=[])
|
||||
|
||||
# 2. Query OSV for each package
|
||||
vulnerabilities: List[Vulnerability] = []
|
||||
errors: List[Tuple[str, str]] = []
|
||||
|
||||
for pkg, version_spec in packages.items():
|
||||
if not query_osv_api:
|
||||
continue
|
||||
|
||||
raw_vulns = query_osv(pkg, version_spec or "")
|
||||
if raw_vulns:
|
||||
parsed = parse_osv_vuln(raw_vulns, pkg, version_spec or "")
|
||||
vulnerabilities.extend(parsed)
|
||||
|
||||
# 3. Filter by severity
|
||||
filtered = filter_by_severity(vulnerabilities, min_severity)
|
||||
|
||||
# 4. Build result
|
||||
return ScanResult(
|
||||
scanned_packages=len(packages),
|
||||
vulnerabilities=filtered,
|
||||
errors=errors
|
||||
)
|
||||
|
||||
|
||||
def main() -> int:
|
||||
parser = argparse.ArgumentParser(
|
||||
description="Scan Python dependencies for known vulnerabilities using OSV database"
|
||||
)
|
||||
parser.add_argument(
|
||||
'--deps', '-d',
|
||||
default=DEFAULT_REQUIREMENTS_PATH,
|
||||
help='Path to requirements.txt (default: requirements.txt)'
|
||||
)
|
||||
parser.add_argument(
|
||||
'--output', '-o',
|
||||
choices=['text', 'json', 'markdown'],
|
||||
default='text',
|
||||
help='Output format (default: text)'
|
||||
)
|
||||
parser.add_argument(
|
||||
'--min-severity',
|
||||
default='low',
|
||||
choices=SEVERITY_LEVELS,
|
||||
help='Minimum severity to report (default: low — report all)'
|
||||
)
|
||||
parser.add_argument(
|
||||
'--json',
|
||||
action='store_true',
|
||||
help='Output JSON (shorthand for --output json)'
|
||||
)
|
||||
parser.add_argument(
|
||||
'--quiet', '-q',
|
||||
action='store_true',
|
||||
help='Only print summary, skip detailed vulnerability list'
|
||||
)
|
||||
|
||||
args = parser.parse_args()
|
||||
|
||||
# Update output if --json flag is used
|
||||
if args.json:
|
||||
args.output = 'json'
|
||||
|
||||
# Run the scan
|
||||
result = run_scan(args.deps, args.min_severity, query_osv_api=True)
|
||||
|
||||
# Output
|
||||
if args.output == 'json':
|
||||
print(generate_json_report(result, parse_requirements_file(args.deps)))
|
||||
elif args.output == 'markdown':
|
||||
# Simple markdown table
|
||||
print("# Vulnerability Scan Report\n")
|
||||
print(f"**Packages scanned:** {result.scanned_packages}")
|
||||
print(f"**Vulnerabilities:** {len(result.vulnerabilities)}\n")
|
||||
if result.vulnerabilities:
|
||||
print("| Severity | Package | Version | Vuln ID | Summary |")
|
||||
print("|----------|---------|---------|---------|---------|")
|
||||
for v in result.vulnerabilities:
|
||||
print(f"| {v.severity.upper()} | {v.package} | {v.version} | [{v.vuln_id}]({v.details_url}) | {v.summary[:50]} |")
|
||||
print("\n")
|
||||
else:
|
||||
# text (default)
|
||||
if not args.quiet:
|
||||
print(generate_text_report(result, parse_requirements_file(args.deps)))
|
||||
else:
|
||||
crit = sum(1 for v in result.vulnerabilities if v.severity == 'critical')
|
||||
high = sum(1 for v in result.vulnerabilities if v.severity == 'high')
|
||||
med = sum(1 for v in result.vulnerabilities if v.severity == 'medium')
|
||||
print(f"CRITICAL={crit} HIGH={high} MEDIUM={med} TOTAL={len(result.vulnerabilities)}")
|
||||
|
||||
# Exit code logic: 0 if no vulns at min_severity+, 1 if critical/high found, 2 for other vulns
|
||||
has_critical_high = any(v.severity in ('critical', 'high') for v in result.vulnerabilities)
|
||||
has_other = any(v.severity not in ('critical', 'high') for v in result.vulnerabilities)
|
||||
|
||||
if has_critical_high:
|
||||
return 1
|
||||
elif has_other:
|
||||
return 2
|
||||
return 0
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
sys.exit(main())
|
||||
@@ -1,13 +1,16 @@
|
||||
"""Tests for CI configuration — 2 tests."""
|
||||
from pathlib import Path
|
||||
|
||||
|
||||
def test_requirements_makefile_and_workflow_exist() -> None:
|
||||
"""Verifies requirements makefile and workflow exist logic."""
|
||||
assert Path("requirements.txt").exists()
|
||||
assert Path("Makefile").exists()
|
||||
assert Path(".gitea/workflows/test.yml").exists()
|
||||
|
||||
|
||||
def test_ci_workflow_runs_project_test_command() -> None:
|
||||
"""Verifies ci workflow runs project command logic."""
|
||||
workflow = Path(".gitea/workflows/test.yml").read_text(encoding="utf-8")
|
||||
requirements = Path("requirements.txt").read_text(encoding="utf-8")
|
||||
makefile = Path("Makefile").read_text(encoding="utf-8")
|
||||
|
||||
@@ -22,28 +22,34 @@ from dedup import (
|
||||
|
||||
class TestNormalize:
|
||||
def test_lowercases(self):
|
||||
"""Verifies lowercases logic."""
