Skip to content

refactor: native tests#7307

Open
dwisiswant0 wants to merge 1 commit intodevfrom
dwisiswant0/refactor/native-tests
Open

refactor: native tests#7307
dwisiswant0 wants to merge 1 commit intodevfrom
dwisiswant0/refactor/native-tests

Conversation

@dwisiswant0
Copy link
Copy Markdown
Member

@dwisiswant0 dwisiswant0 commented Mar 27, 2026
edited by coderabbitai bot
Loading

Proposed changes

Make functional tests and integration fixtures/tests native.

Closes #5401
Closes #5918

I know these are not reviewable, so to sum up:

  • Integration tests became native Go tests, with less shell glue.
    • Gated by integration build tag.
  • Functional testing became native Go tests too, and is also less shell glue (no longer a shell wrapper).
    • Gated by functional build tag.
    • release-vs-dev comparisons:
      • release: searches through $PATH, which gets the latest stable binary with projectdiscovery/nuclei-action@v3 (installs to $PATH) first in the previous step. Making it make sense for local.
      • dev: ./bin/nuclei by make build.
  • Replace the older cache steps with projectdiscovery/nuclei-action/cache@v3.
    Because old composite action caches aren't being overwritten, which means they're stale or just invalid for any time in the future. Case in point: still using an old version of Chrome (go-rod), old nuclei-templates, etc.

Proof

Before (https://github.com/projectdiscovery/nuclei/actions/runs/23787545704) vs after (native: https://github.com/projectdiscovery/nuclei/actions/runs/23815671058):

Job (OS) Before After Delta Change Speedup
Functional tests (macOS) 6m 7m +1m +16% 0.86×
Functional tests (Ubuntu) 6m 5m -1m -16% 1.20×
Functional tests (Windows) 18m 11m -7m -39% 1.64×
Integration tests (macOS) 16m 12m -4m -25% 1.33×
Integration tests (Ubuntu) 22m 7m -15m -68% 3.14× 🚀
Integration tests (Windows) 21m 9m -12m -57% 2.33× 🚀

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

Summary by CodeRabbit

  • Refactor
    • Migrated integration and functional test suites to Go's native test framework and reorganized test tooling and harnesses.
  • Tests
    • Replaced custom scripts and IDE run configs with Go test targets, added CI-only functional comparison tests, increased test timeouts and a debug test mode.
  • Documentation
    • Updated docs and make targets to reflect new test commands, locations, and CI guidance.

@auto-assign auto-assign bot requested a review from dogancanbakir March 27, 2026 23:15
@neo-by-projectdiscovery-dev
Copy link
Copy Markdown

neo-by-projectdiscovery-dev bot commented Mar 27, 2026
edited
Loading

Neo - PR Security Review

Caution

Neo couldn't finish analyzing this pull request during this run. Please run the review again.

Comment @pdneo help for available commands. · Open in Neo

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Mar 27, 2026
edited
Loading

Walkthrough

Integration and functional test orchestration was migrated from shell scripts and CLI harnesses into native Go test suites and utilities under internal/tests/ (build tags integration/functional), legacy test binaries/scripts/IDE configs were removed, Makefile/docs updated to invoke go test, and test helper abstractions (Runner, servers, fixture staging, parallel runner) were added.

Changes

Cohort / File(s) Summary
VCS / IDE / Ignore
\.gitignore, .run/.../*.run.xml		 Replaced two specific integration ignore entries with a broad *.test rule; removed several IDE run configurations (.run/DSLFunctionsIT.run.xml, .run/IntegrationTests.run.xml, .run/RegressionTests.run.xml).
Docs & Makefile
CLAUDE.md, DESIGN.md, Makefile		 Docs updated to reference internal/tests/... and `go test -tags=integration
Removed legacy harnesses & scripts
cmd/functional-test/*, cmd/integration-test/* (many files), integration_tests/*, gh_retry.sh		 Deleted legacy functional/integration CLI programs, orchestration scripts, and GH rerun helper; removes many cmd/integration-test Go files and integration_tests shell scripts.
New centralized tests & runner
internal/tests/testutils/integration.go, internal/tests/testutils/testutils.go, internal/tests/integration/integration_test.go, internal/tests/integration/runner_test.go		 Added Runner abstraction, execution helpers (Template/Workflow/Bare), TCP/WebSocket test servers, fixture staging/copy, fuzz playground startup, parallel family/case runner with CI-aware reruns, and supporting concurrency/retry utilities.
Functional tests (new)
internal/tests/functional/functional_test.go, internal/tests/functional/testdata/testcases.txt		 Added CI-gated functional comparison test that resolves/builds binaries, runs release vs dev binaries in parallel, parses testcase lines, and compares LoadedTemplates outputs; testcases file reorganized.
Integration tests (migrated/added)
internal/tests/integration/*.go (dns, file, flow, http, network, ssl, websocket, loader, javascript_test, code_test, etc.)		 Moved/rewrote many protocol-specific integration tests as integration-tagged Go tests in integration_test package; updated imports to internal/tests/testutils; added helpers like tempFixturePath, newTLSServer, getBase64.
Test import / small fixes
multiple _test.go, lib/sdk_private.go, _typos.toml, cmd/tools/*		 Repointed testutils imports from pkg/testutilsinternal/tests/testutils, adjusted typo exclusions, minor docs/comment tweaks, and improved signer verification logic.
Formatting/type alignments
many internal/tests/integration/*.go		 Standardized build tags (//go:build integration), switched package to integration_test, and changed local test-case types to integrationCase across many files.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant CI as CI Orchestrator
  participant Runner as Go Test Runner (internal/tests)
  participant Build as Build System / Makefile
  participant Fixture as Fixture Staging (temp dir)
  participant Fuzz as FuzzPlayground Server
  participant Docker as Docker/Container Services
  participant Nuclei as Nuclei Binary

  CI->>Runner: trigger tests (integration/functional)
  Runner->>Build: build nuclei binary (if needed)
  Build-->>Runner: nuclei binary path
  Runner->>Fixture: stage/copy fixtures (temp dir)
  Runner->>Fuzz: start fuzzplayground server
  Fuzz-->>Runner: server ready
  loop families
    Runner->>Runner: spawn family subtest (parallel controlled)
    loop cases
      alt requires container
        Runner->>Docker: start container for case
        Docker-->>Runner: mapped host/port
      end
      Runner->>Nuclei: run template/workflow (args, env)
      Nuclei-->>Runner: output / loaded templates
      Runner->>Runner: validate/compare results
      alt failure && CI
        Runner->>CI: record failure for rerun
        CI-->>Runner: trigger rerun with debug (optional)
      end
      alt used container
        Runner->>Docker: purge container
      end
    end
  end
  Runner->>Fuzz: stop server
  Runner-->>CI: report final status
Loading

Estimated code review effort

🎯 5 (Critical) | ⏱️ ~120 minutes

"I nibble bytes and stitch the runs,
Temp files hop and fixtures hum,
Old scripts buried in a hole,
Go tests march forth — a rabbit's role,
Carrots for CI, swift and fun!" 🥕

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 11.40% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The PR title 'refactor: native tests' clearly summarizes the main objective: converting functional and integration tests from shell scripts to native Go tests.
Linked Issues check ✅ Passed The changeset addresses both linked issues: #5401 (parallel execution via native tests with concurrency controls) and #5918 (unified test directory structure under internal/tests/).
Out of Scope Changes check ✅ Passed All changes align with the refactoring objective: moving tests from cmd/ and integration_tests/ to internal/tests/, converting shell scripts to Go tests, updating imports, and related documentation/configuration updates.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dwisiswant0/refactor/native-tests

Comment @coderabbitai help to get the list of available commands and usage tips.

@dwisiswant0 dwisiswant0 mentioned this pull request Mar 27, 2026
Closed
4 tasks
coderabbitai[bot]
coderabbitai bot reviewed Mar 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
internal/tests/integration/exporters_test.go (1)

40-48: ⚠️ Potential issue | 🟡 Minor

Defer placement may cause issues if container startup fails.

The defer for container termination is placed before checking the error from mongocontainer.Run. If the container fails to start, mongodbContainer could be nil, potentially causing issues in the deferred TerminateContainer call.

Proposed fix 
 	// Start a MongoDB container
 	mongodbContainer, err := mongocontainer.Run(ctx, dbImage)
-	defer func() {
-		if err := testcontainers.TerminateContainer(mongodbContainer); err != nil {
-			log.Printf("failed to terminate container: %s", err)
-		}
-	}()
 	if err != nil {
 		return fmt.Errorf("failed to start container: %w", err)
 	}
+	defer func() {
+		if err := testcontainers.TerminateContainer(mongodbContainer); err != nil {
+			log.Printf("failed to terminate container: %s", err)
+		}
+	}()
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/exporters_test.go` around lines 40 - 48, The defer
that terminates the test container is currently registered immediately after
calling mongocontainer.Run, which can invoke testcontainers.TerminateContainer
with a nil mongodbContainer if Run failed; move the deferred cleanup to after
you check the error from mongocontainer.Run (i.e., only register the defer when
err == nil and mongodbContainer is non-nil) so that the defer closure calls
testcontainers.TerminateContainer(mongodbContainer) safely; reference the
mongocontainer.Run call, the mongodbContainer variable, and the existing defer
func that calls testcontainers.TerminateContainer to locate and update the code.
🧹 Nitpick comments (13)
.gitignore (1)

31-31: Add intent comment for *.test ignore rule.

This pattern is fine, but adding a short note (e.g., “Go go test -c artifacts”) would make the broad scope easier to understand and maintain later.

Suggested tweak 
-*.test
+# Go compiled test binaries (e.g. from `go test -c`)
+*.test
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.gitignore at line 31, Add a short intent comment above the existing
"*.test" ignore rule describing why it is ignored (for example: "Go `go test -c`
artifacts" or "compiled Go test binaries"), so maintainers understand the broad
pattern; simply insert a one-line comment directly above the "*.test" entry in
.gitignore mentioning the reason.
internal/tests/testutils/integration.go (1)

428-443: Consider graceful shutdown for the TCP server accept loop.

The accept loop runs indefinitely and silently ignores errors. When Close() is called, the loop will continue attempting to accept until the process exits. Consider adding a done channel or checking for specific close errors.

♻️ Optional improvement for graceful shutdown 
 type TCPServer struct {
 	URL      string
 	listener net.Listener
+	done     chan struct{}
 }

 func NewTCPServer(tlsConfig *tls.Config, port int, handler func(conn net.Conn)) *TCPServer {
-	server := &TCPServer{}
+	server := &TCPServer{done: make(chan struct{})}
 	// ... setup code ...
 	go func() {
 		for {
+			select {
+			case <-server.done:
+				return
+			default:
+			}
 			conn, err := l.Accept()
 			if err != nil {
+				select {
+				case <-server.done:
+					return
+				default:
+				}
 				continue
 			}
 			// ... handler code ...
 		}
 	}()
 	return server
 }

 func (s *TCPServer) Close() {
+	close(s.done)
 	_ = s.listener.Close()
 }
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/testutils/integration.go` around lines 428 - 443, The accept
loop in the goroutine (which calls l.Accept(), wraps connections with tls.Server
when tlsConfig != nil, and invokes handler) never stops and ignores errors;
modify it to support graceful shutdown by adding a done channel (or context)
checked in the loop and/or by detecting a listener-close error (e.g.,
net.ErrClosed) from l.Accept(); on Close() signal, exit the loop instead of
continuing, and log/handle non-closure errors appropriately so the goroutine can
terminate cleanly.
pkg/protocols/common/automaticscan/automaticscan.go (1)

28-28: Production code in pkg/ depends on test utilities.

Similar to lib/sdk_private.go, this production package now imports MockProgressClient from internal/tests/testutils. The comment on line 188 indicates this is a workaround for stats not being reinitializable.

This dependency pattern couples production code to test scaffolding. Consider extracting MockProgressClient (or renaming it to NoOpProgressClient) into a shared non-test package like pkg/progress alongside the Progress interface it implements.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@pkg/protocols/common/automaticscan/automaticscan.go` at line 28, The
automaticscan package imports a test-only helper (MockProgressClient) from
internal/tests/testutils which couples production code to test scaffolding;
extract the mock into a non-test shared package (e.g., create pkg/progress) that
defines the Progress interface and a NoOpProgressClient/MockProgressClient
implementation, update automaticscan.go to import pkg/progress instead of
internal/tests/testutils, and ensure any references to MockProgressClient and
the Progress interface in functions and types are updated to the new package
path.
lib/sdk_private.go (1)

35-35: Production SDK code depends on test utilities from internal/tests/testutils.

The lib/ package is the public SDK for embedding Nuclei, yet it now imports mock implementations (MockOutputWriter, MockProgressClient) from the internal test utilities package. While this works within the module, it conflates test scaffolding with production defaults.

