test: format test suite

2026-06-16 18:56:02 +00:00 · 2026-06-16 11:13:05 +08:00
parent 1ae5aacc00
commit ff0c5a6f0a
92 changed files with 1658 additions and 1713 deletions
--- a/tests/test_cwe94_debug_exec.py
+++ b/tests/test_cwe94_debug_exec.py
@@ -15,22 +15,12 @@ import pathlib
 # Resolve project root (one level up from tests/)
 _PROJECT_ROOT = pathlib.Path(__file__).resolve().parent.parent

-VULN_FILE = (
-    _PROJECT_ROOT
-    / "src"
-    / "langbot"
-    / "pkg"
-    / "api"
-    / "http"
-    / "controller"
-    / "groups"
-    / "system.py"
-)
+VULN_FILE = _PROJECT_ROOT / 'src' / 'langbot' / 'pkg' / 'api' / 'http' / 'controller' / 'groups' / 'system.py'


 def test_no_exec_call_in_system_controller():
    """Verify there is no exec() call in system.py that takes user input."""
-    with open(VULN_FILE, "r") as f:
+    with open(VULN_FILE, 'r') as f:
        source = f.read()

    tree = ast.parse(source)
@@ -40,27 +30,26 @@ def test_no_exec_call_in_system_controller():
        if isinstance(node, ast.Call):
            func = node.func
            # Match bare exec() call
-            if isinstance(func, ast.Name) and func.id == "exec":
+            if isinstance(func, ast.Name) and func.id == 'exec':
                exec_calls.append(node.lineno)

    assert len(exec_calls) == 0, (
-        f"Found exec() call(s) at line(s) {exec_calls} in system.py. "
-        "User-supplied code must never be passed to exec()."
+        f'Found exec() call(s) at line(s) {exec_calls} in system.py. User-supplied code must never be passed to exec().'
    )


 def test_no_debug_exec_route():
    """Verify the /debug/exec route is not registered."""
-    with open(VULN_FILE, "r") as f:
+    with open(VULN_FILE, 'r') as f:
        source = f.read()

-    assert "debug/exec" not in source, (
-        "The /debug/exec route still exists in system.py. "
-        "This endpoint allows arbitrary code execution and must be removed."
+    assert 'debug/exec' not in source, (
+        'The /debug/exec route still exists in system.py. '
+        'This endpoint allows arbitrary code execution and must be removed.'
    )


-if __name__ == "__main__":
+if __name__ == '__main__':
    test_no_exec_call_in_system_controller()
    test_no_debug_exec_route()
-    print("All tests passed!")
+    print('All tests passed!')