Skip to content

test: add unit test coverage for attestation path validation#19

Open
corepacket wants to merge 2 commits intoSBOMit:masterfrom
corepacket:feature/validation-tests
Open

test: add unit test coverage for attestation path validation#19
corepacket wants to merge 2 commits intoSBOMit:masterfrom
corepacket:feature/validation-tests

Conversation

@corepacket
Copy link
Copy Markdown

@corepacket corepacket commented Apr 5, 2026
edited
Loading

Summary

Fixes #20
This PR adds unit test coverage for the attestation path validation logic introduced in #18.

In PR #18, we introduced a validation mechanism to detect unexpected files in attestations (e.g., .git directories and *.log files) and surface them as warnings without modifying the original data.

This PR builds on that work by adding tests to ensure the validation behaves correctly.

What’s Added

Unit Tests for matchesPattern

  • Covers detection of:
    • .git directories (including nested paths)
    • *.log files
  • Includes negative cases:
    • normal source files
    • documentation files
    • edge cases like empty paths and similar-looking paths (mygit/...)

Unit Tests for ValidatePath

  • Verifies that:
    • Suspicious paths correctly trigger warnings
    • Safe paths do not produce any warnings
  • Uses stderr capture to validate warning output behavior

Why This Change

Notes

  • Uses standard Go testing package (no additional dependencies)
  • Keeps tests isolated from implementation changes
  • Focuses on behavior validation rather than implementation details

@wbn453177-bit
refactor: redesign exclusion logic as attestation validation
747747f 
As requested during code review:

- The '--exclude' flag is entirely removed from the CLI interface.

- Pattern matching now utilizes 'doublestar' correctly across path boundaries.

- Instead of silently dropping files, anomalous files (e.g. '.git/', '*.log') generate a warning to stderr while preserving output integrity.

Signed-off-by: corepacket <wbn453177@gmail.com>
@wbn453177-bit
test: add unit tests for attestation path validation logic
789bf64 
Signed-off-by: corepacket <wbn453177@gmail.com>
@corepacket corepacket force-pushed the feature/validation-tests branch from 0808279 to 789bf64 Compare April 5, 2026 11:18
@corepacket corepacket mentioned this pull request Apr 5, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add unit tests for attestation path validation

2 participants

@corepacket @wbn453177-bit