Skip to content

fix: incorporate CI fixes from fix/ci-failures-kustomize-and-npm#150

Open
vishnu2kmohan wants to merge 2 commits into
mainfrom
mcp-server-langgraph-session-20251205-122032
Open

fix: incorporate CI fixes from fix/ci-failures-kustomize-and-npm#150
vishnu2kmohan wants to merge 2 commits into
mainfrom
mcp-server-langgraph-session-20251205-122032

Conversation

@vishnu2kmohan

Copy link
Copy Markdown
Owner

Summary

This PR incorporates CI fixes from the fix/ci-failures-kustomize-and-npm branch:

  • Added package-lock.json for frontend builds (fixes npm ci in Dockerfile.builder)
  • Added ADR-0067: Non-Root Container Security Strategy
  • Updated ADR count in README.md badge (63 → 64)
  • Updated ADR count in docs/architecture/overview.mdx (63 → 64)
  • Regenerated adr/README.md index

Test Plan

  • All pre-push hooks pass (60+ validations)
  • CI workflows pass

🤖 Generated with Claude Code

Cherry-pick key files from fix branch:
- docker/Dockerfile.builder: Copy src/ before uv sync
- docker/Dockerfile.playground: Copy src/ before uv sync
- docker-compose.test.yml: Loki tmpfs UID fix for non-root
- package-lock.json: Required for npm ci
- adr-0067: Non-root container security ADR

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@github-actions

github-actions Bot commented Dec 8, 2025

Copy link
Copy Markdown
Contributor

🔴 Skipped Tests Report

Total Skipped: 96 | Tracked: 0 | Untracked: 96

📊 View Summary

Skipped Tests Summary

Total Skipped Tests: 96
With GitHub Issues: 0
Without GitHub Issues: 96 ⚠️

Top Files with Skipped Tests

File Count
tests/meta/validation/test_mermaid_validation.py 18
tests/integration/test_vertex_ai_google.py 10
tests/integration/test_vertex_ai_anthropic.py 8
tests/integration/security/test_network_mode_transparency.py 8
tests/integration/test_agentic_loop_integration.py 6
tests/integration/test_vertex_ai_auth_methods.py 5
tests/integration/test_database_connectivity_real.py 5
tests/integration/test_openfga_client.py 4
tests/integration/test_docker_image_assets.py 4
tests/integration/test_anthropic_enhancements_integration.py 3

Skip Reasons

Reason Count
VERTEX_PROJECT not set - requires Vertex AI access 19
Function not implemented yet 13
Docker package not available 8
Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate... 6
PostgreSQL not available on test port 5
Function not imported 5
Circuit breaker tests are timing-sensitive and don't run rel... 3
Performance tests skipped in parallel mode due to memory ove... 3
Checkov not installed (pip install checkov) 3
Requires VERTEX_PROJECT and NO GOOGLE_APPLICATION_CREDENTIAL... 2
Requires both VERTEX_PROJECT and GOOGLE_APPLICATION_CREDENTI... 2
Requires ANTHROPIC_API_KEY 2
Skipped inside Docker - Dockerfile not available in test ima... 2
Docker build tests skipped in parallel mode 2
Docker build tests disabled 2
⚠️ Action Items (96 tests need GitHub issues)

Action Items: Skipped Tests Without GitHub Issues

96 tests need GitHub issues created

For each test below, create a GitHub issue to track why it's skipped and when it should be enabled:

tests/builder/test_code_generator.py

  • test_generate_with_black_formatting_error_returns_unformatted_code (line 471)
    - Reason: Black not installed - cannot test black formatting error path
    - Action: Create issue and update skip decorator with issue number

tests/e2e/test_full_user_journey.py

  • test_01_concurrent_users (line 1199)
    - Reason: Performance tests skipped in parallel mode due to memory overhead
    - Action: Create issue and update skip decorator with issue number

  • test_02_large_conversation (line 1214)
    - Reason: Performance tests skipped in parallel mode due to memory overhead
    - Action: Create issue and update skip decorator with issue number

  • test_03_bulk_search (line 1229)
    - Reason: Performance tests skipped in parallel mode due to memory overhead
    - Action: Create issue and update skip decorator with issue number

tests/infrastructure/test_terraform_security.py

  • test_checkov_azure_secrets_compliance (line 389)
    - Reason: Checkov not installed (pip install checkov)
    - Action: Create issue and update skip decorator with issue number

  • test_checkov_aws_secrets_compliance (line 410)
    - Reason: Checkov not installed (pip install checkov)
    - Action: Create issue and update skip decorator with issue number

  • test_checkov_backend_setup_compliance (line 427)
    - Reason: Checkov not installed (pip install checkov)
    - Action: Create issue and update skip decorator with issue number

tests/integration/execution/test_docker_sandbox.py

  • test_docker_socket_not_exposed_in_container (line 765)
    - Reason: Requires Docker rootless mode (set DOCKER_ROOTLESS_TEST=1 to enable)
    - Action: Create issue and update skip decorator with issue number

tests/integration/security/test_api_key_indexed_lookup.py

  • test_validate_uses_indexed_search_not_enumeration (line 84)
    - Reason: API key validation tests skipped in parallel mode due to memory overhead with AsyncMock
    - Action: Create issue and update skip decorator with issue number

