test: add parser and contract coverage for plugin http_request_logger

[anshul23102]

Summary

Add comprehensive test coverage for the http_request_logger plugin, validating metadata, command rendering, and parser functionality.

Issue

Closes #499 - Plugin http_request_logger appears in the shipped catalog but lacks direct test coverage.

Scope

This PR adds test coverage for:

• Metadata validation ensuring plugin configuration is correct
• Command rendering via PluginManager for URL targets
• Parser contract tests with HTTP response fixtures
• Severity classification (info/low/high)
• All tests pass under pytest testing/backend -q

Tests Added

Metadata Contract Tests:

• test_http_request_logger_metadata_file_exists
• test_http_request_logger_metadata_is_valid_json
• test_http_request_logger_passes_validator
• test_http_request_logger_metadata_id_matches_directory
• test_http_request_logger_engine_is_httpx
• test_http_request_logger_has_required_target_field
• test_http_request_logger_target_has_url_validation
• test_http_request_logger_output_parser_is_custom
• test_http_request_logger_parser_file_exists
• test_http_request_logger_requires_consent

Command Rendering Tests:

• test_http_request_logger_command_renders_with_target
• test_http_request_logger_command_full_token_sequence
• test_http_request_logger_drops_target_token_when_absent
• test_http_request_logger_loaded_by_plugin_manager

Parser Contract Tests:

• test_http_request_logger_parser_returns_required_keys
• test_http_request_logger_parser_count_matches_findings
• test_http_request_logger_parser_finding_has_required_keys
• test_http_request_logger_parser_severity_classification
• test_http_request_logger_parser_empty_output
• test_http_request_logger_parser_preserves_raw_line_in_metadata

Type of Change

• Testing
• Plugin coverage

Related Issues

Closes #499

---

This contribution is part of GSSoC 2026.

[anshul23102]

Label Request

This PR addresses issue #499, adding comprehensive test coverage for the http_request_logger plugin. This is a high-value testing contribution for GSSoC 2026.

Could you please add the following labels when reviewed:

• gssoc-approved (high-priority for GSSoC scoring)
• type:testing (reflects the test coverage nature)
• area:plugins (plugin-specific testing)

This contribution ensures HTTP logging metadata, command rendering, and parser functionality are properly validated before release.

Thank you!

[utksh1]

After #684 and #685 were merged, this stacked branch can no longer be auto-updated because it conflicts with current main. Please rebase on main and keep only the http_request_logger parser/contract test changes in this PR; remove the already-merged katana and iac_scanner test files from the branch. I can re-review once the effective file list is focused and CI is green.

[anshul23102]

Conflicts Resolved ✅

I've successfully rebased the PR on the latest main and cleaned up the branch as requested.

Changes Made

Removed commits:

• ❌ Katana plugin test coverage (test: add parser and contract coverage for plugin katana #684) - now on main
• ❌ IaC Scanner plugin test coverage - now on main

Kept commits:

• ✅ test: add parser and contract coverage for plugin http_request_logger (commit 039408a)
• ✅ test: fix flaky assertion in http_request_logger test (commit 69c9e70)

Branch Status

• ✅ Rebased cleanly on main (latest: test(backend): add parser and contract coverage for fuzzer plugin #691)
• ✅ No merge conflicts
• ✅ Only http_request_logger changes remain
• ✅ CI should now be green

The branch is now focused and ready for re-review. All 253 lines of http_request_logger test coverage are preserved.

—@anshul23102

[utksh1]

Re-reviewed the latest push. Focused http_request_logger parser/contract coverage, no production changes.