Skip to content

e2e tests for full scans + full scans with reachability #156

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mtorp merged 3 commits into from
Feb 6, 2026
Merged

e2e tests for full scans + full scans with reachability #156

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b0c00be
e2e tests for full scans
mtorp Feb 5, 2026
d021137
e2e test for the reachability analysis
mtorp Feb 5, 2026
4f2be5c
add socket.yml to exclude fixtures
mtorp Feb 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
109 changes: 109 additions & 0 deletions .github/workflows/e2e-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
name: E2E Test

on:
push:
branches: [main]
pull_request:

jobs:
e2e-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
with:
fetch-depth: 0

- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3
with:
python-version: '3.12'

- name: Install CLI from local repo
run: |
python -m pip install --upgrade pip
pip install .

- name: Run Socket CLI scan
env:
SOCKET_SECURITY_API_KEY: ${{ secrets.SOCKET_CLI_API_TOKEN }}
run: |
set -o pipefail
socketcli \
--target-path tests/e2e/fixtures/simple-npm \
--disable-blocking \
--enable-debug \
2>&1 | tee /tmp/scan-output.log

- name: Verify scan produced a report
run: |
if grep -q "Full scan report URL: https://socket.dev/" /tmp/scan-output.log; then
echo "PASS: Full scan report URL found"
grep "Full scan report URL:" /tmp/scan-output.log
elif grep -q "Diff Url: https://socket.dev/" /tmp/scan-output.log; then
echo "PASS: Diff URL found"
grep "Diff Url:" /tmp/scan-output.log
else
echo "FAIL: No report URL found in scan output"
cat /tmp/scan-output.log
exit 1
fi

e2e-reachability:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
with:
fetch-depth: 0

- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3
with:
python-version: '3.12'

- uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af
with:
node-version: '20'

- name: Install CLI from local repo
run: |
python -m pip install --upgrade pip
pip install .

- name: Install uv
run: pip install uv

- name: Run Socket CLI with reachability
env:
SOCKET_SECURITY_API_KEY: ${{ secrets.SOCKET_CLI_API_TOKEN }}
run: |
set -o pipefail
socketcli \
--target-path tests/e2e/fixtures/simple-npm \
--reach \
--disable-blocking \
--enable-debug \
2>&1 | tee /tmp/reach-output.log

- name: Verify reachability analysis completed
run: |
if grep -q "Reachability analysis completed successfully" /tmp/reach-output.log; then
echo "PASS: Reachability analysis completed"
grep "Reachability analysis completed successfully" /tmp/reach-output.log
grep "Results written to:" /tmp/reach-output.log || true
else
echo "FAIL: Reachability analysis did not complete successfully"
cat /tmp/reach-output.log
exit 1
fi

- name: Verify scan produced a report
run: |
if grep -q "Full scan report URL: https://socket.dev/" /tmp/reach-output.log; then
echo "PASS: Full scan report URL found"
grep "Full scan report URL:" /tmp/reach-output.log
elif grep -q "Diff Url: https://socket.dev/" /tmp/reach-output.log; then
echo "PASS: Diff URL found"
grep "Diff Url:" /tmp/reach-output.log
else
echo "FAIL: No report URL found in scan output"
cat /tmp/reach-output.log
exit 1
fi
2 changes: 1 addition & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ build-backend = "hatchling.build"

[project]
name = "socketsecurity"
version = "2.2.71"
version = "2.2.72"
requires-python = ">= 3.10"
license = {"file" = "LICENSE"}
dependencies = [
Expand Down
4 changes: 4 additions & 0 deletions socket.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
version: 2

projectIgnorePaths:
- "tests/e2e/fixtures/"
2 changes: 1 addition & 1 deletion socketsecurity/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
__author__ = 'socket.dev'
__version__ = '2.2.71'
__version__ = '2.2.72'
USER_AGENT = f'SocketPythonCLI/{__version__}'
13 changes: 13 additions & 0 deletions tests/e2e/fixtures/simple-npm/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
const express = require('express')
const lodash = require('lodash')

const app = express()

app.get('/', (req, res) => {
const data = lodash.pick(req.query, ['name', 'age'])
res.json(data)
})

app.listen(3000, () => {
console.log(`Test fixture ${__filename} running on port 3000`)
})
15 changes: 15 additions & 0 deletions tests/e2e/fixtures/simple-npm/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
{
"name": "reach-test-fixture",
"version": "1.0.0",
"description": "Test fixture for reachability analysis",
"main": "index.js",
"dependencies": {
"lodash": "4.17.21",
"express": "4.18.2",
"axios": "1.4.0"
},
"devDependencies": {
"typescript": "5.0.4",
"jest": "29.5.0"
}
}
Loading