Skip to content

feat: add fixture sanitization linter for repository hygiene#3605

Open
hikali123456789 wants to merge 3 commits into
orchestration-agent:mainfrom
hikali123456789:fix/fixture-linting
Open

feat: add fixture sanitization linter for repository hygiene#3605
hikali123456789 wants to merge 3 commits into
orchestration-agent:mainfrom
hikali123456789:fix/fixture-linting

Conversation

@hikali123456789
Copy link
Copy Markdown

@hikali123456789 hikali123456789 commented May 24, 2026

Summary

Adds a fixture sanitization linter that scans test and source directories for prohibited patterns (API keys, real emails, tokens, IP addresses), preventing raw samples from accumulating in the repository.

Changes

  1. tests/fixture_lint.py - Fixture sanitization linter

    • Scans configurable paths for prohibited patterns
    • Detects: API keys, real emails, embedded credentials, IP addresses, AWS keys, GitHub tokens, Bearer tokens
    • Supports inline # fixture-lint: allow comments for false positive suppression
    • Safe email domains (test.com, example.com, fake.com, localhost) are excluded
    • Returns exit code for CI integration

  2. tests/test_fixture_lint.py - Comprehensive test suite

    • Tests for each prohibited pattern type
    • Tests clean vs dirty file detection
    • Tests allow-comment suppression
    • Tests safe email domain exclusion
    • Tests report generation

  3. Makefile - Added lint-fixture CI target

    • make lint-fixture runs the linter

Acceptance Criteria

  • Fixture linting runs in CI for data-related test paths
  • Existing fixtures are synthetic or documented as safe
  • New realistic samples are blocked unless sanitized and approved

Fixes #3570

@hikali123456789
feat: add fixture sanitization linter
eae0ec0 
- Scan test/src paths for prohibited patterns (API keys, emails, IPs, tokens)
- Configurable prohibited pattern list with descriptions
- Inline allow comments for false positive suppression
- Human-readable violation report
- Returns exit code for CI integration

Fixes orchestration-agent#3570
@hikali123456789
test: add fixture linter tests
81f1240 
- Test prohibited pattern detection (API keys, emails, IPs, tokens)
- Test clean files produce no violations
- Test dirty files are correctly flagged
- Test inline allow comment suppression
- Test safe email domains (test.com, example.com)
- Test report generation
@hikali123456789
ci: add lint-fixture target to Makefile
35a4eaa 
- Add 'make lint-fixture' command for CI integration
- Runs fixture sanitization linter across test/src paths
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[ Bounty $2k ] [ Data ] Remove raw samples from test fixtures — repository hygiene

1 participant

@hikali123456789