From e3644147625216f0eba2456dd9201b9dfd7793b4 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 16 Nov 2025 09:01:34 +0000 Subject: [PATCH 01/10] Initial plan From 23c13341e767917461d8cf88e479681e580e9e23 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 16 Nov 2025 09:07:42 +0000 Subject: [PATCH 02/10] Fix code quality checks: format Python code, update lint-staged config, remove ESLint result files Co-authored-by: morningstarxcdcode <205398826+morningstarxcdcode@users.noreply.github.com> --- .eslint-results-explicit.json | 324 ------------------ .eslint-results-monorepo.json | 1 - .eslint-results.json | 324 ------------------ .gitignore | 3 + .../.eslint-results-monorepo.json | 1 - gymgenius/backend/main.py | 12 +- gymgenius/backend/payment_service.py | 34 +- gymgenius/backend/socketio_service.py | 4 +- .../backend/tests/test_main_endpoints.py | 1 + .../backend/tests/test_payment_service.py | 20 +- .../tests/test_payment_service_storage.py | 20 +- .../backend/tests/test_socketio_and_main.py | 7 +- .../backend/tests/test_socketio_service.py | 19 +- package.json | 2 +- 14 files changed, 42 insertions(+), 730 deletions(-) delete mode 100644 .eslint-results-explicit.json delete mode 100644 .eslint-results-monorepo.json delete mode 100644 .eslint-results.json delete mode 100644 gymgenius-monorepo/.eslint-results-monorepo.json diff --git a/.eslint-results-explicit.json b/.eslint-results-explicit.json deleted file mode 100644 index 99c6a55..0000000 --- a/.eslint-results-explicit.json +++ /dev/null @@ -1,324 +0,0 @@ -[ - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/App.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/Chatbot.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/Dashboard.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/FactChecker.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/FloatingChatbot.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/LocationFinder.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/MealAnalyzer.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/PlanGenerator.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/Sidebar.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/common/Button.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/common/Card.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/common/Icons.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/common/LoadingSpinner.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/common/MarkdownRenderer.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/hooks/useGeolocation.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/index.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/services/geminiService.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/tests/Sidebar.test.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/types.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/utils/audioUtils.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/vite.config.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/vitest.config.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/vitest.setup.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - } -] diff --git a/.eslint-results-monorepo.json b/.eslint-results-monorepo.json deleted file mode 100644 index 779eb4d..0000000 --- a/.eslint-results-monorepo.json +++ /dev/null @@ -1 +0,0 @@ -[{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/app/disputes/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/app/layout.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/app/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/app/revenue/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/app/users/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/next-env.d.ts","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/next.config.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/tailwind.config.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/app/clients/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/app/layout.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/app/meal-plans/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/app/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/next-env.d.ts","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/next.config.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/tailwind.config.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/packages/backend/socketio/server.js","messages":[{"ruleId":"no-console","severity":2,"message":"Unexpected console statement.","line":47,"column":1,"nodeType":"MemberExpression","messageId":"unexpected","endLine":47,"endColumn":12,"suggestions":[{"messageId":"removeConsole","data":{"propertyName":"log"},"fix":{"range":[1286,1327],"text":""},"desc":"Remove the console.log()."}]},{"ruleId":"no-console","severity":2,"message":"Unexpected console statement.","line":72,"column":3,"nodeType":"MemberExpression","messageId":"unexpected","endLine":72,"endColumn":14,"suggestions":[{"messageId":"removeConsole","data":{"propertyName":"log"},"fix":{"range":[1890,1945],"text":""},"desc":"Remove the console.log()."}]},{"ruleId":"no-console","severity":2,"message":"Unexpected console statement.","line":80,"column":5,"nodeType":"MemberExpression","messageId":"unexpected","endLine":80,"endColumn":16,"suggestions":[{"messageId":"removeConsole","data":{"propertyName":"log"},"fix":{"range":[2124,2191],"text":""},"desc":"Remove the console.log()."}]},{"ruleId":"no-console","severity":2,"message":"Unexpected console statement.","line":86,"column":5,"nodeType":"MemberExpression","messageId":"unexpected","endLine":86,"endColumn":16,"suggestions":[{"messageId":"removeConsole","data":{"propertyName":"log"},"fix":{"range":[2300,2365],"text":""},"desc":"Remove the console.log()."}]},{"ruleId":"no-console","severity":2,"message":"Unexpected console statement.","line":153,"column":5,"nodeType":"MemberExpression","messageId":"unexpected","endLine":153,"endColumn":16,"suggestions":[{"messageId":"removeConsole","data":{"propertyName":"log"},"fix":{"range":[3938,4028],"text":""},"desc":"Remove the console.log()."}]},{"ruleId":"no-console","severity":2,"message":"Unexpected console statement.","line":169,"column":1,"nodeType":"MemberExpression","messageId":"unexpected","endLine":169,"endColumn":12,"suggestions":[{"messageId":"removeConsole","data":{"propertyName":"log"},"fix":{"range":[4296,4385],"text":""},"desc":"Remove the console.log()."}]},{"ruleId":"no-console","severity":2,"message":"Unexpected console statement.","line":175,"column":3,"nodeType":"MemberExpression","messageId":"unexpected","endLine":175,"endColumn":14,"suggestions":[{"messageId":"removeConsole","data":{"propertyName":"log"},"fix":{"range":[4446,4497],"text":""},"desc":"Remove the console.log()."}]}],"suppressedMessages":[],"errorCount":7,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"source":"import { createAdapter } from '@socket.io/redis-adapter';\nimport dotenv from 'dotenv';\nimport * as admin from 'firebase-admin';\nimport fs from 'node:fs';\nimport { createClient } from 'redis';\nimport { Server } from 'socket.io';\n\ndotenv.config({ path: '../.env' });\n\n// Initialize Firebase Admin\nconst serviceAccountPath = process.env.FIREBASE_SERVICE_ACCOUNT_PATH;\nif (serviceAccountPath) {\n try {\n const credentials = fs.readFileSync(serviceAccountPath, 'utf8');\n const serviceAccount = JSON.parse(credentials);\n admin.initializeApp({\n credential: admin.credential.cert(serviceAccount),\n });\n } catch (err) {\n console.warn(\n 'Unable to initialize Firebase Admin with provided service account path:',\n err.message\n );\n }\n}\n\n// Initialize Socket.io server\nconst io = new Server(\n Number.parseInt(process.env.SOCKETIO_PORT || '3001', 10),\n {\n cors: {\n origin: process.env.SOCKETIO_CORS_ORIGINS?.split(',') || [\n 'http://localhost:3000',\n ],\n credentials: true,\n },\n }\n);\n\n// Redis adapter for horizontal scaling\nconst pubClient = createClient({ url: process.env.REDIS_URL });\nconst subClient = pubClient.duplicate();\n\nawait pubClient.connect();\nawait subClient.connect();\nio.adapter(createAdapter(pubClient, subClient));\nconsole.log('Redis adapter initialized');\n\n// Authentication middleware\nio.use(async (socket, next) => {\n const token = socket.handshake.auth.token;\n\n if (!token) {\n return next(new Error('Authentication token required'));\n }\n\n try {\n const decodedToken = await admin.auth().verifyIdToken(token);\n socket.data.user = {\n uid: decodedToken.uid,\n email: decodedToken.email,\n };\n next();\n } catch (error) {\n console.error('Authentication error:', error);\n next(new Error('Invalid authentication token'));\n }\n});\n\n// Connection handler\nio.on('connection', (socket) => {\n console.log(`User connected: ${socket.data.user.uid}`);\n\n // Join user's personal room\n socket.join(`user:${socket.data.user.uid}`);\n\n // Join chat room\n socket.on('join_chat', (chatId) => {\n socket.join(`chat:${chatId}`);\n console.log(`User ${socket.data.user.uid} joined chat: ${chatId}`);\n });\n\n // Leave chat room\n socket.on('leave_chat', (chatId) => {\n socket.leave(`chat:${chatId}`);\n console.log(`User ${socket.data.user.uid} left chat: ${chatId}`);\n });\n\n // Send message\n socket.on('send_message', (data) => {\n const { chatId, message, timestamp } = data;\n\n // Broadcast to chat room\n io.to(`chat:${chatId}`).emit('new_message', {\n chatId,\n message,\n sender: socket.data.user,\n timestamp,\n });\n });\n\n // Typing indicator\n socket.on('typing_start', (chatId) => {\n socket.to(`chat:${chatId}`).emit('user_typing', {\n chatId,\n user: socket.data.user,\n });\n });\n\n socket.on('typing_stop', (chatId) => {\n socket.to(`chat:${chatId}`).emit('user_stopped_typing', {\n chatId,\n user: socket.data.user,\n });\n });\n\n // Workout tracking events\n socket.on('workout_started', (data) => {\n const { workoutId, timestamp } = data;\n\n // Notify trainers/nutritionists monitoring this user\n io.to(`user:${socket.data.user.uid}`).emit('workout_status', {\n status: 'started',\n workoutId,\n timestamp,\n });\n });\n\n socket.on('workout_completed', (data) => {\n const { workoutId, duration, caloriesBurned, timestamp } = data;\n\n io.to(`user:${socket.data.user.uid}`).emit('workout_status', {\n status: 'completed',\n workoutId,\n duration,\n caloriesBurned,\n timestamp,\n });\n });\n\n // Real-time notifications\n socket.on('notification', (data) => {\n const { targetUserId, notification } = data;\n\n io.to(`user:${targetUserId}`).emit('notification_received', {\n ...notification,\n timestamp: new Date().toISOString(),\n });\n });\n\n // Disconnect handler\n socket.on('disconnect', (reason) => {\n console.log(\n `User disconnected: ${socket.data.user.uid} - Reason: ${reason}`\n );\n });\n\n // Error handler\n socket.on('error', (error) => {\n console.error(`Socket error for user ${socket.data.user.uid}:`, error);\n });\n});\n\n// Global error handler\nio.engine.on('connection_error', (error) => {\n console.error('Connection error:', error);\n});\n\nconsole.log(\n `Socket.io server running on port ${process.env.SOCKETIO_PORT || 3001}`\n);\n\n// Graceful shutdown\nprocess.on('SIGTERM', async () => {\n console.log('SIGTERM received, closing server...');\n await Promise.all([io.close(), pubClient.quit(), subClient.quit()]);\n process.exit(0);\n});\n","usedDeprecatedRules":[{"ruleId":"no-extra-semi","replacedBy":[]},{"ruleId":"no-mixed-spaces-and-tabs","replacedBy":[]}]}] \ No newline at end of file diff --git a/.eslint-results.json b/.eslint-results.json deleted file mode 100644 index 99c6a55..0000000 --- a/.eslint-results.json +++ /dev/null @@ -1,324 +0,0 @@ -[ - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/App.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/Chatbot.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/Dashboard.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/FactChecker.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/FloatingChatbot.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/LocationFinder.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/MealAnalyzer.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/PlanGenerator.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/Sidebar.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/common/Button.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/common/Card.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/common/Icons.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/common/LoadingSpinner.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/components/common/MarkdownRenderer.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/hooks/useGeolocation.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/index.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/services/geminiService.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/tests/Sidebar.test.tsx", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/types.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/utils/audioUtils.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/vite.config.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/vitest.config.