[Repo Assist] test: expand TokenSanitizer coverage + refactor ExecApprovalPolicy.Save()#263
Draft
github-actions[bot] wants to merge 1 commit intomasterfrom
Conversation
…cyData() Task 9 — Testing Improvements: - Expanded TokenSanitizerTests.cs from 3 to 24 tests - Added null/empty input tests - Added case/spacing variants for Authorization: Bearer - Added theory tests for all JSON secret keywords (token, secret, bearer, authorization, access_token, client_secret, etc.) - Added edge cases: token at start/end, short tokens (<43) not redacted, 44-char tokens not redacted, multiple tokens in one string - Added combination test (Bearer header + JSON secret in same string) - Added "no secrets" passthrough test Task 5 — Coding Improvements: - ExecApprovalPolicy.Save() was duplicating the ExecPolicyData construction already done in GetPolicyData(), and was sharing the mutable _rules list reference rather than snapshotting it. Simplified to call GetPolicyData() which uses _rules.ToList() internally. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
github-actions
Bot
added
automation
documentation
10 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🤖 This is an automated pull request from Repo Assist.
Summary
Two improvements in one small PR:
Task 9 — Testing Improvements:
TokenSanitizerTests.csTokenSanitizeris a security-critical utility that redacts bearer tokens, JSON secret fields, and bare base64-url tokens from log output. It previously had only 3 tests covering the basic happy paths. This PR expands coverage to 24 tests.New tests added:
nulland empty input → returns""without throwingAuthorization: Bearertoken,secret,bearer,authorization,access_token,client_secret,BEARER_TOKEN, ...)Task 5 — Coding Improvements:
ExecApprovalPolicy.Save()Save()was constructingExecPolicyDataby hand, duplicating the logic already inGetPolicyData(), and sharing the mutable_ruleslist reference directly instead of snapshotting it. The fix is one line:GetPolicyData()already calls_rules.ToList()internally, so this also eliminates the shared-reference issue.Test Status
OpenClaw.Shared.TestsOpenClaw.Tray.TestsPre-existing failures (
CanvasCapabilityTests.A2UIPush_*) are unrelated to this change and not present on Linux CI.