|
||||
assert normalize_text("Hello World") == "hello world"
|
||||
|
||||
def test_collapses_whitespace(self):
|
||||
"""Verifies collapses whitespace logic."""
|
||||
assert normalize_text(" hello world ") == "hello world"
|
||||
|
||||
def test_strips(self):
|
||||
"""Verifies strips logic."""
|
||||
assert normalize_text(" text ") == "text"
|
||||
|
||||
|
||||
class TestContentHash:
|
||||
def test_deterministic(self):
|
||||
"""Verifies deterministic logic."""
|
||||
h1 = content_hash("Hello World")
|
||||
h2 = content_hash("hello world")
|
||||
h3 = content_hash(" Hello World ")
|
||||
assert h1 == h2 == h3
|
||||
|
||||
def test_different_texts(self):
|
||||
"""Verifies different texts logic."""
|
||||
h1 = content_hash("Hello")
|
||||
h2 = content_hash("World")
|
||||
assert h1 != h2
|
||||
|
||||
def test_returns_hex(self):
|
||||
"""Verifies returns hex logic."""
|
||||
h = content_hash("test")
|
||||
assert len(h) == 64 # SHA256
|
||||
assert all(c in '0123456789abcdef' for c in h)
|
||||
@@ -51,18 +57,21 @@ class TestContentHash:
|
||||
|
||||
class TestTokenize:
|
||||
def test_extracts_words(self):
|
||||
"""Verifies extracts words logic."""
|
||||
tokens = tokenize("Hello World Test")
|
||||
assert "hello" in tokens
|
||||
assert "world" in tokens
|
||||
assert "test" in tokens
|
||||
|
||||
def test_skips_short_words(self):
|
||||
"""Verifies skips short words logic."""
|
||||
tokens = tokenize("a to is the hello")
|
||||
assert "a" not in tokens
|
||||
assert "to" not in tokens
|
||||
assert "hello" in tokens
|
||||
|
||||
def test_returns_set(self):
|
||||
"""Verifies returns set logic."""
|
||||
tokens = tokenize("hello hello world")
|
||||
assert isinstance(tokens, set)
|
||||
assert len(tokens) == 2
|
||||
@@ -70,20 +79,25 @@ class TestTokenize:
|
||||
|
||||
class TestTokenSimilarity:
|
||||
def test_identical(self):
|
||||
"""Verifies identical logic."""
|
||||
assert token_similarity("hello world", "hello world") == 1.0
|
||||
|
||||
def test_no_overlap(self):
|
||||
"""Verifies no overlap logic."""
|
||||
assert token_similarity("alpha beta", "gamma delta") == 0.0
|
||||
|
||||
def test_partial_overlap(self):
|
||||
"""Verifies partial overlap logic."""
|
||||
sim = token_similarity("hello world test", "hello universe test")
|
||||
assert 0.3 < sim < 0.7
|
||||
|
||||
def test_empty(self):
|
||||
"""Verifies behavior with empty or None input."""
|
||||
assert token_similarity("", "hello") == 0.0
|
||||
assert token_similarity("hello", "") == 0.0
|
||||
|
||||
def test_symmetric(self):
|
||||
"""Verifies symmetric logic."""
|
||||
a = "hello world test"
|
||||
b = "hello universe test"
|
||||
assert token_similarity(a, b) == token_similarity(b, a)
|
||||
@@ -91,22 +105,26 @@ class TestTokenSimilarity:
|
||||
|
||||
class TestQualityScore:
|
||||
def test_high_confidence(self):
|
||||
"""Verifies high confidence logic."""
|
||||
fact = {"confidence": 0.95, "source_count": 5, "tags": ["test"], "related": ["x"]}
|
||||
score = quality_score(fact)
|
||||
assert score > 0.7
|
||||
|
||||
def test_low_confidence(self):
|
||||
"""Verifies low confidence logic."""
|
||||
fact = {"confidence": 0.3, "source_count": 1}
|
||||
score = quality_score(fact)
|
||||
assert score < 0.5
|
||||
|
||||
def test_defaults(self):
|
||||
"""Verifies defaults logic."""
|
||||
score = quality_score({})
|
||||
assert 0 < score < 1
|
||||
|
||||
|
||||
class TestMergeFacts:
|
||||
def test_merges_tags(self):
|
||||
"""Verifies merges tags logic."""
|
||||
keep = {"id": "a", "fact": "test", "tags": ["git"], "confidence": 0.9}
|
||||
drop = {"id": "b", "fact": "test", "tags": ["python"], "confidence": 0.8}
|
||||
merged = merge_facts(keep, drop)
|
||||
@@ -114,18 +132,21 @@ class TestMergeFacts:
|
||||
assert "python" in merged["tags"]
|
||||
|
||||
def test_merges_source_count(self):
|
||||
"""Verifies merges source count logic."""
|
||||
keep = {"id": "a", "fact": "test", "source_count": 3}
|
||||
drop = {"id": "b", "fact": "test", "source_count": 2}
|
||||
merged = merge_facts(keep, drop)
|
||||
assert merged["source_count"] == 5
|
||||
|
||||
def test_keeps_higher_confidence(self):
|
||||
"""Verifies keeps higher confidence logic."""