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - }, - { - "filePath": "/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/vitest.setup.ts", - "messages": [], - "suppressedMessages": [], - "errorCount": 0, - "fatalErrorCount": 0, - "warningCount": 0, - "fixableErrorCount": 0, - "fixableWarningCount": 0, - "usedDeprecatedRules": [ - { "ruleId": "no-extra-semi", "replacedBy": [] }, - { "ruleId": "no-mixed-spaces-and-tabs", "replacedBy": [] } - ] - } -] diff --git a/.gitignore b/.gitignore index d447aaf..be66d0f 100644 --- a/.gitignore +++ b/.gitignore @@ -44,3 +44,6 @@ __pycache__/ .DS_Store .vscode/* !.vscode/extensions.json + +# ESLint result files +.eslint-results*.json diff --git a/gymgenius-monorepo/.eslint-results-monorepo.json b/gymgenius-monorepo/.eslint-results-monorepo.json deleted file mode 100644 index b95b5c4..0000000 --- a/gymgenius-monorepo/.eslint-results-monorepo.json +++ /dev/null @@ -1 +0,0 @@ -[{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/app/disputes/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/app/layout.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/app/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/app/revenue/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/app/users/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/next-env.d.ts","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/next.config.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/admin-panel/tailwind.config.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/app/clients/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/app/layout.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/app/meal-plans/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/app/page.tsx","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/next-env.d.ts","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/next.config.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/apps/nutritionist-panel/tailwind.config.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[]},{"filePath":"/Users/morningstar/Downloads/fitai_-your-personal-fitness-coach/gymgenius-monorepo/packages/backend/socketio/server.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-extra-semi","replacedBy":[]},{"ruleId":"no-mixed-spaces-and-tabs","replacedBy":[]}]}] \ No newline at end of file diff --git a/gymgenius/backend/main.py b/gymgenius/backend/main.py index da1f990..ff2084c 100644 --- a/gymgenius/backend/main.py +++ b/gymgenius/backend/main.py @@ -172,9 +172,7 @@ def get_ai_provider( ) try: - return create_ai_provider( - provider_type, api_key, generate_request.model - ) + return create_ai_provider(provider_type, api_key, generate_request.model) except ValueError as e: logger.error( f"PROVIDER_CREATION_ERROR: {str(e)} | " @@ -244,12 +242,8 @@ async def health_check(): "status": "healthy", "timestamp": datetime.now(timezone.utc).isoformat(), "api_keys": { - "google": ( - "configured" if google_key_configured else "not_configured" - ), - "openai": ( - "configured" if openai_key_configured else "not_configured" - ), + "google": ("configured" if google_key_configured else "not_configured"), + "openai": ("configured" if openai_key_configured else "not_configured"), }, "default_provider": default_provider, } diff --git a/gymgenius/backend/payment_service.py b/gymgenius/backend/payment_service.py index 3cf1e0e..cd5c003 100644 --- a/gymgenius/backend/payment_service.py +++ b/gymgenius/backend/payment_service.py @@ -72,9 +72,7 @@ def _require_signature_if_configured( ): """Enforce that a webhook signature exists when a secret is configured.""" if webhook_secret and not webhook_signature: - raise HTTPException( - status_code=400, detail=MISSING_WEBHOOK_SIGNATURE - ) + raise HTTPException(status_code=400, detail=MISSING_WEBHOOK_SIGNATURE) def _verify_signature( @@ -89,13 +87,9 @@ def _verify_signature( webhook_secret.encode(), webhook_body, digestmod=hashlib.sha256 ).hexdigest() if expected != webhook_signature: - raise HTTPException( - status_code=400, detail=INVALID_WEBHOOK_SIGNATURE - ) + raise HTTPException(status_code=400, detail=INVALID_WEBHOOK_SIGNATURE) except Exception: - raise HTTPException( - status_code=400, detail=INVALID_WEBHOOK_SIGNATURE - ) + raise HTTPException(status_code=400, detail=INVALID_WEBHOOK_SIGNATURE) def _parse_event(webhook_body: bytes): @@ -131,9 +125,9 @@ def _handle_subscription_charged(event_data: dict): payload = event_data["payload"].get("subscription", {}) user_id = payload.get("user_id") or payload.get("customer_id") if user_id and user_id in SUBSCRIPTIONS_STORE: - SUBSCRIPTIONS_STORE[user_id]["last_charged_at"] = ( - datetime.now(timezone.utc).isoformat() - ) + SUBSCRIPTIONS_STORE[user_id]["last_charged_at"] = datetime.now( + timezone.utc + ).isoformat() SUBSCRIPTIONS_STORE[user_id]["active"] = True @@ -145,7 +139,6 @@ def _handle_subscription_cancelled(event_data: dict): if user_id and user_id in SUBSCRIPTIONS_STORE: SUBSCRIPTIONS_STORE[user_id]["active"] = False - def _dispatch_webhook_event( webhook_body: bytes, webhook_signature: Optional[str], @@ -248,9 +241,7 @@ async def create_payment_order( "starter_yearly": 10000, } if order_request.subscription_plan not in SUPPORTED_PLANS: - raise HTTPException( - status_code=400, detail="Invalid subscription plan" - ) + raise HTTPException(status_code=400, detail="Invalid subscription plan") # NOTE: Order creation is a placeholder; stores no DB record yet # order_data = { # "amount": order_request.amount, @@ -342,8 +333,7 @@ async def verify_payment( if not os.getenv("RAZORPAY_KEY_SECRET"): # If no secret configured, log and accept for now (test/stub mode) logger.warning( - "PAYMENT_VERIFY: Missing RAZORPAY_KEY_SECRET; " - "skipping verification" + "PAYMENT_VERIFY: Missing RAZORPAY_KEY_SECRET; " "skipping verification" ) else: _msg = ( @@ -362,9 +352,7 @@ async def verify_payment( ).hexdigest() if generated_signature != verify_request.razorpay_signature: - raise HTTPException( - status_code=400, detail="Invalid payment signature" - ) + raise HTTPException(status_code=400, detail="Invalid payment signature") # (Legacy commented-out implementation removed; using runtime # verification above.) # above.) @@ -478,6 +466,4 @@ async def payment_webhook(request: Request): f"error={str(e)} | " f"trace_id={trace_id}" ) - raise HTTPException( - status_code=400, detail="Webhook processing failed" - ) + raise HTTPException(status_code=400, detail="Webhook processing failed") diff --git a/gymgenius/backend/socketio_service.py b/gymgenius/backend/socketio_service.py index 5f37c15..a131533 100644 --- a/gymgenius/backend/socketio_service.py +++ b/gymgenius/backend/socketio_service.py @@ -171,9 +171,7 @@ async def send_chat_message(self, sender_id: str, recipient_id: str, message: st # ) await asyncio.sleep(0) - logger.info( - f"SOCKET_CHAT: Message sent | from={sender_id} | to={recipient_id}" - ) + logger.info(f"SOCKET_CHAT: Message sent | from={sender_id} | to={recipient_id}") return _event_data async def broadcast_booking_update(self, booking_id: str, status: str): diff --git a/gymgenius/backend/tests/test_main_endpoints.py b/gymgenius/backend/tests/test_main_endpoints.py index cdc2a0d..c310128 100644 --- a/gymgenius/backend/tests/test_main_endpoints.py +++ b/gymgenius/backend/tests/test_main_endpoints.py @@ -10,6 +10,7 @@ def __init__(self): async def generate_response(self, prompt: str, trace_id=None): import asyncio + await asyncio.sleep(0) return f"echo: {prompt}" diff --git a/gymgenius/backend/tests/test_payment_service.py b/gymgenius/backend/tests/test_payment_service.py index 2cf1cf7..b6bd594 100644 --- a/gymgenius/backend/tests/test_payment_service.py +++ b/gymgenius/backend/tests/test_payment_service.py @@ -25,7 +25,9 @@ def create_test_app(): async def test_create_payment_order_success(): app = create_test_app() # Use async httpx client with ASGI transport for compatibility. - async with HTTPXAsyncClient(transport=ASGITransport(app=app), base_url="http://test") as client: + async with HTTPXAsyncClient( + transport=ASGITransport(app=app), base_url="http://test" + ) as client: payload = { "amount": 1000, "currency": "INR", @@ -46,12 +48,14 @@ async def test_verify_payment_success(): app = create_test_app() # Set a temporary secret for generating a valid signature os.environ["RAZORPAY_KEY_SECRET"] = "test-secret" - async with HTTPXAsyncClient(transport=ASGITransport(app=app), base_url="http://test") as client: + async with HTTPXAsyncClient( + transport=ASGITransport(app=app), base_url="http://test" + ) as client: payload = { - "razorpay_order_id": "order_test_123", - "razorpay_payment_id": "pay_test_123", - "user_id": "user-1234", - } + "razorpay_order_id": "order_test_123", + "razorpay_payment_id": "pay_test_123", + "user_id": "user-1234", + } _msg = ( f"{payload['razorpay_order_id']}|{payload['razorpay_payment_id']}" @@ -87,9 +91,7 @@ async def test_webhook_acknowledge(): else: headers["X-Razorpay-Signature"] = "sig-placeholder" - resp = await client.post( - "/api/payments/webhook", content=body, headers=headers - ) + resp = await client.post("/api/payments/webhook", content=body, headers=headers) assert resp.status_code == 200 body = resp.json() assert body.get("status") == "acknowledged" diff --git a/gymgenius/backend/tests/test_payment_service_storage.py b/gymgenius/backend/tests/test_payment_service_storage.py index 361928e..18539a6 100644 --- a/gymgenius/backend/tests/test_payment_service_storage.py +++ b/gymgenius/backend/tests/test_payment_service_storage.py @@ -71,15 +71,11 @@ async def test_verify_updates_subscription_and_order(): digestmod=hashlib.sha256, ).hexdigest() - resp = await client.post( - "/api/payments/verify-payment", json=verify_payload - ) + resp = await client.post("/api/payments/verify-payment", json=verify_payload) assert resp.status_code == 200 assert ps.ORDERS_STORE[order_id]["status"] == "completed" assert verify_payload["user_id"] in ps.SUBSCRIPTIONS_STORE - assert ( - ps.SUBSCRIPTIONS_STORE[verify_payload["user_id"]]["active"] is True - ) + assert ps.SUBSCRIPTIONS_STORE[verify_payload["user_id"]]["active"] is True async def test_webhook_signature_verification(): @@ -99,9 +95,7 @@ async def test_webhook_signature_verification(): digestmod=hashlib.sha256, ).hexdigest() headers = {"X-Razorpay-Signature": signature} - resp = await client.post( - "/api/payments/webhook", content=body, headers=headers - ) + resp = await client.post("/api/payments/webhook", content=body, headers=headers) assert resp.status_code == 200 assert resp.json().get("status") == "acknowledged" @@ -134,9 +128,7 @@ async def test_webhook_captures_existing_order(): digestmod=hashlib.sha256, ).hexdigest() headers = {"X-Razorpay-Signature": signature} - resp = await client.post( - "/api/payments/webhook", content=body, headers=headers - ) + resp = await client.post("/api/payments/webhook", content=body, headers=headers) assert resp.status_code == 200 assert ps.ORDERS_STORE[order_id]["status"] == "captured" @@ -180,9 +172,7 @@ async def test_verify_with_invalid_signature_returns_400(): "user_id": "user-1234", } - resp = await client.post( - "/api/payments/verify-payment", json=verify_payload - ) + resp = await client.post("/api/payments/verify-payment", json=verify_payload) assert resp.status_code == 400 diff --git a/gymgenius/backend/tests/test_socketio_and_main.py b/gymgenius/backend/tests/test_socketio_and_main.py index 2857906..72b4c07 100644 --- a/gymgenius/backend/tests/test_socketio_and_main.py +++ b/gymgenius/backend/tests/test_socketio_and_main.py @@ -24,17 +24,14 @@ def test_broadcast_has_timestamp_and_logs(caplog): ) # Check it logs trainer id assert any( - "trainer_id=trainer-1" in rec.getMessage() - or "trainer-1" in rec.getMessage() + "trainer_id=trainer-1" in rec.getMessage() or "trainer-1" in rec.getMessage() for rec in caplog.records ) def test_chat_message_timestamp_message_id(capsys): # send a chat message and ensure it sets timestamp and id - asyncio.run( - socketio_service.send_chat_message("user-1", "user-2", "Hello") - ) + asyncio.run(socketio_service.send_chat_message("user-1", "user-2", "Hello")) # We can't easily access the event payload, but the method logs a message diff --git a/gymgenius/backend/tests/test_socketio_service.py b/gymgenius/backend/tests/test_socketio_service.py index 486759d..cc04b6e 100644 --- a/gymgenius/backend/tests/test_socketio_service.py +++ b/gymgenius/backend/tests/test_socketio_service.py @@ -10,14 +10,11 @@ async def test_broadcast_trainer_status_logs(caplog): service = SocketIOService() # The method should complete without error and log an event - await service.broadcast_trainer_status( - "trainer-1", "online", {"uptime": 100} - ) + await service.broadcast_trainer_status("trainer-1", "online", {"uptime": 100}) # Ensure log contains trainer id assert any( - "trainer_id=trainer-1" in rec.getMessage() - or "trainer-1" in rec.getMessage() + "trainer_id=trainer-1" in rec.getMessage() or "trainer-1" in rec.getMessage() for rec in caplog.records ) @@ -49,15 +46,11 @@ async def test_connect_and_broadcast_timestamp(caplog): assert service.active_connections[sid] == "test-user" # broadcast should return event payload with timestamp - evt = await service.broadcast_trainer_status( - "trainer-1", "online", {"uptime": 1} - ) + evt = await service.broadcast_trainer_status("trainer-1", "online", {"uptime": 1}) assert isinstance(evt.get("timestamp"), str) assert "trainer_id" in evt # booking update payload has booking_id and timestamp - booking_evt = await service.broadcast_booking_update( - "booking-1", "confirmed" - ) + booking_evt = await service.broadcast_booking_update("booking-1", "confirmed") assert booking_evt["booking_id"] == "booking-1" assert "timestamp" in booking_evt @@ -79,6 +72,4 @@ async def test_subscribe_trainer_logs(caplog): service = SocketIOService() sid = "sid-sub" await service.subscribe_trainer(sid, {"trainer_id": "t-1"}) - assert any( - "SOCKET_SUBSCRIBE" in rec.getMessage() for rec in caplog.records - ) + assert