Skip to content

add more integration testing #70

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
tstromberg merged 3 commits into from
Nov 3, 2025

improve test performance

3f1988d
Select commit
Loading
Failed to load commit list.
Merged

add more integration testing #70

improve test performance
3f1988d
Select commit
Loading
Failed to load commit list.
Kusari Inspector / Kusari Inspector succeeded Nov 3, 2025 in 22s

Security Analysis Passed

No security issues found

Details

Kusari Inspector

Kusari Analysis Results:

Proceed with these changes

✅ No Flagged Issues Detected
All values appear to be within acceptable risk parameters.

Both dependency and code security analyses show excellent results with zero security issues identified. The dependency changes improve security posture by updating a safe internal dependency (gh-mailto) and removing external GraphQL dependencies, which reduces the overall attack surface. The comprehensive code analysis of 52 files found no vulnerabilities, exposed secrets, workflow issues, or module vulnerabilities across all security checks (SAST, secret scanning, vulnerability analysis, govulncheck). The combined findings indicate this PR maintains strong security standards while actually reducing external dependency risk.

Note

View full detailed analysis result for more information on the output and the checks that were run.

Expand to see all dependency changes, security advisories, scorecard checks, etc.

Dependency Relationship Analysis

github.com/codeGROOVE-dev/gh-mailto (0.0.0-20251030132316-7b86852c2928 → 0.0.0-20251030182955-b6a1494332f1)

Dependency Changes Introduced

Status Package Change Version Latest Version Advisories License
✅ Safe github.com/codeGROOVE-dev/gh-mailto updated 0.0.0-20251030132316-7b86852c2928 → 0.0.0-20251030182955-b6a1494332f1 v0.0.0-20251030182955-b6a1494332f1 None Apache-2.0 (permissive)
⚠️ Flagged github.com/shurcooL/graphql removed 0.0.0-20230722043721-ed46e5a46466 Unknown None Unknown
⚠️ Flagged github.com/shurcooL/githubv4 removed 0.0.0-20240727222349-48295856cce7 Unknown None Unknown

Scorecard Checks

@kusari-inspector rerun - Trigger a re-analysis of this PR
@kusari-inspector feedback [your message] - Send feedback to our AI and team
See Kusari's documentation for setup and configuration.
Commit: f9df84d, performed at: 2025-11-03T14:26:01Z

Found this helpful? Give it a 👍 or 👎 reaction!

Scan Results Summary

Code Files Analyzed

Total Files: 55

  1. pkg/github/graphql.go
  2. pkg/github/manager_integration_test.go
  3. go.sum
  4. pkg/bot/bot.go
  5. pkg/bot/cache/commit_pr.go
  6. pkg/bot/commit_pr_cache_test.go
  7. pkg/bot/process_event_test.go
  8. pkg/slack/oauth.go
  9. pkg/slack/slack_additional_coverage_test.go
  10. pkg/bot/create_pr_thread_additional_test.go
  11. pkg/bot/handle_pr_test.go
  12. pkg/bot/methods_test.go
  13. pkg/bot/poll_and_reconcile_test.go
  14. pkg/bot/process_channels_test.go
  15. pkg/github/client_integration_test.go
  16. pkg/slack/client_additional_test.go.tmp.2663.1762112254036
  17. pkg/slack/oauth_handlers_test.go
  18. go.mod
  19. pkg/bot/cache/commit_pr_test.go
  20. pkg/bot/cache/thread.go
  21. pkg/bot/find_or_create_thread_test.go
  22. pkg/state/json_test.go
  23. pkg/bot/bot_test.go
  24. pkg/bot/event_integration_test.go
  25. pkg/bot/formatting_test.go
  26. pkg/bot/handle_pr_comprehensive_test.go
  27. pkg/bot/polling_test.go
  28. pkg/bot/process_pr_for_channel_additional_test.go
  29. pkg/bot/state_test.go
  30. pkg/github/github_mock_server_test.go
  31. pkg/bot/extract_state_test.go
  32. pkg/bot/message_update_test.go
  33. pkg/slack/client_additional_test.go
  34. pkg/slack/http_handlers_test.go
  35. pkg/slack/slack.go
  36. pkg/slack/user_test.go
  37. pkg/usermapping/reverse_test.go
  38. pkg/usermapping/usermapping_test.go
  39. pkg/bot/coordinator_test_helpers.go
  40. pkg/bot/handle_pr_event_comprehensive_test.go
  41. pkg/bot/sprinkler_test.go
  42. pkg/bot/cache/thread_test.go
  43. pkg/bot/interfaces.go
  44. pkg/bot/mock_builders_test.go
  45. pkg/bot/polling_comprehensive_test.go
  46. pkg/github/github.go
  47. pkg/github/github_test.go
  48. pkg/slack/client_coverage_test.go
  49. pkg/slack/mock_builders_test.go
  50. pkg/bot/polling.go
  51. pkg/bot/coordinator_test.go
  52. pkg/bot/dm_notifications_test.go
  53. pkg/bot/handle_pr_event_with_data_test.go
  54. pkg/bot/integration_test.go
  55. pkg/bot/update_dm_test.go

Dependency Files Analyzed

Total Dependency Files: 1

  1. go.mod

Scan Details

Check Type Status
SAST Analysis ✅ Completed
Secret Scan ✅ Completed
Misconfiguration Scan ✅ Completed
Workflow Analysis ⏭️ Skipped
Govulncheck ✅ Completed
Vulnerability (KEV, EPSS, CVSS) Analysis ✅ Completed
Transitive Dependency Analysis ✅ Completed
Pacakage Reputation Analysis (Scorecard) ✅ Completed
Typosquatting Check ✅ Completed

Enabled Scan Configurations

Scan Type Enabled
GitHub Action Version Pinning ✅ Enabled
Container Version Pinning ✅ Enabled
View more details on Kusari Inspector