tests: fix mypy type errors in security tests
Some checks failed
CI / Lint & Format (push) Successful in 22s
CI / Security Scan (push) Successful in 21s
CI / Unit Tests (push) Failing after 17s
CI / Advanced Security Tests (push) Failing after 14s
CI / Memory Leak Check (push) Successful in 20s
CI / Security Tests (push) Successful in 25s
CI / Build & Push Image (push) Has been skipped
CI / SBOM Generation (push) Successful in 20s
Some checks failed
CI / Lint & Format (push) Successful in 22s
CI / Security Scan (push) Successful in 21s
CI / Unit Tests (push) Failing after 17s
CI / Advanced Security Tests (push) Failing after 14s
CI / Memory Leak Check (push) Successful in 20s
CI / Security Tests (push) Successful in 25s
CI / Build & Push Image (push) Has been skipped
CI / SBOM Generation (push) Successful in 20s
This commit is contained in:
Username
@@ -565,7 +565,7 @@ def is_trusted_proxy() -> bool:
|
||||
Result is cached per-request in Flask's g object for efficiency.
|
||||
"""
|
||||
if hasattr(g, "_trusted_proxy"):
|
||||
return g._trusted_proxy
|
||||
return bool(g._trusted_proxy)
|
||||
|
||||
expected = current_app.config.get("TRUSTED_PROXY_SECRET", "")
|
||||
if not expected:
|
||||
@@ -573,7 +573,7 @@ def is_trusted_proxy() -> bool:
|
||||
return True
|
||||
provided = request.headers.get("X-Proxy-Secret", "")
|
||||
g._trusted_proxy = hmac.compare_digest(expected, provided)
|
||||
return g._trusted_proxy
|
||||
return bool(g._trusted_proxy)
|
||||
|
||||
|
||||
def get_client_fingerprint() -> str | None:
|
||||
|
||||
@@ -47,7 +47,7 @@ def test_trusted_path_validation():
|
||||
]
|
||||
|
||||
for path, expected, desc in trusted_tests + untrusted_tests:
|
||||
result = is_trusted_clipboard_path(path)
|
||||
result = is_trusted_clipboard_path(path) # type: ignore[operator]
|
||||
status = "PASS" if result == expected else "FAIL"
|
||||
results.append((status, desc, path, expected, result))
|
||||
print(f" {status}: {desc}")
|
||||
@@ -76,7 +76,7 @@ def test_path_injection():
|
||||
os.environ["PATH"] = f"/tmp:{original_path}" # noqa: S108
|
||||
|
||||
# Try to find clipboard command
|
||||
cmd = find_clipboard_command(CLIPBOARD_READ_COMMANDS)
|
||||
cmd = find_clipboard_command(CLIPBOARD_READ_COMMANDS) # type: ignore[operator]
|
||||
|
||||
# Restore PATH
|
||||
os.environ["PATH"] = original_path
|
||||
@@ -159,7 +159,7 @@ def test_config_permissions():
|
||||
|
||||
stderr_capture = io.StringIO()
|
||||
with redirect_stderr(stderr_capture):
|
||||
check_config_permissions(config_path)
|
||||
check_config_permissions(config_path) # type: ignore[operator]
|
||||
|
||||
warning = stderr_capture.getvalue()
|
||||
|
||||
@@ -173,7 +173,7 @@ def test_config_permissions():
|
||||
config_path.chmod(0o600)
|
||||
stderr_capture = io.StringIO()
|
||||
with redirect_stderr(stderr_capture):
|
||||
check_config_permissions(config_path)
|
||||
check_config_permissions(config_path) # type: ignore[operator]
|
||||
|
||||
warning = stderr_capture.getvalue()
|
||||
if not warning:
|
||||
|
||||
@@ -175,7 +175,7 @@ def test_concurrent_memory_pressure():
|
||||
reset_rate_limits()
|
||||
errors = []
|
||||
|
||||
def make_requests(thread_id: int):
|
||||
def make_requests(thread_id: int) -> None:
|
||||
# Each thread needs its own app context
|
||||
with app.app_context():
|
||||
try:
|
||||
|
||||
@@ -9,6 +9,7 @@ import time
|
||||
import urllib.error
|
||||
import urllib.request
|
||||
from concurrent.futures import ThreadPoolExecutor, as_completed
|
||||
from typing import Any
|
||||
|
||||
BASE_URL = "http://127.0.0.1:5099"
|
||||
|
||||
@@ -65,9 +66,9 @@ def random_content(size=1024):
|
||||
return os.urandom(size)
|
||||
|
||||
|
||||
def run_tests():
|
||||
def run_tests() -> dict[str, Any]:
|
||||
"""Run comprehensive pentest suite."""
|
||||
results = {"passed": 0, "failed": 0, "tests": []}
|
||||
results: dict[str, Any] = {"passed": 0, "failed": 0, "tests": []}
|
||||
paste_ids = []
|
||||
|
||||
def log_test(name, passed, details=""):
|
||||
|
||||
Reference in New Issue
Block a user