CI test fixes for Windows

timokoessler · timokoessler · commit 761af9369022 · 2025-01-20T16:14:26.000+01:00
diff --git a/library/package.json b/library/package.json
@@ -122,7 +122,7 @@
   },
   "scripts": {
     "test": "node ../scripts/run-tap.js",
-    "test:ci": "CI=true node ../scripts/run-tap.js",
+    "test:ci": "node ../scripts/run-tap.js --ci",
     "build": "tsc -p tsconfig.build.json",
     "build:watch": "tsc --watch -p tsconfig.build.json",
     "lint": "npm run lint-eslint && npm run lint-tsc",
diff --git a/library/sinks/Postgres.test.ts b/library/sinks/Postgres.test.ts
@@ -2,6 +2,7 @@ import * as t from "tap";
 import { getContext, runWithContext, type Context } from "../agent/Context";
 import { Postgres } from "./Postgres";
 import { createTestAgent } from "../helpers/createTestAgent";
+import { isWindowsCi } from "../helpers/isWindowsCi";
 
 const context: Context = {
   remoteAddress: "::1",
@@ -18,123 +19,129 @@ const context: Context = {
   route: "/posts/:id",
 };
 
-t.test("it inspects query method calls and blocks if needed", async (t) => {
-  const agent = createTestAgent();
-  agent.start([new Postgres()]);
+t.test(
+  "it inspects query method calls and blocks if needed",
+  {
+    skip: isWindowsCi ? "Skip on Windows CI" : false,
+  },
+  async (t) => {
+    const agent = createTestAgent();
+    agent.start([new Postgres()]);
 
-  const { Client } = require("pg") as typeof import("pg");
-  const client = new Client({
-    user: "root",
-    host: "127.0.0.1",
-    database: "main_db",
-    password: "password",
-    port: 27016,
-  });
-  await client.connect();
+    const { Client } = require("pg") as typeof import("pg");
+    const client = new Client({
+      user: "root",
+      host: "127.0.0.1",
+      database: "main_db",
+      password: "password",
+      port: 27016,
+    });
+    await client.connect();
 
-  try {
-    await client.query(`
+    try {
+      await client.query(`
       CREATE TABLE IF NOT EXISTS cats (
         petname varchar(255)
       );
     `);
-    await client.query("TRUNCATE cats");
-
-    t.same((await client.query("SELECT petname FROM cats;")).rows, []);
-    t.same(
-      (await client.query({ text: "SELECT petname FROM cats;" })).rows,
-      []
-    );
-    t.same(
-      (
-        await runWithContext(context, () => {
-          return client.query("SELECT petname FROM cats;");
-        })
-      ).rows,
-      []
-    );
-    t.same(
-      (
-        await runWithContext(context, () => {
-          return client.query({ text: "SELECT petname FROM cats;" });
-        })
-      ).rows,
-      []
-    );
+      await client.query("TRUNCATE cats");
 
-    const error = await t.rejects(async () => {
-      await runWithContext(context, () => {
-        return client.query("-- should be blocked");
-      });
-    });
-    if (error instanceof Error) {
+      t.same((await client.query("SELECT petname FROM cats;")).rows, []);
       t.same(
-        error.message,
-        "Zen has blocked an SQL injection: pg.query(...) originating from body.myTitle"
+        (await client.query({ text: "SELECT petname FROM cats;" })).rows,
+        []
       );
-    }
-
-    const error2 = await t.rejects(async () => {
-      await runWithContext(context, () => {
-        return client.query({ text: "-- should be blocked" });
-      });
-    });
-    if (error2 instanceof Error) {
       t.same(
-        error2.message,
-        "Zen has blocked an SQL injection: pg.query(...) originating from body.myTitle"
+        (
+          await runWithContext(context, () => {
+            return client.query("SELECT petname FROM cats;");
+          })
+        ).rows,
+        []
       );
-    }
-
-    const undefinedQueryError = await t.rejects(async () => {
-      await runWithContext(context, () => {
-        // @ts-expect-error Test
-        return client.query(null);
-      });
-    });
-    if (undefinedQueryError instanceof Error) {
       t.same(
-        undefinedQueryError.message,
-        "Client was passed a null or undefined query"
+        (
+          await runWithContext(context, () => {
+            return client.query({ text: "SELECT petname FROM cats;" });
+          })
+        ).rows,
+        []
       );
-    }
 
