fix: resolve 5 SonarQube issues in credential-guard tests#67
fix: resolve 5 SonarQube issues in credential-guard tests#67sonarqube-agent[bot] wants to merge 1 commit into
Conversation
Fixed issues: - AZzYE2GUPf0LcAuwqQVL for typescript:S7772 rule - AZzYE2GUPf0LcAuwqQVM for typescript:S7772 rule - AZzYE2GUPf0LcAuwqQVP for typescript:S109 rule - AZzYE2GUPf0LcAuwqQVQ for typescript:S109 rule - AZzYE2GUPf0LcAuwqQVR for typescript:S109 rule Generated by SonarQube Agent (task: 1d1fc863-770e-4bdc-9664-339b51ae1284)
Summary
This PR fixes 5 SonarQube issues in the credential-guard test file:
All changes are confined to the test file with no modifications to production code. What reviewers should knowScope: Single file change ( What to verify:
Testing: These are test-only changes with no impact on runtime behavior. Existing tests will continue to validate the same permission assertions; they're just more readable now.
|
|
|
![sonar-review-alpha[bot]](https://avatars.githubusercontent.com/in/3025063?s=60&v=4){kind=small}
There was a problem hiding this comment.
LGTM! ✅
Clean change with no issues found. The permission constants (AWS_DIR_PERMISSIONS = 0o700, AWS_FILE_PERMISSIONS = 0o600) correctly match the values used in the production source (src/credential-guard-post.ts, src/credential-setup.ts), so the tests remain accurate.
1 participant
This change fixes magic number warnings by introducing named constants for file permissions (AWS_DIR_PERMISSIONS and AWS_FILE_PERMISSIONS) and updates Node.js built-in module imports to use the node: protocol prefix. These improvements enhance code maintainability and follow current Node.js best practices.
View Project in SonarCloud
Fixed Issues
typescript:S109 - No magic number: 0o700. • MAJOR • View issue
Location:
__tests__/credential-guard.test.ts:142Why is this an issue?
Magic numbers make the code more complex to understand as it requires the reader to have knowledge about the global context to understand the number itself. Their usage may seem obvious when writing the code, but it may not be the case for another developer or later once the context faded away. -1, 0, and 1 are not considered magic numbers.
What changed
This hunk introduces named constants
AWS_DIR_PERMISSIONS = 0o700andAWS_FILE_PERMISSIONS = 0o600at the top of the file. By assigning these octal permission values to well-named constants, the magic numbers0o700and0o600that were previously used inline in test assertions are replaced with meaningful identifiers. This resolves the magic number warnings for all three occurrences (0o700 on the directory permission check, and 0o600 on both file permission checks).typescript:S109 - No magic number: 0o600. • MAJOR • View issue
Location:
__tests__/credential-guard.test.ts:146Why is this an issue?
Magic numbers make the code more complex to understand as it requires the reader to have knowledge about the global context to understand the number itself. Their usage may seem obvious when writing the code, but it may not be the case for another developer or later once the context faded away. -1, 0, and 1 are not considered magic numbers.
What changed
This hunk introduces named constants
AWS_DIR_PERMISSIONS = 0o700andAWS_FILE_PERMISSIONS = 0o600at the top of the file. By assigning these octal permission values to well-named constants, the magic numbers0o700and0o600that were previously used inline in test assertions are replaced with meaningful identifiers. This resolves the magic number warnings for all three occurrences (0o700 on the directory permission check, and 0o600 on both file permission checks).typescript:S109 - No magic number: 0o600. • MAJOR • View issue
Location:
__tests__/credential-guard.test.ts:178Why is this an issue?
Magic numbers make the code more complex to understand as it requires the reader to have knowledge about the global context to understand the number itself. Their usage may seem obvious when writing the code, but it may not be the case for another developer or later once the context faded away. -1, 0, and 1 are not considered magic numbers.
What changed
This hunk introduces named constants
AWS_DIR_PERMISSIONS = 0o700andAWS_FILE_PERMISSIONS = 0o600at the top of the file. By assigning these octal permission values to well-named constants, the magic numbers0o700and0o600that were previously used inline in test assertions are replaced with meaningful identifiers. This resolves the magic number warnings for all three occurrences (0o700 on the directory permission check, and 0o600 on both file permission checks).typescript:S7772 - Prefer `node:path` over `path`. • MINOR • View issue
Location:
__tests__/credential-guard.test.ts:3Why is this an issue?
When importing Node.js built-in modules, using the
node:protocol makes it explicitly clear that you’re importing a core Node.js module rather than a third-party package from npm.What changed
This hunk changes the imports of Node.js built-in modules
pathandos(and alsofs/promises) to use thenode:protocol prefix. Specifically,'path'becomes'node:path'and'os'becomes'node:os', which resolves the static analysis warnings about preferring thenode:protocol for built-in module imports. This makes it explicitly clear these are core Node.js modules rather than potentially third-party npm packages.typescript:S7772 - Prefer `node:os` over `os`. • MINOR • View issue
Location:
__tests__/credential-guard.test.ts:4Why is this an issue?
When importing Node.js built-in modules, using the
node:protocol makes it explicitly clear that you’re importing a core Node.js module rather than a third-party package from npm.What changed
This hunk changes the imports of Node.js built-in modules
pathandos(and alsofs/promises) to use thenode:protocol prefix. Specifically,'path'becomes'node:path'and'os'becomes'node:os', which resolves the static analysis warnings about preferring thenode:protocol for built-in module imports. This makes it explicitly clear these are core Node.js modules rather than potentially third-party npm packages.SonarQube Remediation Agent uses AI. Check for mistakes.