any("SOCKET_SUBSCRIBE" in rec.getMessage() for rec in caplog.records) diff --git a/package.json b/package.json index ff7b954..6478540 100644 --- a/package.json +++ b/package.json @@ -68,7 +68,7 @@ ], "*.py": [ "black", - "flake8" + "flake8 --max-line-length=88 --exclude=__pycache__,venv" ] } } From fde3aa4359eea11043dbcbb0af8466c9d79d284f Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 16 Nov 2025 09:31:46 +0000 Subject: [PATCH 03/10] Fix CodeQL languages configuration in Security Analysis job Co-authored-by: morningstarxcdcode <205398826+morningstarxcdcode@users.noreply.github.com> --- .github/workflows/fortress-pipeline.yml | 2 +- bandit-report.json | 2039 +++++++++++++++++++++++ 2 files changed, 2040 insertions(+), 1 deletion(-) create mode 100644 bandit-report.json diff --git a/.github/workflows/fortress-pipeline.yml b/.github/workflows/fortress-pipeline.yml index 84e5293..75dd3a6 100644 --- a/.github/workflows/fortress-pipeline.yml +++ b/.github/workflows/fortress-pipeline.yml @@ -112,7 +112,7 @@ jobs: - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: - languages: javascript, python + languages: javascript,python queries: security-extended - name: Perform CodeQL Analysis diff --git a/bandit-report.json b/bandit-report.json new file mode 100644 index 0000000..e88f0a9 --- /dev/null +++ b/bandit-report.json @@ -0,0 +1,2039 @@ +{ + "errors": [], + "generated_at": "2025-11-16T09:28:40Z", + "metrics": { + "_totals": { + "CONFIDENCE.HIGH": 85, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 7, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 92, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 1717, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/ai_provider.py": { + "CONFIDENCE.HIGH": 0, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 0, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 0, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 186, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/main.py": { + "CONFIDENCE.HIGH": 0, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 0, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 0, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 311, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/payment_service.py": { + "CONFIDENCE.HIGH": 1, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 0, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 1, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 355, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/security_middleware.py": { + "CONFIDENCE.HIGH": 0, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 0, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 0, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 73, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/socketio_service.py": { + "CONFIDENCE.HIGH": 0, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 1, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 1, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 138, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/tests/test_ai_abstraction.py": { + "CONFIDENCE.HIGH": 28, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 0, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 28, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 250, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/tests/test_generate_rate_limit.py": { + "CONFIDENCE.HIGH": 2, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 0, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 2, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 22, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/tests/test_main_endpoints.py": { + "CONFIDENCE.HIGH": 4, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 0, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 4, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 30, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/tests/test_payment_service.py": { + "CONFIDENCE.HIGH": 9, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 1, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 10, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 78, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/tests/test_payment_service_storage.py": { + "CONFIDENCE.HIGH": 16, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 5, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 21, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 160, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/tests/test_security_middleware.py": { + "CONFIDENCE.HIGH": 5, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 0, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 5, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 26, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/tests/test_socketio_and_main.py": { + "CONFIDENCE.HIGH": 6, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 0, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 6, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 35, + "nosec": 0, + "skipped_tests": 0 + }, + "gymgenius/backend/tests/test_socketio_service.py": { + "CONFIDENCE.HIGH": 14, + "CONFIDENCE.LOW": 0, + "CONFIDENCE.MEDIUM": 0, + "CONFIDENCE.UNDEFINED": 0, + "SEVERITY.HIGH": 0, + "SEVERITY.LOW": 14, + "SEVERITY.MEDIUM": 0, + "SEVERITY.UNDEFINED": 0, + "loc": 53, + "nosec": 0, + "skipped_tests": 0 + } + }, + "results": [ + { + "code": "437 if _webhook_signature and webhook_secret:\n438 assert webhook_secret\n439 _verify_signature(_webhook_body, _webhook_signature, webhook_secret)\n", + "col_offset": 12, + "end_col_offset": 33, + "filename": "gymgenius/backend/payment_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 438, + "line_range": [ + 438 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "81 # For now allow a 'test' token that maps to a test user\n82 if token == \"test\":\n83 user_id = \"test-user\"\n", + "col_offset": 24, + "end_col_offset": 30, + "filename": "gymgenius/backend/socketio_service.py", + "issue_confidence": "MEDIUM", + "issue_cwe": { + "id": 259, + "link": "https://cwe.mitre.org/data/definitions/259.html" + }, + "issue_severity": "LOW", + "issue_text": "Possible hardcoded password: 'test'", + "line_number": 82, + "line_range": [ + 82 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", + "test_id": "B105", + "test_name": "hardcoded_password_string" + }, + { + "code": "31 provider = OpenAIProvider(\"test-key\", \"gpt-4\")\n32 assert provider.model == \"gpt-4\"\n33 assert provider.client is not None\n", + "col_offset": 8, + "end_col_offset": 40, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 32, + "line_range": [ + 32 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "32 assert provider.model == \"gpt-4\"\n33 assert provider.client is not None\n34 assert provider.provider_name == \"openai\"\n", + "col_offset": 8, + "end_col_offset": 42, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 33, + "line_range": [ + 33 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "33 assert provider.client is not None\n34 assert provider.provider_name == \"openai\"\n35 \n", + "col_offset": 8, + "end_col_offset": 49, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 34, + "line_range": [ + 34 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "47 provider = GoogleAIProvider(\"test-key\", \"gemini-pro\")\n48 assert provider.model is not None\n49 assert provider.provider_name == \"google\"\n", + "col_offset": 16, + "end_col_offset": 49, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 48, + "line_range": [ + 48 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "48 assert provider.model is not None\n49 assert provider.provider_name == \"google\"\n50 \n", + "col_offset": 16, + "end_col_offset": 57, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 49, + "line_range": [ + 49 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "74 provider = create_ai_provider(provider_type, \"test-key\")\n75 assert isinstance(provider, expected_class)\n76 \n", + "col_offset": 8, + "end_col_offset": 51, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 75, + "line_range": [ + 75 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "84 provider = create_ai_provider(\"openai\", \"test-key\", \"gpt-4\")\n85 assert isinstance(provider, OpenAIProvider)\n86 assert provider.model == \"gpt-4\"\n", + "col_offset": 8, + "end_col_offset": 51, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 85, + "line_range": [ + 85 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "85 assert isinstance(provider, OpenAIProvider)\n86 assert provider.model == \"gpt-4\"\n87 \n", + "col_offset": 8, + "end_col_offset": 40, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 86, + "line_range": [ + 86 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "102 \n103 assert response == \"Test response\"\n104 mock_client.chat.completions.create.assert_called_once()\n", + "col_offset": 12, + "end_col_offset": 46, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 103, + "line_range": [ + 103 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "122 \n123 assert \"Empty response\" in str(exc_info.value)\n124 assert exc_info.value.provider == \"openai\"\n", + "col_offset": 12, + "end_col_offset": 58, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 123, + "line_range": [ + 123 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "123 assert \"Empty response\" in str(exc_info.value)\n124 assert exc_info.value.provider == \"openai\"\n125 \n", + "col_offset": 12, + "end_col_offset": 54, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 124, + "line_range": [ + 124 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "142 \n143 assert response == \"Google response\"\n144 mock_model.generate_content_async.assert_called_once()\n", + "col_offset": 16, + "end_col_offset": 52, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 143, + "line_range": [ + 143 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "164 \n165 assert \"Empty response\" in str(exc_info.value)\n166 assert exc_info.value.provider == \"google\"\n", + "col_offset": 16, + "end_col_offset": 62, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 165, + "line_range": [ + 165 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "165 assert \"Empty response\" in str(exc_info.value)\n166 assert exc_info.value.provider == \"google\"\n167 \n", + "col_offset": 16, + "end_col_offset": 58, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 166, + "line_range": [ + 166 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "202 \n203 assert mock_response_content in response\n204 assert isinstance(provider, OpenAIProvider)\n", + "col_offset": 16, + "end_col_offset": 56, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 203, + "line_range": [ + 203 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "203 assert mock_response_content in response\n204 assert isinstance(provider, OpenAIProvider)\n205 \n", + "col_offset": 16, + "end_col_offset": 59, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 204, + "line_range": [ + 204 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "220 \n221 assert mock_response_content in response\n222 assert isinstance(provider, GoogleAIProvider)\n", + "col_offset": 20, + "end_col_offset": 60, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 221, + "line_range": [ + 221 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "221 assert mock_response_content in response\n222 assert isinstance(provider, GoogleAIProvider)\n223 \n", + "col_offset": 20, + "end_col_offset": 65, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 222, + "line_range": [ + 222 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "240 \n241 assert response == \"Test response\"\n242 \n", + "col_offset": 12, + "end_col_offset": 46, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 241, + "line_range": [ + 241 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "246 # Updated default model to gpt-4; ensure factory reflects this.\n247 assert openai_provider.model == \"gpt-4\"\n248 \n", + "col_offset": 8, + "end_col_offset": 47, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 247, + "line_range": [ + 247 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "251 google_provider = create_ai_provider(\"google\", \"test-key\")\n252 assert google_provider.model_name == \"gemini-pro\"\n253 \n", + "col_offset": 16, + "end_col_offset": 65, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 252, + "line_range": [ + 252 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "272 \n273 assert exc_info.value.provider == \"openai\"\n274 assert exc_info.value.error_type == \"UNKNOWN_ERROR\"\n", + "col_offset": 12, + "end_col_offset": 54, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 273, + "line_range": [ + 273 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "273 assert exc_info.value.provider == \"openai\"\n274 assert exc_info.value.error_type == \"UNKNOWN_ERROR\"\n275 \n", + "col_offset": 12, + "end_col_offset": 63, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 274, + "line_range": [ + 274 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "291 \n292 assert exc_info.value.provider == \"google\"\n293 assert exc_info.value.error_type == \"API_ERROR\"\n", + "col_offset": 16, + "end_col_offset": 58, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 292, + "line_range": [ + 292 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "292 assert exc_info.value.provider == \"google\"\n293 assert exc_info.value.error_type == \"API_ERROR\"\n294 \n", + "col_offset": 16, + "end_col_offset": 63, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 293, + "line_range": [ + 293 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "307 provider = create_ai_provider(provider_type, \"test-key\")\n308 assert isinstance(provider, GoogleAIProvider)\n309 \n", + "col_offset": 12, + "end_col_offset": 57, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 308, + "line_range": [ + 308 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "313 provider = create_ai_provider(provider_type, \"test-key\")\n314 assert isinstance(provider, OpenAIProvider)\n315 assert provider.model == \"gpt-4\"\n", + "col_offset": 16, + "end_col_offset": 59, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 314, + "line_range": [ + 314 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "314 assert isinstance(provider, OpenAIProvider)\n315 assert provider.model == \"gpt-4\"\n", + "col_offset": 16, + "end_col_offset": 48, + "filename": "gymgenius/backend/tests/test_ai_abstraction.