From 21aedae1db9ad37d2e656c64954da775aa832b94 Mon Sep 17 00:00:00 2001
From: rarebuffalo <info.krishnasingh.codes@gmail.com>
Date: Fri, 12 Jun 2026 19:10:58 +0530
Subject: [PATCH] add unit tests for offline pattern security rules

---
 tests/test_cli_patterns.py | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 tests/test_cli_patterns.py

diff --git a/tests/test_cli_patterns.py b/tests/test_cli_patterns.py
new file mode 100644
index 0000000..d0f5051
--- /dev/null
+++ b/tests/test_cli_patterns.py
@@ -0,0 +1,27 @@
+import pytest
+from cli.securelens.scanners.patterns import scan_file_content
+
+@pytest.fixture(autouse=True)
+def setup_db():
+    # Override the database autouse fixture because these tests do not touch the DB.
+    pass
+
+def test_hardcoded_aws_key():
+    content = 'aws_key = "AKIA1234567890123456"'
+    findings = scan_file_content("test.py", content)
+    assert len(findings) == 2
+    issues = [f.issue for f in findings]
+    assert "Hardcoded AWS Access Key ID" in issues
+    assert "Hardcoded API/Auth Token" in issues
+
+def test_sql_injection():
+    content = 'db.execute(f"select * from users where id = {user_id}")'
+    findings = scan_file_content("test.py", content)
+    assert len(findings) == 1
+    assert findings[0].issue == "Potential SQL Injection"
+    assert findings[0].severity == "High"
+
+def test_no_findings():
+    content = 'print("hello world")'
+    findings = scan_file_content("test.py", content)
+    assert len(findings) == 0