Skip to content

Add comprehensive edge case tests for NoSQL operator detection#38

Merged
hyp3rd merged 3 commits intofeat/sanitizefrom
copilot/sub-pr-35-another-one
Jan 11, 2026
Merged

Add comprehensive edge case tests for NoSQL operator detection#38
hyp3rd merged 3 commits intofeat/sanitizefrom
copilot/sub-pr-35-another-one

Conversation

Copy link
Contributor

Copilot AI commented Jan 11, 2026
edited
Loading

Addresses feedback on PR #35 requesting broader test coverage for NoSQL injection operator detection boundary cases.

Changes

  • Added TestNoSQLInjectionDetectorEdgeCases with 26 test cases covering:
    • Dollar signs not at operator boundaries: "price$", "$123", "price$value"
    • Unknown operators with valid syntax: "$unknown", "$hello"
    • Operators at string start and after all delimiter types: {, [, ,, :, ", ', (, whitespace
    • Case normalization: "$NE", "$Ne" correctly detected (operators are lowercased)

Tests validate the detector correctly distinguishes legitimate dollar sign usage from injection patterns based on the isNoSQLOperatorBoundary logic.

// Should not detect - dollar not at boundary
detector.Detect("price$value") // nil

// Should detect - dollar after delimiter
detector.Detect(`{"$ne":null}`) // ErrNoSQLInjectionDetected

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI mentioned this pull request Jan 11, 2026
Merged
Copilot AI and others added 2 commits January 11, 2026 14:12
@hyp3rd
Add comprehensive edge case tests for NoSQL operator detection
17bcfd5 
Co-authored-by: hyp3rd <62474964+hyp3rd@users.noreply.github.com>
@hyp3rd
Fix case sensitivity test comments - operators are normalized to lowe…
e91a4f7 
…rcase

Co-authored-by: hyp3rd <62474964+hyp3rd@users.noreply.github.com>
Copilot AI changed the title [WIP] Update configurable options for NoSQL injection detector Add comprehensive edge case tests for NoSQL operator detection Jan 11, 2026
Copilot AI requested a review from hyp3rd January 11, 2026 14:15
@hyp3rd hyp3rd marked this pull request as ready for review January 11, 2026 19:14
Copilot AI review requested due to automatic review settings January 11, 2026 19:14
@hyp3rd hyp3rd merged commit 93e14d1 into feat/sanitize Jan 11, 2026
15 checks passed
@hyp3rd hyp3rd deleted the copilot/sub-pr-35-another-one branch January 11, 2026 19:14
Copilot AI reviewed Jan 11, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds comprehensive edge case test coverage for NoSQL injection operator detection, addressing feedback from PR #35 that requested broader boundary case testing.

Changes:

  • Added TestNoSQLInjectionDetectorEdgeCases with 26 test cases covering dollar sign positions, unknown operators, various delimiters, and case normalization
  • Tests validate the detector correctly distinguishes legitimate dollar sign usage from injection patterns based on operator boundary logic

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@hyp3rd hyp3rd Awaiting requested review from hyp3rd

Assignees

@hyp3rd hyp3rd

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hyp3rd