From 34d275cf8798e2e7e541c4d4d9b15a9b9f6ae366 Mon Sep 17 00:00:00 2001 From: Peter Steinberger Date: Sat, 9 May 2026 22:59:57 +0100 Subject: [PATCH] test: tighten security audit finding assertions --- src/security/audit-gateway-http-auth.test.ts | 9 ++++++--- src/security/audit-summary.test.ts | 5 ++--- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/src/security/audit-gateway-http-auth.test.ts b/src/security/audit-gateway-http-auth.test.ts index 3388743fcdb..361b347b941 100644 --- a/src/security/audit-gateway-http-auth.test.ts +++ b/src/security/audit-gateway-http-auth.test.ts @@ -5,7 +5,10 @@ import { collectGatewayHttpSessionKeyOverrideFindings, } from "./audit-extra.sync.js"; -function requireFinding(findings: Array<{ checkId: string; detail: string }>, checkId: string) { +function requireFinding( + findings: Array<{ checkId: string; detail: string; severity?: string }>, + checkId: string, +) { const finding = findings.find((entry) => entry.checkId === checkId); if (!finding) { throw new Error(`Expected ${checkId} finding`); @@ -81,9 +84,9 @@ describe("security audit gateway HTTP auth findings", () => { ]; if (expectedFinding) { - expect(findings).toEqual(expect.arrayContaining([expect.objectContaining(expectedFinding)])); + const finding = requireFinding(findings, expectedFinding.checkId); + expect(finding.severity).toBe(expectedFinding.severity); if (detailIncludes) { - const finding = requireFinding(findings, expectedFinding.checkId); for (const text of detailIncludes) { expect(finding.detail, `${expectedFinding.checkId}:${text}`).toContain(text); } diff --git a/src/security/audit-summary.test.ts b/src/security/audit-summary.test.ts index ce65f6ad3bf..9091c99816d 100644 --- a/src/security/audit-summary.test.ts +++ b/src/security/audit-summary.test.ts @@ -6,12 +6,11 @@ function requireAttackSurfaceSummary( findings: ReturnType, ) { const summary = findings.find((f) => f.checkId === "summary.attack_surface"); - expect(summary).toEqual( - expect.objectContaining({ checkId: "summary.attack_surface", severity: "info" }), - ); if (!summary) { throw new Error("Expected attack surface summary finding"); } + expect(summary.checkId).toBe("summary.attack_surface"); + expect(summary.severity).toBe("info"); return summary; }