Consider whether these mock types should live in a shared internal/defaults or pkg/defaults package instead of internal/tests/testutils, to clarify their role as lightweight default implementations rather than test-only mocks.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@lib/sdk_private.go` at line 35, The lib package is importing test-only
utilities (MockOutputWriter, MockProgressClient) from internal/tests/testutils;
move these mock/default implementations into a non-test package (e.g.,
pkg/defaults or internal/defaults), update lib/sdk_private.go to import the new
package instead of internal/tests/testutils, and update all references to
MockOutputWriter and MockProgressClient accordingly; ensure the moved types keep
the same exported names and behavior and update any tests that referenced the
old path to use the new package.
internal/tests/integration/library_test.go (1)

128-131: Consider returning an error instead of using log.Fatalf.

Using log.Fatalf in executeNucleiAsLibrary will terminate the entire test process if workflow loader creation fails, preventing other tests from running and obscuring the actual failure. Since this function already returns errors for other failure cases, it would be more consistent to return the error here as well.

Suggested fix 
 	workflowLoader, err := parsers.NewLoader(executerOpts)
 	if err != nil {
-		log.Fatalf("Could not create workflow loader: %s\n", err)
+		return nil, errors.Wrap(err, "could not create workflow loader")
 	}
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/library_test.go` around lines 128 - 131, In
executeNucleiAsLibrary replace the log.Fatalf call used when
parsers.NewLoader(executerOpts) fails with returning the error up the stack:
capture the error from parsers.NewLoader, do not call log.Fatalf, and return a
formatted error (or the original err) so callers/tests can handle it; update the
handling around workflowLoader and ensure the function signature supports
returning an error if it doesn't already.
internal/tests/integration/websocket_test.go (1)

32-32: Minor: URL scheme replacement could be more precise.

strings.ReplaceAll(server.URL, "http", "ws") would also transform https to wss, which happens to be correct behavior. However, for explicitness, consider using strings.Replace with count=1 or a URL parsing approach to ensure only the scheme is replaced.

This is a minor nitpick since test server URLs are predictable localhost addresses.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/websocket_test.go` at line 32, The test currently
uses strings.ReplaceAll(server.URL, "http", "ws") when calling
testutils.RunNucleiTemplateAndGetResults, which can over-replace; change this to
explicitly replace only the scheme — either use strings.Replace(server.URL,
"http", "ws", 1) or parse server.URL with url.Parse, map "http"->"ws" and
"https"->"wss", then call u.String() — and pass that resulting URL into
RunNucleiTemplateAndGetResults.
internal/tests/integration/profile-loader_test.go (1)

21-30: Minor: error message inconsistency.

The error message says "failed to load template with id" but this test case loads by relative file path, not by ID. Consider updating for clarity.

Suggested fix 
 func (h *profileLoaderByRelFile) Execute(testName string) error {
 	results, err := testutils.RunNucleiWithArgsAndGetResults(debug, "-tl", "-tp", "cloud.yml")
 	if err != nil {
-		return errkit.Wrap(err, "failed to load template with id")
+		return errkit.Wrap(err, "failed to load template with relative filename")
 	}
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/profile-loader_test.go` around lines 21 - 30, The
error message in profileLoaderByRelFile.Execute is misleading: when
RunNucleiWithArgsAndGetResults (called with "-tl", "-tp", "cloud.yml") fails it
wraps the error with "failed to load template with id" even though this path
loads by relative file; update the errkit.Wrap call to use a clear, accurate
message such as "failed to load template by relative file" (or similar) so the
wrapped error context reflects that this function loads by file path rather than
by template ID.
internal/tests/integration/http_test.go (2)

1110-1128: Consider using tempFixtureCopy pattern for consistency.

The tempFixturePath function creates temp directories under suite.tempDir without explicit cleanup, unlike tempFixtureCopy in integration_test.go which uses t.TempDir() for automatic cleanup.

This works because suite.tempDir is presumably cleaned up when the test suite finishes. However, for tests that have access to *testing.T (like the self-contained tests could be refactored to use), the tempFixtureCopy pattern is cleaner.

Current implementation is functional since suite-level cleanup handles orphaned directories.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/http_test.go` around lines 1110 - 1128,
tempFixturePath creates temp dirs under suite.tempDir without using testing.T's
automatic cleanup, leading to inconsistent patterns versus tempFixtureCopy;
update tempFixturePath to follow the tempFixtureCopy pattern by accepting a
*testing.T (or refactoring callers to use tempFixtureCopy) and create temp dirs
with t.TempDir() instead of os.MkdirTemp(suite.tempDir,...), or alternatively
document/ensure suite.tempDir cleanup is explicit; refer to function
tempFixturePath, the tempFixtureCopy pattern in integration_test.go, and usage
of suite.tempDir when making the change.

1060-1108: Consider closing the file before running nuclei.

In httpRequestSelfContainedFileInput, the temporary file is written but only closed in a defer at line 1084-1086. Nuclei reads this file during RunNucleiTemplateAndGetResults at line 1095. While most operating systems allow reading a file that's open for writing elsewhere, explicitly closing (or at least flushing) the file before nuclei reads it would be more robust.

💡 Suggested improvement 
 	if _, err := FileLoc.Write([]byte("one\ntwo\n")); err != nil {
 		return errkit.Wrap(err, "failed to write payload to temp file")
 	}
-	defer func() {
-		_ = FileLoc.Close()
-	}()
+	if err := FileLoc.Close(); err != nil {
+		return errkit.Wrap(err, "failed to close temp file")
+	}
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/http_test.go` around lines 1060 - 1108, The temp
file is still open when RunNucleiTemplateAndGetResults is called in
httpRequestSelfContainedFileInput.Execute which can race on some platforms;
after writing to FileLoc (and before calling tempFixturePath or
RunNucleiTemplateAndGetResults) explicitly flush and close the file (call
FileLoc.Sync()/FileLoc.Close() and handle errors) instead of relying only on the
deferred close so the file contents are guaranteed to be visible to
testutils.RunNucleiTemplateAndGetResults; keep or adjust the defer cleanup
accordingly to avoid double-close.
internal/tests/integration/loader_test.go (1)

113-124: External dependency on scanme.sh may cause test flakiness.

This subtest relies on an external host (scanme.sh) which could be unreachable, rate-limited, or have changed certificate status. Consider using a local test server or mocking the SSL behavior to make this test more reliable in CI environments.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/loader_test.go` around lines 113 - 124, The test
t.Run("LoadTemplateWithID") currently depends on an external host "scanme.sh";
replace this with a controlled local HTTPS test server (e.g., use
httptest.NewTLSServer) or mock the SSL behavior and point the call to
testutils.RunNucleiBareArgsAndGetResults to the server's URL instead of
"scanme.sh"; ensure the server serves the expected response/template so
expectResultsCount(results, 1) still passes and adjust any TLS client settings
(e.g., provide the test server's CA or disable verification in the test harness)
so the HTTPS handshake succeeds reliably in CI.
internal/tests/integration/integration_test.go (2)

84-93: Hardcoded port and silent server failure could cause confusing test failures.

The fuzz playground server uses a hardcoded port (8082). If this port is already in use, the server fails to start but tests continue running, potentially causing fuzz-related tests to fail with unclear errors. Consider either:

  1. Using an ephemeral port (:0) and exposing the actual address
  2. Making the server startup failure fatal if fuzz tests depend on it
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/integration_test.go` around lines 84 - 93, The
test currently starts the fuzz playground on a hardcoded "localhost:8082" and
silently ignores start failures; instead start the server on an ephemeral port
and fail fast: call fuzzServer.Start(":0") (or otherwise request an ephemeral
port via the playground API), retrieve the actual bound address from the server
(e.g., a returned address or a method like fuzzServer.Addr()) and use that for
any client connections, and if Start returns an error then make it fatal
(log.Fatalf or t.Fatalf) rather than printing and continuing; also keep the
existing cleanup calls fuzzplayground.Cleanup() and _ = fuzzServer.Close().

247-257: Regex compiled on every call is inefficient.

The unsignedTemplatesRegex is compiled inside filterUnsignedTemplatesWarnings, which is called for every result set. Consider compiling the regex once at package level.

♻️ Move regex compilation to package level 
+var unsignedTemplatesRegex = regexp.MustCompile(`Loading \d+ unsigned templates for scan\. Use with caution\.`)
+
 func filterUnsignedTemplatesWarnings(results []string) []string {
 	filtered := make([]string, 0, len(results))
-	unsignedTemplatesRegex := regexp.MustCompile(`Loading \d+ unsigned templates for scan\. Use with caution\.`)
 	for _, result := range results {
 		if unsignedTemplatesRegex.MatchString(result) {
 			continue
 		}
 		filtered = append(filtered, result)
 	}
 	return filtered
 }
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/integration_test.go` around lines 247 - 257, The
regex is being compiled on every call inside filterUnsignedTemplatesWarnings
which is inefficient; move the compilation out to a package-level variable
(e.g., declare a top-level var unsignedTemplatesRegex =
regexp.MustCompile(`Loading \d+ unsigned templates for scan\. Use with
caution\.`)) and then update filterUnsignedTemplatesWarnings to reuse that
package-level unsignedTemplatesRegex instead of calling regexp.MustCompile
locally; ensure the package-level var is initialized at file scope and remove
the local declaration inside the function.
internal/tests/integration/runner_test.go (1)

197-205: Redundant fmt.Sprintf call.

Line 204 uses fmt.Sprintf("%s", name) which is equivalent to just returning name directly.

♻️ Simplify return statement 
 func testNameForPath(path string) string {
 	replacer := strings.NewReplacer("/", "_", "\\", "_", ",", "__", ".yaml", "", ".yml", "", ".json", "", ".", "_")
 	name := replacer.Replace(path)
 	name = strings.Trim(name, "_")
 	if name == "" {
 		return "case"
 	}
-	return fmt.Sprintf("%s", name)
+	return name
 }
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/runner_test.go` around lines 197 - 205, The return
in function testNameForPath redundantly wraps name with fmt.Sprintf("%s", name);
change the final return to return name directly and, if fmt is now unused
elsewhere in the package, remove the fmt import to keep imports tidy. Update the
return in testNameForPath and prune fmt from imports if the compiler reports it
as unused.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@internal/tests/functional/functional_test.go`:
- Around line 56-79: The deferred removal of configDir won't run because os.Exit
is called early; change the flow to avoid calling os.Exit before deferred
cleanup by capturing exit codes and letting main return after defer runs.
Replace direct os.Exit(...) calls in the CI setup (where
resolveFunctionalBinary, resolveCurrentFunctionalBinary, and
prepareFunctionalEnvironment are used) with assignments to an exitCode variable
and early returns from TestMain or by invoking cleanup explicitly before calling
os.Exit; then call final os.Exit(exitCode) only after m.Run() (or after the
setup block) so the defer that removes configDir always executes. Ensure refs:
configDir, resolveFunctionalBinary, resolveCurrentFunctionalBinary,
prepareFunctionalEnvironment, m.Run are updated accordingly.

In `@internal/tests/integration/config_and_templates_test.go`:
- Around line 106-127: The test TestCustomConfigDir currently only inspects
customTempDir when len(results) != 0 which lets the test pass silently if nuclei
returns zero results; change the logic to always read and assert the custom
config directory contents after calling testutils.RunNucleiBareArgsAndGetResults
(use customTempDir, results, and expectResultsCount references) — remove the
conditional around os.ReadDir and the subsequent fileNames check so the test
always calls os.ReadDir(customTempDir) and then validates the returned filenames
with expectResultsCount(fileNames, 4); alternatively add a clarifying comment if
you intentionally want to skip inspection when results are empty, but prefer
always asserting to verify config population.

In `@internal/tests/integration/runner_test.go`:
- Around line 168-181: The retry counter is wrong and the post-loop check is
dead; change the logic so the actual number of attempts is tracked correctly
(use the loop variable or a counter initialized to 0 and incremented inside the
loop) and base the error message on that real attempt count. Locate the block
using retries, maxFailureReruns and testCase.TestCase.Execute (the loop starting
with for attempt := 1; attempt <= maxFailureReruns; attempt++), initialize the
counter to 0 (or set retries = attempt when breaking), increment it once per
invocation of testCase.TestCase.Execute, and when returning the final error use
that counter (e.g., "failed after X attempts") instead of the current off-by-one
retries; remove the unreachable/dead check that assumes retries > 1
unconditionally.

In `@internal/tests/testutils/integration.go`:
- Around line 476-481: The route registration ignores the provided path
parameter—inside the function that creates the test server it checks `if path !=
""` but always registers the handler at "/test" via `router.HandlerFunc("*",
"/test", handlerFunc)`; update that registration to use the `path` variable
(e.g., `router.HandlerFunc("*", path, handlerFunc)`), ensuring the path has the
expected leading slash (add it if missing) so the `path` parameter is actually
used when creating the httptest server.

---

Outside diff comments:
In `@internal/tests/integration/exporters_test.go`:
- Around line 40-48: The defer that terminates the test container is currently
registered immediately after calling mongocontainer.Run, which can invoke
testcontainers.TerminateContainer with a nil mongodbContainer if Run failed;
move the deferred cleanup to after you check the error from mongocontainer.Run
(i.e., only register the defer when err == nil and mongodbContainer is non-nil)
so that the defer closure calls
testcontainers.TerminateContainer(mongodbContainer) safely; reference the
mongocontainer.Run call, the mongodbContainer variable, and the existing defer
func that calls testcontainers.TerminateContainer to locate and update the code.

