[Duplicate Code] SSL-Bump `generateSquidConfig` fixture copy-pasted 4 times in `squid-config-security.test.ts`

[github-actions]

Duplicate Code Opportunity

Summary

• Pattern: The SSL-Bump-enabled generateSquidConfig fixture object (with sslBump: true, caFiles, and sslDbPath) is copy-pasted verbatim 4 times inside squid-config-security.test.ts. Each copy differs only in the urlPatterns or domains field being tested.
• Locations: src/squid-config-security.test.ts lines ~19–27, 33–41, 47–55, 118–127
• Impact: ~28 lines of repeated security-config fixture; a change to the required SSL-bump fields (e.g. renaming caFiles) must be applied in all 4 places, risking a stale copy silently compiling after a schema change

Evidence

Block at lines 19–27 (identical structure at lines 33–41, 47–55, 118–127):

generateSquidConfig({
  domains: ['evil.com'],
  port: defaultPort,
  sslBump: true,
  caFiles: { certPath: '/tmp/cert.pem', keyPath: '/tmp/key.pem' },
  sslDbPath: '/tmp/ssl_db',
  urlPatterns: [maliciousPattern],   // ← only this changes per test
});

The companion file squid-config-features.test.ts had the same problem (tracked as issue #2785, resolved); security.test.ts was not covered by that fix.

Suggested Refactoring

Add a shared SSL-bump fixture constant at the top of the test file (or in a shared test-utils module):

const sslBumpBase = {
  domains: ['evil.com'],
  port: defaultPort,
  sslBump: true as const,
  caFiles: { certPath: '/tmp/cert.pem', keyPath: '/tmp/key.pem' },
  sslDbPath: '/tmp/ssl_db',
} satisfies Partial<Parameters<typeof generateSquidConfig>[0]>;

// Each test then:
generateSquidConfig({ ...sslBumpBase, urlPatterns: [maliciousPattern] });

Affected Files

• src/squid-config-security.test.ts — lines ~19–27, 33–41, 47–55, 118–127

Effort Estimate

Low

---

Detected by Duplicate Code Detector workflow. Run date: 2026-05-20

Generated by Duplicate Code Detector · ● 20.3M · ◷

• expires on Jun 19, 2026, 10:16 PM UTC