  • test_indexed_lookup_performance_with_large_user_base (line 179)
    - Reason: Performance tests skipped in parallel mode due to memory overhead (133GB VIRT, 42GB RES observed)
    - Action: Create issue and update skip decorator with issue number

tests/integration/security/test_network_mode_transparency.py

  • test_allowlist_mode_fails_closed_with_warning (line 63)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_none_network_mode_works_correctly (line 89)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_unrestricted_network_mode_enables_network (line 103)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_docker_sandbox_documents_allowlist_limitation (line 169)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_allowed_domains_ignored_when_network_disabled (line 211)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_empty_allowed_domains_with_unrestricted_mode (line 231)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_allowlist_will_require_allowed_domains (line 261)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_allowlist_mode_preserves_allowed_domains_config (line 280)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_agent.py

  • test_real_llm_invocation (line 442)
    - Reason: Requires ANTHROPIC_API_KEY
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_agentic_loop_integration.py

  • test_basic_workflow_without_compaction_verification (line 120)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

  • test_workflow_with_compaction_enabled (line 148)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

  • test_workflow_with_verification_pass (line 176)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

  • test_workflow_with_verification_refinement (line 209)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

  • test_workflow_max_refinement_attempts (line 241)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

  • test_full_loop_with_all_features (line 312)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_anthropic_enhancements_integration.py

  • test_agent_with_dynamic_context (line 275)
    - Reason: Requires full infrastructure (Qdrant, Redis, LLM) - set RUN_FULL_INTEGRATION_TESTS=1
    - Action: Create issue and update skip decorator with issue number

  • test_agent_with_verification_loop (line 312)
    - Reason: Requires full infrastructure - set RUN_FULL_INTEGRATION_TESTS=1 and ANTHROPIC_API_KEY
    - Action: Create issue and update skip decorator with issue number

  • test_mock_full_workflow (line 360)
    - Reason: Requires langchain-google-genai - set RUN_FULL_INTEGRATION_TESTS=1
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_context_manager_llm.py

  • test_full_extraction_workflow (line 515)
    - Reason: Requires ANTHROPIC_API_KEY
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_database_connectivity_real.py

  • test_check_database_connectivity_with_real_postgres (line 53)
    - Reason: PostgreSQL not available on test port
    - Action: Create issue and update skip decorator with issue number

  • test_create_connection_pool_with_real_postgres (line 78)
    - Reason: PostgreSQL not available on test port
    - Action: Create issue and update skip decorator with issue number

  • test_check_database_connectivity_with_invalid_credentials (line 123)
    - Reason: PostgreSQL not available on test port
    - Action: Create issue and update skip decorator with issue number

  • test_check_database_connectivity_with_nonexistent_database (line 144)
    - Reason: PostgreSQL not available on test port
    - Action: Create issue and update skip decorator with issue number

  • test_check_database_connectivity_timeout (line 165)
    - Reason: PostgreSQL not available on test port
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_distributed_checkpointing.py

  • test_create_redis_checkpointer (line 49)
    - Reason: Redis checkpointer not installed
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_docker_image_assets.py

  • test_dockerfile_excludes_deployments_directory (line 58)
    - Reason: Skipped inside Docker - Dockerfile not available in test image
    - Action: Create issue and update skip decorator with issue number

  • test_dockerfile_excludes_scripts_directory (line 108)
    - Reason: Skipped inside Docker - Dockerfile not available in test image
    - Action: Create issue and update skip decorator with issue number

  • test_docker_test_image_excludes_deployments_at_runtime (line 183)
    - Reason: Docker build tests skipped in parallel mode
    - Action: Create issue and update skip decorator with issue number

  • test_docker_test_image_excludes_scripts_at_runtime (line 253)
    - Reason: Docker build tests skipped in parallel mode
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_openfga_client.py

  • test_full_authorization_flow (line 453)
    - Reason: Requires running OpenFGA instance (set RUN_INTEGRATION_TESTS=1)
    - Action: Create issue and update skip decorator with issue number

  • test_circuit_breaker_fails_closed_for_critical_resources (line 530)
    - Reason: Circuit breaker tests are timing-sensitive and don't run reliably in pytest-xdist parallel mode
    - Action: Create issue and update skip decorator with issue number

  • test_circuit_breaker_fails_open_for_non_critical_resources (line 576)
    - Reason: Circuit breaker tests are timing-sensitive and don't run reliably in pytest-xdist parallel mode
    - Action: Create issue and update skip decorator with issue number

  • test_circuit_breaker_defaults_to_critical_true (line 622)
    - Reason: Circuit breaker tests are timing-sensitive and don't run reliably in pytest-xdist parallel mode
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_postgres_storage.py

  • test_concurrent_audit_log_writes (line 266)
    - Reason: Requires RUN_CONCURRENT_POOL_TESTS=true and real asyncpg pool (SimplePool doesn't support concurrent operations)
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_secrets_manager.py

  • test_full_secret_lifecycle (line 424)
    - Reason: Requires Infisical credentials (TEST_INFISICAL_CLIENT_ID, TEST_INFISICAL_CLIENT_SECRET, TEST_INFISICAL_PROJECT_ID)
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_vertex_ai_anthropic.py

  • test_claude_sonnet_4_5_via_vertex_ai (line 42)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_claude_haiku_4_5_via_vertex_ai (line 65)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_claude_opus_4_5_via_vertex_ai (line 88)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_claude_sonnet_4_5_reasoning (line 111)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_claude_with_conversation (line 134)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_uses_project_from_config (line 174)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_supports_multiple_regions (line 194)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_invalid_model_name (line 240)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_vertex_ai_auth_methods.py

  • test_workload_identity_claude (line 48)
    - Reason: Requires VERTEX_PROJECT and NO GOOGLE_APPLICATION_CREDENTIALS (Workload Identity)
    - Action: Create issue and update skip decorator with issue number