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 315, + "line_range": [ + 315 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "29 res = client.post(\"/generate\", json=payload)\n30 assert res.status_code == 200\n31 \n", + "col_offset": 12, + "end_col_offset": 41, + "filename": "gymgenius/backend/tests/test_generate_rate_limit.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 30, + "line_range": [ + 30 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "32 res = client.post(\"/generate\", json=payload)\n33 assert res.status_code == 429\n", + "col_offset": 8, + "end_col_offset": 37, + "filename": "gymgenius/backend/tests/test_generate_rate_limit.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 33, + "line_range": [ + 33 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "28 res = client.post(\"/generate\", json=payload)\n29 assert res.status_code == 200\n30 assert res.json()[\"response\"].startswith(\"echo: hello\")\n", + "col_offset": 4, + "end_col_offset": 33, + "filename": "gymgenius/backend/tests/test_main_endpoints.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 29, + "line_range": [ + 29 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "29 assert res.status_code == 200\n30 assert res.json()[\"response\"].startswith(\"echo: hello\")\n31 \n", + "col_offset": 4, + "end_col_offset": 59, + "filename": "gymgenius/backend/tests/test_main_endpoints.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 30, + "line_range": [ + 30 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "42 res = client.post(\"/api/chat\", json=payload)\n43 assert res.status_code == 200\n44 assert \"response\" in res.json()\n", + "col_offset": 4, + "end_col_offset": 33, + "filename": "gymgenius/backend/tests/test_main_endpoints.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 43, + "line_range": [ + 43 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "43 assert res.status_code == 200\n44 assert \"response\" in res.json()\n", + "col_offset": 4, + "end_col_offset": 35, + "filename": "gymgenius/backend/tests/test_main_endpoints.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 44, + "line_range": [ + 44 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "38 resp = await client.post(\"/api/payments/create-order\", json=payload)\n39 assert resp.status_code == 200\n40 body = resp.json()\n", + "col_offset": 8, + "end_col_offset": 38, + "filename": "gymgenius/backend/tests/test_payment_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 39, + "line_range": [ + 39 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "40 body = resp.json()\n41 assert body.get(\"success\") is True\n42 assert body.get(\"order_id\") is not None\n", + "col_offset": 8, + "end_col_offset": 42, + "filename": "gymgenius/backend/tests/test_payment_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 41, + "line_range": [ + 41 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "41 assert body.get(\"success\") is True\n42 assert body.get(\"order_id\") is not None\n43 assert body.get(\"amount\") == 1000\n", + "col_offset": 8, + "end_col_offset": 47, + "filename": "gymgenius/backend/tests/test_payment_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 42, + "line_range": [ + 42 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "42 assert body.get(\"order_id\") is not None\n43 assert body.get(\"amount\") == 1000\n44 \n", + "col_offset": 8, + "end_col_offset": 41, + "filename": "gymgenius/backend/tests/test_payment_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 43, + "line_range": [ + 43 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "49 # Set a temporary secret for generating a valid signature\n50 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n51 async with HTTPXAsyncClient(\n", + "col_offset": 15, + "end_col_offset": 36, + "filename": "gymgenius/backend/tests/test_payment_service.py", + "issue_confidence": "MEDIUM", + "issue_cwe": { + "id": 259, + "link": "https://cwe.mitre.org/data/definitions/259.html" + }, + "issue_severity": "LOW", + "issue_text": "Possible hardcoded password: 'test-secret'", + "line_number": 50, + "line_range": [ + 50 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", + "test_id": "B105", + "test_name": "hardcoded_password_string" + }, + { + "code": "69 resp = await client.post(\"/api/payments/verify-payment\", json=payload)\n70 assert resp.status_code == 200\n71 body = resp.json()\n", + "col_offset": 8, + "end_col_offset": 38, + "filename": "gymgenius/backend/tests/test_payment_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 70, + "line_range": [ + 70 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "71 body = resp.json()\n72 assert body.get(\"verified\") is True\n73 assert body.get(\"payment_id\") == payload[\"razorpay_payment_id\"]\n", + "col_offset": 8, + "end_col_offset": 43, + "filename": "gymgenius/backend/tests/test_payment_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 72, + "line_range": [ + 72 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "72 assert body.get(\"verified\") is True\n73 assert body.get(\"payment_id\") == payload[\"razorpay_payment_id\"]\n74 \n", + "col_offset": 8, + "end_col_offset": 71, + "filename": "gymgenius/backend/tests/test_payment_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 73, + "line_range": [ + 73 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "94 resp = await client.post(\"/api/payments/webhook\", content=body, headers=headers)\n95 assert resp.status_code == 200\n96 body = resp.json()\n", + "col_offset": 8, + "end_col_offset": 38, + "filename": "gymgenius/backend/tests/test_payment_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 95, + "line_range": [ + 95 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "96 body = resp.json()\n97 assert body.get(\"status\") == \"acknowledged\"\n", + "col_offset": 8, + "end_col_offset": 51, + "filename": "gymgenius/backend/tests/test_payment_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 97, + "line_range": [ + 97 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "31 resp = await client.post(\"/api/payments/create-order\", json=payload)\n32 assert resp.status_code == 200\n33 body = resp.json()\n", + "col_offset": 8, + "end_col_offset": 38, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 32, + "line_range": [ + 32 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "34 order_id = body.get(\"order_id\")\n35 assert order_id\n36 assert order_id in ps.ORDERS_STORE\n", + "col_offset": 8, + "end_col_offset": 23, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 35, + "line_range": [ + 35 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "35 assert order_id\n36 assert order_id in ps.ORDERS_STORE\n37 order = ps.ORDERS_STORE[order_id]\n", + "col_offset": 8, + "end_col_offset": 42, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 36, + "line_range": [ + 36 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "37 order = ps.ORDERS_STORE[order_id]\n38 assert order[\"status\"] == \"pending\"\n39 \n", + "col_offset": 8, + "end_col_offset": 43, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 38, + "line_range": [ + 38 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "42 app = create_test_app()\n43 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n44 async with HTTPXAsyncClient(\n", + "col_offset": 15, + "end_col_offset": 36, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "MEDIUM", + "issue_cwe": { + "id": 259, + "link": "https://cwe.mitre.org/data/definitions/259.html" + }, + "issue_severity": "LOW", + "issue_text": "Possible hardcoded password: 'test-secret'", + "line_number": 43, + "line_range": [ + 43 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", + "test_id": "B105", + "test_name": "hardcoded_password_string" + }, + { + "code": "74 resp = await client.post(\"/api/payments/verify-payment\", json=verify_payload)\n75 assert resp.status_code == 200\n76 assert ps.ORDERS_STORE[order_id][\"status\"] == \"completed\"\n", + "col_offset": 8, + "end_col_offset": 38, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 75, + "line_range": [ + 75 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "75 assert resp.status_code == 200\n76 assert ps.ORDERS_STORE[order_id][\"status\"] == \"completed\"\n77 assert verify_payload[\"user_id\"] in ps.SUBSCRIPTIONS_STORE\n", + "col_offset": 8, + "end_col_offset": 65, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 76, + "line_range": [ + 76 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "76 assert ps.ORDERS_STORE[order_id][\"status\"] == \"completed\"\n77 assert verify_payload[\"user_id\"] in ps.SUBSCRIPTIONS_STORE\n78 assert ps.SUBSCRIPTIONS_STORE[verify_payload[\"user_id\"]][\"active\"] is True\n", + "col_offset": 8, + "end_col_offset": 66, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 77, + "line_range": [ + 77 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "77 assert verify_payload[\"user_id\"] in ps.SUBSCRIPTIONS_STORE\n78 assert ps.SUBSCRIPTIONS_STORE[verify_payload[\"user_id\"]][\"active\"] is True\n79 \n", + "col_offset": 8, + "end_col_offset": 82, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 78, + "line_range": [ + 78 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "82 app = create_test_app()\n83 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n84 async with HTTPXAsyncClient(\n", + "col_offset": 15, + "end_col_offset": 36, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "MEDIUM", + "issue_cwe": { + "id": 259, + "link": "https://cwe.mitre.org/data/definitions/259.html" + }, + "issue_severity": "LOW", + "issue_text": "Possible hardcoded password: 'test-secret'", + "line_number": 83, + "line_range": [ + 83 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", + "test_id": "B105", + "test_name": "hardcoded_password_string" + }, + { + "code": "98 resp = await client.post(\"/api/payments/webhook\", content=body, headers=headers)\n99 assert resp.status_code == 200\n100 assert resp.json().get(\"status\") == \"acknowledged\"\n", + "col_offset": 8, + "end_col_offset": 38, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 99, + "line_range": [ + 99 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "99 assert resp.status_code == 200\n100 assert resp.json().get(\"status\") == \"acknowledged\"\n101 \n", + "col_offset": 8, + "end_col_offset": 58, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 100, + "line_range": [ + 100 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "104 app = create_test_app()\n105 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n106 async with HTTPXAsyncClient(\n", + "col_offset": 15, + "end_col_offset": 36, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "MEDIUM", + "issue_cwe": { + "id": 259, + "link": "https://cwe.mitre.org/data/definitions/259.html" + }, + "issue_severity": "LOW", + "issue_text": "Possible hardcoded password: 'test-secret'", + "line_number": 105, + "line_range": [ + 105 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", + "test_id": "B105", + "test_name": "hardcoded_password_string" + }, + { + "code": "117 order_id = resp.json().get(\"order_id\")\n118 assert order_id in ps.ORDERS_STORE\n119 \n", + "col_offset": 8, + "end_col_offset": 42, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 118, + "line_range": [ + 118 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "131 resp = await client.post(\"/api/payments/webhook\", content=body, headers=headers)\n132 assert resp.status_code == 200\n133 assert ps.ORDERS_STORE[order_id][\"status\"] == \"captured\"\n", + "col_offset": 8, + "end_col_offset": 38, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 132, + "line_range": [ + 132 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "132 assert resp.status_code == 200\n133 assert ps.ORDERS_STORE[order_id][\"status\"] == \"captured\"\n134 \n", + "col_offset": 8, + "end_col_offset": 64, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 133, + "line_range": [ + 133 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "147 resp = await client.post(\"/api/payments/create-order\", json=payload)\n148 assert resp.status_code == 400\n149 \n", + "col_offset": 8, + "end_col_offset": 38, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 148, + "line_range": [ + 148 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "152 app = create_test_app()\n153 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n154 async with HTTPXAsyncClient(\n", + "col_offset": 15, + "end_col_offset": 36, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "MEDIUM", + "issue_cwe": { + "id": 259, + "link": "https://cwe.mitre.org/data/definitions/259.html" + }, + "issue_severity": "LOW", + "issue_text": "Possible hardcoded password: 'test-secret'", + "line_number": 153, + "line_range": [ + 153 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", + "test_id": "B105", + "test_name": "hardcoded_password_string" + }, + { + "code": "175 resp = await client.post(\"/api/payments/verify-payment\", json=verify_payload)\n176 assert resp.status_code == 400\n177 \n", + "col_offset": 8, + "end_col_offset": 38, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 176, + "line_range": [ + 176 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "180 app = create_test_app()\n181 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n182 async with HTTPXAsyncClient(\n", + "col_offset": 15, + "end_col_offset": 36, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "MEDIUM", + "issue_cwe": { + "id": 259, + "link": "https://cwe.mitre.org/data/definitions/259.html" + }, + "issue_severity": "LOW", + "issue_text": "Possible hardcoded password: 'test-secret'", + "line_number": 181, + "line_range": [ + 181 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", + "test_id": "B105", + "test_name": "hardcoded_password_string" + }, + { + "code": "188 resp = await client.post(\"/api/payments/webhook\", content=body)\n189 assert resp.status_code == 400\n", + "col_offset": 8, + "end_col_offset": 38, + "filename": "gymgenius/backend/tests/test_payment_service_storage.