Coverage for tests / unit / parsers / gitleaks_parser / test_valid_output.py: 100%

28 statements  

« prev     ^ index     » next       coverage.py v7.13.0, created at 2026-04-03 18:53 +0000

1"""Unit tests for parsing valid gitleaks output.""" 

2 

3from __future__ import annotations 

4 

5import json 

6 

7from assertpy import assert_that 

8 

9from lintro.parsers.gitleaks.gitleaks_parser import parse_gitleaks_output 

10 

11 

12def test_parse_gitleaks_valid_output() -> None: 

13 """Parse a representative Gitleaks JSON result and validate fields.""" 

14 sample_output = json.dumps( 

15 [ 

16 { 

17 "Description": "AWS Access Key", 

18 "StartLine": 10, 

19 "EndLine": 10, 

20 "StartColumn": 15, 

21 "EndColumn": 35, 

22 "Match": "AKIAIOSFODNN7EXAMPLE", 

23 "Secret": "AKIAIOSFODNN7EXAMPLE", 

24 "File": "config.py", 

25 "SymlinkFile": "", 

26 "Commit": "", 

27 "Entropy": 3.5, 

28 "Author": "", 

29 "Email": "", 

30 "Date": "", 

31 "Message": "", 

32 "Tags": ["key", "AWS"], 

33 "RuleID": "aws-access-key-id", 

34 "Fingerprint": "config.py:aws-access-key-id:10", 

35 }, 

36 ], 

37 ) 

38 

39 issues = parse_gitleaks_output(output=sample_output) 

40 

41 assert_that(len(issues)).is_equal_to(1) 

42 issue = issues[0] 

43 assert_that(issue.file).is_equal_to("config.py") 

44 assert_that(issue.line).is_equal_to(10) 

45 assert_that(issue.column).is_equal_to(15) 

46 assert_that(issue.end_line).is_equal_to(10) 

47 assert_that(issue.end_column).is_equal_to(35) 

48 assert_that(issue.rule_id).is_equal_to("aws-access-key-id") 

49 assert_that(issue.description).is_equal_to("AWS Access Key") 

50 assert_that(issue.secret).is_equal_to("AKIAIOSFODNN7EXAMPLE") 

51 assert_that(issue.entropy).is_equal_to(3.5) 

52 assert_that(issue.tags).is_equal_to(["key", "AWS"]) 

53 assert_that(issue.fingerprint).is_equal_to("config.py:aws-access-key-id:10") 

54 

55 

56def test_parse_gitleaks_multiple_findings() -> None: 

57 """Parser should handle multiple findings.""" 

58 sample_output = json.dumps( 

59 [ 

60 { 

61 "Description": "AWS Access Key", 

62 "StartLine": 5, 

63 "EndLine": 5, 

64 "StartColumn": 1, 

65 "EndColumn": 20, 

66 "File": "a.py", 

67 "RuleID": "aws-access-key-id", 

68 "Fingerprint": "a.py:aws-access-key-id:5", 

69 }, 

70 { 

71 "Description": "GitHub Token", 

72 "StartLine": 10, 

73 "EndLine": 10, 

74 "StartColumn": 1, 

75 "EndColumn": 40, 

76 "File": "b.py", 

77 "RuleID": "github-pat", 

78 "Fingerprint": "b.py:github-pat:10", 

79 }, 

80 ], 

81 ) 

82 

83 issues = parse_gitleaks_output(output=sample_output) 

84 

85 assert_that(len(issues)).is_equal_to(2) 

86 assert_that(issues[0].file).is_equal_to("a.py") 

87 assert_that(issues[0].rule_id).is_equal_to("aws-access-key-id") 

88 assert_that(issues[1].file).is_equal_to("b.py") 

89 assert_that(issues[1].rule_id).is_equal_to("github-pat")