---

Nitpick comments:
In @.gitignore:
- Line 31: Add a short intent comment above the existing "*.test" ignore rule
describing why it is ignored (for example: "Go `go test -c` artifacts" or
"compiled Go test binaries"), so maintainers understand the broad pattern;
simply insert a one-line comment directly above the "*.test" entry in .gitignore
mentioning the reason.

In `@internal/tests/integration/http_test.go`:
- Around line 1110-1128: tempFixturePath creates temp dirs under suite.tempDir
without using testing.T's automatic cleanup, leading to inconsistent patterns
versus tempFixtureCopy; update tempFixturePath to follow the tempFixtureCopy
pattern by accepting a *testing.T (or refactoring callers to use
tempFixtureCopy) and create temp dirs with t.TempDir() instead of
os.MkdirTemp(suite.tempDir,...), or alternatively document/ensure suite.tempDir
cleanup is explicit; refer to function tempFixturePath, the tempFixtureCopy
pattern in integration_test.go, and usage of suite.tempDir when making the
change.
- Around line 1060-1108: The temp file is still open when
RunNucleiTemplateAndGetResults is called in
httpRequestSelfContainedFileInput.Execute which can race on some platforms;
after writing to FileLoc (and before calling tempFixturePath or
RunNucleiTemplateAndGetResults) explicitly flush and close the file (call
FileLoc.Sync()/FileLoc.Close() and handle errors) instead of relying only on the
deferred close so the file contents are guaranteed to be visible to
testutils.RunNucleiTemplateAndGetResults; keep or adjust the defer cleanup
accordingly to avoid double-close.

In `@internal/tests/integration/integration_test.go`:
- Around line 84-93: The test currently starts the fuzz playground on a
hardcoded "localhost:8082" and silently ignores start failures; instead start
the server on an ephemeral port and fail fast: call fuzzServer.Start(":0") (or
otherwise request an ephemeral port via the playground API), retrieve the actual
bound address from the server (e.g., a returned address or a method like
fuzzServer.Addr()) and use that for any client connections, and if Start returns
an error then make it fatal (log.Fatalf or t.Fatalf) rather than printing and
continuing; also keep the existing cleanup calls fuzzplayground.Cleanup() and _
= fuzzServer.Close().
- Around line 247-257: The regex is being compiled on every call inside
filterUnsignedTemplatesWarnings which is inefficient; move the compilation out
to a package-level variable (e.g., declare a top-level var
unsignedTemplatesRegex = regexp.MustCompile(`Loading \d+ unsigned templates for
scan\. Use with caution\.`)) and then update filterUnsignedTemplatesWarnings to
reuse that package-level unsignedTemplatesRegex instead of calling
regexp.MustCompile locally; ensure the package-level var is initialized at file
scope and remove the local declaration inside the function.

In `@internal/tests/integration/library_test.go`:
- Around line 128-131: In executeNucleiAsLibrary replace the log.Fatalf call
used when parsers.NewLoader(executerOpts) fails with returning the error up the
stack: capture the error from parsers.NewLoader, do not call log.Fatalf, and
return a formatted error (or the original err) so callers/tests can handle it;
update the handling around workflowLoader and ensure the function signature
supports returning an error if it doesn't already.

In `@internal/tests/integration/loader_test.go`:
- Around line 113-124: The test t.Run("LoadTemplateWithID") currently depends on
an external host "scanme.sh"; replace this with a controlled local HTTPS test
server (e.g., use httptest.NewTLSServer) or mock the SSL behavior and point the
call to testutils.RunNucleiBareArgsAndGetResults to the server's URL instead of
"scanme.sh"; ensure the server serves the expected response/template so
expectResultsCount(results, 1) still passes and adjust any TLS client settings
(e.g., provide the test server's CA or disable verification in the test harness)
so the HTTPS handshake succeeds reliably in CI.

In `@internal/tests/integration/profile-loader_test.go`:
- Around line 21-30: The error message in profileLoaderByRelFile.Execute is
misleading: when RunNucleiWithArgsAndGetResults (called with "-tl", "-tp",
"cloud.yml") fails it wraps the error with "failed to load template with id"
even though this path loads by relative file; update the errkit.Wrap call to use
a clear, accurate message such as "failed to load template by relative file" (or
similar) so the wrapped error context reflects that this function loads by file
path rather than by template ID.

In `@internal/tests/integration/runner_test.go`:
- Around line 197-205: The return in function testNameForPath redundantly wraps
name with fmt.Sprintf("%s", name); change the final return to return name
directly and, if fmt is now unused elsewhere in the package, remove the fmt
import to keep imports tidy. Update the return in testNameForPath and prune fmt
from imports if the compiler reports it as unused.

In `@internal/tests/integration/websocket_test.go`:
- Line 32: The test currently uses strings.ReplaceAll(server.URL, "http", "ws")
when calling testutils.RunNucleiTemplateAndGetResults, which can over-replace;
change this to explicitly replace only the scheme — either use
strings.Replace(server.URL, "http", "ws", 1) or parse server.URL with url.Parse,
map "http"->"ws" and "https"->"wss", then call u.String() — and pass that
resulting URL into RunNucleiTemplateAndGetResults.

In `@internal/tests/testutils/integration.go`:
- Around line 428-443: The accept loop in the goroutine (which calls l.Accept(),
wraps connections with tls.Server when tlsConfig != nil, and invokes handler)
never stops and ignores errors; modify it to support graceful shutdown by adding
a done channel (or context) checked in the loop and/or by detecting a
listener-close error (e.g., net.ErrClosed) from l.Accept(); on Close() signal,
exit the loop instead of continuing, and log/handle non-closure errors
appropriately so the goroutine can terminate cleanly.

In `@lib/sdk_private.go`:
- Line 35: The lib package is importing test-only utilities (MockOutputWriter,
MockProgressClient) from internal/tests/testutils; move these mock/default
implementations into a non-test package (e.g., pkg/defaults or
internal/defaults), update lib/sdk_private.go to import the new package instead
of internal/tests/testutils, and update all references to MockOutputWriter and
MockProgressClient accordingly; ensure the moved types keep the same exported
names and behavior and update any tests that referenced the old path to use the
new package.

In `@pkg/protocols/common/automaticscan/automaticscan.go`:
- Line 28: The automaticscan package imports a test-only helper
(MockProgressClient) from internal/tests/testutils which couples production code
to test scaffolding; extract the mock into a non-test shared package (e.g.,
create pkg/progress) that defines the Progress interface and a
NoOpProgressClient/MockProgressClient implementation, update automaticscan.go to
import pkg/progress instead of internal/tests/testutils, and ensure any
references to MockProgressClient and the Progress interface in functions and
types are updated to the new package path.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 48d689d1-9c6d-4c77-a799-80aee22be414

📥 Commits

Reviewing files that changed from the base of the PR and between 9e2366f and 0870925.

⛔ Files ignored due to path filters (215)
  • .github/workflows/tests.yaml is excluded by !**/*.yaml
  • internal/runner/testdata/test-issue-tracker-config1.yaml is excluded by !**/*.yaml
  • internal/runner/testdata/test-issue-tracker-config2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/dsl/hide-version-warning.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/dsl/show-version-warning.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/conditional-flow-negative.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/conditional-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/dns-ns-probe.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/flow-hide-matcher.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/iterate-one-value-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/iterate-values-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-generic-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-json-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-multipart-form-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-params-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-xml-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-cookie-error-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-headless.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-host-header-injection.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-mode.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-multi-mode.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-path-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-query-num-replace.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-query.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-type.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/testData/ginandjuice.proxify.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/generic/auth/certificate/http-get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/library/test.json is excluded by !**/*.json
  • internal/tests/integration/testdata/library/test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/condition-matched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/excluded-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/get-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/template-list.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/workflow-list.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/profile-loader/basic.yml is excluded by !**/*.yml
  • internal/tests/integration/testdata/protocols/code/pre-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/ps1-snippet.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/pwsh-echo.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-env-var.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-file.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-interactsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-nosig.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-snippet.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-virtual.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/sh-virtual.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/unsigned.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/a.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/aaaa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/caa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/cname-fingerprint.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/cname.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/dsl-matcher-variable.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/ns.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/payload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/ptr.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/srv.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/tlsa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/txt.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/extract.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-nested-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-or.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/file-upload-negative.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/file-upload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-dsl.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-extract-values.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-header-action.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-header-status-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-local.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-payloads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-waitevent.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/annotation-timeout.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cl-body-with-header.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cl-body-without-header.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cli-with-constants.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/constants-with-threads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/custom-attack-type.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/default-matcher-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/disable-path-automerge.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/disable-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/dsl-functions.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/dsl-matcher-variable.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-all-ips.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-case-insensitive.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-host-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-override-sni.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-query-string.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-redirects-chain-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-sni-unsafe.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-sni.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-without-scheme.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-matcher-extractor-dy-extractor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-paths.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-preprocessor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-requests-mc-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-stop-at-first-match.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-with-payloads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status-and-cluster.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/multi-http-var-sharing.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/multi-request.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-json-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-multipart-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-condition-with-delay.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-multiple.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-simple.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-with-variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-cookie-reuse.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-dynamic-extractor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-get-query.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-path-single-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-path-trailing-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-payload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-post-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-path-single-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-request.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/redirect-match-url.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/request-condition-new.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/request-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/response-data-literal-reuse.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-file-input.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-with-path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/stop-at-first-match-with-extractors.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/stop-at-first-match.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variable-dsl-function.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variables-threads-previous.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/multi-ports.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/mysql-connect.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/net-https.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/net-multi-step.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/no-port-args.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/postgres-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/redis-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/rsync-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/ssh-server-fingerprint.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/telnet-auth-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/vnc-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/keys/ci-private-key.pem is excluded by !**/*.pem
  • internal/tests/integration/testdata/protocols/multi/dynamic-values.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/multi/evaluate-variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/multi/exported-response-vars.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/hex.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/multi-step.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/net-https-timeout.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/net-https.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/network-port.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/same-address.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/offline-allowed-paths.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/offline-raw.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/rfc-req-resp.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/basic-ztls.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/custom-cipher.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/custom-version.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/multi-req.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/ssl-with-vars.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/cswsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/no-cswsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/whois/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/test-issue-tracker-config1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/test-issue-tracker-config2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/complex-conditions.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/condition-matched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/condition-unmatched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/headless-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/matcher-name.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multimatch-value-share-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multimatch-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multiprotocol-value-share-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multiprotocol-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/nomatch-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/shared-cookie.yaml is excluded by !**/*.yaml
  • pkg/input/formats/testdata/ytt/ytt-profile.yaml is excluded by !**/*.yaml
📒 Files selected for processing (85)
  • .gitignore
  • .run/DSLFunctionsIT.run.xml
  • .run/IntegrationTests.run.xml
  • .run/RegressionTests.run.xml
  • CLAUDE.md
  • DESIGN.md
  • Makefile
  • _typos.toml
  • cmd/functional-test/main.go
  • cmd/functional-test/run.sh
  • cmd/integration-test/custom-dir.go
  • cmd/integration-test/dns.go
  • cmd/integration-test/file.go
  • cmd/integration-test/flow.go
  • cmd/integration-test/integration-test.go
  • cmd/integration-test/loader.go
  • cmd/integration-test/network.go
  • cmd/integration-test/ssl.go
  • cmd/integration-test/template-dir.go
  • cmd/integration-test/templates-dir-env.go
  • cmd/integration-test/websocket.go
  • cmd/tools/fuzzplayground/main.go
  • gh_retry.sh
  • integration_tests/debug.sh
  • integration_tests/run.sh
  • internal/fuzzplayground/db.go
  • internal/fuzzplayground/server.go
  • internal/fuzzplayground/sqli_test.go
  • internal/runner/runner_test.go
  • internal/tests/functional/functional_test.go
  • internal/tests/functional/testdata/targets-1000.txt
  • internal/tests/functional/testdata/targets-150.txt
  • internal/tests/functional/testdata/targets-250.txt
  • internal/tests/functional/testdata/targets.txt
  • internal/tests/functional/testdata/testcases.txt
  • internal/tests/integration/code_test.go
  • internal/tests/integration/config_and_templates_test.go
  • internal/tests/integration/dns_test.go
  • internal/tests/integration/dsl_test.go
  • internal/tests/integration/exporters_test.go
  • internal/tests/integration/file_test.go
  • internal/tests/integration/flow_test.go
  • internal/tests/integration/fuzz_test.go
  • internal/tests/integration/generic_test.go
  • internal/tests/integration/headless_test.go
  • internal/tests/integration/http_test.go
  • internal/tests/integration/integration_test.go
  • internal/tests/integration/interactsh_test.go
  • internal/tests/integration/javascript_test.go
  • internal/tests/integration/library_test.go
  • internal/tests/integration/loader_test.go
  • internal/tests/integration/matcher-status_test.go
  • internal/tests/integration/multi_test.go
  • internal/tests/integration/network_test.go
  • internal/tests/integration/offline-http_test.go
  • internal/tests/integration/profile-loader_test.go
  • internal/tests/integration/runner_test.go
  • internal/tests/integration/ssl_test.go
  • internal/tests/integration/template-path_test.go
  • internal/tests/integration/testdata/generic/auth/certificate/assets/client.crt
  • internal/tests/integration/testdata/generic/auth/certificate/assets/client.key
  • internal/tests/integration/testdata/generic/auth/certificate/assets/server.crt
  • internal/tests/integration/testdata/protocols/code/pyfile.py
  • internal/tests/integration/testdata/protocols/file/data/test1.txt
  • internal/tests/integration/testdata/protocols/file/data/test2.txt
  • internal/tests/integration/testdata/protocols/file/data/test3.txt
  • internal/tests/integration/testdata/protocols/keys/README.md
  • internal/tests/integration/testdata/protocols/keys/ci.crt
  • internal/tests/integration/testdata/protocols/offlinehttp/data/req-resp-with-http-keywords.txt
  • internal/tests/integration/testdata/subdomains.txt
  • internal/tests/integration/websocket_test.go
  • internal/tests/integration/whois_test.go
  • internal/tests/integration/workflow_test.go
  • internal/tests/testheadless/headless_local.go
  • internal/tests/testheadless/headless_runtime.go
  • internal/tests/testutils/integration.go
  • internal/tests/testutils/testutils.go
  • lib/sdk_private.go
  • pkg/catalog/loader/loader_bench_test.go
  • pkg/external/customtemplates/github_test.go
  • pkg/protocols/code/code_test.go
  • pkg/protocols/common/automaticscan/automaticscan.go
  • pkg/protocols/dns/dns_test.go
  • pkg/protocols/dns/operators_test.go
  • pkg/protocols/dns/request_test.go
💤 Files with no reviewable changes (19)
  • .run/IntegrationTests.run.xml
  • .run/RegressionTests.run.xml
  • .run/DSLFunctionsIT.run.xml
  • integration_tests/run.sh
  • cmd/integration-test/custom-dir.go
  • cmd/functional-test/run.sh
  • integration_tests/debug.sh
  • cmd/integration-test/flow.go
  • cmd/integration-test/template-dir.go
  • cmd/integration-test/websocket.go
  • gh_retry.sh
  • cmd/integration-test/network.go
  • cmd/integration-test/dns.go
  • cmd/integration-test/file.go
  • cmd/integration-test/templates-dir-env.go
  • cmd/integration-test/ssl.go
  • cmd/integration-test/loader.go
  • cmd/functional-test/main.go
  • cmd/integration-test/integration-test.go

