Test that ALL rule descriptions are empty for GitHub integration.
()
| 494 | |
| 495 | |
| 496 | def test_sarif_generic_descriptions(): |
| 497 | """Test that ALL rule descriptions are empty for GitHub integration.""" |
| 498 | sarif = run_sarif_check(TEST_CODE) |
| 499 | |
| 500 | run = sarif["runs"][0] |
| 501 | driver = run["tool"]["driver"] |
| 502 | rules = driver["rules"] |
| 503 | |
| 504 | assert len(rules) > 0, "Should have at least one rule" |
| 505 | |
| 506 | # Verify that ALL rule descriptions are empty so GitHub uses instance-specific messages |
| 507 | for rule in rules: |
| 508 | rule_id = rule["id"] |
| 509 | |
| 510 | # All rules must have these fields |
| 511 | assert "name" in rule, f"Rule {rule_id} missing 'name'" |
| 512 | assert "shortDescription" in rule, f"Rule {rule_id} missing 'shortDescription'" |
| 513 | assert "fullDescription" in rule, f"Rule {rule_id} missing 'fullDescription'" |
| 514 | |
| 515 | # The key test: ALL descriptions should be empty |
| 516 | assert ( |
| 517 | rule["name"] == "" |
| 518 | ), f"Rule {rule_id} name should be empty, got: {rule['name']}" |
| 519 | assert ( |
| 520 | rule["shortDescription"]["text"] == "" |
| 521 | ), f"Rule {rule_id} shortDescription should be empty, got: {rule['shortDescription']['text']}" |
| 522 | assert ( |
| 523 | rule["fullDescription"]["text"] == "" |
| 524 | ), f"Rule {rule_id} fullDescription should be empty, got: {rule['fullDescription']['text']}" |
| 525 | |
| 526 | |
| 527 | def test_sarif_security_rules_classification(): |
nothing calls this directly
no test coverage detected