-    await runWithContext(
-      {
-        remoteAddress: "::1",
-        method: "POST",
-        url: "http://localhost:4000/",
-        query: {},
-        headers: {},
-        body: {},
-        cookies: {},
-        source: "express",
-        route: "/posts/:id",
-        routeParams: {},
-      },
-      () => {
-        return client.query("-- This is a comment");
+      const error = await t.rejects(async () => {
+        await runWithContext(context, () => {
+          return client.query("-- should be blocked");
+        });
+      });
+      if (error instanceof Error) {
+        t.same(
+          error.message,
+          "Zen has blocked an SQL injection: pg.query(...) originating from body.myTitle"
+        );
       }
-    );
 
-    // Check if context is available in the callback
-    runWithContext(context, () => {
-      client.query("SELECT petname FROM cats;", (error, result) => {
-        t.match(getContext(), context);
+      const error2 = await t.rejects(async () => {
+        await runWithContext(context, () => {
+          return client.query({ text: "-- should be blocked" });
+        });
+      });
+      if (error2 instanceof Error) {
+        t.same(
+          error2.message,
+          "Zen has blocked an SQL injection: pg.query(...) originating from body.myTitle"
+        );
+      }
 
-        try {
-          client.query("-- should be blocked", () => {});
-        } catch (error: any) {
-          t.match(
-            error.message,
-            /Zen has blocked an SQL injection: pg.query\(\.\.\.\) originating from body\.myTitle/
-          );
+      const undefinedQueryError = await t.rejects(async () => {
+        await runWithContext(context, () => {
+          // @ts-expect-error Test
+          return client.query(null);
+        });
+      });
+      if (undefinedQueryError instanceof Error) {
+        t.same(
+          undefinedQueryError.message,
+          "Client was passed a null or undefined query"
+        );
+      }
+
+      await runWithContext(
+        {
+          remoteAddress: "::1",
+          method: "POST",
+          url: "http://localhost:4000/",
+          query: {},
+          headers: {},
+          body: {},
+          cookies: {},
+          source: "express",
+          route: "/posts/:id",
+          routeParams: {},
+        },
+        () => {
+          return client.query("-- This is a comment");
         }
+      );
+
+      // Check if context is available in the callback
+      runWithContext(context, () => {
+        client.query("SELECT petname FROM cats;", (error, result) => {
+          t.match(getContext(), context);
+
+          try {
+            client.query("-- should be blocked", () => {});
+          } catch (error: any) {
+            t.match(
+              error.message,
+              /Zen has blocked an SQL injection: pg.query\(\.\.\.\) originating from body\.myTitle/
+            );
+          }
+        });
       });
-    });
-  } catch (error: any) {
-    t.fail(error);
-  } finally {
-    await client.end();
+    } catch (error: any) {
+      t.fail(error);
+    } finally {
+      await client.end();
+    }
   }
-});
+);
diff --git a/library/sinks/Shelljs.test.ts b/library/sinks/Shelljs.test.ts
@@ -4,6 +4,7 @@ import { Shelljs } from "./Shelljs";
 import { ChildProcess } from "./ChildProcess";
 import { FileSystem } from "./FileSystem";
 import { createTestAgent } from "../helpers/createTestAgent";
+import { isWindows } from "../helpers/isWindows";
 
 const dangerousContext: Context = {
   remoteAddress: "::1",
@@ -139,22 +140,26 @@ t.test("it detects async shell injections", async (t) => {
   }
 });
 
-t.test("it prevents path injections using ls", async (t) => {
-  const shelljs = require("shelljs");
+t.test(
+  "it prevents path injections using ls",
+  { skip: isWindows ? "Skip on Windows" : undefined },
+  async (t) => {
+    const shelljs = require("shelljs");
 
-  const error = await t.rejects(async () => {
-    runWithContext(dangerousPathContext, () => {
-      return shelljs.ls("/etc/ssh");
+    const error = await t.rejects(async () => {
+      runWithContext(dangerousPathContext, () => {
+        return shelljs.ls("/etc/ssh");
+      });
     });
-  });
-  t.ok(error instanceof Error);
-  if (error instanceof Error) {
-    t.same(
-      error.message,
-      "Zen has blocked a path traversal attack: fs.readdirSync(...) originating from body.myTitle"
-    );
+    t.ok(error instanceof Error);
+    if (error instanceof Error) {
+      t.same(
+        error.message,
+        "Zen has blocked a path traversal attack: fs.readdirSync(...) originating from body.myTitle"
+      );
+    }
   }
-});
+);
 
 t.test("it prevents path injections using cat", async (t) => {
   const shelljs = require("shelljs");
