Skip to content

feat: implement AST-based taint analysis for JavaScript #45

feat: implement AST-based taint analysis for JavaScript

feat: implement AST-based taint analysis for JavaScript #45

Workflow file for this run

name: Test
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
jobs:
test:
runs-on: ${{ matrix.os }}
env:
PIP_DISABLE_PIP_VERSION_CHECK: 1
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']
steps:
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install package
run: |
python -m pip install --upgrade pip
pip install -e .
- name: Run Unit Tests
run: |
python -m unittest discover tests -v
- name: Test CLI command
run: |
privalyse --help
- name: Test scan on examples (Vulnerable App)
shell: bash
run: |
echo "🧪 Testing Vulnerable App (Expect Failure)..."
# We expect this to fail (exit code 1) because of low compliance score
# We use --format json to ensure we can verify the output later
if privalyse --root examples/bad-practice-app --out test_vulnerable.json --format json; then
echo "❌ Error: Vulnerable app scan unexpectedly passed (Exit Code 0)!"
exit 1
else
EXIT_CODE=$?
echo "✅ Vulnerable app scan failed as expected (Exit Code $EXIT_CODE)."
fi
- name: Test scan on examples (Secure App)
shell: bash
run: |
echo "🧪 Testing Secure App (Expect Success)..."
privalyse --root examples/best-practice-app --out test_secure.json --format json
- name: Verify scan results
run: |
test -f test_vulnerable.json
test -f test_secure.json
grep -q '"total_findings"' test_vulnerable.json