Skip to content

Update SARIF test fixture to match updated spec-char-escape documentation #1754

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 1, 2025
Merged

Update SARIF test fixture to match updated spec-char-escape documentation #1754

merged 3 commits into from
Nov 1, 2025

Conversation

Copy link
Contributor

Copilot AI commented Nov 1, 2025
edited
Loading

The SARIF formatter test was failing because the test fixture contained outdated markdown for the spec-char-escape rule. The rule documentation was updated to include a "Why this rule is important" section explaining XSS prevention, but the test fixture still expected the old format.

Changes

  • Updated test/cli/formatters/sarif.sarif to include the "Why this rule is important" section in the spec-char-escape rule's markdown help text

The fix synchronizes the test fixture with the current documentation content that explains how unescaped HTML special characters can lead to rendering issues and XSS vulnerabilities.

Original prompt

This section details on the original issue you should resolve

<issue_title>Tests are failing in CI/CD</issue_title>
<issue_description>Error

FAIL test/cli/formatters/sarif.spec.js (30.63 s)
    ● CLI › Formatter: sarif › should have stdout output with formatter sarif
  
      expect(received).toEqual(expected) // deep equality
  
      - Expected  - 1
      + Received  + 5
  
      @@ -20,11 +20,15 @@
  
        ### The following pattern is considered a rule violation:
  
        ```html
        `<span>`aaa>bbb`<ccc</span>`
      - ```",
      + ```
      +
      + ## Why this rule is important
      +
      + Special HTML characters like `<`, `>`, and `&` must be escaped to prevent them from being interpreted as HTML tags or entities. This avoids rendering issues and potential cross-site scripting (XSS) vulnerabilities.",
            "text": "Special characters must be escaped.",
          },
          "helpUri": "https://htmlhint.com/rules/spec-char-escape",
          "id": "spec-char-escape",
          "shortDescription": Object {
  
        48 |
        49 |           for (let i = 0; i < stdoutRules.length; i++) {
      > 50 |             expect(stdoutRules[i]).toEqual(
           |                                    ^
        51 |               expected['runs'][0]['tool']['driver']['rules'][i]
        52 |             )
        53 |           }
  
        at Socket.toEqual (test/cli/formatters/sarif.spec.js:50:36)
  
    ● CLI › Formatter: sarif › should have stdout output with formatter sarif
  
      expect(received).toEqual(expected) // deep equality
  
      - Expected  - 1
      + Received  + 5
  
      @@ -20,11 +20,15 @@
  
        ### The following pattern is considered a rule violation:
  
        ```html
        `<span>`aaa>bbb`<ccc</span>`
      - ```",
      + ```
      +
      + ## Why this rule is important
      +
      + Special HTML characters like `<`, `>`, and `&` must be escaped to prevent them from being interpreted as HTML tags or entities. This avoids rendering issues and potential cross-site scripting (XSS) vulnerabilities.",
            "text": "Special characters must be escaped.",
          },
          "helpUri": "https://htmlhint.com/rules/spec-char-escape",
          "id": "spec-char-escape",
          "shortDescription": Object {
  
        92 |
        93 |           for (let i = 0; i < fileRules.length; i++) {
      > 94 |             expect(fileRules[i]).toEqual(
           |                                  ^
        95 |               expected['runs'][0]['tool']['driver']['rules'][i]
        96 |             )
        97 |           }
  
        at ChildProcess.toEqual (test/cli/formatters/sarif.spec.js:94:34)
  
    ● CLI › Formatter: sarif › should have stdout output with formatter sarif
  
      thrown: "Exceeded timeout of 30000 ms for a test while waiting for `done()` to be called.
      Add a timeout value to this test to increase the timeout, if this is a long-running test. See https://jestjs.io/docs/api#testname-fn-timeout."
  
         6 | describe('CLI', () => {
         7 |   describe('Formatter: sarif', () => {
      >  8 |     it('should have stdout output with formatter sarif', (done) => {
           |     ^
         9 |       const expectedFileContent = fs
        10 |         .readFileSync(path.resolve(__dirname, 'sarif.sarif'), 'utf8')
        11 |         .replace(/\{\{path\}\}/g, 'test/cli/formatters/example.html')
  
        at it (test/cli/formatters/sarif.spec.js:8:5)
        at describe (test/cli/formatters/sarif.spec.js:7:3)
        at Object.describe (test/cli/formatters/sarif.spec.js:6:1)
  
  Summary of all failing tests
  FAIL test/cli/formatters/sarif.spec.js (30.63 s)
    ● CLI › Formatter: sarif › should have stdout output with formatter sarif
  
      expect(received).toEqual(expected) // deep equality
  
      - Expected  - 1
      + Received  + 5
  
      @@ -20,11 +20,15 @@
  
        ### The following pattern is considered a rule violation:
  
        ```html
        `<span>`aaa>bbb`<ccc</span>`
      - ```",
      + ```
      +
      + ## Why this rule is important
      +
      + Special HTML characters like `<`, `>`, and `&` must be escaped to prevent them from being interpreted as HTML tags or entities. This avoids rendering issues and potential cross-site scripting (XSS) vulnerabilities.",
            "text": "Special characters must be escaped.",
          },
          "helpUri": "https://htmlhint.com/rules/spec-char-escape",
          "id": "spec-char-escape",
          "shortDescription": Object {
  
        48 |
        49 |           for (let i = 0; i < stdoutRules.length; i++) {
      > 50 |             expect(stdoutRules[i]).toEqual(
           |                                    ^
        51 |               expected['runs'][0]['tool']['driver']['rules'][i]
        52 |             )
        53 |           }
  
        at Socket.toEqual (test/cli/formatters/sarif.spec.js:50:36)
  
    ● CLI › Formatte...

</details>

- Fixes htmlhint/HTMLHint#1753

<!-- START COPILOT CODING AGENT TIPS -->
---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our [2 minute survey](https://gh.io/copilot-coding-agent-survey).

@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Nov 1, 2025
edited
Loading

Deploying htmlhint with  Cloudflare Pages  Cloudflare Pages

Latest commit: 28dc2f1
Status: ✅  Deploy successful!
Preview URL: https://4b961604.htmlhint.pages.dev
Branch Preview URL: https://copilot-fix-ci-cd-tests-fail.htmlhint.pages.dev

View logs

Copilot AI changed the title [WIP] Fix failing tests in CI/CD pipeline Update SARIF test fixture to match updated spec-char-escape documentation Nov 1, 2025
Copilot AI requested a review from coliff November 1, 2025 08:41
Copilot finished work on behalf of coliff November 1, 2025 08:41
@coliff coliff marked this pull request as ready for review November 1, 2025 09:08
@coliff coliff requested a review from thedaviddias as a code owner November 1, 2025 09:08
@codecov
Copy link

codecov bot commented Nov 1, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (95e6a13) to head (28dc2f1).
⚠️ Report is 157 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff             @@
##             main     #1754      +/-   ##
===========================================
+ Coverage   96.99%   100.00%   +3.00%     
===========================================
  Files           2         1       -1     
  Lines        1628         1    -1627     
  Branches      335         0     -335     
===========================================
- Hits         1579         1    -1578     
+ Misses         49         0      -49

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 191d4c8...28dc2f1. Read the comment docs.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@coliff coliff merged commit 3b76781 into main Nov 1, 2025
26 checks passed
@coliff coliff deleted the copilot/fix-ci-cd-tests-failures branch November 1, 2025 11:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coliff coliff Awaiting requested review from coliff coliff is a code owner

@thedaviddias thedaviddias Awaiting requested review from thedaviddias

Assignees

@coliff coliff

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@coliff