@dwisiswant0 dwisiswant0 marked this pull request as draft March 27, 2026 23:34
@dwisiswant0 dwisiswant0 force-pushed the dwisiswant0/refactor/native-tests branch 3 times, most recently from e70d4d1 to 773a379 Compare March 29, 2026 06:18
@dwisiswant0 dwisiswant0 mentioned this pull request Mar 29, 2026
Closed
@dwisiswant0 dwisiswant0 force-pushed the dwisiswant0/refactor/native-tests branch from 773a379 to 8b5292b Compare March 29, 2026 18:13
github-actions[bot]
github-actions bot reviewed Mar 29, 2026
View reviewed changes
Copy link
Copy Markdown

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Performance Alert ⚠️

Possible performance regression was detected for benchmark 'RunEnumeration Benchmark'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 2.

Benchmark suite Current: 8b5292b Previous: f480e86 Ratio
BenchmarkRunEnumeration/Multiproto - allocs/op 432036 allocs/op 201337 allocs/op 2.15

This comment was automatically generated by workflow using github-action-benchmark.

@dwisiswant0 dwisiswant0 force-pushed the dwisiswant0/refactor/native-tests branch 2 times, most recently from 7638978 to 4e95ca8 Compare March 30, 2026 12:00
@dwisiswant0 dwisiswant0 marked this pull request as ready for review March 31, 2026 01:58
coderabbitai[bot]
coderabbitai bot reviewed Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 6

♻️ Duplicate comments (2)
internal/tests/testutils/integration.go (1)

476-481: ⚠️ Potential issue | 🟡 Minor

The path parameter is not used for routing.

The check if path != "" suggests the caller intends to use a custom path, but line 478 always registers the handler at /test regardless of the path value.

🐛 Proposed fix to use the path parameter 
 	if path != "" {
 		router := httprouter.New()
-		router.HandlerFunc("*", "/test", handlerFunc)
+		router.HandlerFunc("*", path, handlerFunc)

 		return httptest.NewServer(router)
 	}
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/testutils/integration.go` around lines 476 - 481, The route
registration currently ignores the path parameter by always using "/test";
update the handler registration so it uses the provided path variable (i.e.,
replace the hardcoded "/test" in the call to router.HandlerFunc with path), and
ensure the surrounding code still only runs when path != "" (or add a sensible
default/prefix validation for path if needed) so that the handler is registered
at the caller-specified route.
internal/tests/functional/functional_test.go (1)

61-63: ⚠️ Potential issue | 🟡 Minor

configDir cleanup never runs in TestMain.

The defer on Line 61 is bypassed by every os.Exit path here, including the normal os.Exit(m.Run()) on Line 86. That leaks the temp config dir on both setup failures and successful runs.

Also applies to: 65-86

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/functional/functional_test.go` around lines 61 - 63, The
deferred os.RemoveAll(configDir) in TestMain is never executed because os.Exit
is called later; change TestMain to capture the return code from m.Run(), call
os.RemoveAll(configDir) (and handle errors) after m.Run() returns, then call
os.Exit(code) so the temporary configDir is always cleaned up; update references
in TestMain and any variables like configDir, m.Run, and the existing defer
block accordingly (remove the defer and perform explicit cleanup before
os.Exit).
🧹 Nitpick comments (3)
Makefile (1)

90-91: Missing -timeout flag in integration-debug target.

The integration target specifies -timeout 1h, but integration-debug omits it. Long-running debug sessions could hit Go's default 10-minute test timeout unexpectedly.

♻️ Proposed fix 
 integration-debug:
-	$(GOTEST) -tags=integration ./internal/tests/integration -v $(GO_TEST_ARGS) -args $(INTEGRATION_ARGS)
+	$(GOTEST) -tags=integration -timeout 1h ./internal/tests/integration -v $(GO_TEST_ARGS) -args $(INTEGRATION_ARGS)
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@Makefile` around lines 90 - 91, The integration-debug Makefile target omits
the -timeout flag and can hit Go's default test timeout; update the
integration-debug target's GOTEST invocation (the integration-debug recipe) to
include the same -timeout 1h flag used by the integration target so long-running
debug runs inherit the 1h timeout (e.g., add -timeout 1h to the GOTEST command
or reuse the same timeout variable used by integration).
internal/tests/testutils/integration.go (1)

428-443: TCP accept loop continues indefinitely on listener close.

When listener.Close() is called, l.Accept() returns an error. The current loop just continues, which works but relies on the goroutine being orphaned. Consider checking for net.ErrClosed to exit cleanly, though this is acceptable for test utilities.

♻️ Optional: cleaner shutdown 
 	go func() {
 		for {
 			// Listen for an incoming connection.
 			conn, err := l.Accept()
 			if err != nil {
+				if errors.Is(err, net.ErrClosed) {
+					return
+				}
 				continue
 			}
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/testutils/integration.go` around lines 428 - 443, The accept
loop spawned in the goroutine should exit when the listener is closed instead of
looping forever on Accept errors; update the loop that calls l.Accept() to check
for a closed-listener error (e.g., errors.Is(err, net.ErrClosed) or
strings.Contains(err.Error(), "use of closed network connection")) and break out
of the loop when that's the case, while still handling/continuing for transient
errors; adjust the block that currently wraps Accept, tls.Server(conn,
tlsConfig) and handler to perform this check before deciding to continue or
break.
internal/tests/integration/javascript_test.go (1)

364-372: Redundant container removal after purge.

pool.Purge(resource) already removes the container. The subsequent pool.RemoveContainerByName(containerName) is redundant but harmless for test cleanup.

♻️ Optional: remove redundant call 
 func purge(pool *dockertest.Pool, resource *dockertest.Resource) {
 	if resource == nil || pool == nil {
 		return
 	}
-	containerName := resource.Container.Name
 	_ = pool.Client.StopContainer(resource.Container.ID, 0)
 	_ = pool.Purge(resource)
-	_ = pool.RemoveContainerByName(containerName)
 }
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/javascript_test.go` around lines 364 - 372, In the
purge function remove the redundant container removal: keep the nil guards, the
call to pool.Client.StopContainer(resource.Container.ID, 0) and
pool.Purge(resource), and delete the subsequent
pool.RemoveContainerByName(containerName) call (you can also remove the
containerName variable if it's only used for that call); this updates the purge
function (referenced by purge, pool.Purge, and pool.RemoveContainerByName) to
avoid the unnecessary duplicate removal.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@internal/tests/functional/functional_test.go`:
- Around line 343-359: The test currently compares only the numeric counts
returned by releaseRunner.LoadedTemplates/currentRunner.LoadedTemplates
(releaseOutput/currentOutput), which allows different template selections with
identical counts to pass; update the test and the helper in
internal/tests/testutils (where the LoadedTemplates parsing regex is defined) to
return the full list of loaded template identifiers (or have LoadedTemplates
return both count and slice of names), then compare the two runs as sets (or
sorted lists) of template names rather than just numeric counts so any
differences in which templates were selected are detected.
- Around line 137-160: splitFunctionalArgs currently swallows shlex.Parse errors
(returns nil) which the caller then silently skips; change splitFunctionalArgs
to return ([]string, error) instead of []string, return a non-nil error when
shlex.Split fails, and keep the existing behavior of returning an error when
len(parts) <= 1; update the caller (where args := splitFunctionalArgs(line)) to
handle the error (propagate it up or fail the test run) instead of continuing
silently; keep restoreRawFlagValues(args, "-tc", extractRawFlagValues(testcase,
"-tc")) intact once args are valid.
- Around line 390-402: The function resolveFunctionalBinary currently ignores a
set but invalid configuredPath and falls back to searching PATH; change the
logic in resolveFunctionalBinary so that when strings.TrimSpace(configuredPath)
yields a non-empty value and resolveExistingBinaryPath(trimmed) returns
ok==false you return a clear error (including the invalid configured path and
that it was not found/invalid) instead of continuing to candidateExecutableNames
lookup; reference resolveFunctionalBinary and resolveExistingBinaryPath to
locate and update the early-return behavior.

In `@internal/tests/functional/testdata/testcases.txt`:
- Line 45: The test uses a case-sensitive predicate
contains(description,'wordpress') which will fail because description is fed
unchanged by the predicate in pkg/templates/tag_filter.go; change the test case
to use the correct casing (e.g., contains(description,'WordPress')) so it
matches the actual description text, or alternatively adjust the predicate to
lowercase both sides if a case-insensitive match is intended; update the test
entry in internal/tests/functional/testdata/testcases.txt accordingly.

In `@internal/tests/integration/runner_test.go`:
- Around line 168-181: The function executeIntegrationCase currently retries up
to maxFailureReruns and TestIntegrationSuites also retries, causing double
application of the retry budget; fix by removing the inner retry logic in
executeIntegrationCase (leave a single attempt per call) and let
TestIntegrationSuites handle retries centrally, or alternatively remove the
outer retry and centralize retries inside executeIntegrationCase—ensure only one
retry loop exists (referencing executeIntegrationCase, TestIntegrationSuites,
and maxFailureReruns) and update the error message in executeIntegrationCase to
report the correct attempt count or return the raw error so the caller can
report total attempts.

In `@Makefile`:
- Around line 93-100: In the Makefile functional target, DEV_BINARY is hardcoded
as "$(PWD)/bin/nuclei" which fails on Windows; update the functional recipe
where RELEASE_BINARY and DEV_BINARY are set (in the functional target) to
detect/choose the Windows executable by checking for "$(PWD)/bin/nuclei.exe" (or
append ".exe" when on Windows) and fall back to "$(PWD)/bin/nuclei" otherwise so
DEV_BINARY points to the correct built binary when running GOTEST with
-tags=functional.

---

Duplicate comments:
In `@internal/tests/functional/functional_test.go`:
- Around line 61-63: The deferred os.RemoveAll(configDir) in TestMain is never
executed because os.Exit is called later; change TestMain to capture the return
code from m.Run(), call os.RemoveAll(configDir) (and handle errors) after
m.Run() returns, then call os.Exit(code) so the temporary configDir is always
cleaned up; update references in TestMain and any variables like configDir,
m.Run, and the existing defer block accordingly (remove the defer and perform
explicit cleanup before os.Exit).

In `@internal/tests/testutils/integration.go`:
- Around line 476-481: The route registration currently ignores the path
parameter by always using "/test"; update the handler registration so it uses
the provided path variable (i.e., replace the hardcoded "/test" in the call to
router.HandlerFunc with path), and ensure the surrounding code still only runs
when path != "" (or add a sensible default/prefix validation for path if needed)
so that the handler is registered at the caller-specified route.

---

Nitpick comments:
In `@internal/tests/integration/javascript_test.go`:
- Around line 364-372: In the purge function remove the redundant container
removal: keep the nil guards, the call to
pool.Client.StopContainer(resource.Container.ID, 0) and pool.Purge(resource),
and delete the subsequent pool.RemoveContainerByName(containerName) call (you
can also remove the containerName variable if it's only used for that call);
this updates the purge function (referenced by purge, pool.Purge, and
pool.RemoveContainerByName) to avoid the unnecessary duplicate removal.

