Add unit tests for key gaps: SparseValuesFactory, error classes, and utilities #575
Conversation
…utility functions - Add comprehensive tests for SparseValuesFactory (REST version) covering all input types, error cases, and edge cases - Add tests for error classes in db_data/errors.py to ensure clear error messages - Add tests for utility functions: check_kwargs, validate_and_convert_errors, and fix_tuple_length - All tests pass and follow project conventions for readability
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| with pytest.raises(ProtocolError) as exc_info: | ||
| test_func() | ||
| assert "Failed to connect" in str(exc_info.value) | ||
| assert "http://test.com" in str(exc_info.value) |
Check failure
Code scanning / CodeQL
Incomplete URL substring sanitization High test
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 11 days ago
In general, to fix incomplete URL substring sanitization, you should parse URLs and inspect structured components (e.g., urlparse(url).hostname) instead of doing substring checks on the raw URL string. For host checks, compare exact hostnames or well-defined suffixes (like .example.com) on the parsed hostname, not on the full URL.
In this specific test, we are not sanitizing or validating a URL; we’re asserting that the error message includes the URL that was passed into MaxRetryError. To satisfy CodeQL without changing the behavior, we can avoid a raw substring search and instead (a) parse the URL we expect and (b) ensure that the same exact URL string appears in the error in a more structured way, or at least avoid a naked containment check. A minimal, behavior-preserving change is to use a regular expression match that anchors the URL as a whole token, which removes the “arbitrary position in a sanitized URL” concern while still confirming the URL is present.
Concretely, in tests/unit/utils/test_error_handling.py, for test_max_retry_error_with_protocol_error_reason, replace the line assert "http://test.com" in str(exc_info.value) with an assertion using re.search and a word-boundary pattern like r"\bhttp://test\.com\b". This still checks that http://test.com appears in the message but avoids the simplistic substring check. To do this, add an import re at the top of the file and update the assertion line accordingly. No other files or behaviors need to change.
| @@ -1,4 +1,5 @@ | ||
| import pytest | ||
| import re | ||
|
|
||
| from pinecone.utils.error_handling import validate_and_convert_errors, ProtocolError | ||
|
|
||
| @@ -41,7 +42,7 @@ | ||
| with pytest.raises(ProtocolError) as exc_info: | ||
| test_func() | ||
| assert "Failed to connect" in str(exc_info.value) | ||
| assert "http://test.com" in str(exc_info.value) | ||
| assert re.search(r"\bhttp://test\.com\b", str(exc_info.value)) is not None | ||
|
|
||
| def test_max_retry_error_with_non_protocol_reason(self): | ||
| """Test that MaxRetryError with non-ProtocolError reason is passed through.""" |
Summary
This PR adds comprehensive unit tests for key gaps identified in the codebase:
Tests Added
SparseValuesFactory (REST version) - tests/unit/data/test_sparse_values_factory.py
Error Classes - tests/unit/data/test_errors.py
Utility Functions - tests/unit/utils/
Highlights
Testing