From 635f6a6e4eb2b185627654564a4aa4faa7aea42b Mon Sep 17 00:00:00 2001 From: Snake Date: Mon, 9 Mar 2026 17:01:17 -0500 Subject: [PATCH 1/2] ci: add Python test step and PR workflow --- .github/workflows/build.yml | 39 +++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6a4a13f..4f05742 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -4,24 +4,47 @@ on: push: branches: - master + pull_request: + branches: + - master +permissions: + contents: read jobs: build: - name: Build and analyze + name: Build, test, and analyze runs-on: ubuntu-latest - + steps: - - uses: actions/checkout@v4 + - name: Check out repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up Python + uses: actions/setup-python@v5 with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - uses: SonarSource/sonarqube-scan-action@v6 + python-version: '3.12' + cache: 'pip' + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r requirements.txt + + - name: Run unit tests + run: python -m unittest discover -s tests -v + + - name: SonarQube scan + uses: SonarSource/sonarqube-scan-action@v6 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} - # If you wish to fail your job when the Quality Gate is red, uncomment the - # following lines. This would typically be used to fail a deployment. - # - uses: SonarSource/sonarqube-quality-gate-action@v1 + + # Enable this if you want the pipeline to fail on a red quality gate. + # - name: SonarQube quality gate + # uses: SonarSource/sonarqube-quality-gate-action@v1 # timeout-minutes: 5 # env: # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} From 69ae29fbeb2440d903555bc578e59081d214eae4 Mon Sep 17 00:00:00 2001 From: Elias Achi Date: Wed, 15 Apr 2026 04:41:15 +0000 Subject: [PATCH 2/2] Resolve conflicts for qrcode hardening --- app/qrcoderesponse.py | 6 ++++++ app/templates/index.html | 7 +++++++ tests/test_app.py | 7 +++++++ 3 files changed, 20 insertions(+) diff --git a/app/qrcoderesponse.py b/app/qrcoderesponse.py index 915faaf..0c8c6e5 100644 --- a/app/qrcoderesponse.py +++ b/app/qrcoderesponse.py @@ -11,9 +11,15 @@ DEFAULT_BG_COLOR = "#ffffff" MIN_PIXEL_WIDTH = 1 MAX_PIXEL_WIDTH = 100 +<<<<<<< Updated upstream DEFAULT_LOGO_SCALE = 20 MIN_LOGO_SCALE = 5 MAX_LOGO_SCALE = 30 +======= +DEFAULT_LOGO_SCALE = 15 +MIN_LOGO_SCALE = 5 +MAX_LOGO_SCALE = 20 +>>>>>>> Stashed changes def _pixel_width_from_env(): diff --git a/app/templates/index.html b/app/templates/index.html index 9bbc74e..88b4a4f 100644 --- a/app/templates/index.html +++ b/app/templates/index.html @@ -29,9 +29,16 @@
+<<<<<<< Updated upstream 20%
+======= + + 15% + + For scan reliability, logo size is capped at 20%. +>>>>>>> Stashed changes
diff --git a/tests/test_app.py b/tests/test_app.py index 3ff2d16..cff10af 100644 --- a/tests/test_app.py +++ b/tests/test_app.py @@ -8,6 +8,7 @@ sys.path.insert(0, APP_DIR) from main import app # noqa: E402 +from qrcoderesponse import DEFAULT_LOGO_SCALE, MAX_LOGO_SCALE, _normalized_logo_scale # noqa: E402 class QRCodeAppTestCase(unittest.TestCase): @@ -41,6 +42,12 @@ def test_qr_returns_png_for_valid_text(self): self.assertEqual(response.mimetype, "image/png") self.assertTrue(response.data.startswith(b"\x89PNG")) + def test_logo_scale_is_clamped_to_maximum(self): + self.assertEqual(_normalized_logo_scale("999"), MAX_LOGO_SCALE) + + def test_logo_scale_uses_new_default(self): + self.assertEqual(_normalized_logo_scale(None), DEFAULT_LOGO_SCALE) + if __name__ == "__main__": unittest.main()