|
||||
keep = {"id": "a", "fact": "test", "confidence": 0.7}
|
||||
drop = {"id": "b", "fact": "test", "confidence": 0.9}
|
||||
merged = merge_facts(keep, drop)
|
||||
assert merged["confidence"] == 0.9
|
||||
|
||||
def test_tracks_merged_from(self):
|
||||
"""Verifies tracks merged from logic."""
|
||||
keep = {"id": "a", "fact": "test"}
|
||||
drop = {"id": "b", "fact": "test"}
|
||||
merged = merge_facts(keep, drop)
|
||||
@@ -134,6 +155,7 @@ class TestMergeFacts:
|
||||
|
||||
class TestDedupFacts:
|
||||
def test_removes_exact_dupes(self):
|
||||
"""Verifies removes exact dupes logic."""
|
||||
facts = [
|
||||
{"id": "1", "fact": "Always use git rebase"},
|
||||
{"id": "2", "fact": "Always use git rebase"}, # exact dupe
|
||||
@@ -144,6 +166,7 @@ class TestDedupFacts:
|
||||
assert stats["unique"] == 2
|
||||
|
||||
def test_removes_near_dupes(self):
|
||||
"""Verifies removes near dupes logic."""
|
||||
facts = [
|
||||
{"id": "1", "fact": "Always check logs before deploying to production server"},
|
||||
{"id": "2", "fact": "Always check logs before deploying to production environment"},
|
||||
@@ -154,6 +177,7 @@ class TestDedupFacts:
|
||||
assert stats["unique"] == 2
|
||||
|
||||
def test_preserves_unique(self):
|
||||
"""Verifies preserves unique logic."""
|
||||
facts = [
|
||||
{"id": "1", "fact": "Use git rebase for clean history"},
|
||||
{"id": "2", "fact": "Docker containers should be stateless"},
|
||||
@@ -164,11 +188,13 @@ class TestDedupFacts:
|
||||
assert stats["removed"] == 0
|
||||
|
||||
def test_empty_input(self):
|
||||
"""Verifies behavior with empty or None input."""
|
||||
deduped, stats = dedup_facts([])
|
||||
assert stats["total"] == 0
|
||||
assert stats["unique"] == 0
|
||||
|
||||
def test_keeps_higher_quality_near_dup(self):
|
||||
"""Verifies keeps higher quality near dup logic."""
|
||||
facts = [
|
||||
{"id": "1", "fact": "Check logs before deploying to production server", "confidence": 0.5, "source_count": 1},
|
||||
{"id": "2", "fact": "Check logs before deploying to production environment", "confidence": 0.9, "source_count": 5, "tags": ["ops"]},
|
||||
@@ -179,6 +205,7 @@ class TestDedupFacts:
|
||||
assert deduped[0]["confidence"] == 0.9
|
||||
|
||||
def test_dry_run_does_not_modify(self):
|
||||
"""Verifies dry run does not modify logic."""
|
||||
facts = [
|
||||
{"id": "1", "fact": "Same text"},
|
||||
{"id": "2", "fact": "Same text"},
|
||||
@@ -191,16 +218,19 @@ class TestDedupFacts:
|
||||
|
||||
class TestGenerateTestDuplicates:
|
||||
def test_generates_correct_count(self):
|
||||
"""Verifies generates correct count logic."""
|
||||
facts = generate_test_duplicates(20)
|
||||
assert len(facts) > 20 # 20 unique + duplicates
|
||||
|
||||
def test_has_exact_dupes(self):
|
||||
"""Verifies has exact dupes logic."""
|
||||
facts = generate_test_duplicates(20)
|
||||
hashes = [content_hash(f["fact"]) for f in facts]
|
||||
# Should have some duplicate hashes
|
||||
assert len(hashes) != len(set(hashes))
|
||||
|
||||
def test_dedup_removes_dupes(self):
|
||||
"""Verifies dedup removes dupes logic."""
|
||||
facts = generate_test_duplicates(20)
|
||||
deduped, stats = dedup_facts(facts)
|
||||
assert stats["unique"] <= 20
|
||||
|
||||
@@ -20,6 +20,7 @@ def _make_repo(tmpdir, structure):
|
||||
|
||||
|
||||
def test_undocumented_symbol():
|
||||
"""Verifies undocumented symbol logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
_make_repo(tmpdir, {
|
||||
"src/calculator.py": "def add(a, b):\n return a + b\n",
|
||||
@@ -31,6 +32,7 @@ def test_undocumented_symbol():
|
||||
|
||||
|
||||
def test_documented_symbol_no_gap():
|
||||
"""Verifies documented symbol no gap logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
_make_repo(tmpdir, {
|
||||
"src/calculator.py": "def add(a, b):\n return a + b\n",
|
||||
@@ -43,6 +45,7 @@ def test_documented_symbol_no_gap():
|
||||
|
||||
|
||||
def test_untested_module():
|
||||
"""Verifies untested module logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
_make_repo(tmpdir, {
|
||||
"src/calculator.py": "def add(a, b):\n return a + b\n",
|
||||
@@ -55,6 +58,7 @@ def test_untested_module():
|
||||
|
||||
|
||||
def test_tested_module_no_gap():
|
||||
"""Verifies tested module no gap logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
_make_repo(tmpdir, {
|
||||
"src/calculator.py": "def add(a, b):\n return a + b\n",
|
||||
@@ -67,6 +71,7 @@ def test_tested_module_no_gap():
|
||||
|
||||
|
||||
def test_missing_implementation():
|
||||
"""Verifies missing implementation logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
_make_repo(tmpdir, {
|
||||
"src/app.py": "def run():\n pass\n",
|
||||
@@ -78,6 +83,7 @@ def test_missing_implementation():
|
||||
|
||||
|
||||
def test_private_symbols_skipped():
|
||||
"""Verifies private symbols skipped logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
_make_repo(tmpdir, {
|
||||
"src/app.py": "def _internal():\n pass\ndef public():\n pass\n",
|
||||
@@ -90,18 +96,21 @@ def test_private_symbols_skipped():
|
||||
|
||||
|
||||
def test_empty_repo():
|
||||
"""Verifies behavior with empty or None input."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
report = KnowledgeGapIdentifier().analyze(tmpdir)
|
||||
assert len(report.gaps) == 0
|
||||
|
||||
|
||||
def test_invalid_path():
|
||||
"""Verifies invalid path logic."""