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 189, + "line_range": [ + 189 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "22 headers = resp.headers\n23 assert \"content-security-policy\" in headers\n24 assert \"x-frame-options\" in headers\n", + "col_offset": 8, + "end_col_offset": 51, + "filename": "gymgenius/backend/tests/test_security_middleware.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 23, + "line_range": [ + 23 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "23 assert \"content-security-policy\" in headers\n24 assert \"x-frame-options\" in headers\n25 assert \"x-content-type-options\" in headers\n", + "col_offset": 8, + "end_col_offset": 43, + "filename": "gymgenius/backend/tests/test_security_middleware.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 24, + "line_range": [ + 24 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "24 assert \"x-frame-options\" in headers\n25 assert \"x-content-type-options\" in headers\n26 assert \"strict-transport-security\" in headers\n", + "col_offset": 8, + "end_col_offset": 50, + "filename": "gymgenius/backend/tests/test_security_middleware.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 25, + "line_range": [ + 25 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "25 assert \"x-content-type-options\" in headers\n26 assert \"strict-transport-security\" in headers\n27 \n", + "col_offset": 8, + "end_col_offset": 53, + "filename": "gymgenius/backend/tests/test_security_middleware.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 26, + "line_range": [ + 26 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "34 resp = client.post(\"/test\", data=large_payload)\n35 assert resp.status_code in (413, 404, 405)\n", + "col_offset": 8, + "end_col_offset": 50, + "filename": "gymgenius/backend/tests/test_security_middleware.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 35, + "line_range": [ + 35 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "13 asyncio.run(socketio_service.connect(sid, environ))\n14 assert sid in socketio_service.active_connections\n15 assert socketio_service.active_connections[sid] == \"test-user\"\n", + "col_offset": 4, + "end_col_offset": 53, + "filename": "gymgenius/backend/tests/test_socketio_and_main.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 14, + "line_range": [ + 14 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "14 assert sid in socketio_service.active_connections\n15 assert socketio_service.active_connections[sid] == \"test-user\"\n16 \n", + "col_offset": 4, + "end_col_offset": 66, + "filename": "gymgenius/backend/tests/test_socketio_and_main.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 15, + "line_range": [ + 15 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "25 # Check it logs trainer id\n26 assert any(\n27 \"trainer_id=trainer-1\" in rec.getMessage() or \"trainer-1\" in rec.getMessage()\n28 for rec in caplog.records\n29 )\n30 \n", + "col_offset": 4, + "end_col_offset": 5, + "filename": "gymgenius/backend/tests/test_socketio_and_main.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 26, + "line_range": [ + 26, + 27, + 28, + 29 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "40 res = client.get(\"/health\")\n41 assert res.status_code == 200\n42 assert (\n", + "col_offset": 8, + "end_col_offset": 37, + "filename": "gymgenius/backend/tests/test_socketio_and_main.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 41, + "line_range": [ + 41 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "41 assert res.status_code == 200\n42 assert (\n43 \"healthy\" in res.json().get(\"status\")\n44 or res.json().get(\"status\") == \"healthy\"\n45 )\n46 \n", + "col_offset": 8, + "end_col_offset": 9, + "filename": "gymgenius/backend/tests/test_socketio_and_main.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 42, + "line_range": [ + 42, + 43, + 44, + 45 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "49 cleaned = InputSanitizer.sanitize_text(bad_input)\n50 assert \"script\" not in cleaned and \"alert\" not in cleaned\n", + "col_offset": 4, + "end_col_offset": 61, + "filename": "gymgenius/backend/tests/test_socketio_and_main.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 50, + "line_range": [ + 50 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "15 # Ensure log contains trainer id\n16 assert any(\n17 \"trainer_id=trainer-1\" in rec.getMessage() or \"trainer-1\" in rec.getMessage()\n18 for rec in caplog.records\n19 )\n20 \n", + "col_offset": 4, + "end_col_offset": 5, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 16, + "line_range": [ + 16, + 17, + 18, + 19 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "28 \n29 assert any(\"SOCKET_CHAT\" in rec.getMessage() for rec in caplog.records)\n30 # validate returned event payload\n", + "col_offset": 4, + "end_col_offset": 75, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 29, + "line_range": [ + 29 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "31 evt = await service.send_chat_message(\"user-1\", \"user-2\", \"Hello!\")\n32 assert isinstance(evt.get(\"message_id\"), str)\n33 assert \"timestamp\" in evt\n", + "col_offset": 4, + "end_col_offset": 49, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 32, + "line_range": [ + 32 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "32 assert isinstance(evt.get(\"message_id\"), str)\n33 assert \"timestamp\" in evt\n34 \n", + "col_offset": 4, + "end_col_offset": 29, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 33, + "line_range": [ + 33 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "43 res = await service.connect(sid, environ)\n44 assert res is True\n45 assert sid in service.active_connections\n", + "col_offset": 4, + "end_col_offset": 22, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 44, + "line_range": [ + 44 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "44 assert res is True\n45 assert sid in service.active_connections\n46 assert service.active_connections[sid] == \"test-user\"\n", + "col_offset": 4, + "end_col_offset": 44, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 45, + "line_range": [ + 45 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "45 assert sid in service.active_connections\n46 assert service.active_connections[sid] == \"test-user\"\n47 \n", + "col_offset": 4, + "end_col_offset": 57, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 46, + "line_range": [ + 46 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "49 evt = await service.broadcast_trainer_status(\"trainer-1\", \"online\", {\"uptime\": 1})\n50 assert isinstance(evt.get(\"timestamp\"), str)\n51 assert \"trainer_id\" in evt\n", + "col_offset": 4, + "end_col_offset": 48, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 50, + "line_range": [ + 50 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "50 assert isinstance(evt.get(\"timestamp\"), str)\n51 assert \"trainer_id\" in evt\n52 # booking update payload has booking_id and timestamp\n", + "col_offset": 4, + "end_col_offset": 30, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 51, + "line_range": [ + 51 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "53 booking_evt = await service.broadcast_booking_update(\"booking-1\", \"confirmed\")\n54 assert booking_evt[\"booking_id\"] == \"booking-1\"\n55 assert \"timestamp\" in booking_evt\n", + "col_offset": 4, + "end_col_offset": 51, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 54, + "line_range": [ + 54 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "54 assert booking_evt[\"booking_id\"] == \"booking-1\"\n55 assert \"timestamp\" in booking_evt\n56 \n", + "col_offset": 4, + "end_col_offset": 37, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 55, + "line_range": [ + 55 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "63 await service.connect(sid, environ)\n64 assert sid in service.active_connections\n65 await service.disconnect(sid)\n", + "col_offset": 4, + "end_col_offset": 44, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 64, + "line_range": [ + 64 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "65 await service.disconnect(sid)\n66 assert sid not in service.active_connections\n67 \n", + "col_offset": 4, + "end_col_offset": 48, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 66, + "line_range": [ + 66 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + }, + { + "code": "74 await service.subscribe_trainer(sid, {\"trainer_id\": \"t-1\"})\n75 assert any(\"SOCKET_SUBSCRIBE\" in rec.getMessage() for rec in caplog.records)\n", + "col_offset": 4, + "end_col_offset": 80, + "filename": "gymgenius/backend/tests/test_socketio_service.py", + "issue_confidence": "HIGH", + "issue_cwe": { + "id": 703, + "link": "https://cwe.mitre.org/data/definitions/703.html" + }, + "issue_severity": "LOW", + "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", + "line_number": 75, + "line_range": [ + 75 + ], + "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", + "test_id": "B101", + "test_name": "assert_used" + } + ] +} \ No newline at end of file From 89dcd788a78c920cf8cd8b758f18705e10032eb6 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 16 Nov 2025 09:32:15 +0000 Subject: [PATCH 04/10] Add bandit-report.json to gitignore and remove from tracking Co-authored-by: morningstarxcdcode <205398826+morningstarxcdcode@users.noreply.github.com> --- .gitignore | 3 + bandit-report.json | 2039 -------------------------------------------- 2 files changed, 3 insertions(+), 2039 deletions(-) delete mode 100644 bandit-report.json diff --git a/.gitignore b/.gitignore index be66d0f..b04ef1f 100644 --- a/.gitignore +++ b/.gitignore @@ -47,3 +47,6 @@ __pycache__/ # ESLint result files .eslint-results*.json + +# Security scan reports +bandit-report.json diff --git a/bandit-report.json b/bandit-report.json deleted file mode 100644 index e88f0a9..0000000 --- a/bandit-report.json +++ /dev/null @@ -1,2039 +0,0 @@ -{ - "errors": [], - "generated_at": "2025-11-16T09:28:40Z", - "metrics": { - "_totals": { - "CONFIDENCE.HIGH": 85, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 7, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 92, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 1717, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/ai_provider.py": { - "CONFIDENCE.HIGH": 0, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 0, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 0, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 186, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/main.py": { - "CONFIDENCE.HIGH": 0, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 0, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 0, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 311, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/payment_service.py": { - "CONFIDENCE.HIGH": 1, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 0, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 1, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 355, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/security_middleware.py": { - "CONFIDENCE.HIGH": 0, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 0, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 0, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 73, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/socketio_service.py": { - "CONFIDENCE.HIGH": 0, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 1, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 1, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 138, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/tests/test_ai_abstraction.py": { - "CONFIDENCE.HIGH": 28, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 0, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 28, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 250, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/tests/test_generate_rate_limit.py": { - "CONFIDENCE.HIGH": 2, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 0, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 2, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 22, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/tests/test_main_endpoints.py": { - "CONFIDENCE.HIGH": 4, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 0, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 4, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 30, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/tests/test_payment_service.py": { - "CONFIDENCE.HIGH": 9, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 1, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 10, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 78, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/tests/test_payment_service_storage.py": { - "CONFIDENCE.HIGH": 16, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 5, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 21, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 160, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/tests/test_security_middleware.py": { - "CONFIDENCE.HIGH": 5, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 0, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 5, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 26, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/tests/test_socketio_and_main.py": { - "CONFIDENCE.HIGH": 6, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 0, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 6, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 35, - "nosec": 0, - "skipped_tests": 0 - }, - "gymgenius/backend/tests/test_socketio_service.py": { - "CONFIDENCE.HIGH": 14, - "CONFIDENCE.LOW": 0, - "CONFIDENCE.MEDIUM": 0, - "CONFIDENCE.UNDEFINED": 0, - "SEVERITY.HIGH": 0, - "SEVERITY.LOW": 14, - "SEVERITY.MEDIUM": 0, - "SEVERITY.UNDEFINED": 0, - "loc": 53, - "nosec": 0, - "skipped_tests": 0 - } - }, - "results": [ - { - "code": "437 if _webhook_signature and webhook_secret:\n438 assert webhook_secret\n439 _verify_signature(_webhook_body, _webhook_signature, webhook_secret)\n", - "col_offset": 12, - "end_col_offset": 33, - "filename": "gymgenius/backend/payment_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 438, - "line_range": [ - 438 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "81 # For now allow a 'test' token that maps to a test user\n82 if token == \"test\":\n83 user_id = \"test-user\"\n", - "col_offset": 24, - "end_col_offset": 30, - "filename": "gymgenius/backend/socketio_service.py", - "issue_confidence": "MEDIUM", - "issue_cwe": { - "id": 259, - "link": "https://cwe.mitre.org/data/definitions/259.html" - }, - "issue_severity": "LOW", - "issue_text": "Possible hardcoded password: 'test'", - "line_number": 82, - "line_range": [ - 82 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", - "test_id": "B105", - "test_name": "hardcoded_password_string" - }, - { - "code": "31 provider = OpenAIProvider(\"test-key\", \"gpt-4\")\n32 assert provider.model == \"gpt-4\"\n33 assert provider.client is not None\n", - "col_offset": 8, - "end_col_offset": 40, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 32, - "line_range": [ - 32 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "32 assert provider.model == \"gpt-4\"\n33 assert provider.client is not None\n34 assert provider.provider_name == \"openai\"\n", - "col_offset": 8, - "end_col_offset": 42, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 33, - "line_range": [ - 33 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "33 assert provider.client is not None\n34 assert provider.provider_name == \"openai\"\n35 \n", - "col_offset": 8, - "end_col_offset": 49, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 34, - "line_range": [ - 34 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "47 provider = GoogleAIProvider(\"test-key\", \"gemini-pro\")\n48 assert provider.model is not None\n49 assert provider.provider_name == \"google\"\n", - "col_offset": 16, - "end_col_offset": 49, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 48, - "line_range": [ - 48 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "48 assert provider.model is not None\n49 assert provider.provider_name == \"google\"\n50 \n", - "col_offset": 16, - "end_col_offset": 57, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 49, - "line_range": [ - 49 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "74 provider = create_ai_provider(provider_type, \"test-key\")\n75 assert isinstance(provider, expected_class)\n76 \n", - "col_offset": 8, - "end_col_offset": 51, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 75, - "line_range": [ - 75 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "84 provider = create_ai_provider(\"openai\", \"test-key\", \"gpt-4\")\n85 assert isinstance(provider, OpenAIProvider)\n86 assert provider.model == \"gpt-4\"\n", - "col_offset": 8, - "end_col_offset": 51, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 85, - "line_range": [ - 85 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "85 assert isinstance(provider, OpenAIProvider)\n86 assert provider.model == \"gpt-4\"\n87 \n", - "col_offset": 8, - "end_col_offset": 40, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 86, - "line_range": [ - 86 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "102 \n103 assert response == \"Test response\"\n104 mock_client.chat.completions.create.assert_called_once()\n", - "col_offset": 12, - "end_col_offset": 46, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 103, - "line_range": [ - 103 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "122 \n123 assert \"Empty response\" in str(exc_info.value)\n124 assert exc_info.value.provider == \"openai\"\n", - "col_offset": 12, - "end_col_offset": 58, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 123, - "line_range": [ - 123 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "123 assert \"Empty response\" in str(exc_info.value)\n124 assert exc_info.value.provider == \"openai\"\n125 \n", - "col_offset": 12, - "end_col_offset": 54, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 124, - "line_range": [ - 124 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "142 \n143 assert response == \"Google response\"\n144 mock_model.generate_content_async.assert_called_once()\n", - "col_offset": 16, - "end_col_offset": 52, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 143, - "line_range": [ - 143 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "164 \n165 assert \"Empty response\" in str(exc_info.value)\n166 assert exc_info.value.provider == \"google\"\n", - "col_offset": 16, - "end_col_offset": 62, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 165, - "line_range": [ - 165 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "165 assert \"Empty response\" in str(exc_info.value)\n166 assert exc_info.value.provider == \"google\"\n167 \n", - "col_offset": 16, - "end_col_offset": 58, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 166, - "line_range": [ - 166 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "202 \n203 assert mock_response_content in response\n204 assert isinstance(provider, OpenAIProvider)\n", - "col_offset": 16, - "end_col_offset": 56, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 203, - "line_range": [ - 203 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "203 assert mock_response_content in response\n204 assert isinstance(provider, OpenAIProvider)\n205 \n", - "col_offset": 16, - "end_col_offset": 59, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 204, - "line_range": [ - 204 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "220 \n221 assert mock_response_content in response\n222 assert isinstance(provider, GoogleAIProvider)\n", - "col_offset": 20, - "end_col_offset": 60, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 221, - "line_range": [ - 221 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "221 assert mock_response_content in response\n222 assert isinstance(provider, GoogleAIProvider)\n223 \n", - "col_offset": 20, - "end_col_offset": 65, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 222, - "line_range": [ - 222 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "240 \n241 assert response == \"Test response\"\n242 \n", - "col_offset": 12, - "end_col_offset": 46, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 241, - "line_range": [ - 241 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "246 # Updated default model to gpt-4; ensure factory reflects this.\n247 assert openai_provider.model == \"gpt-4\"\n248 \n", - "col_offset": 8, - "end_col_offset": 47, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 247, - "line_range": [ - 247 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "251 google_provider = create_ai_provider(\"google\", \"test-key\")\n252 assert google_provider.model_name == \"gemini-pro\"\n253 \n", - "col_offset": 16, - "end_col_offset": 65, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 252, - "line_range": [ - 252 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "272 \n273 assert exc_info.value.provider == \"openai\"\n274 assert exc_info.value.error_type == \"UNKNOWN_ERROR\"\n", - "col_offset": 12, - "end_col_offset": 54, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 273, - "line_range": [ - 273 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "273 assert exc_info.value.provider == \"openai\"\n274 assert exc_info.value.error_type == \"UNKNOWN_ERROR\"\n275 \n", - "col_offset": 12, - "end_col_offset": 63, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 274, - "line_range": [ - 274 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "291 \n292 assert exc_info.value.provider == \"google\"\n293 assert exc_info.value.error_type == \"API_ERROR\"\n", - "col_offset": 16, - "end_col_offset": 58, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 292, - "line_range": [ - 292 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "292 assert exc_info.value.provider == \"google\"\n293 assert exc_info.value.error_type == \"API_ERROR\"\n294 \n", - "col_offset": 16, - "end_col_offset": 63, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 293, - "line_range": [ - 293 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "307 provider = create_ai_provider(provider_type, \"test-key\")\n308 assert isinstance(provider, GoogleAIProvider)\n309 \n", - "col_offset": 12, - "end_col_offset": 57, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 308, - "line_range": [ - 308 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "313 provider = create_ai_provider(provider_type, \"test-key\")\n314 assert isinstance(provider, OpenAIProvider)\n315 assert provider.model == \"gpt-4\"\n", - "col_offset": 16, - "end_col_offset": 59, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 314, - "line_range": [ - 314 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "314 assert isinstance(provider, OpenAIProvider)\n315 assert provider.model == \"gpt-4\"\n", - "col_offset": 16, - "end_col_offset": 48, - "filename": "gymgenius/backend/tests/test_ai_abstraction.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 315, - "line_range": [ - 315 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "29 res = client.post(\"/generate\", json=payload)\n30 assert res.status_code == 200\n31 \n", - "col_offset": 12, - "end_col_offset": 41, - "filename": "gymgenius/backend/tests/test_generate_rate_limit.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 30, - "line_range": [ - 30 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "32 res = client.post(\"/generate\", json=payload)\n33 assert res.status_code == 429\n", - "col_offset": 8, - "end_col_offset": 37, - "filename": "gymgenius/backend/tests/test_generate_rate_limit.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 33, - "line_range": [ - 33 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "28 res = client.post(\"/generate\", json=payload)\n29 assert res.status_code == 200\n30 assert res.json()[\"response\"].startswith(\"echo: hello\")\n", - "col_offset": 4, - "end_col_offset": 33, - "filename": "gymgenius/backend/tests/test_main_endpoints.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 29, - "line_range": [ - 29 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "29 assert res.status_code == 200\n30 assert res.json()[\"response\"].startswith(\"echo: hello\")\n31 \n", - "col_offset": 4, - "end_col_offset": 59, - "filename": "gymgenius/backend/tests/test_main_endpoints.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 30, - "line_range": [ - 30 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "42 res = client.post(\"/api/chat\", json=payload)\n43 assert res.status_code == 200\n44 assert \"response\" in res.json()\n", - "col_offset": 4, - "end_col_offset": 33, - "filename": "gymgenius/backend/tests/test_main_endpoints.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 43, - "line_range": [ - 43 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "43 assert res.status_code == 200\n44 assert \"response\" in res.json()\n", - "col_offset": 4, - "end_col_offset": 35, - "filename": "gymgenius/backend/tests/test_main_endpoints.