[Coverage Report] Test Coverage Report — 2026-06-01 #4127
Replies: 5 comments
-
|
🔮 The ancient spirits stir, and the smoke test agent has passed through. The omens are clear: GitHub was reached, the file was written, and the build yet remains. Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "registry.npmjs.org"See Network Configuration for more information.
|
Beta Was this translation helpful? Give feedback.
-
|
🔮 The ancient spirits stir, and the smoke test agent has passed through this discussion. Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "registry.npmjs.org"See Network Configuration for more information.
|
Beta Was this translation helpful? Give feedback.
-
|
🔮 The ancient spirits stir; the smoke test agent was here.\nThe oracle saw a valid discussion number and left this sign. Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "registry.npmjs.org"See Network Configuration for more information.
|
Beta Was this translation helpful? Give feedback.
-
|
🔮 The ancient spirits stir, and the smoke test agent has passed through this discussion in quiet observation. Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "registry.npmjs.org"See Network Configuration for more information.
|
Beta Was this translation helpful? Give feedback.
-
|
This discussion was automatically closed because it expired on 2026-06-08T15:35:02.847Z.
|
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
📊 Overall Coverage
Overall health is strong across 142 source files and 95 test files.
🔴 Critical Gaps (< 50% statement coverage)
None — all files are above 50%.
🟡 Low Coverage (50–79% statement coverage)
src/commands/validators/network-options.ts🛡️ Security-Critical Path Status
src/host-iptables.tssrc/squid-config.tssrc/docker-manager.tssrc/domain-patterns.tssrc/cli.tsAll primary security-critical files (
host-iptables.ts,squid-config.ts,docker-manager.ts) are at 100% coverage. The security enforcement core is very well tested.📋 Notable Findings
1.
src/commands/validators/network-options.ts— 66.7% stmt / 50% branchOnly 14 of 21 statements covered, 5 of 10 branches hit. This validator likely handles edge cases in
--dns-servers,--allow-domains, or upstream-proxy option parsing that aren't tested. Missing branches could mean unchecked invalid-input paths.2.
src/cli.ts— 85.7% stmt / 50% branchOne of two branches uncovered in the 7-statement entry-point module. Given
cli.tsis the main orchestration entry point, the missing branch likely guards an error/fallback condition (e.g., unhandled rejection or top-level try/catch) that isn't triggered in tests.3.
src/cli-options.ts— 93% stmt / 60% branch / 25% functionsOnly 1 of 4 functions is covered, and 6 of 15 branches are missed. This file defines CLI option schemas — the 3 uncovered functions are likely option-builder helpers that are registered but never exercised in the current test suite.
4.
src/services/agent-volumes/etc-mounts.ts— 82.5% stmt / 67.8% branchHigh-security file that controls which
/etcfiles are bind-mounted into the agent container. ~17% uncovered statements means some mount combinations (e.g., edge-case host platform paths) are untested.📈 Recommendations
High: Cover missing branches in
src/commands/validators/network-options.ts— add tests for invalid DNS server formats, malformed domain names, and conflicting option combinations. The 50% branch coverage here is a risk for security-enforcing validation logic.Medium: Add tests for the 3 uncovered functions in
src/cli-options.tsand the untested branch insrc/cli.ts. These are entry-point code paths — covering them ensures the CLI won't silently fail in edge conditions.Medium: Improve
src/services/agent-volumes/etc-mounts.tsbranch coverage (67.8% → 85%+). This controls the/etcfile exposure surface — untested branches could hide cases where unexpected files are mounted.Low: Cover remaining branches in
src/squid/config-sections.ts(82.8% branch) andsrc/logs/audit-enricher.ts(74.1% branch) for completeness.Generated by test-coverage-reporter workflow. Trigger:
push· Run ID: 26764724831Beta Was this translation helpful? Give feedback.
All reactions