Summary of What Needs to be Done:
backend/secuscan/ai_summary.py contains several pure functions that currently lack unit test coverage. These include _sanitize_title (which removes URLs, IPs, hostnames, and credentials from finding titles using a regex), _build_prompt (which constructs privacy-safe prompts from finding metadata), and the error paths in generate_summary (empty findings list, missing openai package, LLM failure).
Changes that Need to be Made:
- Add testing/backend/unit/test_ai_summary.py
- Import the real production functions from backend.secuscan.ai_summary
- Test _sanitize_title with URLs, IPs, hostnames, and credential patterns (e.g. password:secret, token:xyz)
- Test _build_prompt with empty list, single finding, and mixed severity findings (critical/high should appear in top findings)
- Test generate_summary returns empty string for empty findings list
- Mock the OpenAI client to test the LLM call path without a real API key
Impact that it would Provide:
- Prevents regressions in privacy-sensitive sanitization logic
- Documents expected behavior of prompt construction
- Enables testing LLM integration paths without external dependencies
Note: This task is being handled by tmdeveloper007 — please assign to that account when picking it up.
Summary of What Needs to be Done:
backend/secuscan/ai_summary.py contains several pure functions that currently lack unit test coverage. These include _sanitize_title (which removes URLs, IPs, hostnames, and credentials from finding titles using a regex), _build_prompt (which constructs privacy-safe prompts from finding metadata), and the error paths in generate_summary (empty findings list, missing openai package, LLM failure).
Changes that Need to be Made:
Impact that it would Provide:
Note: This task is being handled by tmdeveloper007 — please assign to that account when picking it up.