|
||||
report = KnowledgeGapIdentifier().analyze("/nonexistent/path/xyz")
|
||||
assert len(report.gaps) == 1
|
||||
assert report.gaps[0].severity == GapSeverity.ERROR
|
||||
|
||||
|
||||
def test_report_summary():
|
||||
"""Verifies report summary logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
_make_repo(tmpdir, {
|
||||
"src/app.py": "class MyService:\n def handle(self):\n pass\n",
|
||||
@@ -114,6 +123,7 @@ def test_report_summary():
|
||||
|
||||
|
||||
def test_report_to_dict():
|
||||
"""Verifies report to dict logic."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
_make_repo(tmpdir, {
|
||||
"src/app.py": "def hello():\n pass\n",
|
||||
|
||||
@@ -32,6 +32,7 @@ class TestBottleneck:
|
||||
"""Test Bottleneck dataclass."""
|
||||
|
||||
def test_creation(self):
|
||||
"""Verifies creation logic."""
|
||||
b = Bottleneck(
|
||||
category="test",
|
||||
name="test_foo",
|
||||
@@ -48,6 +49,7 @@ class TestBottleneck:
|
||||
assert b.line_number is None
|
||||
|
||||
def test_with_location(self):
|
||||
"""Verifies with location logic."""
|
||||
b = Bottleneck(
|
||||
category="test",
|
||||
name="test_bar",
|
||||
@@ -61,6 +63,7 @@ class TestBottleneck:
|
||||
assert b.line_number == 42
|
||||
|
||||
def test_to_dict(self):
|
||||
"""Verifies to dict logic."""
|
||||
b = Bottleneck("test", "x", 1.0, "info", "y")
|
||||
d = b.__dict__
|
||||
assert "category" in d
|
||||
@@ -71,6 +74,7 @@ class TestPerfReport:
|
||||
"""Test PerfReport dataclass."""
|
||||
|
||||
def test_creation(self):
|
||||
"""Verifies creation logic."""
|
||||
report = PerfReport(
|
||||
timestamp="2026-01-01T00:00:00Z",
|
||||
repo_path="/tmp/repo"
|
||||
@@ -80,6 +84,7 @@ class TestPerfReport:
|
||||
assert report.summary == {}
|
||||
|
||||
def test_to_dict(self):
|
||||
"""Verifies to dict logic."""
|
||||
report = PerfReport(
|
||||
timestamp="2026-01-01T00:00:00Z",
|
||||
repo_path="/tmp/repo",
|
||||
@@ -94,6 +99,7 @@ class TestSeveritySort:
|
||||
"""Test severity sorting."""
|
||||
|
||||
def test_critical_first(self):
|
||||
"""Verifies critical first logic."""
|
||||
items = [
|
||||
Bottleneck("test", "a", 1.0, "info", ""),
|
||||
Bottleneck("test", "b", 0.5, "critical", ""),
|
||||
@@ -105,6 +111,7 @@ class TestSeveritySort:
|
||||
assert items[2].severity == "info"
|
||||
|
||||
def test_duration_within_severity(self):
|
||||
"""Verifies duration within severity logic."""
|
||||
items = [
|
||||
Bottleneck("test", "slow", 10.0, "warning", ""),
|
||||
Bottleneck("test", "fast", 1.0, "warning", ""),
|
||||
@@ -117,6 +124,7 @@ class TestSlowTestScan:
|
||||
"""Test slow test pattern scanning."""
|
||||
|
||||
def test_finds_sleep(self, tmp_path):
|
||||
"""Verifies finds sleep logic."""
|
||||
test_file = tmp_path / "test_sleepy.py"
|
||||
test_file.write_text(textwrap.dedent('''
|
||||
import time
|
||||
@@ -131,6 +139,7 @@ class TestSlowTestScan:
|
||||
assert any("sleep" in b.recommendation.lower() for b in bottlenecks)
|
||||
|
||||
def test_finds_http_calls(self, tmp_path):
|
||||
"""Verifies finds http calls logic."""
|
||||
test_file = tmp_path / "test_http.py"
|
||||
test_file.write_text(textwrap.dedent('''
|
||||
import requests
|
||||
@@ -145,6 +154,7 @@ class TestSlowTestScan:
|
||||
assert any("HTTP" in b.recommendation or "mock" in b.recommendation.lower() for b in bottlenecks)
|
||||
|
||||
def test_skips_non_test_files(self, tmp_path):
|
||||
"""Verifies skips non files logic."""