  • test_workload_identity_gemini (line 71)
    - Reason: Requires VERTEX_PROJECT and NO GOOGLE_APPLICATION_CREDENTIALS (Workload Identity)
    - Action: Create issue and update skip decorator with issue number

  • test_service_account_key_claude (line 102)
    - Reason: Requires both VERTEX_PROJECT and GOOGLE_APPLICATION_CREDENTIALS
    - Action: Create issue and update skip decorator with issue number

  • test_service_account_key_gemini (line 125)
    - Reason: Requires both VERTEX_PROJECT and GOOGLE_APPLICATION_CREDENTIALS
    - Action: Create issue and update skip decorator with issue number

  • test_auto_detect_auth_method (line 156)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_vertex_ai_google.py

  • test_gemini_3_pro_via_vertex_ai_explicit_prefix (line 41)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_gemini_3_pro_via_vertex_ai_implicit_routing (line 64)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_gemini_2_5_flash_via_vertex_ai (line 87)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_gemini_2_5_flash_via_vertex_ai_implicit (line 110)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_gemini_with_conversation (line 133)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_gemini_uses_project_from_config (line 171)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_gemini_supports_multiple_regions (line 191)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_prefix_vs_no_prefix_equivalence (line 212)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_gemini_invalid_model_name (line 269)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_gemini_empty_message (line 289)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

tests/meta/test_docker_environment.py

  • test_docker_working_directory_is_app (line 103)
    - Reason: Only in Docker test environment
    - Action: Create issue and update skip decorator with issue number

  • test_docker_test_image_has_scripts (line 194)
    - Reason: Docker build tests disabled
    - Action: Create issue and update skip decorator with issue number

  • test_docker_test_image_has_deployments (line 204)
    - Reason: Docker build tests disabled
    - Action: Create issue and update skip decorator with issue number

tests/meta/validation/test_mermaid_validation.py

  • test_sequence_diagram_with_classdef_is_invalid (line 51)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_sequence_diagram_with_class_assignment_is_invalid (line 66)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_sequence_diagram_with_both_classdef_and_class_is_invalid (line 84)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_sequence_diagram_without_classdef_is_valid (line 102)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_flowchart_with_classdef_is_valid (line 118)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_non_sequence_diagram_skips_validation (line 131)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_mismatched_subgraph_end_is_invalid (line 153)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_matched_subgraph_end_is_valid (line 170)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_nested_subgraph_is_valid (line 186)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_simple_flowchart_without_subgraph_is_valid (line 202)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_sequence_diagram_skips_subgraph_validation (line 214)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_detects_sequence_diagram (line 235)
    - Reason: Function not imported
    - Action: Create issue and update skip decorator with issue number

  • test_detects_sequence_diagram_with_init (line 245)
    - Reason: Function not imported
    - Action: Create issue and update skip decorator with issue number

  • test_flowchart_is_not_sequence_diagram (line 256)
    - Reason: Function not imported
    - Action: Create issue and update skip decorator with issue number

  • test_detects_flowchart_diagram (line 265)
    - Reason: Function not imported
    - Action: Create issue and update skip decorator with issue number

  • test_detects_graph_as_flowchart (line 274)
    - Reason: Function not imported
    - Action: Create issue and update skip decorator with issue number

  • test_terraform_aws_irsa_diagram_pattern (line 292)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_keycloak_sso_diagram_pattern (line 325)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

tests/regression/test_async_dependency_override_xdist.py

  • test_demonstrate_async_override_bug_explicitly (line 230)
    - Reason: Intentionally skipped - this test demonstrates the bug and is expected to fail
    - Action: Create issue and update skip decorator with issue number

tests/regression/test_gdpr_singleton_parallel_isolation.py

  • test_parallel_execution_creates_independent_storage_instances (line 190)
    - Reason: This test only meaningful in parallel execution mode
    - Action: Create issue and update skip decorator with issue number

tests/unit/auth/test_api_key_manager.py

  • test_validate_api_key_beyond_first_page (line 542)
    - Reason: Pagination tests skipped in parallel mode - creates 150 mock users causing memory overhead
    - Action: Create issue and update skip decorator with issue number

  • test_validate_api_key_not_found_after_pagination (line 594)
    - Reason: Pagination tests skipped in parallel mode - creates 150 mock users causing memory overhead
    - Action: Create issue and update skip decorator with issue number

  • test_validate_api_key_pagination_stops_on_match (line 630)
    - Reason: Pagination tests skipped in parallel mode - creates 250 mock users causing memory overhead
    - Action: Create issue and update skip decorator with issue number

tests/unit/execution/test_security_practices.py

  • test_kubernetes_sandbox_does_not_use_insecure_md5 (line 42)
    - Reason: kubernetes library not installed (optional dependency for kubernetes sandbox)
    - Action: Create issue and update skip decorator with issue number

tests/unit/mcp/test_mcp_server_settings_injection.py

  • test_settings_injection_does_not_affect_global_settings (line 131)
    - Reason: Settings isolation test may interfere with parallel execution
    - Action: Create issue and update skip decorator with issue number

Target: Reduce untracked skipped tests to <20 (currently 96)

@github-actions

github-actions Bot commented Dec 8, 2025

Copy link
Copy Markdown
Contributor

📚 Documentation Validation Results

Validation Type Status
Mintlify (Primary)
Specialized Validators
Non-Mintlify Docs
Documentation Tests
ℹ️ About This Validation

This is the simplified documentation validation workflow that consolidates previous validators.

