From 3aeca3413a654ef7fa72472ad18a16cea6de1357 Mon Sep 17 00:00:00 2001 From: cerebustech-dev Date: Sun, 23 Nov 2025 00:49:29 +0000 Subject: [PATCH] fix: skip /etc/passwd check on Windows in security test (#363) Fixes #362 The test TestCleanupMergeArtifacts_CommandInjectionPrevention was failing on Windows because it checks for /etc/passwd, which is a Unix-specific file that doesn't exist on Windows. Added runtime.GOOS check to skip the /etc/passwd verification on Windows while maintaining the security check on Unix systems. --- cmd/bd/merge_security_test.go | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/cmd/bd/merge_security_test.go b/cmd/bd/merge_security_test.go index 5cd429c1..cdae9ff1 100644 --- a/cmd/bd/merge_security_test.go +++ b/cmd/bd/merge_security_test.go @@ -3,6 +3,7 @@ package main import ( "os" "path/filepath" + "runtime" "testing" ) @@ -110,8 +111,11 @@ func TestCleanupMergeArtifacts_CommandInjectionPrevention(t *testing.T) { // exec.Command safely handled the filename. // Verify that sensitive paths are NOT affected - if _, err := os.Stat("/etc/passwd"); err != nil { - t.Errorf("Command injection may have occurred - /etc/passwd missing") + // Note: /etc/passwd only exists on Unix systems, so skip this check on Windows + if runtime.GOOS != "windows" { + if _, err := os.Stat("/etc/passwd"); err != nil { + t.Errorf("Command injection may have occurred - /etc/passwd missing") + } } }) } @@ -129,14 +133,14 @@ func TestCleanupMergeArtifacts_OnlyBackupFiles(t *testing.T) { // Create various files files := map[string]bool{ - "issues.jsonl": false, // Should NOT be removed - "beads.db": false, // Should NOT be removed - "backup.jsonl": true, // Should be removed - "issues.jsonl.backup": true, // Should be removed - "BACKUP_FILE": true, // Should be removed (case-insensitive) - "my_backup_2024.txt": true, // Should be removed - "important_data.jsonl": false, // Should NOT be removed - "issues.jsonl.bak": false, // Should NOT be removed (no "backup") + "issues.jsonl": false, // Should NOT be removed + "beads.db": false, // Should NOT be removed + "backup.jsonl": true, // Should be removed + "issues.jsonl.backup": true, // Should be removed + "BACKUP_FILE": true, // Should be removed (case-insensitive) + "my_backup_2024.txt": true, // Should be removed + "important_data.jsonl": false, // Should NOT be removed + "issues.jsonl.bak": false, // Should NOT be removed (no "backup") } for filename := range files {