|
||||
src_file = tmp_path / "main.py"
|
||||
src_file.write_text("import time\ntime.sleep(10)\n")
|
||||
|
||||
@@ -152,10 +162,12 @@ class TestSlowTestScan:
|
||||
assert len(bottlenecks) == 0
|
||||
|
||||
def test_handles_missing_dir(self):
|
||||
"""Verifies handles missing dir logic."""
|
||||
bottlenecks = find_slow_tests_by_scan("/nonexistent/path")
|
||||
assert bottlenecks == []
|
||||
|
||||
def test_file_path_populated(self, tmp_path):
|
||||
"""Verifies file path populated logic."""
|
||||
test_file = tmp_path / "test_example.py"
|
||||
test_file.write_text("import time\n\ndef test_it():\n time.sleep(2)\n")
|
||||
|
||||
@@ -169,6 +181,7 @@ class TestBuildArtifacts:
|
||||
"""Test build artifact analysis."""
|
||||
|
||||
def test_finds_large_node_modules(self, tmp_path):
|
||||
"""Verifies finds large node modules logic."""
|
||||
nm = tmp_path / "node_modules"
|
||||
nm.mkdir()
|
||||
# Create a file > 10MB
|
||||
@@ -180,6 +193,7 @@ class TestBuildArtifacts:
|
||||
assert any("node_modules" in b.name for b in bottlenecks)
|
||||
|
||||
def test_ignores_small_dirs(self, tmp_path):
|
||||
"""Verifies ignores small dirs logic."""
|
||||
nm = tmp_path / "node_modules"
|
||||
nm.mkdir()
|
||||
small_file = nm / "small.txt"
|
||||
@@ -189,6 +203,7 @@ class TestBuildArtifacts:
|
||||
assert not any("node_modules" in b.name for b in bottlenecks)
|
||||
|
||||
def test_finds_pycache(self, tmp_path):
|
||||
"""Verifies finds pycache logic."""
|
||||
cache = tmp_path / "__pycache__"
|
||||
cache.mkdir()
|
||||
big_file = cache / "big.pyc"
|
||||
@@ -202,6 +217,7 @@ class TestMakefileAnalysis:
|
||||
"""Test Makefile analysis."""
|
||||
|
||||
def test_finds_pip_install(self, tmp_path):
|
||||
"""Verifies finds pip install logic."""
|
||||
makefile = tmp_path / "Makefile"
|
||||
makefile.write_text(textwrap.dedent('''
|
||||
install:
|
||||
@@ -215,6 +231,7 @@ class TestMakefileAnalysis:
|
||||
assert len(bottlenecks) >= 1
|
||||
|
||||
def test_no_makefile(self, tmp_path):
|
||||
"""Verifies no makefile logic."""
|
||||
bottlenecks = analyze_makefile_targets(str(tmp_path))
|
||||
assert bottlenecks == []
|
||||
|
||||
@@ -223,6 +240,7 @@ class TestImportAnalysis:
|
||||
"""Test heavy import detection."""
|
||||
|
||||
def test_finds_pandas(self, tmp_path):
|
||||
"""Verifies finds pandas logic."""
|
||||
src = tmp_path / "analysis.py"
|
||||
src.write_text("import pandas as pd\n")
|
||||
|
||||
@@ -231,6 +249,7 @@ class TestImportAnalysis:
|
||||
assert any("pandas" in b.name for b in bottlenecks)
|
||||
|
||||
def test_finds_torch(self, tmp_path):
|
||||
"""Verifies finds torch logic."""
|
||||
src = tmp_path / "model.py"
|
||||
src.write_text("import torch\n")
|
||||
|
||||
@@ -238,6 +257,7 @@ class TestImportAnalysis:
|
||||
assert any("torch" in b.name for b in bottlenecks)
|
||||
|
||||
def test_skips_light_imports(self, tmp_path):
|
||||
"""Verifies skips light imports logic."""
|
||||
src = tmp_path / "utils.py"
|
||||
src.write_text("import json\nimport os\nimport sys\n")
|
||||
|
||||
@@ -249,12 +269,14 @@ class TestGenerateReport:
|
||||
"""Test full report generation."""
|
||||
|
||||
def test_empty_repo(self, tmp_path):
|
||||
"""Verifies behavior with empty or None input."""
|
||||
report = generate_report(str(tmp_path))
|
||||
assert report.summary["total_bottlenecks"] >= 0
|
||||
assert "critical" in report.summary
|
||||
assert "warning" in report.summary
|
||||
|
||||
def test_with_findings(self, tmp_path):
|
||||
"""Verifies with findings logic."""
|
||||
# Create a test file with issues
|
||||
test_file = tmp_path / "test_slow.py"
|
||||
test_file.write_text(textwrap.dedent('''
|
||||
@@ -273,6 +295,7 @@ class TestGenerateReport:
|
||||
assert len(report.bottlenecks) > 0
|
||||
|
||||
def test_summary_categories(self, tmp_path):
|
||||
"""Verifies summary categories logic."""
|
||||
report = generate_report(str(tmp_path))
|
||||
assert "by_category" in report.summary
|
||||
|
||||
@@ -281,6 +304,7 @@ class TestMarkdownReport:
|
||||
"""Test markdown output."""
|
||||
|
||||
def test_format(self):
|
||||
"""Verifies format logic."""
