"""Tests for the IssueDetector module.""" import sys from pathlib import Path sys.path.insert(0, str(Path(__file__).parent.parent / 'src')) from gdiffer.issue_detector import detect_issues, suggest_improvements class TestIssueDetector: """Tests for IssueDetector class.""" def test_detect_sql_injection(self, issue_detector): """Test detecting SQL injection patterns.""" code = 'query = "SELECT * FROM users WHERE name = \'" + username + "\'"' issues = issue_detector.detect_issues(code, "python") sql_issues = [i for i in issues if i.type == "sql_injection"] assert len(sql_issues) > 0 issue = sql_issues[0] assert issue.severity == "critical" assert "SQL" in issue.title def test_detect_xss(self, issue_detector): """Test detecting XSS patterns.""" code = "element.innerHTML = userInput" issues = issue_detector.detect_issues(code, "javascript") xss_issues = [i for i in issues if i.type == "xss"] assert len(xss_issues) > 0 def test_detect_command_injection(self, issue_detector): """Test detecting command injection patterns.""" code = "os.system('rm -rf /tmp/' + user_input)" issues = issue_detector.detect_issues(code, "python") cmd_issues = [i for i in issues if i.type == "command_injection"] assert len(cmd_issues) > 0 def test_detect_eval_usage(self, issue_detector): """Test detecting eval usage.""" code = "result = eval(user_code)" issues = issue_detector.detect_issues(code, "python") eval_issues = [i for i in issues if i.type == "code_injection"] assert len(eval_issues) > 0 def test_detect_hardcoded_secret(self, issue_detector): """Test detecting hardcoded secrets.""" code = 'api_key = "sk-1234567890abcdef"' issues = issue_detector.detect_issues(code, "python") secret_issues = [i for i in issues if i.type == "hardcoded_secret"] assert len(secret_issues) > 0 def test_detect_insecure_http(self, issue_detector): """Test detecting insecure HTTP usage.""" code = 'response = requests.get("http://api.example.com")' issues = issue_detector.detect_issues(code, "python") http_issues = [i for i in issues if i.type == "insecure_transport"] assert len(http_issues) > 0 def test_detect_weak_random(self, issue_detector): """Test detecting weak random number generation.""" code = "token = random.randint(0, 9999)" issues = issue_detector.detect_issues(code, "python") crypto_issues = [i for i in issues if i.type == "weak_crypto"] assert len(crypto_issues) > 0 def test_detect_bare_except(self, issue_detector): """Test detecting bare except clauses.""" code = """try: dangerous_operation() except: pass""" issues = issue_detector.detect_issues(code, "python") bare_except = [i for i in issues if i.type == "bare_except"] assert len(bare_except) > 0 def test_detect_debug_statements(self, issue_detector): """Test detecting debug statements.""" code = "print('Debug: value =', value)" issues = issue_detector.detect_issues(code, "python") debug_issues = [i for i in issues if i.type == "debug_statement"] assert len(debug_issues) > 0 def test_detect_todo_comments(self, issue_detector): """Test detecting TODO comments.""" code = "# TODO: Fix this later" issues = issue_detector.detect_issues(code, "python") todo_issues = [i for i in issues if i.type == "code_tag"] assert len(todo_issues) > 0 def test_detect_no_issues_in_clean_code(self, issue_detector): """Test that clean code produces no issues.""" code = """def calculate_sum(a, b): result = a + b return result """ issues = issue_detector.detect_issues(code, "python") assert len(issues) == 0 def test_issue_line_number(self, issue_detector): """Test that issue has correct line number.""" code = """line1 = 1 line2 = 2 password = "secret" """ issues = issue_detector.detect_issues(code, "python") secret_issues = [i for i in issues if i.type == "hardcoded_secret"] assert len(secret_issues) > 0 assert secret_issues[0].line == 3 def test_detect_diff_issues(self, issue_detector, sql_injection_diff): """Test detecting issues in diff.""" old_code = "x = 1" new_code = "x = 1\nquery = 'SELECT * FROM users WHERE id = ' + user_id" issues = issue_detector.detect_diff_issues(old_code, new_code, "python") assert isinstance(issues, list) def test_suggest_improvements(self, issue_detector): """Test suggesting improvements.""" code = 'query = "SELECT * FROM users WHERE id = " + user_id' suggestions = issue_detector.suggest_improvements(code, "python") assert isinstance(suggestions, list) assert len(suggestions) > 0 def test_check_security_patterns_only(self, issue_detector): """Test checking only security patterns.""" code = """password = "secret" query = "SELECT * FROM users" """ issues = issue_detector.check_security_patterns(code) assert all(i.severity in ['critical', 'high', 'medium'] for i in issues) def test_check_code_quality_only(self, issue_detector): """Test checking only code quality patterns.""" code = """# TODO: fix later print("debug") """ issues = issue_detector.check_code_quality(code) assert all(i.severity == 'low' for i in issues) def test_issue_has_suggestion(self, issue_detector): """Test that issues have suggestions.""" code = 'password = "secret"' issues = issue_detector.detect_issues(code, "python") if issues: assert issues[0].suggestion class TestDetectIssuesFunction: """Tests for the detect_issues convenience function.""" def test_detect_issues_function(self): """Test detect_issues convenience function.""" issues = detect_issues('password = "secret"', "python") assert isinstance(issues, list) def test_detect_issues_empty(self): """Test detect_issues with clean code.""" issues = detect_issues("def test():\n return 1", "python") assert issues == [] def test_detect_issues_with_pass(self): """Test detect_issues detects pass statement.""" issues = detect_issues("def test(): pass", "python") pass_issues = [i for i in issues if i.type == "empty_block"] assert len(pass_issues) > 0 class TestSuggestImprovementsFunction: """Tests for the suggest_improvements convenience function.""" def test_suggest_improvements_function(self): """Test suggest_improvements convenience function.""" suggestions = suggest_improvements('password = "secret"', "python") assert isinstance(suggestions, list) def test_suggest_improvements_clean_code(self): """Test suggest_improvements with clean code.""" suggestions = suggest_improvements("def test():\n return 1", "python") assert suggestions == [] def test_suggest_improvements_with_pass(self): """Test suggest_improvements detects pass statement.""" suggestions = suggest_improvements("def test(): pass", "python") assert len(suggestions) > 0 class TestIssueModel: """Tests for the Issue dataclass.""" def test_issue_creation(self): """Test creating an Issue instance.""" from gdiffer.issue_detector import Issue issue = Issue( type="test", severity="high", title="Test Issue", description="Test description", line=10, suggestion="Fix this" ) assert issue.type == "test" assert issue.severity == "high" assert issue.title == "Test Issue" assert issue.line == 10 assert issue.suggestion == "Fix this"