Hiddenden/AegisGitea-MCP
3
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2f9750dcce18f7db864e2d20512e260a1df81e90
AegisGitea-MCP/tests/test_security.py

27 lines
948 B
Python
Raw Blame History

"""Tests for secret detection and sanitization helpers."""
from aegis_gitea_mcp.security import detect_secrets, sanitize_data
def test_detect_secrets_api_key_pattern() -> None:
"""Secret detector should identify common token formats."""
findings = detect_secrets("token=sk-test12345678901234567890")
assert findings
def test_sanitize_data_mask_mode() -> None:
"""Mask mode should preserve structure while redacting values."""
payload = {"content": "api_key=AKIA1234567890ABCDEF"}
sanitized = sanitize_data(payload, mode="mask")
assert sanitized["content"] != payload["content"]
assert "AKIA" in sanitized["content"]
def test_sanitize_data_block_mode() -> None:
"""Block mode should replace secret-bearing fields entirely."""
payload = {"nested": ["Bearer eyJhbGciOiJIUzI1NiJ9.abcd.efgh"]}
sanitized = sanitize_data(payload, mode="block")
assert sanitized["nested"][0] == "[REDACTED_SECRET]"
Reference in New Issue View Git Blame Copy Permalink