Salastil/odysseus
1
0
Fork 0
mirror of https://github.com/pewdiepie-archdaemon/odysseus.git synced 2026-06-17 02:05:22 -04:00
Code Issues Packages Projects Releases Wiki Activity

chore: deduplicate src/search modules (cache, content, query) into shims (#2506)

Browse Source 
* chore: dedupe src/search/cache.py into a re-export shim

src/search/cache.py was a byte-identical copy of services/search/cache.py.
Convert it to a sys.modules alias of the canonical services module (matching
src/search/core.py, providers.py, ranking.py) so the two cannot drift, and add
an identity assertion to test_search_module_consolidation.py.

content.py and query.py are intentionally left as-is: the copies have drifted
and services lacks fixes that src has, so they need services reconciled first
before they can be shimmed safely.

* chore: dedupe src/search content.py and query.py into shims

Convert src/search/content.py and query.py to sys.modules aliases of the
canonical services/search/* (matching cache.py, core.py, providers.py,
ranking.py) so the duplicate copies cannot drift.

Repoint the two tests that were coupled to the src-copy internals onto the
canonical services surface (behaviour is equivalent):
- test_src_search_query_nonstring.py: import services.search.query instead of
  loading the src file by path.
- test_security_regressions.py::test_web_fetch_guard_blocks_redirect_into_private:
  mock httpx.get (services uses the module-level get, not httpx.Client) and
  assert on the canonical 'Blocked' message.

Drop the now-redundant [src_content, service_content] parametrization in
test_search_content_extraction_parity.py and test_search_content_url_guards.py
(after the shim both params are the same object); add content/query identity
assertions to test_search_module_consolidation.py.
This commit is contained in:
Kenny Van de Maele
2026-06-04 18:10:55 +02:00
committed by GitHub
parent 66fba78011
commit 8bfd79fe8e
8 changed files with 44 additions and 640 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/test_security_regressions.py
+3 -8
View File
@@ -860,19 +860,14 @@ def test_web_fetch_guard_blocks_redirect_into_private(monkeypatch):
class _Resp:
status_code = 302
url = "http://public.example/start"
headers = {"location": "http://169.254.169.254/latest/meta-data/"}
class _FakeClient:
def __init__(self, *a, **k): pass
def __enter__(self): return self
def __exit__(self, *a): return False
def get(self, url): return _Resp()
monkeypatch.setattr(httpx, "Client", _FakeClient)
monkeypatch.setattr(httpx, "get", lambda url, **kwargs: _Resp())
with _pytest.raises(httpx.RequestError) as exc:
content._get_public_url("http://public.example/start", headers={}, timeout=5)
assert "non-public" in str(exc.value)
assert "Blocked" in str(exc.value)
# ── audit fixes (2026-06-01): email XSS, attachment traversal, authz ──