|
||||
report = PerfReport(
|
||||
timestamp="2026-01-01T00:00:00Z",
|
||||
repo_path="/tmp/repo",
|
||||
@@ -303,6 +327,7 @@ class TestMarkdownReport:
|
||||
assert "Fix it" in md
|
||||
|
||||
def test_empty_report(self):
|
||||
"""Verifies behavior with empty or None input."""
|
||||
report = PerfReport(
|
||||
timestamp="2026-01-01T00:00:00Z",
|
||||
repo_path="/tmp/repo",
|
||||
|
||||
@@ -21,27 +21,32 @@ from quality_gate import (
|
||||
|
||||
class TestScoreSpecificity(unittest.TestCase):
|
||||
def test_specific_content_scores_high(self):
|
||||
"""Verifies specific content scores high logic."""
|
||||
content = "Run `python3 deploy.py --env prod` on 2026-04-15. Example: step 1 configure nginx."
|
||||
score = score_specificity(content)
|
||||
self.assertGreater(score, 0.6)
|
||||
|
||||
def test_vague_content_scores_low(self):
|
||||
"""Verifies vague content scores low logic."""
|
||||
content = "It generally depends. Various factors might affect this. Basically, it varies."
|
||||
score = score_specificity(content)
|
||||
self.assertLess(score, 0.5)
|
||||
|
||||
def test_empty_scores_baseline(self):
|
||||
"""Verifies behavior with empty or None input."""
|
||||
score = score_specificity("")
|
||||
self.assertAlmostEqual(score, 0.5, delta=0.1)
|
||||
|
||||
|
||||
class TestScoreActionability(unittest.TestCase):
|
||||
def test_actionable_content_scores_high(self):
|
||||
"""Verifies actionable content scores high logic."""
|
||||
content = "1. Run `pip install -r requirements.txt`\n2. Execute `python3 train.py`\n3. Verify with `pytest`"
|
||||
score = score_actionability(content)
|
||||
self.assertGreater(score, 0.6)
|
||||
|
||||
def test_abstract_content_scores_low(self):
|
||||
"""Verifies abstract content scores low logic."""
|
||||
content = "The concept of intelligence is fascinating and multifaceted."
|
||||
score = score_actionability(content)
|
||||
self.assertLess(score, 0.5)
|
||||
@@ -49,33 +54,40 @@ class TestScoreActionability(unittest.TestCase):
|
||||
|
||||
class TestScoreFreshness(unittest.TestCase):
|
||||
def test_recent_timestamp_scores_high(self):
|
||||
"""Verifies recent timestamp scores high logic."""
|
||||
recent = datetime.now(timezone.utc).isoformat()
|
||||
score = score_freshness(recent)
|
||||
self.assertGreater(score, 0.9)
|
||||
|
||||
def test_old_timestamp_scores_low(self):
|
||||
"""Verifies old timestamp scores low logic."""
|
||||
old = (datetime.now(timezone.utc) - timedelta(days=365)).isoformat()
|
||||
score = score_freshness(old)
|
||||
self.assertLess(score, 0.2)
|
||||
|
||||
def test_none_returns_baseline(self):
|
||||
"""Verifies behavior with empty or None input."""
|
||||
score = score_freshness(None)
|
||||
self.assertEqual(score, 0.5)
|
||||
|
||||
|
||||
class TestScoreSourceQuality(unittest.TestCase):
|
||||
def test_claude_scores_high(self):
|
||||
"""Verifies claude scores high logic."""
|
||||
self.assertGreater(score_source_quality("claude-sonnet"), 0.85)
|
||||
|
||||
def test_ollama_scores_lower(self):
|
||||
"""Verifies ollama scores lower logic."""
|
||||
self.assertLess(score_source_quality("ollama"), 0.7)
|
||||
|
||||
def test_unknown_returns_default(self):
|
||||
"""Verifies unknown returns default logic."""
|
||||
self.assertEqual(score_source_quality("unknown"), 0.5)
|
||||
|
||||
|
||||
class TestScoreEntry(unittest.TestCase):
|
||||
def test_good_entry_scores_high(self):
|
||||
"""Verifies good entry scores high logic."""
|
||||
entry = {
|
||||
"content": "To deploy: run `kubectl apply -f deployment.yaml`. Verify with `kubectl get pods`.",
|
||||
"model": "claude-sonnet",
|
||||
@@ -85,6 +97,7 @@ class TestScoreEntry(unittest.TestCase):
|
||||
self.assertGreater(score, 0.6)
|
||||
|
||||
def test_poor_entry_scores_low(self):
|
||||
"""Verifies poor entry scores low logic."""
|
||||
entry = {
|
||||
"content": "It depends. Various things might happen.",
|
||||
"model": "unknown",
|
||||
@@ -95,6 +108,7 @@ class TestScoreEntry(unittest.TestCase):
|
||||
|
||||
class TestFilterEntries(unittest.TestCase):
|
||||
def test_filters_low_quality(self):
|
||||
"""Verifies knowledge filtering by filters low quality."""
|
||||
entries = [
|
||||
{"content": "Run `deploy.py` to fix the issue.", "model": "claude"},
|
||||
{"content": "It might work sometimes.", "model": "unknown"},
|
||||
|
||||
@@ -1,237 +0,0 @@
|
||||
#!/usr/bin/env python3
|
||||
"""Tests for scripts/vulnerability_scanner.py — 10 tests."""