What changed:

  • Mintlify CLI is now PRIMARY validator (replaces 5 Python validators)
  • Removed duplicate validators (link_validator.py, navigation_validator.py, image_validator.py, frontmatter_validator.py)
  • Consolidated specialized validators into validate_docs.py (2025-11-29)
  • 91-93% faster validation (8-12s vs 105-155s previously)

What Mintlify checks:

  • ✅ Broken internal links
  • ✅ Navigation consistency (docs.json ↔ MDX files)
  • ✅ Image references
  • ✅ Frontmatter (title, description)
  • ✅ MDX syntax errors
  • ✅ Anchor links

How to fix failures:

# Run Mintlify validator locally (PRIMARY)
cd docs && npx mintlify broken-links

# Run consolidated documentation validator
python scripts/validators/validate_docs.py --all

Workflow Run: View Details

@github-actions

github-actions Bot commented Dec 8, 2025

Copy link
Copy Markdown
Contributor

🔒 Trivy Security Scan Results

Click to view full security report

Report Summary

┌─────────────────────────────────────────────────────────────┬───────┬─────────────────┬─────────┐
│                           Target                            │ Type  │ Vulnerabilities │ Secrets │
├─────────────────────────────────────────────────────────────┼───────┼─────────────────┼─────────┤
│ clients/go/go.mod                                           │ gomod │        0        │    -    │
├─────────────────────────────────────────────────────────────┼───────┼─────────────────┼─────────┤
│ clients/python/uv.lock                                      │  uv   │        2        │    -    │
├─────────────────────────────────────────────────────────────┼───────┼─────────────────┼─────────┤
│ src/mcp_server_langgraph/builder/frontend/package-lock.json │  npm  │        0        │    -    │
├─────────────────────────────────────────────────────────────┼───────┼─────────────────┼─────────┤
│ uv.lock                                                     │  uv   │        7        │    -    │
└─────────────────────────────────────────────────────────────┴───────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)


For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that you believe are not actually exploitable, consider issuing a VEX (Vulnerability Exploitability eXchange) statement.
VEX allows you to communicate the actual status of vulnerabilities in your project, improving security transparency and reducing false positives for your users.
Learn more and start using VEX: https://trivy.dev/v0.65/docs/supply-chain/vex/repo#publishing-vex-documents

To disable this notice, set the TRIVY_DISABLE_VEX_NOTICE environment variable.


clients/python/uv.lock (uv)
===========================
Total: 2 (LOW: 0, MEDIUM: 0, HIGH: 2, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version │                           Title                            │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼────────────────────────────────────────────────────────────┤
│ urllib3 │ CVE-2025-66418 │ HIGH     │ fixed  │ 2.5.0             │ 2.6.0         │ urllib3 is a user-friendly HTTP client library for Python. │
│         │                │          │        │                   │               │ Starting in ......                                         │
│         │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66418                 │
│         ├────────────────┤          │        │                   │               ├────────────────────────────────────────────────────────────┤
│         │ CVE-2025-66471 │          │        │                   │               │ urllib3 is a user-friendly HTTP client library for Python. │
│         │                │          │        │                   │               │ Starting in ......                                         │
│         │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66471                 │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴────────────────────────────────────────────────────────────┘

uv.lock (uv)
============
Total: 7 (LOW: 0, MEDIUM: 4, HIGH: 3, CRITICAL: 0)

┌───────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────────┐
│  Library  │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version │                            Title                             │
├───────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ fonttools │ CVE-2025-66034 │ MEDIUM   │ fixed  │ 4.60.1            │ 4.60.2        │ fontTools is a library for manipulating fonts, written in    │
│           │                │          │        │                   │               │ Python. In v...                                              │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66034                   │
├───────────┼────────────────┼──────────┤        ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ mcp       │ CVE-2025-66416 │ HIGH     │        │ 1.22.0            │ 1.23.0        │ mcp: DNS Rebinding Protection Disabled by Default in Model   │
│           │                │          │        │                   │               │ Context Protocol Python...                                   │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66416                   │
├───────────┼────────────────┤          │        ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ urllib3   │ CVE-2025-66418 │          │        │ 2.3.0             │ 2.6.0         │ urllib3 is a user-friendly HTTP client library for Python.   │
│           │                │          │        │                   │               │ Starting in ......                                           │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66418                   │
│           ├────────────────┤          │        │                   │               ├──────────────────────────────────────────────────────────────┤
│           │ CVE-2025-66471 │          │        │                   │               │ urllib3 is a user-friendly HTTP client library for Python.   │
│           │                │          │        │                   │               │ Starting in ......                                           │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66471                   │
│           ├────────────────┼──────────┤        │                   ├───────────────┼──────────────────────────────────────────────────────────────┤
│           │ CVE-2025-50181 │ MEDIUM   │        │                   │ 2.5.0         │ urllib3: urllib3 redirects are not disabled when retries are │
│           │                │          │        │                   │               │ disabled on PoolManager...                                   │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-50181                   │
│           ├────────────────┤          │        │                   │               ├──────────────────────────────────────────────────────────────┤
│           │ CVE-2025-50182 │          │        │                   │               │ urllib3: urllib3 does not control redirects in browsers and  │
│           │                │          │        │                   │               │ Node.js                                                      │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-50182                   │
├───────────┼────────────────┤          │        ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ werkzeug  │ CVE-2025-66221 │          │        │ 3.1.3             │ 3.1.4         │ Werkzeug safe_join() allows Windows special device names     │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66221                   │
└───────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘

Note: Full report available in workflow artifacts.

