Spaces:
Running
Running
| """Tests for the 3-stage patch validation pipeline.""" | |
| from patchhawk.agent.sandbox import validate_patch | |
| def test_syntax_error_detected(): | |
| """Stage 1: py_compile catches a missing closing quote.""" | |
| scenario = { | |
| "type": "functional", | |
| "code_snippet": "print('hello')", | |
| "unit_test_code": None, | |
| "attack_type": None, | |
| } | |
| patch = "print('hello" # syntax error | |
| success, msg, details = validate_patch(scenario, patch, use_docker=False) | |
| assert success is False | |
| assert msg == "Syntax error" | |
| assert "error" in details | |
| def test_unit_test_pass(): | |
| """Stage 2: a correct patch passes the unit test.""" | |
| scenario = { | |
| "type": "functional", | |
| "code_snippet": "def add(a, b): return a + b", | |
| "unit_test_code": "import code\nassert code.add(1, 2) == 3\n", | |
| "attack_type": None, | |
| } | |
| patch = "def add(a, b):\n return a + b\n" | |
| success, msg, details = validate_patch(scenario, patch, use_docker=False) | |
| assert success is True | |
| assert msg == "Patch is valid" | |
| def test_unit_test_fail(): | |
| """Stage 2: a broken patch fails the unit test.""" | |
| scenario = { | |
| "type": "functional", | |
| "code_snippet": "def add(a, b): return a + b", | |
| "unit_test_code": "import code\nassert code.add(1, 2) == 3\n", | |
| "attack_type": None, | |
| } | |
| patch = "def add(a, b):\n return a - b\n" | |
| success, msg, details = validate_patch(scenario, patch, use_docker=False) | |
| assert success is False | |
| assert msg == "Unit test failed" | |
| assert "test_output" in details | |
| def test_vulnerability_remains(): | |
| """Stage 3: re-attack detects that the backdoor was not removed.""" | |
| scenario = { | |
| "type": "true_positive", | |
| "attack_type": "obfuscated_exec", | |
| "code_snippet": "print('Hello from hidden exec!')\ndef add(a, b): return a + b", | |
| "unit_test_code": "import code\nassert code.add(1, 2) == 3\n", | |
| } | |
| # Patch keeps the backdoor print | |
| patch = "print('Hello from hidden exec!')\ndef add(a, b):\n return a + b\n" | |
| success, msg, details = validate_patch(scenario, patch, use_docker=False) | |
| assert success is False | |
| assert msg == "Vulnerability still accessible" | |
| assert "evidence" in details | |
| def test_clean_patch_passes_reattack(): | |
| """Stage 3: a properly cleaned patch passes re-attack.""" | |
| scenario = { | |
| "type": "true_positive", | |
| "attack_type": "obfuscated_exec", | |
| "code_snippet": "print('Hello from hidden exec!')\ndef add(a, b): return a + b", | |
| "unit_test_code": "import code\nassert code.add(1, 2) == 3\n", | |
| } | |
| # Patch removes the backdoor | |
| patch = "def add(a, b):\n return a + b\n" | |
| success, msg, details = validate_patch(scenario, patch, use_docker=False) | |
| assert success is True | |
| assert msg == "Patch is valid" | |