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 44, - "line_range": [ - 44 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "38 resp = await client.post(\"/api/payments/create-order\", json=payload)\n39 assert resp.status_code == 200\n40 body = resp.json()\n", - "col_offset": 8, - "end_col_offset": 38, - "filename": "gymgenius/backend/tests/test_payment_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 39, - "line_range": [ - 39 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "40 body = resp.json()\n41 assert body.get(\"success\") is True\n42 assert body.get(\"order_id\") is not None\n", - "col_offset": 8, - "end_col_offset": 42, - "filename": "gymgenius/backend/tests/test_payment_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 41, - "line_range": [ - 41 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "41 assert body.get(\"success\") is True\n42 assert body.get(\"order_id\") is not None\n43 assert body.get(\"amount\") == 1000\n", - "col_offset": 8, - "end_col_offset": 47, - "filename": "gymgenius/backend/tests/test_payment_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 42, - "line_range": [ - 42 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "42 assert body.get(\"order_id\") is not None\n43 assert body.get(\"amount\") == 1000\n44 \n", - "col_offset": 8, - "end_col_offset": 41, - "filename": "gymgenius/backend/tests/test_payment_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 43, - "line_range": [ - 43 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "49 # Set a temporary secret for generating a valid signature\n50 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n51 async with HTTPXAsyncClient(\n", - "col_offset": 15, - "end_col_offset": 36, - "filename": "gymgenius/backend/tests/test_payment_service.py", - "issue_confidence": "MEDIUM", - "issue_cwe": { - "id": 259, - "link": "https://cwe.mitre.org/data/definitions/259.html" - }, - "issue_severity": "LOW", - "issue_text": "Possible hardcoded password: 'test-secret'", - "line_number": 50, - "line_range": [ - 50 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", - "test_id": "B105", - "test_name": "hardcoded_password_string" - }, - { - "code": "69 resp = await client.post(\"/api/payments/verify-payment\", json=payload)\n70 assert resp.status_code == 200\n71 body = resp.json()\n", - "col_offset": 8, - "end_col_offset": 38, - "filename": "gymgenius/backend/tests/test_payment_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 70, - "line_range": [ - 70 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "71 body = resp.json()\n72 assert body.get(\"verified\") is True\n73 assert body.get(\"payment_id\") == payload[\"razorpay_payment_id\"]\n", - "col_offset": 8, - "end_col_offset": 43, - "filename": "gymgenius/backend/tests/test_payment_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 72, - "line_range": [ - 72 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "72 assert body.get(\"verified\") is True\n73 assert body.get(\"payment_id\") == payload[\"razorpay_payment_id\"]\n74 \n", - "col_offset": 8, - "end_col_offset": 71, - "filename": "gymgenius/backend/tests/test_payment_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 73, - "line_range": [ - 73 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "94 resp = await client.post(\"/api/payments/webhook\", content=body, headers=headers)\n95 assert resp.status_code == 200\n96 body = resp.json()\n", - "col_offset": 8, - "end_col_offset": 38, - "filename": "gymgenius/backend/tests/test_payment_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 95, - "line_range": [ - 95 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "96 body = resp.json()\n97 assert body.get(\"status\") == \"acknowledged\"\n", - "col_offset": 8, - "end_col_offset": 51, - "filename": "gymgenius/backend/tests/test_payment_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 97, - "line_range": [ - 97 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "31 resp = await client.post(\"/api/payments/create-order\", json=payload)\n32 assert resp.status_code == 200\n33 body = resp.json()\n", - "col_offset": 8, - "end_col_offset": 38, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 32, - "line_range": [ - 32 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "34 order_id = body.get(\"order_id\")\n35 assert order_id\n36 assert order_id in ps.ORDERS_STORE\n", - "col_offset": 8, - "end_col_offset": 23, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 35, - "line_range": [ - 35 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "35 assert order_id\n36 assert order_id in ps.ORDERS_STORE\n37 order = ps.ORDERS_STORE[order_id]\n", - "col_offset": 8, - "end_col_offset": 42, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 36, - "line_range": [ - 36 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "37 order = ps.ORDERS_STORE[order_id]\n38 assert order[\"status\"] == \"pending\"\n39 \n", - "col_offset": 8, - "end_col_offset": 43, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 38, - "line_range": [ - 38 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "42 app = create_test_app()\n43 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n44 async with HTTPXAsyncClient(\n", - "col_offset": 15, - "end_col_offset": 36, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "MEDIUM", - "issue_cwe": { - "id": 259, - "link": "https://cwe.mitre.org/data/definitions/259.html" - }, - "issue_severity": "LOW", - "issue_text": "Possible hardcoded password: 'test-secret'", - "line_number": 43, - "line_range": [ - 43 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", - "test_id": "B105", - "test_name": "hardcoded_password_string" - }, - { - "code": "74 resp = await client.post(\"/api/payments/verify-payment\", json=verify_payload)\n75 assert resp.status_code == 200\n76 assert ps.ORDERS_STORE[order_id][\"status\"] == \"completed\"\n", - "col_offset": 8, - "end_col_offset": 38, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 75, - "line_range": [ - 75 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "75 assert resp.status_code == 200\n76 assert ps.ORDERS_STORE[order_id][\"status\"] == \"completed\"\n77 assert verify_payload[\"user_id\"] in ps.SUBSCRIPTIONS_STORE\n", - "col_offset": 8, - "end_col_offset": 65, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 76, - "line_range": [ - 76 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "76 assert ps.ORDERS_STORE[order_id][\"status\"] == \"completed\"\n77 assert verify_payload[\"user_id\"] in ps.SUBSCRIPTIONS_STORE\n78 assert ps.SUBSCRIPTIONS_STORE[verify_payload[\"user_id\"]][\"active\"] is True\n", - "col_offset": 8, - "end_col_offset": 66, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 77, - "line_range": [ - 77 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "77 assert verify_payload[\"user_id\"] in ps.SUBSCRIPTIONS_STORE\n78 assert ps.SUBSCRIPTIONS_STORE[verify_payload[\"user_id\"]][\"active\"] is True\n79 \n", - "col_offset": 8, - "end_col_offset": 82, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 78, - "line_range": [ - 78 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "82 app = create_test_app()\n83 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n84 async with HTTPXAsyncClient(\n", - "col_offset": 15, - "end_col_offset": 36, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "MEDIUM", - "issue_cwe": { - "id": 259, - "link": "https://cwe.mitre.org/data/definitions/259.html" - }, - "issue_severity": "LOW", - "issue_text": "Possible hardcoded password: 'test-secret'", - "line_number": 83, - "line_range": [ - 83 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", - "test_id": "B105", - "test_name": "hardcoded_password_string" - }, - { - "code": "98 resp = await client.post(\"/api/payments/webhook\", content=body, headers=headers)\n99 assert resp.status_code == 200\n100 assert resp.json().get(\"status\") == \"acknowledged\"\n", - "col_offset": 8, - "end_col_offset": 38, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 99, - "line_range": [ - 99 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "99 assert resp.status_code == 200\n100 assert resp.json().get(\"status\") == \"acknowledged\"\n101 \n", - "col_offset": 8, - "end_col_offset": 58, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 100, - "line_range": [ - 100 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "104 app = create_test_app()\n105 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n106 async with HTTPXAsyncClient(\n", - "col_offset": 15, - "end_col_offset": 36, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "MEDIUM", - "issue_cwe": { - "id": 259, - "link": "https://cwe.mitre.org/data/definitions/259.html" - }, - "issue_severity": "LOW", - "issue_text": "Possible hardcoded password: 'test-secret'", - "line_number": 105, - "line_range": [ - 105 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", - "test_id": "B105", - "test_name": "hardcoded_password_string" - }, - { - "code": "117 order_id = resp.json().get(\"order_id\")\n118 assert order_id in ps.ORDERS_STORE\n119 \n", - "col_offset": 8, - "end_col_offset": 42, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 118, - "line_range": [ - 118 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "131 resp = await client.post(\"/api/payments/webhook\", content=body, headers=headers)\n132 assert resp.status_code == 200\n133 assert ps.ORDERS_STORE[order_id][\"status\"] == \"captured\"\n", - "col_offset": 8, - "end_col_offset": 38, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 132, - "line_range": [ - 132 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "132 assert resp.status_code == 200\n133 assert ps.ORDERS_STORE[order_id][\"status\"] == \"captured\"\n134 \n", - "col_offset": 8, - "end_col_offset": 64, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 133, - "line_range": [ - 133 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "147 resp = await client.post(\"/api/payments/create-order\", json=payload)\n148 assert resp.status_code == 400\n149 \n", - "col_offset": 8, - "end_col_offset": 38, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 148, - "line_range": [ - 148 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "152 app = create_test_app()\n153 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n154 async with HTTPXAsyncClient(\n", - "col_offset": 15, - "end_col_offset": 36, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "MEDIUM", - "issue_cwe": { - "id": 259, - "link": "https://cwe.mitre.org/data/definitions/259.html" - }, - "issue_severity": "LOW", - "issue_text": "Possible hardcoded password: 'test-secret'", - "line_number": 153, - "line_range": [ - 153 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", - "test_id": "B105", - "test_name": "hardcoded_password_string" - }, - { - "code": "175 resp = await client.post(\"/api/payments/verify-payment\", json=verify_payload)\n176 assert resp.status_code == 400\n177 \n", - "col_offset": 8, - "end_col_offset": 38, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 176, - "line_range": [ - 176 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "180 app = create_test_app()\n181 os.environ[\"RAZORPAY_KEY_SECRET\"] = \"test-secret\"\n182 async with HTTPXAsyncClient(\n", - "col_offset": 15, - "end_col_offset": 36, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "MEDIUM", - "issue_cwe": { - "id": 259, - "link": "https://cwe.mitre.org/data/definitions/259.html" - }, - "issue_severity": "LOW", - "issue_text": "Possible hardcoded password: 'test-secret'", - "line_number": 181, - "line_range": [ - 181 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html", - "test_id": "B105", - "test_name": "hardcoded_password_string" - }, - { - "code": "188 resp = await client.post(\"/api/payments/webhook\", content=body)\n189 assert resp.status_code == 400\n", - "col_offset": 8, - "end_col_offset": 38, - "filename": "gymgenius/backend/tests/test_payment_service_storage.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 189, - "line_range": [ - 189 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "22 headers = resp.headers\n23 assert \"content-security-policy\" in headers\n24 assert \"x-frame-options\" in headers\n", - "col_offset": 8, - "end_col_offset": 51, - "filename": "gymgenius/backend/tests/test_security_middleware.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 23, - "line_range": [ - 23 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "23 assert \"content-security-policy\" in headers\n24 assert \"x-frame-options\" in headers\n25 assert \"x-content-type-options\" in headers\n", - "col_offset": 8, - "end_col_offset": 43, - "filename": "gymgenius/backend/tests/test_security_middleware.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 24, - "line_range": [ - 24 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "24 assert \"x-frame-options\" in headers\n25 assert \"x-content-type-options\" in headers\n26 assert \"strict-transport-security\" in headers\n", - "col_offset": 8, - "end_col_offset": 50, - "filename": "gymgenius/backend/tests/test_security_middleware.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 25, - "line_range": [ - 25 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "25 assert \"x-content-type-options\" in headers\n26 assert \"strict-transport-security\" in headers\n27 \n", - "col_offset": 8, - "end_col_offset": 53, - "filename": "gymgenius/backend/tests/test_security_middleware.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 26, - "line_range": [ - 26 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "34 resp = client.post(\"/test\", data=large_payload)\n35 assert resp.status_code in (413, 404, 405)\n", - "col_offset": 8, - "end_col_offset": 50, - "filename": "gymgenius/backend/tests/test_security_middleware.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 35, - "line_range": [ - 35 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "13 asyncio.run(socketio_service.connect(sid, environ))\n14 assert sid in socketio_service.active_connections\n15 assert socketio_service.active_connections[sid] == \"test-user\"\n", - "col_offset": 4, - "end_col_offset": 53, - "filename": "gymgenius/backend/tests/test_socketio_and_main.