|
||||
|
||||
import json
|
||||
import os
|
||||
import sys
|
||||
import tempfile
|
||||
import unittest
|
||||
from unittest.mock import patch, MagicMock
|
||||
|
||||
sys.path.insert(0, os.path.join(os.path.dirname(__file__) or ".", ".."))
|
||||
import importlib.util
|
||||
spec = importlib.util.spec_from_file_location(
|
||||
"vulnerability_scanner",
|
||||
os.path.join(os.path.dirname(__file__) or ".", "..", "scripts", "vulnerability_scanner.py"))
|
||||
mod = importlib.util.module_from_spec(spec)
|
||||
spec.loader.exec_module(mod)
|
||||
|
||||
parse_requirements_file = mod.parse_requirements_file
|
||||
query_osv = mod.query_osv
|
||||
parse_osv_vuln = mod.parse_osv_vuln
|
||||
filter_by_severity = mod.filter_by_severity
|
||||
Vulnerability = mod.Vulnerability
|
||||
|
||||
|
||||
# --- Test Data ---
|
||||
|
||||
SAMPLE_OSV_RESPONSE = [
|
||||
{
|
||||
"id": "GHSA-xxxx-xxxx-xxxx",
|
||||
"summary": " Arbitrary code execution in django",
|
||||
"severity": [{"type": "CVSS_V3", "score": {"baseScore": 9.8, "baseSeverity": "CRITICAL"}}],
|
||||
"affected": [{
|
||||
"ranges": [{
|
||||
"events": [
|
||||
{"introduced": "0"},
|
||||
{"fixed": "3.2.14"}
|
||||
]
|
||||
}]
|
||||
}]
|
||||
},
|
||||
{
|
||||
"id": "PYSEC-2024-1234",
|
||||
"summary": " Denial of service in cryptography",
|
||||
"severity": [{"type": "CVSS_V3", "score": {"baseScore": 5.3, "baseSeverity": "MEDIUM"}}],
|
||||
"affected": [{
|
||||
"ranges": [{
|
||||
"events": [
|
||||
{"introduced": "0"},
|
||||
{"fixed": "42.0.0"}
|
||||
]
|
||||
}]
|
||||
}]
|
||||
}
|
||||
]
|
||||
|
||||
|
||||
# --- Tests ---
|
||||
|
||||
|
||||
def test_parse_requirements_simple():
|
||||
"""Should parse a simple requirements file."""
|
||||
with tempfile.NamedTemporaryFile(mode='w', suffix='.txt', delete=False) as f:
|
||||
f.write("django==4.2.0\n")
|
||||
f.write("requests>=2.28.0\n")
|
||||
f.write("click~=8.0\n")
|
||||
f.flush()
|
||||
pkgs = parse_requirements_file(f.name)
|
||||
os.unlink(f.name)
|
||||
|
||||
assert "django" in pkgs
|
||||
assert pkgs["django"] == "==4.2.0"
|
||||
assert "requests" in pkgs
|
||||
assert pkgs["requests"] == ">=2.28.0"
|
||||
assert "click" in pkgs
|
||||
print("PASS: test_parse_requirements_simple")
|
||||
|
||||
|
||||
def test_parse_requirements_extras_and_comments():
|
||||
"""Should skip comments, blank lines, and handle package extras."""
|
||||
with tempfile.NamedTemporaryFile(mode='w', suffix='.txt', delete=False) as f:
|
||||
f.write("# This is a comment\n")
|
||||
f.write("django[argon2]==4.2.0\n")
|
||||
f.write("\n")
|
||||
f.write(" requests >=2.28.0 # inline comment\n")
|
||||
f.flush()
|
||||
pkgs = parse_requirements_file(f.name)
|
||||
os.unlink(f.name)
|
||||
|
||||
assert "django" in pkgs
|
||||
assert pkgs["django"] == "==4.2.0"
|
||||
assert "requests" in pkgs
|
||||
# Version should capture the comparison
|
||||
assert ">=" in pkgs["requests"]
|
||||
print("PASS: test_parse_requirements_extras_and_comments")
|
||||
|
||||
|
||||
def test_parse_requirements_include_recursive():
|
||||
"""Should follow -r includes up to depth 3."""
|
||||
with tempfile.TemporaryDirectory() as tmpdir:
|
||||
# Main requirements.txt
|
||||
main = os.path.join(tmpdir, "requirements.txt")
|
||||
with open(main, 'w') as f:
|
||||
f.write("django==4.2.0\n")
|
||||
f.write("-r base.txt\n")
|
||||
|
||||
# base.txt
|
||||
base = os.path.join(tmpdir, "base.txt")
|
||||
with open(base, 'w') as f:
|
||||
f.write("requests>=2.28.0\n")
|
||||
f.write("-r deep.txt\n")
|
||||
|
||||
# deep.txt
|
||||
deep = os.path.join(tmpdir, "deep.txt")
|
||||
with open(deep, 'w') as f:
|
||||
f.write("click~=8.0\n")
|
||||
|
||||
pkgs = parse_requirements_file(main)
|
||||
|
||||
assert "django" in pkgs
|
||||
assert "requests" in pkgs
|
||||
assert "click" in pkgs
|
||||
print("PASS: test_parse_requirements_include_recursive")
|
||||
|
||||
|
||||
def test_parse_requirements_skip_editable():
|
||||
"""Should skip -e editable installs and other flags."""
