MCPcopy Create free account
hub / github.com/cppcheck-opensource/cppcheck / test_sarif_security_rules

Function test_sarif_security_rules

test/cli/sarif_test.py:191–223  ·  view source on GitHub ↗

Test that security-related rules have proper security properties.

()

Source from the content-addressed store, hash-verified

189
190
191def test_sarif_security_rules():
192 """Test that security-related rules have proper security properties."""
193 sarif = run_sarif_check(TEST_CODE)
194
195 run = sarif["runs"][0]
196 driver = run["tool"]["driver"]
197 rules = driver["rules"]
198
199 # Check for security-related rules
200 security_rule_ids = [
201 "nullPointer",
202 "arrayIndexOutOfBounds",
203 "memleak",
204 "uninitvar",
205 "doubleFree",
206 ]
207
208 for rule_id in security_rule_ids:
209 matching_rules = [r for r in rules if r["id"] == rule_id]
210 if matching_rules:
211 rule = matching_rules[0]
212 props = rule.get("properties", {})
213
214 # Security rules should have security-severity
215 if "tags" in props and "security" in props["tags"]:
216 assert "security-severity" in props
217 assert float(props["security-severity"]) > 0
218
219 # Should have problem.severity
220 assert "problem.severity" in props
221
222 # Should have precision
223 assert "precision" in props
224
225
226def test_sarif_rule_descriptions():

Callers

nothing calls this directly

Calls 2

run_sarif_checkFunction · 0.85
getMethod · 0.45

Tested by

no test coverage detected