Timmy_Foundation/hermes-agent
15
0
Fork 0
Code Issues 247 Pull Requests 14 Actions 1 Packages Projects Releases Wiki Activity

test: add regression tests for recursive delete false positive fix

Browse Source 
Add 15 new tests in two classes:

- TestRmFalsePositiveFix (8 tests): verify filenames starting with 'r'
  (readme.txt, requirements.txt, report.csv, etc.) are NOT falsely
  flagged as 'recursive delete'

- TestRmRecursiveFlagVariants (7 tests): verify all recursive delete
  flag styles (-r, -rf, -rfv, -fr, -irf, --recursive, sudo rm -rf)
  are still correctly caught

All 29 tests pass (14 existing + 15 new).
This commit is contained in:
darya
2026-02-26 16:40:44 +03:00
parent 3227cc65d1
commit f5c09a3aba
1 changed files with 62 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
tests/tools/test_approval.py
View File

@@ -93,3 +93,65 @@ class TestApproveAndCheckSession:
approve_session(key, "rm")
clear_session(key)
assert is_approved(key, "rm") is False
class TestRmFalsePositiveFix:
"""Regression tests: filenames starting with 'r' must NOT trigger recursive delete."""
def test_rm_readme_not_flagged(self):
is_dangerous, _, desc = detect_dangerous_command("rm readme.txt")
assert is_dangerous is False, f"'rm readme.txt' should be safe, got: {desc}"
def test_rm_requirements_not_flagged(self):
is_dangerous, _, desc = detect_dangerous_command("rm requirements.txt")
assert is_dangerous is False, f"'rm requirements.txt' should be safe, got: {desc}"
def test_rm_report_not_flagged(self):
is_dangerous, _, desc = detect_dangerous_command("rm report.csv")
assert is_dangerous is False, f"'rm report.csv' should be safe, got: {desc}"
def test_rm_results_not_flagged(self):
is_dangerous, _, desc = detect_dangerous_command("rm results.json")
assert is_dangerous is False, f"'rm results.json' should be safe, got: {desc}"
def test_rm_robots_not_flagged(self):
is_dangerous, _, desc = detect_dangerous_command("rm robots.txt")
assert is_dangerous is False, f"'rm robots.txt' should be safe, got: {desc}"
def test_rm_run_not_flagged(self):
is_dangerous, _, desc = detect_dangerous_command("rm run.sh")
assert is_dangerous is False, f"'rm run.sh' should be safe, got: {desc}"
def test_rm_force_readme_not_flagged(self):
is_dangerous, _, desc = detect_dangerous_command("rm -f readme.txt")
assert is_dangerous is False, f"'rm -f readme.txt' should be safe, got: {desc}"
def test_rm_verbose_readme_not_flagged(self):
is_dangerous, _, desc = detect_dangerous_command("rm -v readme.txt")
assert is_dangerous is False, f"'rm -v readme.txt' should be safe, got: {desc}"
class TestRmRecursiveFlagVariants:
"""Ensure all recursive delete flag styles are still caught."""
def test_rm_r(self):
assert detect_dangerous_command("rm -r mydir")[0] is True
def test_rm_rf(self):
assert detect_dangerous_command("rm -rf /tmp/test")[0] is True
def test_rm_rfv(self):
assert detect_dangerous_command("rm -rfv /var/log")[0] is True
def test_rm_fr(self):
assert detect_dangerous_command("rm -fr .")[0] is True
def test_rm_irf(self):
assert detect_dangerous_command("rm -irf somedir")[0] is True
def test_rm_recursive_long(self):
assert detect_dangerous_command("rm --recursive /tmp")[0] is True
def test_sudo_rm_rf(self):
assert detect_dangerous_command("sudo rm -rf /tmp")[0] is True