In `@internal/tests/testutils/integration.go`:
- Around line 428-443: The accept loop spawned in the goroutine should exit when
the listener is closed instead of looping forever on Accept errors; update the
loop that calls l.Accept() to check for a closed-listener error (e.g.,
errors.Is(err, net.ErrClosed) or strings.Contains(err.Error(), "use of closed
network connection")) and break out of the loop when that's the case, while
still handling/continuing for transient errors; adjust the block that currently
wraps Accept, tls.Server(conn, tlsConfig) and handler to perform this check
before deciding to continue or break.

In `@Makefile`:
- Around line 90-91: The integration-debug Makefile target omits the -timeout
flag and can hit Go's default test timeout; update the integration-debug
target's GOTEST invocation (the integration-debug recipe) to include the same
-timeout 1h flag used by the integration target so long-running debug runs
inherit the 1h timeout (e.g., add -timeout 1h to the GOTEST command or reuse the
same timeout variable used by integration).
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 2996e21a-8b61-4a5e-b04d-5954246cf43a

📥 Commits

Reviewing files that changed from the base of the PR and between 0870925 and 4e95ca8.

⛔ Files ignored due to path filters (218)
  • .github/workflows/flamegraph.yaml is excluded by !**/*.yaml
  • .github/workflows/generate-pgo.yaml is excluded by !**/*.yaml
  • .github/workflows/perf-regression.yaml is excluded by !**/*.yaml
  • .github/workflows/tests.yaml is excluded by !**/*.yaml
  • internal/runner/testdata/test-issue-tracker-config1.yaml is excluded by !**/*.yaml
  • internal/runner/testdata/test-issue-tracker-config2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/dsl/hide-version-warning.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/dsl/show-version-warning.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/conditional-flow-negative.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/conditional-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/dns-ns-probe.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/flow-hide-matcher.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/iterate-one-value-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/iterate-values-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-generic-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-json-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-multipart-form-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-params-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-xml-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-cookie-error-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-headless.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-host-header-injection.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-mode.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-multi-mode.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-path-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-query-num-replace.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-query.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-type.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/testData/ginandjuice.proxify.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/generic/auth/certificate/http-get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/library/test.json is excluded by !**/*.json
  • internal/tests/integration/testdata/library/test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/condition-matched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/excluded-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/get-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/template-list.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/workflow-list.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/profile-loader/basic.yml is excluded by !**/*.yml
  • internal/tests/integration/testdata/protocols/code/pre-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/ps1-snippet.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/pwsh-echo.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-env-var.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-file.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-interactsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-nosig.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-snippet.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-virtual.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/sh-virtual.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/unsigned.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/a.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/aaaa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/caa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/cname-fingerprint.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/cname.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/dsl-matcher-variable.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/ns.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/payload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/ptr.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/srv.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/tlsa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/txt.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/extract.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-nested-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-or.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/file-upload-negative.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/file-upload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-dsl.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-extract-values.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-header-action.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-header-status-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-local.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-payloads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-waitevent.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/annotation-timeout.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cl-body-with-header.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cl-body-without-header.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cli-with-constants.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/constants-with-threads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/custom-attack-type.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/default-matcher-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/disable-path-automerge.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/disable-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/dsl-functions.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/dsl-matcher-variable.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-all-ips.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-case-insensitive.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-host-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-override-sni.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-query-string.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-redirects-chain-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-sni-unsafe.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-sni.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-without-scheme.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-matcher-extractor-dy-extractor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-paths.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-preprocessor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-requests-mc-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-stop-at-first-match.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-with-payloads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status-and-cluster.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/multi-http-var-sharing.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/multi-request.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-json-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-multipart-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-condition-with-delay.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-multiple.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-simple.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-with-variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-cookie-reuse.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-dynamic-extractor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-get-query.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-path-single-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-path-trailing-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-payload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-post-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-path-single-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-request.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/redirect-match-url.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/request-condition-new.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/request-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/response-data-literal-reuse.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-file-input.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-with-path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/stop-at-first-match-with-extractors.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/stop-at-first-match.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variable-dsl-function.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variables-threads-previous.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/multi-ports.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/mysql-connect.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/net-https.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/net-multi-step.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/no-port-args.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/postgres-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/redis-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/rsync-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/ssh-server-fingerprint.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/telnet-auth-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/vnc-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/keys/ci-private-key.pem is excluded by !**/*.pem
  • internal/tests/integration/testdata/protocols/multi/dynamic-values.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/multi/evaluate-variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/multi/exported-response-vars.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/hex.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/multi-step.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/net-https-timeout.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/net-https.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/network-port.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/same-address.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/offline-allowed-paths.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/offline-raw.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/rfc-req-resp.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/basic-ztls.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/custom-cipher.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/custom-version.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/multi-req.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/ssl-with-vars.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/cswsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/no-cswsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/whois/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/test-issue-tracker-config1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/test-issue-tracker-config2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/complex-conditions.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/condition-matched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/condition-unmatched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/headless-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/matcher-name.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multimatch-value-share-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multimatch-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multiprotocol-value-share-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multiprotocol-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/nomatch-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/shared-cookie.yaml is excluded by !**/*.yaml
  • pkg/input/formats/testdata/ytt/ytt-profile.yaml is excluded by !**/*.yaml
📒 Files selected for processing (82)
  • .gitignore
  • .run/DSLFunctionsIT.run.xml
  • .run/IntegrationTests.run.xml
  • .run/RegressionTests.run.xml
  • CLAUDE.md
  • DESIGN.md
  • Makefile
  • _typos.toml
  • cmd/functional-test/main.go
  • cmd/functional-test/run.sh
  • cmd/integration-test/custom-dir.go
  • cmd/integration-test/dns.go
  • cmd/integration-test/file.go
  • cmd/integration-test/flow.go
  • cmd/integration-test/integration-test.go
  • cmd/integration-test/javascript.go
  • cmd/integration-test/loader.go
  • cmd/integration-test/network.go
  • cmd/integration-test/ssl.go
  • cmd/integration-test/template-dir.go
  • cmd/integration-test/templates-dir-env.go
  • cmd/integration-test/websocket.go
  • cmd/tools/fuzzplayground/main.go
  • cmd/tools/signer/main.go
  • gh_retry.sh
  • integration_tests/debug.sh
  • integration_tests/run.sh
  • internal/fuzzplayground/db.go
  • internal/fuzzplayground/server.go
  • internal/fuzzplayground/sqli_test.go
  • internal/runner/runner_test.go
  • internal/tests/functional/functional_test.go
  • internal/tests/functional/testdata/targets-1000.txt
  • internal/tests/functional/testdata/targets-150.txt
  • internal/tests/functional/testdata/targets-250.txt
  • internal/tests/functional/testdata/targets.txt
  • internal/tests/functional/testdata/testcases.txt
  • internal/tests/integration/code_test.go
  • internal/tests/integration/config_and_templates_test.go
  • internal/tests/integration/dns_test.go
  • internal/tests/integration/dsl_test.go
  • internal/tests/integration/exporters_test.go
  • internal/tests/integration/file_test.go
  • internal/tests/integration/flow_test.go
  • internal/tests/integration/fuzz_test.go
  • internal/tests/integration/generic_test.go
  • internal/tests/integration/headless_test.go
  • internal/tests/integration/http_test.go
  • internal/tests/integration/integration_test.go
  • internal/tests/integration/interactsh_test.go
  • internal/tests/integration/javascript_test.go
  • internal/tests/integration/library_test.go
  • internal/tests/integration/loader_test.go
  • internal/tests/integration/matcher-status_test.go
  • internal/tests/integration/multi_test.go
  • internal/tests/integration/network_test.go
  • internal/tests/integration/offline-http_test.go
  • internal/tests/integration/profile-loader_test.go
  • internal/tests/integration/runner_test.go
  • internal/tests/integration/ssl_test.go
  • internal/tests/integration/template-path_test.go
  • internal/tests/integration/testdata/generic/auth/certificate/assets/client.crt
  • internal/tests/integration/testdata/generic/auth/certificate/assets/client.key
  • internal/tests/integration/testdata/generic/auth/certificate/assets/server.crt
  • internal/tests/integration/testdata/protocols/code/pyfile.py
  • internal/tests/integration/testdata/protocols/file/data/test1.txt
  • internal/tests/integration/testdata/protocols/file/data/test2.txt
  • internal/tests/integration/testdata/protocols/file/data/test3.txt
  • internal/tests/integration/testdata/protocols/keys/README.md
  • internal/tests/integration/testdata/protocols/keys/ci.crt
  • internal/tests/integration/testdata/protocols/offlinehttp/data/req-resp-with-http-keywords.txt
  • internal/tests/integration/testdata/subdomains.txt
  • internal/tests/integration/websocket_test.go
  • internal/tests/integration/whois_test.go
  • internal/tests/integration/workflow_test.go
  • internal/tests/testheadless/headless_local.go
  • internal/tests/testheadless/headless_runtime.go
  • internal/tests/testutils/integration.go
  • internal/tests/testutils/testutils.go
  • lib/sdk_private.go
  • pkg/catalog/loader/loader_bench_test.go
  • pkg/external/customtemplates/github_test.go
💤 Files with no reviewable changes (20)
  • .run/IntegrationTests.run.xml
  • .run/RegressionTests.run.xml
  • cmd/integration-test/custom-dir.go
  • .run/DSLFunctionsIT.run.xml
  • cmd/integration-test/template-dir.go
  • integration_tests/run.sh
  • gh_retry.sh
  • cmd/functional-test/run.sh
  • cmd/functional-test/main.go
  • cmd/integration-test/websocket.go
  • cmd/integration-test/loader.go
  • cmd/integration-test/templates-dir-env.go
  • cmd/integration-test/javascript.go
  • cmd/integration-test/dns.go
  • cmd/integration-test/flow.go
  • cmd/integration-test/file.go
  • cmd/integration-test/ssl.go
  • cmd/integration-test/integration-test.go
  • integration_tests/debug.sh
  • cmd/integration-test/network.go
✅ Files skipped from review due to trivial changes (9)
  • internal/tests/testheadless/headless_runtime.go
  • _typos.toml
  • internal/runner/runner_test.go
  • pkg/external/customtemplates/github_test.go
  • CLAUDE.md
  • cmd/tools/fuzzplayground/main.go
  • internal/tests/integration/file_test.go
  • internal/tests/testutils/testutils.go
  • pkg/catalog/loader/loader_bench_test.go
🚧 Files skipped from review as they are similar to previous changes (19)
  • DESIGN.md
  • .gitignore
  • internal/tests/integration/dsl_test.go
  • internal/tests/integration/fuzz_test.go
  • internal/tests/integration/headless_test.go
  • internal/tests/integration/whois_test.go
  • internal/tests/integration/generic_test.go
  • internal/tests/integration/exporters_test.go
  • internal/tests/integration/profile-loader_test.go
  • internal/tests/integration/matcher-status_test.go
  • internal/tests/integration/offline-http_test.go
  • lib/sdk_private.go
  • internal/tests/integration/workflow_test.go
  • internal/tests/integration/config_and_templates_test.go
  • internal/tests/integration/dns_test.go
  • internal/tests/integration/code_test.go
  • internal/tests/integration/http_test.go
  • internal/tests/integration/network_test.go
  • internal/tests/integration/integration_test.go

@dwisiswant0 dwisiswant0 marked this pull request as draft March 31, 2026 07:30
@dwisiswant0 dwisiswant0 force-pushed the dwisiswant0/refactor/native-tests branch from 4e95ca8 to f076f6a Compare March 31, 2026 19:31
@dwisiswant0 dwisiswant0 marked this pull request as ready for review March 31, 2026 19:33
@auto-assign auto-assign bot requested a review from Mzack9999 March 31, 2026 19:33
coderabbitai[bot]
coderabbitai bot reviewed Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

♻️ Duplicate comments (5)
Makefile (1)

93-100: ⚠️ Potential issue | 🟡 Minor

DEV_BINARY still lacks Windows .exe suffix.

The functional target correctly detects nuclei.exe on PATH for the release binary, but DEV_BINARY is still hardcoded without the extension. This was acknowledged in a previous review.

🐛 Proposed fix using existing GOBUILD_OUTPUT_EXT 
 functional: build
 	`@release_binary`="$$(command -v nuclei.exe 2>/dev/null || command -v nuclei 2>/dev/null)"; \
 	if [ -z "$$release_binary" ]; then \
 		echo "release nuclei binary not found on PATH"; \
 		exit 1; \
 	fi; \
-	RELEASE_BINARY="$$release_binary" DEV_BINARY="$(PWD)/bin/nuclei" \
+	RELEASE_BINARY="$$release_binary" DEV_BINARY="$(PWD)/bin/nuclei$(GOBUILD_OUTPUT_EXT)" \
 		$(GOTEST) -tags=functional -timeout 1h ./internal/tests/functional
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@Makefile` around lines 93 - 100, The functional Makefile target detects
release binary correctly but sets DEV_BINARY without the Windows extension;
update the DEV_BINARY assignment in the functional target to append the shared
GOBUILD_OUTPUT_EXT (e.g., change DEV_BINARY="$(PWD)/bin/nuclei" to include
$(GOBUILD_OUTPUT_EXT)) so the dev binary path matches platforms, leaving
RELEASE_BINARY logic unchanged and keeping the rest of the command using
$(GOTEST) -tags=functional -timeout 1h ./internal/tests/functional.
internal/tests/testutils/integration.go (1)

476-481: ⚠️ Potential issue | 🟡 Minor

The path parameter is not used in route registration.

