username/flaskpaste
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: fix test file references and hardcoded paths
Some checks failed
CI / Lint & Format (push) Successful in 22s
Details
CI / Security Scan (push) Successful in 20s
Details
CI / Advanced Security Tests (push) Successful in 15s
Details
CI / Memory Leak Check (push) Successful in 19s
Details
CI / Security Tests (push) Successful in 25s
Details
CI / Unit Tests (push) Successful in 33s
Details
CI / SBOM Generation (push) Successful in 20s
Details
CI / Build & Push Image (push) Failing after 29s
Details

Browse Source 
- Remove non-existent test_mime_detection.py from unit tests
- Use relative paths in security tests for container compatibility
This commit is contained in:
Username
2026-01-18 10:23:31 +01:00
parent 3be2fd6cf6
commit 195752fe75
3 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitea/workflows/ci.yml
View File

@@ -117,7 +117,7 @@ jobs:
- name: Run unit tests - name: Run unit tests
run: | run: |
pytest tests/test_api.py tests/test_database.py tests/test_mime_detection.py \ pytest tests/test_api.py tests/test_database.py \
tests/test_paste_*.py tests/test_metrics.py tests/test_pki.py \ tests/test_paste_*.py tests/test_metrics.py tests/test_pki.py \
-v --tb=short -v --tb=short

8
tests/security/cli_security_audit.py
View File

@@ -8,7 +8,7 @@ import tempfile
from pathlib import Path from pathlib import Path
# Load fpaste as a module by exec # Load fpaste as a module by exec
fpaste_path = Path("/home/user/git/flaskpaste/fpaste") fpaste_path = Path(__file__).parent.parent.parent / "fpaste"
fpaste_globals = {"__name__": "fpaste", "__file__": str(fpaste_path)} fpaste_globals = {"__name__": "fpaste", "__file__": str(fpaste_path)}
exec(compile(fpaste_path.read_text(), fpaste_path, "exec"), fpaste_globals) # noqa: S102 exec(compile(fpaste_path.read_text(), fpaste_path, "exec"), fpaste_globals) # noqa: S102
@@ -105,7 +105,7 @@ def test_subprocess_safety():
print("=" * 50) print("=" * 50)
# Read fpaste source and check for dangerous patterns # Read fpaste source and check for dangerous patterns
fpaste_src = Path("/home/user/git/flaskpaste/fpaste") fpaste_src = Path(__file__).parent.parent.parent / "fpaste"
content = fpaste_src.read_text() content = fpaste_src.read_text()
issues = [] issues = []
@@ -190,7 +190,7 @@ def test_key_file_permissions():
print("=" * 50) print("=" * 50)
# Check the source code for chmod calls # Check the source code for chmod calls
fpaste_src = Path("/home/user/git/flaskpaste/fpaste") fpaste_src = Path(__file__).parent.parent.parent / "fpaste"
content = fpaste_src.read_text() content = fpaste_src.read_text()
# Find all chmod(0o600) calls for key files # Find all chmod(0o600) calls for key files
@@ -239,7 +239,7 @@ def test_symlink_attacks():
print(" RECOMMENDATION: Check for symlinks before write, or use O_NOFOLLOW") print(" RECOMMENDATION: Check for symlinks before write, or use O_NOFOLLOW")
# Check if the code verifies paths before writing # Check if the code verifies paths before writing
fpaste_src = Path("/home/user/git/flaskpaste/fpaste") fpaste_src = Path(__file__).parent.parent.parent / "fpaste"
content = fpaste_src.read_text() content = fpaste_src.read_text()
if "is_symlink()" in content or "O_NOFOLLOW" in content: if "is_symlink()" in content or "O_NOFOLLOW" in content:

3
tests/security/profiled_server.py
View File

@@ -7,8 +7,9 @@ import io
import pstats import pstats
import signal import signal
import sys import sys
from pathlib import Path
sys.path.insert(0, "/home/user/git/flaskpaste") sys.path.insert(0, str(Path(__file__).parent.parent.parent))
from app import create_app from app import create_app