johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: skip /etc/passwd check on Windows in security test (#363)

Browse Source 
Fixes #362

The test TestCleanupMergeArtifacts_CommandInjectionPrevention was failing on Windows because it checks for /etc/passwd, which is a Unix-specific file that doesn't exist on Windows.

Added runtime.GOOS check to skip the /etc/passwd verification on Windows while maintaining the security check on Unix systems.
This commit is contained in:
cerebustech-dev
2025-11-23 00:49:29 +00:00
committed by GitHub
parent 599c40c703
commit 3aeca3413a
1 changed files with 14 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
cmd/bd/merge_security_test.go
View File

@@ -3,6 +3,7 @@ package main
import (
"os"
"path/filepath"
"runtime"
"testing"
)
@@ -110,8 +111,11 @@ func TestCleanupMergeArtifacts_CommandInjectionPrevention(t *testing.T) {
// exec.Command safely handled the filename.
// Verify that sensitive paths are NOT affected
if _, err := os.Stat("/etc/passwd"); err != nil {
t.Errorf("Command injection may have occurred - /etc/passwd missing")
// Note: /etc/passwd only exists on Unix systems, so skip this check on Windows
if runtime.GOOS != "windows" {
if _, err := os.Stat("/etc/passwd"); err != nil {
t.Errorf("Command injection may have occurred - /etc/passwd missing")
}
}
})
}
@@ -129,14 +133,14 @@ func TestCleanupMergeArtifacts_OnlyBackupFiles(t *testing.T) {
// Create various files
files := map[string]bool{
"issues.jsonl": false, // Should NOT be removed
"beads.db": false, // Should NOT be removed
"backup.jsonl": true, // Should be removed
"issues.jsonl.backup": true, // Should be removed
"BACKUP_FILE": true, // Should be removed (case-insensitive)
"my_backup_2024.txt": true, // Should be removed
"important_data.jsonl": false, // Should NOT be removed
"issues.jsonl.bak": false, // Should NOT be removed (no "backup")
"issues.jsonl": false, // Should NOT be removed
"beads.db": false, // Should NOT be removed
"backup.jsonl": true, // Should be removed
"issues.jsonl.backup": true, // Should be removed
"BACKUP_FILE": true, // Should be removed (case-insensitive)
"my_backup_2024.txt": true, // Should be removed
"important_data.jsonl": false, // Should NOT be removed
"issues.jsonl.bak": false, // Should NOT be removed (no "backup")
}
for filename := range files {