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 14, - "line_range": [ - 14 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "14 assert sid in socketio_service.active_connections\n15 assert socketio_service.active_connections[sid] == \"test-user\"\n16 \n", - "col_offset": 4, - "end_col_offset": 66, - "filename": "gymgenius/backend/tests/test_socketio_and_main.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 15, - "line_range": [ - 15 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "25 # Check it logs trainer id\n26 assert any(\n27 \"trainer_id=trainer-1\" in rec.getMessage() or \"trainer-1\" in rec.getMessage()\n28 for rec in caplog.records\n29 )\n30 \n", - "col_offset": 4, - "end_col_offset": 5, - "filename": "gymgenius/backend/tests/test_socketio_and_main.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 26, - "line_range": [ - 26, - 27, - 28, - 29 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "40 res = client.get(\"/health\")\n41 assert res.status_code == 200\n42 assert (\n", - "col_offset": 8, - "end_col_offset": 37, - "filename": "gymgenius/backend/tests/test_socketio_and_main.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 41, - "line_range": [ - 41 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "41 assert res.status_code == 200\n42 assert (\n43 \"healthy\" in res.json().get(\"status\")\n44 or res.json().get(\"status\") == \"healthy\"\n45 )\n46 \n", - "col_offset": 8, - "end_col_offset": 9, - "filename": "gymgenius/backend/tests/test_socketio_and_main.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 42, - "line_range": [ - 42, - 43, - 44, - 45 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "49 cleaned = InputSanitizer.sanitize_text(bad_input)\n50 assert \"script\" not in cleaned and \"alert\" not in cleaned\n", - "col_offset": 4, - "end_col_offset": 61, - "filename": "gymgenius/backend/tests/test_socketio_and_main.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 50, - "line_range": [ - 50 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "15 # Ensure log contains trainer id\n16 assert any(\n17 \"trainer_id=trainer-1\" in rec.getMessage() or \"trainer-1\" in rec.getMessage()\n18 for rec in caplog.records\n19 )\n20 \n", - "col_offset": 4, - "end_col_offset": 5, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 16, - "line_range": [ - 16, - 17, - 18, - 19 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "28 \n29 assert any(\"SOCKET_CHAT\" in rec.getMessage() for rec in caplog.records)\n30 # validate returned event payload\n", - "col_offset": 4, - "end_col_offset": 75, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 29, - "line_range": [ - 29 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "31 evt = await service.send_chat_message(\"user-1\", \"user-2\", \"Hello!\")\n32 assert isinstance(evt.get(\"message_id\"), str)\n33 assert \"timestamp\" in evt\n", - "col_offset": 4, - "end_col_offset": 49, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 32, - "line_range": [ - 32 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "32 assert isinstance(evt.get(\"message_id\"), str)\n33 assert \"timestamp\" in evt\n34 \n", - "col_offset": 4, - "end_col_offset": 29, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 33, - "line_range": [ - 33 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "43 res = await service.connect(sid, environ)\n44 assert res is True\n45 assert sid in service.active_connections\n", - "col_offset": 4, - "end_col_offset": 22, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 44, - "line_range": [ - 44 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "44 assert res is True\n45 assert sid in service.active_connections\n46 assert service.active_connections[sid] == \"test-user\"\n", - "col_offset": 4, - "end_col_offset": 44, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 45, - "line_range": [ - 45 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "45 assert sid in service.active_connections\n46 assert service.active_connections[sid] == \"test-user\"\n47 \n", - "col_offset": 4, - "end_col_offset": 57, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 46, - "line_range": [ - 46 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "49 evt = await service.broadcast_trainer_status(\"trainer-1\", \"online\", {\"uptime\": 1})\n50 assert isinstance(evt.get(\"timestamp\"), str)\n51 assert \"trainer_id\" in evt\n", - "col_offset": 4, - "end_col_offset": 48, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 50, - "line_range": [ - 50 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "50 assert isinstance(evt.get(\"timestamp\"), str)\n51 assert \"trainer_id\" in evt\n52 # booking update payload has booking_id and timestamp\n", - "col_offset": 4, - "end_col_offset": 30, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 51, - "line_range": [ - 51 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "53 booking_evt = await service.broadcast_booking_update(\"booking-1\", \"confirmed\")\n54 assert booking_evt[\"booking_id\"] == \"booking-1\"\n55 assert \"timestamp\" in booking_evt\n", - "col_offset": 4, - "end_col_offset": 51, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 54, - "line_range": [ - 54 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "54 assert booking_evt[\"booking_id\"] == \"booking-1\"\n55 assert \"timestamp\" in booking_evt\n56 \n", - "col_offset": 4, - "end_col_offset": 37, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 55, - "line_range": [ - 55 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "63 await service.connect(sid, environ)\n64 assert sid in service.active_connections\n65 await service.disconnect(sid)\n", - "col_offset": 4, - "end_col_offset": 44, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 64, - "line_range": [ - 64 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "65 await service.disconnect(sid)\n66 assert sid not in service.active_connections\n67 \n", - "col_offset": 4, - "end_col_offset": 48, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 66, - "line_range": [ - 66 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - }, - { - "code": "74 await service.subscribe_trainer(sid, {\"trainer_id\": \"t-1\"})\n75 assert any(\"SOCKET_SUBSCRIBE\" in rec.getMessage() for rec in caplog.records)\n", - "col_offset": 4, - "end_col_offset": 80, - "filename": "gymgenius/backend/tests/test_socketio_service.py", - "issue_confidence": "HIGH", - "issue_cwe": { - "id": 703, - "link": "https://cwe.mitre.org/data/definitions/703.html" - }, - "issue_severity": "LOW", - "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.", - "line_number": 75, - "line_range": [ - 75 - ], - "more_info": "https://bandit.readthedocs.io/en/1.8.6/plugins/b101_assert_used.html", - "test_id": "B101", - "test_name": "assert_used" - } - ] -} \ No newline at end of file From ab198bbcf92ab9702ebfc902a3066c8b55c24e79 Mon Sep 17 00:00:00 2001 From: Sourav <205398826+morningstarxcdcode@users.noreply.github.com> Date: Sun, 16 Nov 2025 15:08:32 +0530 Subject: [PATCH 05/10] Update gymgenius/backend/payment_service.py Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- gymgenius/backend/payment_service.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gymgenius/backend/payment_service.py b/gymgenius/backend/payment_service.py index cd5c003..793c207 100644 --- a/gymgenius/backend/payment_service.py +++ b/gymgenius/backend/payment_service.py @@ -333,7 +333,7 @@ async def verify_payment( if not os.getenv("RAZORPAY_KEY_SECRET"): # If no secret configured, log and accept for now (test/stub mode) logger.warning( - "PAYMENT_VERIFY: Missing RAZORPAY_KEY_SECRET; " "skipping verification" + "PAYMENT_VERIFY: Missing RAZORPAY_KEY_SECRET; skipping verification" ) else: _msg = ( From 1b37f2646bd1d8f2d28456a9b9c49c68e59a3630 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 16 Nov 2025 09:40:59 +0000 Subject: [PATCH 06/10] Clean up duplicate/incomplete comments in payment_service.py Co-authored-by: morningstarxcdcode <205398826+morningstarxcdcode@users.noreply.github.com> --- gymgenius/backend/payment_service.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/gymgenius/backend/payment_service.py b/gymgenius/backend/payment_service.py index 793c207..26412c2 100644 --- a/gymgenius/backend/payment_service.py +++ b/gymgenius/backend/payment_service.py @@ -353,9 +353,6 @@ async def verify_payment( if generated_signature != verify_request.razorpay_signature: raise HTTPException(status_code=400, detail="Invalid payment signature") - # (Legacy commented-out implementation removed; using runtime - # verification above.) - # above.) # NOTE: Update order/subscription in in-memory store order = ORDERS_STORE.get(verify_request.razorpay_order_id) From b15758ae5f21c41e4ecd11ed68ce8d341939ce60 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 17 Nov 2025 03:34:10 +0000 Subject: [PATCH 07/10] Update CodeQL Action from v3 to v4 to fix deprecation warning Co-authored-by: morningstarxcdcode <205398826+morningstarxcdcode@users.noreply.github.com> --- .github/workflows/fortress-pipeline.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/fortress-pipeline.yml b/.github/workflows/fortress-pipeline.yml index 75dd3a6..a9d5888 100644 --- a/.github/workflows/fortress-pipeline.yml +++ b/.github/workflows/fortress-pipeline.yml @@ -110,13 +110,13 @@ jobs: uses: actions/checkout@v4 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: javascript,python queries: security-extended - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 - name: Run npm audit run: | From 618c15da1ab6fec32dbdf5e1946bf4578b891c07 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 17 Nov 2025 03:38:20 +0000 Subject: [PATCH 08/10] Remove workflow CodeQL steps to avoid conflict with default setup Co-authored-by: morningstarxcdcode <205398826+morningstarxcdcode@users.noreply.github.com> --- .github/workflows/fortress-pipeline.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/fortress-pipeline.yml b/.github/workflows/fortress-pipeline.yml index a9d5888..a5357a3 100644 --- a/.github/workflows/fortress-pipeline.yml +++ b/.github/workflows/fortress-pipeline.yml @@ -109,15 +109,6 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - - name: Initialize CodeQL - uses: github/codeql-action/init@v4 - with: - languages: javascript,python - queries: security-extended - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 - - name: Run npm audit run: | npm ci From d0aa2353118c7c430807340dcf9d2c53e3e7774c Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 17 Nov 2025 03:46:38 +0000 Subject: [PATCH 09/10] Update dependencies to fix security vulnerabilities Co-authored-by: morningstarxcdcode <205398826+morningstarxcdcode@users.noreply.github.com> --- gymgenius-monorepo/packages/backend/socketio/package.json | 2 +- gymgenius/backend/requirements.txt | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/gymgenius-monorepo/packages/backend/socketio/package.json b/gymgenius-monorepo/packages/backend/socketio/package.json index 7ff72cc..a72f61a 100644 --- a/gymgenius-monorepo/packages/backend/socketio/package.json +++ b/gymgenius-monorepo/packages/backend/socketio/package.json @@ -13,7 +13,7 @@ "@socket.io/redis-adapter": "^8.1.0", "redis": "^4.6.5", "dotenv": "^16.3.1", - "firebase-admin": "^11.11.1", + "firebase-admin": "^13.6.0", "cors": "^2.8.5" }, "devDependencies": { diff --git a/gymgenius/backend/requirements.txt b/gymgenius/backend/requirements.txt index ded8d53..f05e963 100644 --- a/gymgenius/backend/requirements.txt +++ b/gymgenius/backend/requirements.txt @@ -7,7 +7,7 @@ fastapi==0.109.0 uvicorn[standard]==0.27.0 pydantic==2.5.3 -python-multipart==0.0.6 +python-multipart==0.0.20 # ============================================================================ # AI Provider SDKs @@ -19,7 +19,7 @@ google-generativeai==0.8.3 # Security & Rate Limiting # ============================================================================ slowapi==0.1.9 -python-jose[cryptography]==3.3.0 +python-jose[cryptography]==3.5.0 passlib[bcrypt]==1.7.4 # ============================================================================ @@ -40,7 +40,7 @@ httpx==0.27.0 # ============================================================================ # Code Quality & Linting # ============================================================================ -black==24.1.1 +black==25.11.0 flake8==7.0.0 pylint==3.0.3 mypy==1.8.0 From 1060ede64d7cce0478ffac83c14e781686926191 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 17 Nov 2025 04:06:24 +0000 Subject: [PATCH 10/10] Fix Python test imports by adding __init__.py files and PYTHONPATH Co-authored-by: morningstarxcdcode <205398826+morningstarxcdcode@users.noreply.github.com> --- gymgenius/backend/Dockerfile | 1 + gymgenius/backend/__init__.py | 1 + gymgenius/backend/tests/__init__.py | 1 + 3 files changed, 3 insertions(+) create mode 100644 gymgenius/backend/__init__.py create mode 100644 gymgenius/backend/tests/__init__.py diff --git a/gymgenius/backend/Dockerfile b/gymgenius/backend/Dockerfile index fa0d541..59bc7f1 100644 --- a/gymgenius/backend/Dockerfile +++ b/gymgenius/backend/Dockerfile @@ -2,6 +2,7 @@ FROM python:3.11-slim ENV PYTHONDONTWRITEBYTECODE=1 ENV PYTHONUNBUFFERED=1 +ENV PYTHONPATH=/app WORKDIR /app diff --git a/gymgenius/backend/__init__.py b/gymgenius/backend/__init__.py new file mode 100644 index 0000000..a025d4c --- /dev/null +++ b/gymgenius/backend/__init__.py @@ -0,0 +1 @@ +# GymGenius Backend Package diff --git a/gymgenius/backend/tests/__init__.py b/gymgenius/backend/tests/__init__.py new file mode 100644 index 0000000..e4c2b03 --- /dev/null +++ b/gymgenius/backend/tests/__init__.py @@ -0,0 +1 @@ +# GymGenius Backend Tests Package