The condition checks if path != "" but then hardcodes "/test" as the route path instead of using the path parameter. This makes the path argument misleading.

🐛 Proposed fix 
 	if path != "" {
 		router := httprouter.New()
-		router.HandlerFunc("*", "/test", handlerFunc)
+		router.HandlerFunc("*", path, handlerFunc)

 		return httptest.NewServer(router)
 	}
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/testutils/integration.go` around lines 476 - 481, The route
registration currently ignores the path parameter — in the block that checks if
path != "" it hardcodes "/test" in the call to router.HandlerFunc; update that
call to use the provided path variable (router.HandlerFunc("*", path,
handlerFunc)) and ensure the surrounding logic still validates path is non-empty
before creating and returning the httptest server so the path argument is
meaningful; reference the path variable and the handlerFunc/router.HandlerFunc
call when making the change.
internal/tests/integration/config_and_templates_test.go (1)

119-142: ⚠️ Potential issue | 🟡 Minor

Test assertion logic may not match intent.

The condition if len(results) != 0 means the config directory inspection only happens when nuclei produces results. If nuclei produces 0 results (perhaps due to a test setup issue), the test passes without verifying config directory behavior. This may mask test failures.

Consider either:

  1. Always checking config directory contents regardless of scan results
  2. Explicitly documenting why inspection is skipped when results are empty
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/config_and_templates_test.go` around lines 119 -
142, The test's assertion only inspects the custom config dir when results != 0,
which can hide failures; in TestCustomConfigDir (subtest ConfigDirIsolated)
remove or change the conditional guarding the os.ReadDir/config file checks so
the directory contents are always validated (regardless of the length of
results), or explicitly assert that results meet expected conditions before
skipping; update the logic around the results variable and the files check to
always read customTempDir and verify presence of ".templates-config.json",
"config.yaml", and "reporting-config.yaml" (or add an explicit assertion about
results if skipping is intentional).
internal/tests/functional/functional_test.go (2)

355-365: ⚠️ Potential issue | 🟠 Major

Comparison only checks template counts, not identities.

The functional comparison verifies that both binaries loaded the same number of templates (line 361-363), but doesn't verify they loaded the same templates. Two binaries that select different template sets but happen to have the same count would incorrectly pass.

For more robust regression detection, consider enhancing LoadedTemplates to return template identifiers, then compare the sets.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/functional/functional_test.go` around lines 355 - 365, The
test currently compares only counts via releaseOutput and currentOutput, which
allows different template identities to slip through; update the helper
LoadedTemplates to return the list (or set) of template identifiers instead of
just a count, then in the test replace the numeric comparison of
releaseOutput/currentOutput with a set comparison (e.g., convert slices to maps
or sort and compare) to assert the two binaries loaded the exact same template
IDs and surface any missing/extra IDs in the error message; reference
LoadedTemplates and the releaseOutput/currentOutput variables in your change.

141-165: ⚠️ Potential issue | 🟡 Minor

Malformed testcase lines are silently dropped.

When shlex.Split fails (line 156-157), the function returns nil, causing loadFunctionalTestcases to silently skip the line (line 142-143). A typo in testcases.txt would silently reduce test coverage rather than failing the suite.

Consider returning an error from splitFunctionalArgs and propagating it to fail test loading, or at minimum logging a warning when a line cannot be parsed.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/functional/functional_test.go` around lines 141 - 165,
splitFunctionalArgs currently swallows shlex.Split errors and returns nil which
makes loadFunctionalTestcases silently skip malformed lines; change
splitFunctionalArgs signature to return ([]string, error), have it return a
descriptive error when shlex.Split fails (including the original error and the
testcase string), and update loadFunctionalTestcases (caller) to propagate that
error (or fail test loading) instead of treating nil as "skip"; alternatively if
you prefer non-fatal behaviour, log a warning in loadFunctionalTestcases when
splitFunctionalArgs returns an error; update calls to restoreRawFlagValues and
extractRawFlagValues to use the new returned args when no error is returned.
🧹 Nitpick comments (4)
internal/tests/integration/profile-loader_test.go (1)

45-46: Typo in comment.

Minor typo: "this profile with load kevs" should likely be "this profile will load kevs".

-// this profile with load kevs
+// this profile will load kevs
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/profile-loader_test.go` around lines 45 - 46, Fix
the typo in the comment above the customProfileLoader type: change "this profile
with load kevs" to "this profile will load kevs" so the comment reads clearly
and correctly describes the customProfileLoader type.
internal/tests/testutils/integration.go (2)

93-107: Consider documenting the thread-safety assumptions for defaultRunner.

The defaultRunner package variable is accessed via DefaultRunner() (which clones) and SetDefaultRunner() (which also clones before assigning). While the current usage pattern in TestMain appears safe (set before m.Run(), restore after), concurrent reads/writes to the pointer itself are technically a data race.

If parallel test execution or other concurrent access is anticipated, consider using sync.RWMutex or atomic.Pointer[Runner] to guard access.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/testutils/integration.go` around lines 93 - 107, The
package-level defaultRunner is read by DefaultRunner() and written by
SetDefaultRunner(), which can produce a data race under concurrent access;
update the implementation to guard accesses (either add a package-level
sync.RWMutex and use RLock/RUnlock in DefaultRunner and Lock/Unlock in
SetDefaultRunner, or replace defaultRunner with an atomic.Pointer[Runner] and
use atomic.Load/Store for reads/writes) while preserving the existing cloning
behavior (call Clone() on the loaded or provided Runner as before); touch the
symbols defaultRunner, DefaultRunner, SetDefaultRunner, and any NewRunner usage
to implement the chosen concurrency guard.

428-443: Accept loop continues silently on errors, which may hide issues.

When l.Accept() fails, the loop continues without any logging or error handling. While this is common for graceful shutdown scenarios, consider at least checking if the error is due to a closed listener to avoid spinning on unexpected errors.

♻️ Optional improvement 
 	go func() {
 		for {
 			// Listen for an incoming connection.
 			conn, err := l.Accept()
 			if err != nil {
+				// Check if listener was closed (graceful shutdown)
+				if errors.Is(err, net.ErrClosed) {
+					return
+				}
 				continue
 			}
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/testutils/integration.go` around lines 428 - 443, The accept
loop currently swallows all errors from l.Accept() by continuing, which can hide
real issues and spin; update the goroutine that calls l.Accept() to detect and
handle listener-close vs other errors: after conn, err := l.Accept() check if
errors.Is(err, net.ErrClosed) (or compare to the listener-close sentinel) and
break/return to stop the loop, otherwise log the error with context (including
the error value) and continue; keep the existing TLS wrapping logic for connTls
and the call to handler(conn).
internal/tests/integration/integration_test.go (1)

269-278: Consider compiling regex once for filterUnsignedTemplatesWarnings.

The regex on line 271 is compiled on every invocation of filterUnsignedTemplatesWarnings. While acceptable for test code, consider moving it to a package-level var for minor efficiency gains.

♻️ Optional optimization 
+var unsignedTemplatesRegex = regexp.MustCompile(`Loading \d+ unsigned templates for scan\. Use with caution\.`)
+
 func filterUnsignedTemplatesWarnings(results []string) []string {
 	filtered := make([]string, 0, len(results))
-	unsignedTemplatesRegex := regexp.MustCompile(`Loading \d+ unsigned templates for scan\. Use with caution\.`)
 	for _, result := range results {
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/integration_test.go` around lines 269 - 278, Move
the regex compilation out of filterUnsignedTemplatesWarnings into a
package-level variable to avoid recompiling on every call: declare a var
unsignedTemplatesRegex = regexp.MustCompile(`Loading \d+ unsigned templates for
scan\. Use with caution\.`) at package scope and then update
filterUnsignedTemplatesWarnings to use that variable instead of calling
regexp.MustCompile inside the function; keep the function name
filterUnsignedTemplatesWarnings unchanged and ensure the regexp package is
imported.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@internal/tests/functional/functional_test.go`:
- Around line 355-365: The test currently compares only counts via releaseOutput
and currentOutput, which allows different template identities to slip through;
update the helper LoadedTemplates to return the list (or set) of template
identifiers instead of just a count, then in the test replace the numeric
comparison of releaseOutput/currentOutput with a set comparison (e.g., convert
slices to maps or sort and compare) to assert the two binaries loaded the exact
same template IDs and surface any missing/extra IDs in the error message;
reference LoadedTemplates and the releaseOutput/currentOutput variables in your
change.
- Around line 141-165: splitFunctionalArgs currently swallows shlex.Split errors
and returns nil which makes loadFunctionalTestcases silently skip malformed
lines; change splitFunctionalArgs signature to return ([]string, error), have it
return a descriptive error when shlex.Split fails (including the original error
and the testcase string), and update loadFunctionalTestcases (caller) to
propagate that error (or fail test loading) instead of treating nil as "skip";
alternatively if you prefer non-fatal behaviour, log a warning in
loadFunctionalTestcases when splitFunctionalArgs returns an error; update calls
to restoreRawFlagValues and extractRawFlagValues to use the new returned args
when no error is returned.

In `@internal/tests/integration/config_and_templates_test.go`:
- Around line 119-142: The test's assertion only inspects the custom config dir
when results != 0, which can hide failures; in TestCustomConfigDir (subtest
ConfigDirIsolated) remove or change the conditional guarding the
os.ReadDir/config file checks so the directory contents are always validated
(regardless of the length of results), or explicitly assert that results meet
expected conditions before skipping; update the logic around the results
variable and the files check to always read customTempDir and verify presence of
".templates-config.json", "config.yaml", and "reporting-config.yaml" (or add an
explicit assertion about results if skipping is intentional).

In `@internal/tests/testutils/integration.go`:
- Around line 476-481: The route registration currently ignores the path
parameter — in the block that checks if path != "" it hardcodes "/test" in the
call to router.HandlerFunc; update that call to use the provided path variable
(router.HandlerFunc("*", path, handlerFunc)) and ensure the surrounding logic
still validates path is non-empty before creating and returning the httptest
server so the path argument is meaningful; reference the path variable and the
handlerFunc/router.HandlerFunc call when making the change.

In `@Makefile`:
- Around line 93-100: The functional Makefile target detects release binary
correctly but sets DEV_BINARY without the Windows extension; update the
DEV_BINARY assignment in the functional target to append the shared
GOBUILD_OUTPUT_EXT (e.g., change DEV_BINARY="$(PWD)/bin/nuclei" to include
$(GOBUILD_OUTPUT_EXT)) so the dev binary path matches platforms, leaving
RELEASE_BINARY logic unchanged and keeping the rest of the command using
$(GOTEST) -tags=functional -timeout 1h ./internal/tests/functional.

---

Nitpick comments:
In `@internal/tests/integration/integration_test.go`:
- Around line 269-278: Move the regex compilation out of
filterUnsignedTemplatesWarnings into a package-level variable to avoid
recompiling on every call: declare a var unsignedTemplatesRegex =
regexp.MustCompile(`Loading \d+ unsigned templates for scan\. Use with
caution\.`) at package scope and then update filterUnsignedTemplatesWarnings to
use that variable instead of calling regexp.MustCompile inside the function;
keep the function name filterUnsignedTemplatesWarnings unchanged and ensure the
regexp package is imported.

In `@internal/tests/integration/profile-loader_test.go`:
- Around line 45-46: Fix the typo in the comment above the customProfileLoader
type: change "this profile with load kevs" to "this profile will load kevs" so
the comment reads clearly and correctly describes the customProfileLoader type.

In `@internal/tests/testutils/integration.go`:
- Around line 93-107: The package-level defaultRunner is read by DefaultRunner()
and written by SetDefaultRunner(), which can produce a data race under
concurrent access; update the implementation to guard accesses (either add a
package-level sync.RWMutex and use RLock/RUnlock in DefaultRunner and
Lock/Unlock in SetDefaultRunner, or replace defaultRunner with an
atomic.Pointer[Runner] and use atomic.Load/Store for reads/writes) while
preserving the existing cloning behavior (call Clone() on the loaded or provided
Runner as before); touch the symbols defaultRunner, DefaultRunner,
SetDefaultRunner, and any NewRunner usage to implement the chosen concurrency
guard.
- Around line 428-443: The accept loop currently swallows all errors from
l.Accept() by continuing, which can hide real issues and spin; update the
goroutine that calls l.Accept() to detect and handle listener-close vs other
errors: after conn, err := l.Accept() check if errors.Is(err, net.ErrClosed) (or
compare to the listener-close sentinel) and break/return to stop the loop,
otherwise log the error with context (including the error value) and continue;
keep the existing TLS wrapping logic for connTls and the call to handler(conn).
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4fd7fd77-15bd-4611-84b7-eb5776ba7bce

📥 Commits

Reviewing files that changed from the base of the PR and between 4e95ca8 and f076f6a.