- Add vitest.d.ts type declarations for Jest-DOM matchers
- Replace `global.` with `globalThis.` for ES module compatibility
- Remove unused imports (React, waitFor, act, userEvent, HeartEvent)
- Remove unused variable declarations (result, user, originalWebSocket)
- Prefix unused parameters with underscore (_metadata)
- Fix DOMRect mock missing x, y, toJSON properties
- All 80+ TypeScript errors fixed, npm run build now succeeds

This fixes the E2E CI failure in docker/Dockerfile.builder at the
npm run build step.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@github-actions

github-actions Bot commented Dec 8, 2025

Copy link
Copy Markdown
Contributor

🔴 Skipped Tests Report

Total Skipped: 96 | Tracked: 0 | Untracked: 96

📊 View Summary

Skipped Tests Summary

Total Skipped Tests: 96
With GitHub Issues: 0
Without GitHub Issues: 96 ⚠️

Top Files with Skipped Tests

File Count
tests/meta/validation/test_mermaid_validation.py 18
tests/integration/test_vertex_ai_google.py 10
tests/integration/test_vertex_ai_anthropic.py 8
tests/integration/security/test_network_mode_transparency.py 8
tests/integration/test_agentic_loop_integration.py 6
tests/integration/test_vertex_ai_auth_methods.py 5
tests/integration/test_database_connectivity_real.py 5
tests/integration/test_openfga_client.py 4
tests/integration/test_docker_image_assets.py 4
tests/integration/test_anthropic_enhancements_integration.py 3

Skip Reasons

Reason Count
VERTEX_PROJECT not set - requires Vertex AI access 19
Function not implemented yet 13
Docker package not available 8
Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate... 6
PostgreSQL not available on test port 5
Function not imported 5
Circuit breaker tests are timing-sensitive and don't run rel... 3
Performance tests skipped in parallel mode due to memory ove... 3
Checkov not installed (pip install checkov) 3
Requires VERTEX_PROJECT and NO GOOGLE_APPLICATION_CREDENTIAL... 2
Requires both VERTEX_PROJECT and GOOGLE_APPLICATION_CREDENTI... 2
Requires ANTHROPIC_API_KEY 2
Skipped inside Docker - Dockerfile not available in test ima... 2
Docker build tests skipped in parallel mode 2
Docker build tests disabled 2
⚠️ Action Items (96 tests need GitHub issues)

Action Items: Skipped Tests Without GitHub Issues

96 tests need GitHub issues created

For each test below, create a GitHub issue to track why it's skipped and when it should be enabled:

tests/builder/test_code_generator.py

  • test_generate_with_black_formatting_error_returns_unformatted_code (line 471)
    - Reason: Black not installed - cannot test black formatting error path
    - Action: Create issue and update skip decorator with issue number

tests/e2e/test_full_user_journey.py

  • test_01_concurrent_users (line 1199)
    - Reason: Performance tests skipped in parallel mode due to memory overhead
    - Action: Create issue and update skip decorator with issue number

  • test_02_large_conversation (line 1214)
    - Reason: Performance tests skipped in parallel mode due to memory overhead
    - Action: Create issue and update skip decorator with issue number

  • test_03_bulk_search (line 1229)
    - Reason: Performance tests skipped in parallel mode due to memory overhead
    - Action: Create issue and update skip decorator with issue number

tests/infrastructure/test_terraform_security.py

  • test_checkov_azure_secrets_compliance (line 389)
    - Reason: Checkov not installed (pip install checkov)
    - Action: Create issue and update skip decorator with issue number

  • test_checkov_aws_secrets_compliance (line 410)
    - Reason: Checkov not installed (pip install checkov)
    - Action: Create issue and update skip decorator with issue number

  • test_checkov_backend_setup_compliance (line 427)
    - Reason: Checkov not installed (pip install checkov)
    - Action: Create issue and update skip decorator with issue number

tests/integration/execution/test_docker_sandbox.py

  • test_docker_socket_not_exposed_in_container (line 765)
    - Reason: Requires Docker rootless mode (set DOCKER_ROOTLESS_TEST=1 to enable)
    - Action: Create issue and update skip decorator with issue number

tests/integration/security/test_api_key_indexed_lookup.py

  • test_validate_uses_indexed_search_not_enumeration (line 84)
    - Reason: API key validation tests skipped in parallel mode due to memory overhead with AsyncMock
    - Action: Create issue and update skip decorator with issue number

  • test_indexed_lookup_performance_with_large_user_base (line 179)
    - Reason: Performance tests skipped in parallel mode due to memory overhead (133GB VIRT, 42GB RES observed)
    - Action: Create issue and update skip decorator with issue number

tests/integration/security/test_network_mode_transparency.py

  • test_allowlist_mode_fails_closed_with_warning (line 63)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_none_network_mode_works_correctly (line 89)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_unrestricted_network_mode_enables_network (line 103)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_docker_sandbox_documents_allowlist_limitation (line 169)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_allowed_domains_ignored_when_network_disabled (line 211)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_empty_allowed_domains_with_unrestricted_mode (line 231)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_allowlist_will_require_allowed_domains (line 261)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

  • test_allowlist_mode_preserves_allowed_domains_config (line 280)
    - Reason: Docker package not available
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_agent.py

  • test_real_llm_invocation (line 442)
    - Reason: Requires ANTHROPIC_API_KEY
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_agentic_loop_integration.py

  • test_basic_workflow_without_compaction_verification (line 120)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

  • test_workflow_with_compaction_enabled (line 148)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

  • test_workflow_with_verification_pass (line 176)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

  • test_workflow_with_verification_refinement (line 209)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

  • test_workflow_max_refinement_attempts (line 241)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

