apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-09 19:45:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

refactor(dynamic): integrate worker timeout handling, JSON response parsing with serde, and extend Pubsub emulator with streaming pull lifecycle handling

Browse source
This commit is contained in:
elipeter 2026-05-28 12:16:10 -05:00
parent c3a1550315
commit 3d710c856d
5 changed files with 506 additions and 133 deletions
Download patch file Download diff file Expand all files Collapse all files

38
tests/eval_corpus/report.py
View file

@ -113,6 +113,15 @@ def main() -> int:
default="",
help="path to a previous results.json; fail on monotonic-improvement regression",
)
p.add_argument(
"--min-confirmed-rate",
type=float,
default=None,
help=(
"minimum Confirmed / total rate per cap; exits 2 when any cap "
"with findings falls below the threshold"
),
)
args = p.parse_args()
with open(args.results) as f:
@ -229,6 +238,35 @@ def main() -> int:
else:
print(" All gate thresholds met.")
# ── Optional confirmed-rate floor ────────────────────────────────────
if args.min_confirmed_rate is not None:
print(
f"\n=== Confirmed-rate floor ({args.min_confirmed_rate*100:.1f}%) ==="
)
cap_totals: dict[str, dict] = defaultdict(lambda: {"confirmed": 0, "total": 0})
for (cap, _lang), v in agg.items():
cap_totals[cap]["confirmed"] += v.get("confirmed", 0)
cap_totals[cap]["total"] += v.get("total", 0)
confirmed_fails: list[str] = []
for cap, v in sorted(cap_totals.items()):
if v["total"] <= 0:
continue
rate = v["confirmed"] / v["total"]
line = (
f" {cap:<20} {v['confirmed']:>5}/{v['total']:<5} "
f"{rate*100:>6.1f}%"
)
if rate < args.min_confirmed_rate:
confirmed_fails.append(f"{line} FAIL")
else:
print(f"{line} OK")
if confirmed_fails:
for line in confirmed_fails:
print(line)
gate_failed = True
else:
print(" All confirmed-rate floors met.")
# ── Phase 29: monotonic-improvement diff ─────────────────────────────
if args.diff:
prev = load_previous_agg(args.diff)

41
tests/eval_corpus/test_tabulate_regression.py
View file

@ -25,6 +25,7 @@ from pathlib import Path
REPO = Path(__file__).resolve().parents[2]
TABULATE = REPO / "tests/eval_corpus/tabulate.py"
REPORT = REPO / "tests/eval_corpus/report.py"
BUDGET = REPO / "tests/eval_corpus/budget.toml"
@ -33,6 +34,11 @@ def run_tabulate(*args: str) -> subprocess.CompletedProcess:
return subprocess.run(cmd, capture_output=True, text=True)
def run_report(*args: str) -> subprocess.CompletedProcess:
cmd = [sys.executable, str(REPORT), *args]
return subprocess.run(cmd, capture_output=True, text=True)
def write_json(path: Path, data: object) -> None:
path.write_text(json.dumps(data, indent=2))
@ -307,6 +313,40 @@ def test_budget_malformed_exits_3(tmp: Path) -> None:
)
def test_report_confirmed_rate_floor(tmp: Path) -> None:
results = tmp / "results.json"
write_json(
results,
[
{
"label": "owasp",
"total_findings": 5,
"cells": [
{
"cap": "sqli",
"lang": "java",
"tp": 0,
"fp": 0,
"fn": 0,
"unsupported": 0,
"confirmed": 2,
"wrong_confirmed": 0,
"stable_replays": 0,
"total": 5,
}
],
}
],
)
proc = run_report("--results", str(results), "--min-confirmed-rate", "0.40")
assert proc.returncode == 0, proc.stdout + proc.stderr
assert "All confirmed-rate floors met" in proc.stdout, proc.stdout
proc = run_report("--results", str(results), "--min-confirmed-rate", "0.50")
assert proc.returncode == 2, proc.stdout + proc.stderr
assert "FAIL" in proc.stdout and "sqli" in proc.stdout, proc.stdout
def main() -> int:
with tempfile.TemporaryDirectory() as td:
tmp = Path(td)
@ -318,6 +358,7 @@ def main() -> int:
test_manual_triage_stamps_wrong_confirmed,
test_manual_triage_ignores_vuln_true_entries,
test_budget_malformed_exits_3,
test_report_confirmed_rate_floor,
):
sub = tmp / fn.__name__
sub.mkdir()