⛔ Files ignored due to path filters (218)
  • .github/workflows/flamegraph.yaml is excluded by !**/*.yaml
  • .github/workflows/generate-pgo.yaml is excluded by !**/*.yaml
  • .github/workflows/perf-regression.yaml is excluded by !**/*.yaml
  • .github/workflows/tests.yaml is excluded by !**/*.yaml
  • internal/runner/testdata/test-issue-tracker-config1.yaml is excluded by !**/*.yaml
  • internal/runner/testdata/test-issue-tracker-config2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/dsl/hide-version-warning.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/dsl/show-version-warning.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/conditional-flow-negative.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/conditional-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/dns-ns-probe.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/flow-hide-matcher.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/iterate-one-value-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/iterate-values-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-generic-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-json-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-multipart-form-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-params-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-xml-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-cookie-error-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-headless.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-host-header-injection.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-mode.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-multi-mode.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-path-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-query-num-replace.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-query.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-type.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/testData/ginandjuice.proxify.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/generic/auth/certificate/http-get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/library/test.json is excluded by !**/*.json
  • internal/tests/integration/testdata/library/test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/condition-matched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/excluded-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/get-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/template-list.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/workflow-list.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/profile-loader/basic.yml is excluded by !**/*.yml
  • internal/tests/integration/testdata/protocols/code/pre-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/ps1-snippet.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/pwsh-echo.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-env-var.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-file.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-interactsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-nosig.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-snippet.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-virtual.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/sh-virtual.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/unsigned.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/a.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/aaaa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/caa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/cname-fingerprint.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/cname.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/dsl-matcher-variable.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/ns.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/payload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/ptr.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/srv.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/tlsa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/txt.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/extract.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-nested-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-or.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/file-upload-negative.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/file-upload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-dsl.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-extract-values.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-header-action.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-header-status-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-local.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-payloads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-waitevent.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/annotation-timeout.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cl-body-with-header.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cl-body-without-header.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cli-with-constants.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/constants-with-threads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/custom-attack-type.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/default-matcher-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/disable-path-automerge.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/disable-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/dsl-functions.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/dsl-matcher-variable.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-all-ips.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-case-insensitive.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-host-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-override-sni.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-query-string.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-redirects-chain-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-sni-unsafe.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-sni.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-without-scheme.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-matcher-extractor-dy-extractor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-paths.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-preprocessor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-requests-mc-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-stop-at-first-match.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-with-payloads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status-and-cluster.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/multi-http-var-sharing.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/multi-request.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-json-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-multipart-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-condition-with-delay.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-multiple.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-simple.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-with-variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-cookie-reuse.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-dynamic-extractor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-get-query.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-path-single-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-path-trailing-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-payload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-post-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-path-single-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-request.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/redirect-match-url.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/request-condition-new.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/request-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/response-data-literal-reuse.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-file-input.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-with-path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/stop-at-first-match-with-extractors.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/stop-at-first-match.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variable-dsl-function.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variables-threads-previous.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/multi-ports.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/mysql-connect.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/net-https.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/net-multi-step.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/no-port-args.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/postgres-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/redis-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/rsync-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/ssh-server-fingerprint.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/telnet-auth-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/vnc-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/keys/ci-private-key.pem is excluded by !**/*.pem
  • internal/tests/integration/testdata/protocols/multi/dynamic-values.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/multi/evaluate-variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/multi/exported-response-vars.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/hex.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/multi-step.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/net-https-timeout.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/net-https.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/network-port.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/same-address.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/offline-allowed-paths.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/offline-raw.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/rfc-req-resp.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/basic-ztls.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/custom-cipher.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/custom-version.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/multi-req.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/ssl-with-vars.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/cswsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/no-cswsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/whois/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/test-issue-tracker-config1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/test-issue-tracker-config2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/complex-conditions.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/condition-matched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/condition-unmatched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/headless-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/matcher-name.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multimatch-value-share-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multimatch-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multiprotocol-value-share-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multiprotocol-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/nomatch-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/shared-cookie.yaml is excluded by !**/*.yaml
  • pkg/input/formats/testdata/ytt/ytt-profile.yaml is excluded by !**/*.yaml
📒 Files selected for processing (82)
  • .gitignore
  • .run/DSLFunctionsIT.run.xml
  • .run/IntegrationTests.run.xml
  • .run/RegressionTests.run.xml
  • CLAUDE.md
  • DESIGN.md
  • Makefile
  • _typos.toml
  • cmd/functional-test/main.go
  • cmd/functional-test/run.sh
  • cmd/integration-test/custom-dir.go
  • cmd/integration-test/dns.go
  • cmd/integration-test/file.go
  • cmd/integration-test/flow.go
  • cmd/integration-test/integration-test.go
  • cmd/integration-test/javascript.go
  • cmd/integration-test/loader.go
  • cmd/integration-test/network.go
  • cmd/integration-test/ssl.go
  • cmd/integration-test/template-dir.go
  • cmd/integration-test/templates-dir-env.go
  • cmd/integration-test/websocket.go
  • cmd/tools/fuzzplayground/main.go
  • cmd/tools/signer/main.go
  • gh_retry.sh
  • integration_tests/debug.sh
  • integration_tests/run.sh
  • internal/fuzzplayground/db.go
  • internal/fuzzplayground/server.go
  • internal/fuzzplayground/sqli_test.go
  • internal/runner/runner_test.go
  • internal/tests/functional/functional_test.go
  • internal/tests/functional/testdata/targets-1000.txt
  • internal/tests/functional/testdata/targets-150.txt
  • internal/tests/functional/testdata/targets-250.txt
  • internal/tests/functional/testdata/targets.txt
  • internal/tests/functional/testdata/testcases.txt
  • internal/tests/integration/code_test.go
  • internal/tests/integration/config_and_templates_test.go
  • internal/tests/integration/dns_test.go
  • internal/tests/integration/dsl_test.go
  • internal/tests/integration/exporters_test.go
  • internal/tests/integration/file_test.go
  • internal/tests/integration/flow_test.go
  • internal/tests/integration/fuzz_test.go
  • internal/tests/integration/generic_test.go
  • internal/tests/integration/headless_test.go
  • internal/tests/integration/http_test.go
  • internal/tests/integration/integration_test.go
  • internal/tests/integration/interactsh_test.go
  • internal/tests/integration/javascript_test.go
  • internal/tests/integration/library_test.go
  • internal/tests/integration/loader_test.go
  • internal/tests/integration/matcher-status_test.go
  • internal/tests/integration/multi_test.go
  • internal/tests/integration/network_test.go
  • internal/tests/integration/offline-http_test.go
  • internal/tests/integration/profile-loader_test.go
  • internal/tests/integration/runner_test.go
  • internal/tests/integration/ssl_test.go
  • internal/tests/integration/template-path_test.go
  • internal/tests/integration/testdata/generic/auth/certificate/assets/client.crt
  • internal/tests/integration/testdata/generic/auth/certificate/assets/client.key
  • internal/tests/integration/testdata/generic/auth/certificate/assets/server.crt
  • internal/tests/integration/testdata/protocols/code/pyfile.py
  • internal/tests/integration/testdata/protocols/file/data/test1.txt
  • internal/tests/integration/testdata/protocols/file/data/test2.txt
  • internal/tests/integration/testdata/protocols/file/data/test3.txt
  • internal/tests/integration/testdata/protocols/keys/README.md
  • internal/tests/integration/testdata/protocols/keys/ci.crt
  • internal/tests/integration/testdata/protocols/offlinehttp/data/req-resp-with-http-keywords.txt
  • internal/tests/integration/testdata/subdomains.txt
  • internal/tests/integration/websocket_test.go
  • internal/tests/integration/whois_test.go
  • internal/tests/integration/workflow_test.go
  • internal/tests/testheadless/headless_local.go
  • internal/tests/testheadless/headless_runtime.go
  • internal/tests/testutils/integration.go
  • internal/tests/testutils/testutils.go
  • lib/sdk_private.go
  • pkg/catalog/loader/loader_bench_test.go
  • pkg/external/customtemplates/github_test.go
💤 Files with no reviewable changes (20)
  • .run/IntegrationTests.run.xml
  • cmd/integration-test/custom-dir.go
  • .run/DSLFunctionsIT.run.xml
  • integration_tests/run.sh
  • .run/RegressionTests.run.xml
  • cmd/integration-test/template-dir.go
  • cmd/integration-test/dns.go
  • integration_tests/debug.sh
  • cmd/integration-test/flow.go
  • cmd/integration-test/websocket.go
  • cmd/integration-test/loader.go
  • cmd/functional-test/run.sh
  • cmd/integration-test/file.go
  • cmd/integration-test/network.go
  • cmd/integration-test/templates-dir-env.go
  • cmd/integration-test/integration-test.go
  • cmd/integration-test/ssl.go
  • cmd/integration-test/javascript.go
  • cmd/functional-test/main.go
  • gh_retry.sh
✅ Files skipped from review due to trivial changes (13)
  • internal/tests/testheadless/headless_runtime.go
  • pkg/external/customtemplates/github_test.go
  • _typos.toml
  • cmd/tools/fuzzplayground/main.go
  • lib/sdk_private.go
  • internal/tests/integration/dsl_test.go
  • internal/tests/integration/library_test.go
  • DESIGN.md
  • internal/tests/integration/offline-http_test.go
  • CLAUDE.md
  • internal/tests/integration/websocket_test.go
  • pkg/catalog/loader/loader_bench_test.go
  • internal/tests/integration/runner_test.go
🚧 Files skipped from review as they are similar to previous changes (15)
  • .gitignore
  • internal/tests/integration/fuzz_test.go
  • internal/tests/integration/exporters_test.go
  • internal/tests/integration/whois_test.go
  • internal/tests/integration/matcher-status_test.go
  • internal/runner/runner_test.go
  • cmd/tools/signer/main.go
  • internal/tests/integration/multi_test.go
  • internal/tests/testutils/testutils.go
  • internal/tests/integration/generic_test.go
  • internal/tests/integration/interactsh_test.go
  • internal/tests/integration/template-path_test.go
  • internal/tests/integration/file_test.go
  • internal/tests/integration/network_test.go
  • internal/tests/integration/flow_test.go

@dwisiswant0
Copy link
Copy Markdown
Member Author

dwisiswant0 commented Mar 31, 2026
edited
Loading

⚠️ Performance Alert ⚠️

Possible performance regression was detected for benchmark 'RunEnumeration Benchmark'. Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 2.

Benchmark suite Current: 8b5292b Previous: f480e86 Ratio
BenchmarkRunEnumeration/Multiproto - allocs/op 432036 allocs/op 201337 allocs/op 2.15
This comment was automatically generated by workflow using github-action-benchmark.

This looks like a false regression alert and not a real regression (because there are no runtime or core changes), which is likely caused by benchmark action's method & (single-)sample history tracking (probably contaminated by setup & teardown work, which then can easily trigger a misleading alert by outlier cached -at some- point)

Locally RunEnumeration/Multiproto got:

  • 1,174,753 allocs/op @ -benchtime=1x
  • 1,047,282 allocs/op @ -benchtime=10x

RunEnumeration/Default was much worse, dropping from about 54.4M allocs/op @ -benchtime=1x to 25.6M @ -benchtime=10x.

Meaning the alloc metric is highly sensitive to how many iters the harness happens to run. Thus, I disabled the https://github.com/projectdiscovery/nuclei/actions/workflows/perf-regression.yaml workflow.

@dwisiswant0
Copy link
Copy Markdown
Member Author

dwisiswant0 commented Apr 1, 2026

⚠️ Performance Alert ⚠️

Possible performance regression was detected for benchmark 'RunEnumeration Benchmark'. Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 2.
Benchmark suite Current: 8b5292b Previous: f480e86 Ratio
BenchmarkRunEnumeration/Multiproto - allocs/op 432036 allocs/op 201337 allocs/op 2.15
This comment was automatically generated by workflow using github-action-benchmark.

This looks like a false regression alert and not a real regression (because there are no runtime or core changes), which is likely caused by benchmark action's method & (single-)sample history tracking (probably contaminated by setup & teardown work, which then can easily trigger a misleading alert by outlier cached -at some- point)

Locally RunEnumeration/Multiproto got:

  • 1,174,753 allocs/op @ -benchtime=1x
  • 1,047,282 allocs/op @ -benchtime=10x

RunEnumeration/Default was much worse, dropping from about 54.4M allocs/op @ -benchtime=1x to 25.6M @ -benchtime=10x.

Meaning the alloc metric is highly sensitive to how many iters the harness happens to run. Thus, I disabled the https://github.com/projectdiscovery/nuclei/actions/workflows/perf-regression.yaml workflow.

@coderabbitai create a new issue about that, think about the alt method like using repeated samples plus benchstat instead of single-sample cached comparisons or something else.