  • test_full_loop_with_all_features (line 312)
    - Reason: Requires valid ANTHROPIC_API_KEY - mocks don't fully isolate LLM calls
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_anthropic_enhancements_integration.py

  • test_agent_with_dynamic_context (line 275)
    - Reason: Requires full infrastructure (Qdrant, Redis, LLM) - set RUN_FULL_INTEGRATION_TESTS=1
    - Action: Create issue and update skip decorator with issue number

  • test_agent_with_verification_loop (line 312)
    - Reason: Requires full infrastructure - set RUN_FULL_INTEGRATION_TESTS=1 and ANTHROPIC_API_KEY
    - Action: Create issue and update skip decorator with issue number

  • test_mock_full_workflow (line 360)
    - Reason: Requires langchain-google-genai - set RUN_FULL_INTEGRATION_TESTS=1
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_context_manager_llm.py

  • test_full_extraction_workflow (line 515)
    - Reason: Requires ANTHROPIC_API_KEY
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_database_connectivity_real.py

  • test_check_database_connectivity_with_real_postgres (line 53)
    - Reason: PostgreSQL not available on test port
    - Action: Create issue and update skip decorator with issue number

  • test_create_connection_pool_with_real_postgres (line 78)
    - Reason: PostgreSQL not available on test port
    - Action: Create issue and update skip decorator with issue number

  • test_check_database_connectivity_with_invalid_credentials (line 123)
    - Reason: PostgreSQL not available on test port
    - Action: Create issue and update skip decorator with issue number

  • test_check_database_connectivity_with_nonexistent_database (line 144)
    - Reason: PostgreSQL not available on test port
    - Action: Create issue and update skip decorator with issue number

  • test_check_database_connectivity_timeout (line 165)
    - Reason: PostgreSQL not available on test port
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_distributed_checkpointing.py

  • test_create_redis_checkpointer (line 49)
    - Reason: Redis checkpointer not installed
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_docker_image_assets.py

  • test_dockerfile_excludes_deployments_directory (line 58)
    - Reason: Skipped inside Docker - Dockerfile not available in test image
    - Action: Create issue and update skip decorator with issue number

  • test_dockerfile_excludes_scripts_directory (line 108)
    - Reason: Skipped inside Docker - Dockerfile not available in test image
    - Action: Create issue and update skip decorator with issue number

  • test_docker_test_image_excludes_deployments_at_runtime (line 183)
    - Reason: Docker build tests skipped in parallel mode
    - Action: Create issue and update skip decorator with issue number

  • test_docker_test_image_excludes_scripts_at_runtime (line 253)
    - Reason: Docker build tests skipped in parallel mode
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_openfga_client.py

  • test_full_authorization_flow (line 453)
    - Reason: Requires running OpenFGA instance (set RUN_INTEGRATION_TESTS=1)
    - Action: Create issue and update skip decorator with issue number

  • test_circuit_breaker_fails_closed_for_critical_resources (line 530)
    - Reason: Circuit breaker tests are timing-sensitive and don't run reliably in pytest-xdist parallel mode
    - Action: Create issue and update skip decorator with issue number

  • test_circuit_breaker_fails_open_for_non_critical_resources (line 576)
    - Reason: Circuit breaker tests are timing-sensitive and don't run reliably in pytest-xdist parallel mode
    - Action: Create issue and update skip decorator with issue number

  • test_circuit_breaker_defaults_to_critical_true (line 622)
    - Reason: Circuit breaker tests are timing-sensitive and don't run reliably in pytest-xdist parallel mode
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_postgres_storage.py

  • test_concurrent_audit_log_writes (line 266)
    - Reason: Requires RUN_CONCURRENT_POOL_TESTS=true and real asyncpg pool (SimplePool doesn't support concurrent operations)
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_secrets_manager.py

  • test_full_secret_lifecycle (line 424)
    - Reason: Requires Infisical credentials (TEST_INFISICAL_CLIENT_ID, TEST_INFISICAL_CLIENT_SECRET, TEST_INFISICAL_PROJECT_ID)
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_vertex_ai_anthropic.py

  • test_claude_sonnet_4_5_via_vertex_ai (line 42)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_claude_haiku_4_5_via_vertex_ai (line 65)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_claude_opus_4_5_via_vertex_ai (line 88)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_claude_sonnet_4_5_reasoning (line 111)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_claude_with_conversation (line 134)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_uses_project_from_config (line 174)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_supports_multiple_regions (line 194)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_invalid_model_name (line 240)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_vertex_ai_auth_methods.py

  • test_workload_identity_claude (line 48)
    - Reason: Requires VERTEX_PROJECT and NO GOOGLE_APPLICATION_CREDENTIALS (Workload Identity)
    - Action: Create issue and update skip decorator with issue number

  • test_workload_identity_gemini (line 71)
    - Reason: Requires VERTEX_PROJECT and NO GOOGLE_APPLICATION_CREDENTIALS (Workload Identity)
    - Action: Create issue and update skip decorator with issue number

  • test_service_account_key_claude (line 102)
    - Reason: Requires both VERTEX_PROJECT and GOOGLE_APPLICATION_CREDENTIALS
    - Action: Create issue and update skip decorator with issue number

  • test_service_account_key_gemini (line 125)
    - Reason: Requires both VERTEX_PROJECT and GOOGLE_APPLICATION_CREDENTIALS
    - Action: Create issue and update skip decorator with issue number

