SwarmAudit / tests /test_config_agent.py
Pranoy Mukherjee
Update SwarmAudit Space demo
9237011
Raw
History Blame Contribute Delete
1.89 kB
import pytest
from app.agents.config_agent import ConfigAgent
from app.schemas import CodeChunk, Severity
def make_chunk(content: str, file_path: str = "config.py") -> CodeChunk:
return CodeChunk(
file_path=file_path,
language="Python",
line_start=1,
line_end=max(1, len(content.splitlines())),
content=content,
)
@pytest.mark.anyio
async def test_config_agent_detects_debug_mode():
output = await ConfigAgent().analyze([make_chunk("DEBUG = True")])
assert output.findings[0].title == "Debug mode enabled"
assert output.findings[0].severity == Severity.high
assert output.findings[0].category == "config"
assert output.findings[0].confidence is not None
@pytest.mark.anyio
async def test_config_agent_detects_wildcard_cors():
output = await ConfigAgent().analyze([make_chunk('allow_origins=["*"]')])
assert output.findings[0].title == "Wildcard CORS origin"
assert output.findings[0].severity == Severity.medium
@pytest.mark.anyio
async def test_config_agent_detects_disabled_tls_verification():
output = await ConfigAgent().analyze([make_chunk("session.verify = False")])
assert output.findings[0].title == "TLS verification disabled in configuration"
assert output.findings[0].severity == Severity.high
@pytest.mark.anyio
async def test_config_agent_detects_weak_default_secret():
output = await ConfigAgent().analyze([make_chunk("SECRET_KEY = 'django-insecure-demo'")])
assert output.findings[0].title == "Weak default secret configured"
assert output.findings[0].severity == Severity.high
@pytest.mark.anyio
async def test_config_agent_returns_empty_output_for_clean_config():
output = await ConfigAgent().analyze([make_chunk("DEBUG = env.bool('DEBUG', default=False)")])
assert output.findings == []
assert output.metadata["mode"] == "static-rules"