admin/gitea-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

fix(audit): correct findings from review round 1

Browse Source 
- client: add raise_for_status() in get_latest_release() for non-404 errors (FINDING-001)
- client: add timeout parameter (default 30s) passed to all session.get() calls (FINDING-004/SEC-002)
- cli: replace return with sys.exit(1) in all except blocks (FINDING-002)
- test_cli: remove duplicate test_exits_when_token_missing, assert GITEA_TOKEN in stderr (FINDING-006)
- test_cli: update connection error tests to expect SystemExit(1) after exit code fix
- test_cli: rework token masking test to inject token into exception message (FINDING-007)
- test_client: add test_raises_on_server_error for HTTP 500 path (FINDING-001)
- test_client: add tests for default and custom timeout values (FINDING-004)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
sylvain
2026-03-10 19:00:57 +01:00
parent e05578676f
commit 01f88a0eca
4 changed files with 74 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
tests/test_client.py
View File

@@ -19,6 +19,16 @@ class TestGiteaClientInit:
client = GiteaClient("http://gitea.local:3000/", "tok")
assert client.base_url == "http://gitea.local:3000"
def test_default_timeout_is_30(self):
"""Default timeout is 30 seconds."""
client = GiteaClient("http://gitea.local:3000", "tok")
assert client.timeout == 30
def test_custom_timeout_is_stored(self):
"""Custom timeout is stored and used."""
client = GiteaClient("http://gitea.local:3000", "tok", timeout=10)
assert client.timeout == 10
class TestGetPaginated:
"""Test internal pagination logic."""
@@ -117,6 +127,20 @@ class TestGetLatestRelease:
assert result is None
def test_raises_on_server_error(self):
"""HTTP 500 raises an exception instead of silently returning bad data."""
import pytest
import requests as req
client = GiteaClient("http://gitea.local:3000", "tok")
mock_resp = MagicMock()
mock_resp.status_code = 500
mock_resp.raise_for_status.side_effect = req.HTTPError("500 Server Error")
with patch.object(client.session, "get", return_value=mock_resp):
with pytest.raises(req.HTTPError):
client.get_latest_release("admin", "my-repo")
class TestGetMilestones:
"""Test get_milestones method."""