|
||||
with tempfile.NamedTemporaryFile(mode='w', suffix='.txt', delete=False) as f:
|
||||
f.write("-e git+https://github.com/user/repo.git@branch#egg=package\n")
|
||||
f.write("--index-url https://pypi.org/simple\n")
|
||||
f.write("django==4.2.0\n")
|
||||
f.flush()
|
||||
pkgs = parse_requirements_file(f.name)
|
||||
os.unlink(f.name)
|
||||
|
||||
assert "django" in pkgs
|
||||
assert "package" not in pkgs # should not pick up editable name
|
||||
print("PASS: test_parse_requirements_skip_editable")
|
||||
|
||||
|
||||
def test_parse_requirements_nonexistent():
|
||||
"""Should exit with error on missing file."""
|
||||
with patch('sys.exit') as mock_exit:
|
||||
pkgs = parse_requirements_file("/nonexistent/requirements.txt")
|
||||
mock_exit.assert_called_once_with(1)
|
||||
print("PASS: test_parse_requirements_nonexistent")
|
||||
|
||||
|
||||
def test_filter_by_severity():
|
||||
"""Should filter vulnerabilities by severity threshold."""
|
||||
vulns = [
|
||||
Vulnerability("pkg1", "==1.0", "V1", "critical", 9.8, "summary", "url", []),
|
||||
Vulnerability("pkg2", "==2.0", "V2", "high", 7.5, "summary", "url", []),
|
||||
Vulnerability("pkg3", "==3.0", "V3", "medium", 5.0, "summary", "url", []),
|
||||
Vulnerability("pkg4", "==4.0", "V4", "low", 2.0, "summary", "url", []),
|
||||
]
|
||||
|
||||
# min_severity: low includes all
|
||||
filtered = filter_by_severity(vulns, "low")
|
||||
assert len(filtered) == 4
|
||||
|
||||
# min_severity: medium excludes low
|
||||
filtered = filter_by_severity(vulns, "medium")
|
||||
assert len(filtered) == 3
|
||||
assert all(v.severity in ("critical", "high", "medium") for v in filtered)
|
||||
|
||||
# min_severity: high excludes medium + low
|
||||
filtered = filter_by_severity(vulns, "high")
|
||||
assert len(filtered) == 2
|
||||
|
||||
# min_severity: critical only
|
||||
filtered = filter_by_severity(vulns, "critical")
|
||||
assert len(filtered) == 1
|
||||
|
||||
print("PASS: test_filter_by_severity")
|
||||
|
||||
|
||||
def test_parse_osv_vuln():
|
||||
"""Should parse OSV API response correctly."""
|
||||
parsed = parse_osv_vuln(SAMPLE_OSV_RESPONSE, "django", "==4.2.0")
|
||||
|
||||
assert len(parsed) == 2
|
||||
assert parsed[0].package == "django"
|
||||
assert parsed[0].vuln_id == "GHSA-xxxx-xxxx-xxxx"
|
||||
assert parsed[0].severity == "critical"
|
||||
assert parsed[0].cvss_score == 9.8
|
||||
assert parsed[1].severity == "medium"
|
||||
assert parsed[1].cvss_score == 5.3
|
||||
print("PASS: test_parse_osv_vuln")
|
||||
|
||||
|
||||
def test_parse_osv_vuln_empty():
|
||||
"""Should handle empty OSV response."""
|
||||
parsed = parse_osv_vuln([], "django", "==4.2.0")
|
||||
assert parsed == []
|
||||
print("PASS: test_parse_osv_vuln_empty")
|
||||
|
||||
|
||||
def test_query_osv_network_success():
|
||||
"""Should successfully query OSV API for a real known vulnerable package."""
|
||||
# Query for an old django version that likely has known CVEs
|
||||
# This test actually hits the network — tagged as integration
|
||||
vulns = query_osv("django", "==3.2.0")
|
||||
# We don't assert specific results since vulns change over time
|
||||
# But we assert the function returns a list and doesn't error
|
||||
assert isinstance(vulns, list)
|
||||
print("PASS: test_query_osv_network_success")
|
||||
|
||||
|
||||
def test_query_osv_404_no_vulns():
|
||||
"""OSV returns empty list for packages with no vulns (404-like)."""
|
||||
# Mock a 404 response from OSV API
|
||||
with patch('urllib.request.urlopen') as mock_urlopen:
|
||||
mock_response = MagicMock()
|
||||
mock_response.read.return_value = b'{"vulns": []}'
|
||||
mock_response.__enter__ = lambda self: self
|
||||
mock_response.__exit__ = lambda self, *args: None
|
||||
mock_urlopen.return_value = mock_response
|
||||
|
||||
result = query_osv("nonexistent-package-xyz123", "==1.0.0")
|
||||
assert result == []
|
||||
print("PASS: test_query_osv_404_no_vulns")
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
# Run all tests
|
||||
test_parse_requirements_simple()
|
||||
test_parse_requirements_extras_and_comments()
|
||||
test_parse_requirements_include_recursive()
|
||||
test_parse_requirements_skip_editable()
|
||||
test_parse_requirements_nonexistent()
|
||||
test_filter_by_severity()
|
||||
test_parse_osv_vuln()
|
||||
test_parse_osv_vuln_empty()
|
||||
test_query_osv_network_success()
|
||||
test_query_osv_404_no_vulns()
|
||||
print("\nAll tests passed.")
|
||||
Reference in New Issue
Block a user