  • test_auto_detect_auth_method (line 156)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

tests/integration/test_vertex_ai_google.py

  • test_gemini_3_pro_via_vertex_ai_explicit_prefix (line 41)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_gemini_3_pro_via_vertex_ai_implicit_routing (line 64)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_gemini_2_5_flash_via_vertex_ai (line 87)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_gemini_2_5_flash_via_vertex_ai_implicit (line 110)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_gemini_with_conversation (line 133)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_gemini_uses_project_from_config (line 171)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_gemini_supports_multiple_regions (line 191)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_prefix_vs_no_prefix_equivalence (line 212)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_gemini_invalid_model_name (line 269)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

  • test_vertex_ai_gemini_empty_message (line 289)
    - Reason: VERTEX_PROJECT not set - requires Vertex AI access
    - Action: Create issue and update skip decorator with issue number

tests/meta/test_docker_environment.py

  • test_docker_working_directory_is_app (line 103)
    - Reason: Only in Docker test environment
    - Action: Create issue and update skip decorator with issue number

  • test_docker_test_image_has_scripts (line 194)
    - Reason: Docker build tests disabled
    - Action: Create issue and update skip decorator with issue number

  • test_docker_test_image_has_deployments (line 204)
    - Reason: Docker build tests disabled
    - Action: Create issue and update skip decorator with issue number

tests/meta/validation/test_mermaid_validation.py

  • test_sequence_diagram_with_classdef_is_invalid (line 51)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_sequence_diagram_with_class_assignment_is_invalid (line 66)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_sequence_diagram_with_both_classdef_and_class_is_invalid (line 84)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_sequence_diagram_without_classdef_is_valid (line 102)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_flowchart_with_classdef_is_valid (line 118)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_non_sequence_diagram_skips_validation (line 131)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_mismatched_subgraph_end_is_invalid (line 153)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_matched_subgraph_end_is_valid (line 170)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_nested_subgraph_is_valid (line 186)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_simple_flowchart_without_subgraph_is_valid (line 202)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_sequence_diagram_skips_subgraph_validation (line 214)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_detects_sequence_diagram (line 235)
    - Reason: Function not imported
    - Action: Create issue and update skip decorator with issue number

  • test_detects_sequence_diagram_with_init (line 245)
    - Reason: Function not imported
    - Action: Create issue and update skip decorator with issue number

  • test_flowchart_is_not_sequence_diagram (line 256)
    - Reason: Function not imported
    - Action: Create issue and update skip decorator with issue number

  • test_detects_flowchart_diagram (line 265)
    - Reason: Function not imported
    - Action: Create issue and update skip decorator with issue number

  • test_detects_graph_as_flowchart (line 274)
    - Reason: Function not imported
    - Action: Create issue and update skip decorator with issue number

  • test_terraform_aws_irsa_diagram_pattern (line 292)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

  • test_keycloak_sso_diagram_pattern (line 325)
    - Reason: Function not implemented yet
    - Action: Create issue and update skip decorator with issue number

tests/regression/test_async_dependency_override_xdist.py

  • test_demonstrate_async_override_bug_explicitly (line 230)
    - Reason: Intentionally skipped - this test demonstrates the bug and is expected to fail
    - Action: Create issue and update skip decorator with issue number

tests/regression/test_gdpr_singleton_parallel_isolation.py

  • test_parallel_execution_creates_independent_storage_instances (line 190)
    - Reason: This test only meaningful in parallel execution mode
    - Action: Create issue and update skip decorator with issue number

tests/unit/auth/test_api_key_manager.py

  • test_validate_api_key_beyond_first_page (line 542)
    - Reason: Pagination tests skipped in parallel mode - creates 150 mock users causing memory overhead
    - Action: Create issue and update skip decorator with issue number

  • test_validate_api_key_not_found_after_pagination (line 594)
    - Reason: Pagination tests skipped in parallel mode - creates 150 mock users causing memory overhead
    - Action: Create issue and update skip decorator with issue number

  • test_validate_api_key_pagination_stops_on_match (line 630)
    - Reason: Pagination tests skipped in parallel mode - creates 250 mock users causing memory overhead
    - Action: Create issue and update skip decorator with issue number

tests/unit/execution/test_security_practices.py

  • test_kubernetes_sandbox_does_not_use_insecure_md5 (line 42)
    - Reason: kubernetes library not installed (optional dependency for kubernetes sandbox)
    - Action: Create issue and update skip decorator with issue number

tests/unit/mcp/test_mcp_server_settings_injection.py

  • test_settings_injection_does_not_affect_global_settings (line 131)
    - Reason: Settings isolation test may interfere with parallel execution
    - Action: Create issue and update skip decorator with issue number

Target: Reduce untracked skipped tests to <20 (currently 96)

@github-actions

github-actions Bot commented Dec 8, 2025

Copy link
Copy Markdown
Contributor

📚 Documentation Validation Results

Validation Type Status
Mintlify (Primary)
Specialized Validators
Non-Mintlify Docs
Documentation Tests
ℹ️ About This Validation

This is the simplified documentation validation workflow that consolidates previous validators.

