From 269e44da41f9feed32214bbab6fc16ec88fffd85 Mon Sep 17 00:00:00 2001 From: Claude Date: Wed, 18 Feb 2026 06:18:28 +0000 Subject: Increase test coverage across lowest-coverage packages Major coverage improvements: - safehttp: 46.7% -> 93.3% (SafeDialer, redirect checking, SSRF protection) - api: 81.8% -> 96.4% (HandleImport 0% -> 100%, stream errors, content types) - importer: 85.3% -> 94.7% (ImportFeeds dispatcher, OPML nesting, edge cases) - cmd/neko: 77.1% -> 85.4% (purge, secure-cookies, minutes, allow-local flags) New tests added: - Security regression tests (CSRF token uniqueness, mismatch rejection, auth cookie HttpOnly, security headers, API auth requirements) - Stress tests for concurrent mixed operations and rapid state toggling - SSRF protection tests for SafeDialer hostname resolution and redirect paths https://claude.ai/code/session_01XUBh32rHpbYue1JYXSH64Q --- cmd/neko/main_test.go | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) (limited to 'cmd') diff --git a/cmd/neko/main_test.go b/cmd/neko/main_test.go index b03d6c8..4403e5b 100644 --- a/cmd/neko/main_test.go +++ b/cmd/neko/main_test.go @@ -122,3 +122,57 @@ func TestRunNoArgs(t *testing.T) { t.Errorf("Run with no args failed: %v", err) } } + +func TestRunPurge(t *testing.T) { + dbPath := filepath.Join(t.TempDir(), "test_purge.db") + err := Run([]string{"-d", dbPath, "-purge", "30"}) + if err != nil { + t.Errorf("Run -purge should succeed, got %v", err) + } +} + +func TestRunPurgeUnread(t *testing.T) { + dbPath := filepath.Join(t.TempDir(), "test_purge_unread.db") + err := Run([]string{"-d", dbPath, "-purge", "30", "-purge-unread"}) + if err != nil { + t.Errorf("Run -purge -purge-unread should succeed, got %v", err) + } +} + +func TestRunSecureCookies(t *testing.T) { + dbPath := filepath.Join(t.TempDir(), "test_secure.db") + config.Config.Port = -1 + err := Run([]string{"-d", dbPath, "-secure-cookies"}) + if err != nil { + t.Errorf("Run -secure-cookies should succeed, got %v", err) + } + if !config.Config.SecureCookies { + t.Error("Expected SecureCookies to be true") + } +} + +func TestRunMinutesFlag(t *testing.T) { + dbPath := filepath.Join(t.TempDir(), "test_minutes.db") + config.Config.Port = -1 + err := Run([]string{"-d", dbPath, "-m", "30"}) + if err != nil { + t.Errorf("Run -m 30 should succeed, got %v", err) + } + if config.Config.CrawlMinutes != 30 { + t.Errorf("Expected CrawlMinutes=30, got %d", config.Config.CrawlMinutes) + } +} + +func TestRunAllowLocal(t *testing.T) { + dbPath := filepath.Join(t.TempDir(), "test_local.db") + config.Config.Port = -1 + err := Run([]string{"-d", dbPath, "-allow-local"}) + if err != nil { + t.Errorf("Run -allow-local should succeed, got %v", err) + } +} + +func TestBackgroundCrawlNegative(_ *testing.T) { + // Negative minutes should return immediately + backgroundCrawl(-1) +} -- cgit v1.2.3