Gandalf/sofarr
1
0
Fork 0
Code Issues 1 Pull Requests Actions 1 Packages Projects Releases 18 Wiki Activity

feat(webhooks): security hardening, tests, full documentation audit & polish (Phase 6)
All checks were successful
Build and Push Docker Image / build (push) Successful in 41s
Details
Docs Check / Markdown lint (push) Successful in 48s
Details
Licence Check / Licence compatibility and copyright header verification (push) Successful in 57s
Details
CI / Security audit (push) Successful in 1m23s
Details
CI / Tests & coverage (push) Successful in 1m36s
Details
Docs Check / Mermaid diagram parse check (push) Successful in 1m43s
Details

Browse Source
This commit is contained in:
Gronod
2026-05-19 17:11:45 +01:00
parent 8609f03c5a
commit 1bef14d590
8 changed files with 888 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/README.md
View File

@@ -41,7 +41,10 @@ tests/
│ └── tokenStore.test.js # JSON file token store: store/get/clear, TTL expiry
└── integration/
├── health.test.js # GET /health and /ready endpoints
── auth.test.js # Full login/logout/me/csrf flows via supertest + nock
── auth.test.js # Full login/logout/me/csrf flows via supertest + nock
├── history.test.js # GET /api/history/recent: auth, filtering, deduplication
└── webhook.test.js # POST /api/webhook/sonarr+radarr: secret, validation,
# replay protection, metrics, security assertions
```
## Key design decisions
@@ -60,6 +63,7 @@ The tested files meet these per-file minimums (enforced in CI):
|---|---|---|
| `server/app.js` | 85% | 65% |
| `server/routes/auth.js` | 85% | 70% |
| `server/routes/webhook.js` | 80% | 70% |
| `server/middleware/requireAuth.js` | 75% | 80% |
| `server/utils/sanitizeError.js` | 60% | — |
| `server/utils/config.js` | 50% | 55% |