What changed:

  • Mintlify CLI is now PRIMARY validator (replaces 5 Python validators)
  • Removed duplicate validators (link_validator.py, navigation_validator.py, image_validator.py, frontmatter_validator.py)
  • Consolidated specialized validators into validate_docs.py (2025-11-29)
  • 91-93% faster validation (8-12s vs 105-155s previously)

What Mintlify checks:

  • ✅ Broken internal links
  • ✅ Navigation consistency (docs.json ↔ MDX files)
  • ✅ Image references
  • ✅ Frontmatter (title, description)
  • ✅ MDX syntax errors
  • ✅ Anchor links

How to fix failures:

# Run Mintlify validator locally (PRIMARY)
cd docs && npx mintlify broken-links

# Run consolidated documentation validator
python scripts/validators/validate_docs.py --all

Workflow Run: View Details

@github-actions

github-actions Bot commented Dec 8, 2025

Copy link
Copy Markdown
Contributor

🔒 Trivy Security Scan Results

Click to view full security report

Report Summary

┌─────────────────────────────────────────────────────────────┬───────┬─────────────────┬─────────┐
│                           Target                            │ Type  │ Vulnerabilities │ Secrets │
├─────────────────────────────────────────────────────────────┼───────┼─────────────────┼─────────┤
│ clients/go/go.mod                                           │ gomod │        0        │    -    │
├─────────────────────────────────────────────────────────────┼───────┼─────────────────┼─────────┤
│ clients/python/uv.lock                                      │  uv   │        2        │    -    │
├─────────────────────────────────────────────────────────────┼───────┼─────────────────┼─────────┤
│ src/mcp_server_langgraph/builder/frontend/package-lock.json │  npm  │        0        │    -    │
├─────────────────────────────────────────────────────────────┼───────┼─────────────────┼─────────┤
│ uv.lock                                                     │  uv   │        7        │    -    │
└─────────────────────────────────────────────────────────────┴───────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)


For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that you believe are not actually exploitable, consider issuing a VEX (Vulnerability Exploitability eXchange) statement.
VEX allows you to communicate the actual status of vulnerabilities in your project, improving security transparency and reducing false positives for your users.
Learn more and start using VEX: https://trivy.dev/v0.65/docs/supply-chain/vex/repo#publishing-vex-documents

To disable this notice, set the TRIVY_DISABLE_VEX_NOTICE environment variable.


clients/python/uv.lock (uv)
===========================
Total: 2 (LOW: 0, MEDIUM: 0, HIGH: 2, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version │                           Title                            │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼────────────────────────────────────────────────────────────┤
│ urllib3 │ CVE-2025-66418 │ HIGH     │ fixed  │ 2.5.0             │ 2.6.0         │ urllib3 is a user-friendly HTTP client library for Python. │
│         │                │          │        │                   │               │ Starting in ......                                         │
│         │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66418                 │
│         ├────────────────┤          │        │                   │               ├────────────────────────────────────────────────────────────┤
│         │ CVE-2025-66471 │          │        │                   │               │ urllib3 is a user-friendly HTTP client library for Python. │
│         │                │          │        │                   │               │ Starting in ......                                         │
│         │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66471                 │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴────────────────────────────────────────────────────────────┘

uv.lock (uv)
============
Total: 7 (LOW: 0, MEDIUM: 4, HIGH: 3, CRITICAL: 0)

┌───────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────────┐
│  Library  │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version │                            Title                             │
├───────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ fonttools │ CVE-2025-66034 │ MEDIUM   │ fixed  │ 4.60.1            │ 4.60.2        │ fontTools is a library for manipulating fonts, written in    │
│           │                │          │        │                   │               │ Python. In v...                                              │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66034                   │
├───────────┼────────────────┼──────────┤        ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ mcp       │ CVE-2025-66416 │ HIGH     │        │ 1.22.0            │ 1.23.0        │ mcp: DNS Rebinding Protection Disabled by Default in Model   │
│           │                │          │        │                   │               │ Context Protocol Python...                                   │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66416                   │
├───────────┼────────────────┤          │        ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ urllib3   │ CVE-2025-66418 │          │        │ 2.3.0             │ 2.6.0         │ urllib3 is a user-friendly HTTP client library for Python.   │
│           │                │          │        │                   │               │ Starting in ......                                           │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66418                   │
│           ├────────────────┤          │        │                   │               ├──────────────────────────────────────────────────────────────┤
│           │ CVE-2025-66471 │          │        │                   │               │ urllib3 is a user-friendly HTTP client library for Python.   │
│           │                │          │        │                   │               │ Starting in ......                                           │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66471                   │
│           ├────────────────┼──────────┤        │                   ├───────────────┼──────────────────────────────────────────────────────────────┤
│           │ CVE-2025-50181 │ MEDIUM   │        │                   │ 2.5.0         │ urllib3: urllib3 redirects are not disabled when retries are │
│           │                │          │        │                   │               │ disabled on PoolManager...                                   │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-50181                   │
│           ├────────────────┤          │        │                   │               ├──────────────────────────────────────────────────────────────┤
│           │ CVE-2025-50182 │          │        │                   │               │ urllib3: urllib3 does not control redirects in browsers and  │
│           │                │          │        │                   │               │ Node.js                                                      │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-50182                   │
├───────────┼────────────────┤          │        ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ werkzeug  │ CVE-2025-66221 │          │        │ 3.1.3             │ 3.1.4         │ Werkzeug safe_join() allows Windows special device names     │
│           │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-66221                   │
└───────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘

Note: Full report available in workflow artifacts.

@github-actions

github-actions Bot commented Dec 8, 2025

Copy link
Copy Markdown
Contributor

📊 Coverage Report

Current Coverage: 75.9%
Change: First measurement
Status: 📊 First measurement

Coverage Trend

Run make test-coverage-combined locally for detailed coverage report.
View detailed coverage in the workflow artifacts.

@github-actions

github-actions Bot commented Jan 8, 2026

Copy link
Copy Markdown
Contributor

This pull request has been automatically marked as stale because it has not had
recent activity. It will be closed if no further activity occurs within 7 days.
Please push new commits or comment if this PR is still being worked on.

@github-actions github-actions Bot added the stale label Jan 8, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant