Enhance sarif_list_rules tests for per-rule resultCount coverage

Copilot · data-douser · web-flow · commit 1f341579d959 · 2026-04-06T15:27:12.000Z
- Add second sql-injection result to test fixture for varied counts - Verify resultCount for all rules (not just the first) - Add test for rules with zero results (resultCount: 0) - Update related test assertions for the enriched fixture Agent-Logs-Url: https://github.com/advanced-security/codeql-development-mcp-server/sessions/7ea1caeb-de6d-40cd-b045-3dd634602403 Co-authored-by: data-douser <70299490+data-douser@users.noreply.github.com>
diff --git a/server/test/src/tools/sarif-tools.test.ts b/server/test/src/tools/sarif-tools.test.ts
@@ -53,6 +53,12 @@ function createTestSarif() {
             { location: { physicalLocation: { artifactLocation: { uri: 'src/db.js' }, region: { startLine: 42 } }, message: { text: 'query(...)' } } },
           ] }] }],
         },
+        {
+          ruleId: 'js/sql-injection',
+          ruleIndex: 0,
+          message: { text: 'SQL injection from request body.' },
+          locations: [{ physicalLocation: { artifactLocation: { uri: 'src/api.js' }, region: { startLine: 15, startColumn: 3, endColumn: 40 } } }],
+        },
         {
           ruleId: 'js/xss',
           ruleIndex: 1,
@@ -170,7 +176,7 @@ describe('SARIF Tools', () => {
         const parsed = JSON.parse(result.content[0].text);
 
         expect(parsed.ruleId).toBe('js/sql-injection');
-        expect(parsed.resultCount).toBe(1);
+        expect(parsed.resultCount).toBe(2);
         expect(parsed.extractedSarif.runs[0].tool.driver.rules).toHaveLength(1);
       });
 
@@ -212,15 +218,44 @@ describe('SARIF Tools', () => {
     });
 
     describe('sarif_list_rules', () => {
-      it('should list all rules with result counts', async () => {
+      it('should list all rules with per-rule result counts', async () => {
         const result = await handlers.sarif_list_rules({ sarifPath: testSarifPath });
         const parsed = JSON.parse(result.content[0].text);
 
         expect(parsed.totalRules).toBe(2);
-        expect(parsed.totalResults).toBe(2);
+        expect(parsed.totalResults).toBe(3);
         expect(parsed.rules[0].ruleId).toBe('js/sql-injection');
-        expect(parsed.rules[0].resultCount).toBe(1);
+        expect(parsed.rules[0].resultCount).toBe(2);
         expect(parsed.rules[1].ruleId).toBe('js/xss');
+        expect(parsed.rules[1].resultCount).toBe(1);
+      });
+
+      it('should return resultCount 0 for rules with no results', async () => {
+        const noResultsSarif = {
+          version: '2.1.0',
+          runs: [{
+            tool: {
+              driver: {
+                name: 'CodeQL',
+                version: '2.25.1',
+                rules: [
+                  { id: 'js/unused-variable', shortDescription: { text: 'Unused variable' } },
+                ],
+              },
+            },
+            results: [],
+          }],
+        };
+        const noResultsPath = join(testStorageDir, 'no-results.sarif');
+        writeFileSync(noResultsPath, JSON.stringify(noResultsSarif));
+
+        const result = await handlers.sarif_list_rules({ sarifPath: noResultsPath });
+        const parsed = JSON.parse(result.content[0].text);
+
+        expect(parsed.totalRules).toBe(1);
+        expect(parsed.totalResults).toBe(0);
+        expect(parsed.rules[0].ruleId).toBe('js/unused-variable');
+        expect(parsed.rules[0].resultCount).toBe(0);
       });
     });
 
@@ -303,7 +338,7 @@ describe('SARIF Tools', () => {
 
       it('should detect changed result counts', async () => {
         const sarifB = createTestSarif();
-        sarifB.runs[0].results = [sarifB.runs[0].results[0]]; // remove XSS result
+        sarifB.runs[0].results = sarifB.runs[0].results.filter(r => r.ruleId !== 'js/xss');
         const pathB = join(testStorageDir, 'modified.sarif');
         writeFileSync(pathB, JSON.stringify(sarifB));
 
