milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add e2e tests

Browse source
This commit is contained in:
Sander Declerck 2025-07-18 12:28:33 +02:00
parent fdef99931e
commit c00abfb054
No known key found for this signature in database
8 changed files with 555 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

66
e2e/aikido-pnpx.e2e.spec.js Normal file
View file

@ -0,0 +1,66 @@
import { describe, it, beforeEach, afterEach } from 'node:test';
import { strict as assert } from 'node:assert';
import { createTempDir, cleanupTempDir, runAikidoCommand, isPackageManagerAvailable } from './test-helpers.js';
describe('aikido-pnpx e2e tests', () => {
let tempDir;
beforeEach(async () => {
tempDir = await createTempDir();
});
afterEach(async () => {
await cleanupTempDir(tempDir);
});
it('should allow execution of legitimate package (cowsay)', async () => {
// Fail if pnpm is not available (pnpx comes with pnpm)
const pnpmAvailable = await isPackageManagerAvailable('pnpm');
assert.ok(pnpmAvailable, 'pnpm/pnpx is not available - check CI/CD configuration');
const result = await runAikidoCommand('aikido-pnpx', ['cowsay', '--help'], {
cwd: tempDir,
timeout: 10000
});
// Should not detect cowsay as malware, regardless of execution result
assert.ok(!result.stdout.includes('MALWARE'), 'Should not detect cowsay as malware');
assert.ok(!result.stderr.includes('MALWARE'), 'Should not detect cowsay as malware');
});
it('should block execution of malware package (eslint-js)', async () => {
// Fail if pnpm is not available (pnpx comes with pnpm)
const pnpmAvailable = await isPackageManagerAvailable('pnpm');
assert.ok(pnpmAvailable, 'pnpm/pnpx is not available - check CI/CD configuration');
const result = await runAikidoCommand('aikido-pnpx', ['eslint-js'], {
cwd: tempDir,
timeout: 10000
});
// Should fail (non-zero exit code) and show malware warning
assert.notEqual(result.code, 0, 'Should fail when trying to execute malware');
// Check that malware was detected
const output = result.stdout + result.stderr;
assert.ok(
output.includes('malware') || output.includes('MALWARE') || output.includes('blocked') || output.includes('dangerous') || output.includes('Malicious changes detected'),
`Should detect malware but got: ${output}`
);
});
it('should handle pnpx with version specifiers', async () => {
// Fail if pnpm is not available (pnpx comes with pnpm)
const pnpmAvailable = await isPackageManagerAvailable('pnpm');
assert.ok(pnpmAvailable, 'pnpm/pnpx is not available - check CI/CD configuration');
const result = await runAikidoCommand('aikido-pnpx', ['cowsay@1.0.0', '--help'], {
cwd: tempDir,
timeout: 10000
});
// Should not detect cowsay with version as malware
assert.ok(!result.stdout.includes('MALWARE'), 'Should not detect cowsay with version as malware');
assert.ok(!result.stderr.includes('MALWARE'), 'Should not detect cowsay with version as malware');
});
});