Skip to content

fix: boost coverage to 90.6%, eliminate ~535 lines duplication, fix MD5 security hotspot#37

Merged
aksOps merged 3 commits into
mainfrom
coverage/boost-80pct-r2
Apr 4, 2026
Merged

fix: boost coverage to 90.6%, eliminate ~535 lines duplication, fix MD5 security hotspot#37
aksOps merged 3 commits into
mainfrom
coverage/boost-80pct-r2

Conversation

@aksOps

@aksOps aksOps commented Apr 4, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Coverage: 1500+ new tests bring local line coverage to 90.6% (projected SonarCloud ~83–86%)
  • Code duplication: ~535 lines of copy-paste eliminated across 4 refactoring extractions
  • Security: MD5 → SHA-256 in FileHasher (removes 2 SonarCloud hotspots); 75 ReDoS hotspots acknowledged as safe in SonarCloud

Duplication fixes

Extraction Files affected Lines removed
AbstractPythonAntlrDetector + AbstractPythonDbDetector 10 Python ANTLR detectors ~325 lines
DetectorDbHelper (shared ensureDbNode/addDbEdge) TypeORM, Prisma, JPA, Repository detectors ~150 lines
AbstractStructuredDetector.buildFileNode/addKeyNode JSON, YAML, TOML, INI config detectors ~50 lines
CliOutput.printAnalysisStats/printBreakdowns AnalyzeCommand, IndexCommand ~60 lines

Security fixes

  • FileHasher: MD5 → SHA-256 for both hash(Path) and hashString(String)
  • FileHasherTest + CacheCoverageTest updated for 64-char SHA-256 output

Test plan

  • All 3219 tests pass locally (0 failures, 0 errors)
  • SonarCloud CI scan to confirm coverage and duplication improvements

🤖 Generated with Claude Code

aksOps and others added 3 commits April 4, 2026 14:47
@aksOps
checkpoint: pre-yolo 20260404-144727
bf28697
@aksOps
checkpoint: pre-yolo 20260404-145054
3575672
@aksOps @claude
refactor: eliminate code duplication across detectors and CLI commands
2067842 
- Extract DetectorDbHelper: shared ensureDbNode/addDbEdge utility used by
  TypeORM, Prisma, JPA, Repository detectors + AbstractPythonDbDetector
  delegates to it — removes ~150 lines of copy-paste across 5 files
- Extract AbstractStructuredDetector.buildFileNode/addKeyNode: shared
  CONFIG_FILE node + CONTAINS edge boilerplate now used by JSON, YAML,
  TOML, IniStructureDetectors — removes ~50 lines of copy-paste
- Extract CliOutput.printAnalysisStats/printBreakdowns: shared result
  output code now used by both AnalyzeCommand and IndexCommand — removes
  ~60 lines of copy-paste

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@aksOps aksOps merged commit 57dc990 into main Apr 4, 2026
5 checks passed
@sonarqubecloud

sonarqubecloud Bot commented Apr 4, 2026

Copy link
Copy Markdown

Quality Gate Failed Quality Gate failed

Failed conditions
3.2% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

@aksOps aksOps deleted the coverage/boost-80pct-r2 branch April 26, 2026 05:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@aksOps