@coderabbitai coderabbitai bot mentioned this pull request Apr 1, 2026
Open
@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Apr 1, 2026

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
gh issue create \
  --repo projectdiscovery/nuclei \
  --title "ci(bench): replace single-sample benchmark comparisons with repeated-sample + benchstat" \
  --assignee dwisiswant0 \
  --body "## Summary

The \`perf-regression\` workflow ([.github/workflows/perf-regression.yaml](https://github.com/projectdiscovery/nuclei/blob/dev/.github/workflows/perf-regression.yaml)) was disabled in PR `#7307` because the current benchmark CI setup produces false regression alerts.

The root cause is that the workflow relies on **single-sample, cached comparisons** via [github-action-benchmark](https://github.com/marketplace/actions/continuous-benchmark). The alloc metric is highly sensitive to how many iterations the harness happens to run:

- \`BenchmarkRunEnumeration/Multiproto\` showed **1,174,753 allocs/op** at \`-benchtime=1x\` but only **1,047,282 allocs/op** at \`-benchtime=10x\`
- \`BenchmarkRunEnumeration/Default\` dropped from ~54.4M allocs/op (\`-benchtime=1x\`) to ~25.6M (\`-benchtime=10x\`)

A single cached baseline sample can easily be contaminated by setup/teardown work, leading to misleading threshold breaches (e.g. the \`2.15×\` ratio alert triggered for \`Multiproto - allocs/op\`).

## Proposed Approach

Replace the single-sample approach with a statistically sound methodology:

1. **Multiple samples per run** — use \`-count=N\` (e.g., \`-count=6\` or \`-count=10\`) so each CI run produces multiple data points per benchmark.
2. **\`benchstat\` for comparison** — use [golang.org/x/perf/cmd/benchstat](https://pkg.go.dev/golang.org/x/perf/cmd/benchstat) to compare the distributions from the base branch vs. the PR branch. \`benchstat\` applies a statistical test (Welch's t-test by default) to determine whether a difference is significant, dramatically reducing false positives.
3. **Stabilize the benchmark environment** — optionally pin CPU affinity / disable frequency scaling on the CI runner, or use a dedicated self-hosted runner for benchmarks to reduce noise.
4. **Configurable threshold** — expose a p-value threshold (e.g., \`α=0.05\`) and a minimum effect-size threshold (e.g., \`delta ≥ 10%\`) so only statistically significant *and* practically meaningful regressions alert.

## Example Workflow Sketch

\`\`\`yaml
- name: Run benchmarks (PR branch)
  run: go test -run='^$' -bench=BenchmarkRunEnumeration -benchmem -count=6 ./... | tee bench-new.txt

- name: Run benchmarks (base branch)
  run: |
    git checkout ${{ github.base_ref }}
    go test -run='^$' -bench=BenchmarkRunEnumeration -benchmem -count=6 ./... | tee bench-old.txt

- name: Compare with benchstat
  run: |
    go install golang.org/x/perf/cmd/benchstat@latest
    benchstat bench-old.txt bench-new.txt
\`\`\`

## References

- Disabled workflow: https://github.com/projectdiscovery/nuclei/actions/workflows/perf-regression.yaml
- Originating discussion: https://github.com/projectdiscovery/nuclei/pull/7307
- Requested by: `@dwisiswant0`
- \`benchstat\` docs: https://pkg.go.dev/golang.org/x/perf/cmd/benchstat
"

Length of output: 2865

🏁 Script executed:

#!/bin/bash
cat > /tmp/issue_body.md << 'ISSUE_EOF'
## Summary

The `perf-regression` workflow was disabled in PR `#7307` because the current benchmark CI setup produces false regression alerts.

The root cause is that the workflow relies on **single-sample, cached comparisons** via [github-action-benchmark](https://github.com/marketplace/actions/continuous-benchmark). The alloc metric is highly sensitive to how many iterations the harness happens to run:

- `BenchmarkRunEnumeration/Multiproto` showed **1,174,753 allocs/op** at `-benchtime=1x` but only **1,047,282 allocs/op** at `-benchtime=10x`
- `BenchmarkRunEnumeration/Default` dropped from ~54.4M allocs/op (`-benchtime=1x`) to ~25.6M (`-benchtime=10x`)

A single cached baseline sample can easily be contaminated by setup/teardown work, leading to misleading threshold breaches (e.g. the `2.15x` ratio alert triggered for `Multiproto - allocs/op`).

## Proposed Approach

Replace the single-sample approach with a statistically sound methodology:

1. **Multiple samples per run** — use `-count=N` (e.g., `-count=6` or `-count=10`) so each CI run produces multiple data points per benchmark.
2. **`benchstat` for comparison** — use [golang.org/x/perf/cmd/benchstat](https://pkg.go.dev/golang.org/x/perf/cmd/benchstat) to compare the distributions from the base branch vs. the PR branch. `benchstat` applies a statistical test (Welch's t-test by default) to determine whether a difference is significant, dramatically reducing false positives.
3. **Stabilize the benchmark environment** — optionally pin CPU affinity / disable frequency scaling on the CI runner, or use a dedicated self-hosted runner for benchmarks to reduce noise.
4. **Configurable threshold** — expose a p-value threshold (e.g., `alpha=0.05`) and a minimum effect-size threshold (e.g., `delta >= 10%`) so only statistically significant *and* practically meaningful regressions produce alerts.

## Example Workflow Sketch

```yaml
- name: Run benchmarks (PR branch)
  run: go test -run='^$' -bench=BenchmarkRunEnumeration -benchmem -count=6 ./... | tee bench-new.txt

- name: Run benchmarks (base branch)
  run: |
    git checkout ${{ github.base_ref }}
    go test -run='^$' -bench=BenchmarkRunEnumeration -benchmem -count=6 ./... | tee bench-old.txt

- name: Compare with benchstat
  run: |
    go install golang.org/x/perf/cmd/benchstat@latest
    benchstat bench-old.txt bench-new.txt
```

## References

- Disabled workflow: https://github.com/projectdiscovery/nuclei/actions/workflows/perf-regression.yaml
- Originating discussion: https://github.com/projectdiscovery/nuclei/pull/7307
- Requested by: `@dwisiswant0`
- `benchstat` docs: https://pkg.go.dev/golang.org/x/perf/cmd/benchstat
ISSUE_EOF

gh issue create \
  --repo projectdiscovery/nuclei \
  --title "ci(bench): replace single-sample benchmark comparisons with repeated-sample + benchstat" \
  --assignee dwisiswant0 \
  --body-file /tmp/issue_body.md

Length of output: 54

@dwisiswant0 Done! I've opened #7317"ci(bench): replace single-sample benchmark comparisons with repeated-sample + benchstat" — assigned to you.

The issue covers:

  • Root causegithub-action-benchmark's single-sample cached baseline is easily contaminated by setup/teardown work and is highly sensitive to iteration count, producing the spurious 2.15× alert.
  • Proposed fix:
    1. Run benchmarks with -count=6 (or higher) to collect a distribution rather than a single point.
    2. Use benchstat (Welch's t-test) to compare PR vs. base branch distributions, so only statistically significant and practically meaningful regressions alert.
    3. Optionally stabilize the CI runner environment (CPU affinity, frequency scaling).
    4. Tune a p-value + minimum effect-size threshold to control false-positive rate.
  • A sketch of the replacement workflow steps is included directly in the issue body.

ᓚᘏᗢ

@coderabbitai coderabbitai bot mentioned this pull request Apr 1, 2026
Closed
@projectdiscovery projectdiscovery deleted a comment from coderabbitai bot Apr 1, 2026
@dwisiswant0
refactor: native tests
88ea433 
Signed-off-by: Dwi Siswanto <git@dw1.io>
@dwisiswant0 dwisiswant0 force-pushed the dwisiswant0/refactor/native-tests branch from f076f6a to 88ea433 Compare April 7, 2026 12:24
coderabbitai[bot]
coderabbitai bot reviewed Apr 7, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
internal/tests/integration/http_test.go (1)

700-708: ⚠️ Potential issue | 🔴 Critical

Bug: Wrong variable returned on error.

Line 705 returns err instead of errx when the parameter validation fails. This silently swallows the actual validation error.

🐛 Proposed fix 
 	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL+"/?key1=value1", debug)
 	if err != nil {
 		return err
 	}
 	if errx != nil {
-		return err
+		return errx
 	}
 	return expectResultsCount(results, 1)
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/http_test.go` around lines 700 - 708, The error
handling returns the wrong variable: inside the block that checks "if errx !=
nil" you should return the validation error variable errx instead of err so the
actual validation failure isn't swallowed; update the handler where
testutils.RunNucleiTemplateAndGetResults is called and the subsequent check for
errx to return errx, leaving the final return expectResultsCount(results, 1)
unchanged.
🧹 Nitpick comments (4)
internal/tests/integration/integration_test.go (1)

269-279: Consider pre-compiling the regex outside the function.

The unsignedTemplatesRegex is compiled on every call to filterUnsignedTemplatesWarnings. Since this regex is constant, it could be compiled once at package level for minor performance improvement in high-volume filtering scenarios.

♻️ Proposed optimization 
+var unsignedTemplatesRegex = regexp.MustCompile(`Loading \d+ unsigned templates for scan\. Use with caution\.`)
+
 func filterUnsignedTemplatesWarnings(results []string) []string {
 	filtered := make([]string, 0, len(results))
-	unsignedTemplatesRegex := regexp.MustCompile(`Loading \d+ unsigned templates for scan\. Use with caution\.`)
 	for _, result := range results {
 		if unsignedTemplatesRegex.MatchString(result) {
 			continue
 		}
 		filtered = append(filtered, result)
 	}
 	return filtered
 }
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/integration_test.go` around lines 269 - 279, The
regex unsignedTemplatesRegex is being compiled on every call inside
filterUnsignedTemplatesWarnings; move the compile out to a package-level
variable (e.g., declare var unsignedTemplatesRegex = regexp.MustCompile(`Loading
\d+ unsigned templates for scan\. Use with caution\.`)) and update
filterUnsignedTemplatesWarnings to reuse that package-level
unsignedTemplatesRegex instead of calling regexp.MustCompile each time.
internal/tests/integration/runner_test.go (2)

168-182: Simplify retry counter logic.

The retries variable is redundant since the loop always runs exactly maxFailureReruns times when it doesn't return early. The if retries > 1 check on line 178 is always true after the loop completes.

♻️ Proposed simplification 
 func executeIntegrationCase(testCase integrationCase) error {
 	if testCase.DisableOn != nil && testCase.DisableOn() {
 		return nil
 	}
 	if needsSignedCodeTemplates(testCase.Path) {
 		if err := ensureSignedCodeTemplates(); err != nil {
 			return fmt.Errorf("failed to sign code templates: %w", err)
 		}
 	}

-	var retries int
 	var err error
 	for attempt := 1; attempt <= maxFailureReruns; attempt++ {
-		retries++
-
 		err = testCase.TestCase.Execute(testCase.Path)
 		if err == nil {
 			return nil
 		}
 	}
-	if retries > 1 {
-		return fmt.Errorf("test %s failed after %d attempts: %w", testCase.Path, retries, err)
-	}
-	return err
+	return fmt.Errorf("test %s failed after %d attempts: %w", testCase.Path, maxFailureReruns, err)
 }
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/runner_test.go` around lines 168 - 182, Remove the
redundant retries variable and use the loop's attempt variable to determine how
many attempts were made; call testCase.TestCase.Execute in the for attempt := 1;
attempt <= maxFailureReruns; attempt++ loop, return nil on success, and after
the loop return a formatted error using attempt-1 (or maxFailureReruns) and the
last err (e.g., fmt.Errorf("test %s failed after %d attempts: %w",
testCase.Path, attempt-1, err)), eliminating the always-true retries > 1 check.

122-138: Modifying package-level debug variable without synchronization.

Lines 125-129 modify the global debug variable during test execution. While individual test passes are likely sequential, this pattern is fragile and could cause issues if the test structure changes to allow concurrent passes.

Consider passing debugMode as a parameter to functions that need it, rather than modifying global state.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/runner_test.go` around lines 122 - 138,
runIntegrationPass currently mutates the package-level variable debug (debug)
which is unsafe; instead remove the debug assignment and pass debugMode down to
callers: update runIntegrationPass to stop changing debug, add a debugMode
parameter to runIntegrationFamily and any downstream helpers that currently read
the global debug, and thread that boolean through where needed (e.g.,
runIntegrationFamily and the functions it calls) so behavior is driven by the
argument not global state; keep the semaphore/failures logic unchanged and
ensure all references to the global debug in this call path are replaced with
the new parameter.
internal/tests/integration/http_test.go (1)

1110-1128: Consider using t.TempDir() for consistency with tempFixtureCopy.

This helper writes temp files under suite.tempDir (shared across tests), while tempFixtureCopy in integration_test.go uses t.TempDir() (isolated per test). Although each call here creates a unique subdirectory via os.MkdirTemp, using t.TempDir() would provide automatic cleanup and consistent isolation semantics across both helpers.

The current implementation is functionally correct since the random suffix prevents collisions, but the inconsistency could cause confusion for future maintainers.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/http_test.go` around lines 1110 - 1128, The
tempFixturePath helper creates temp dirs under suite.tempDir (via os.MkdirTemp)
which is inconsistent with tempFixtureCopy that uses t.TempDir() — update
tempFixturePath to accept a testing.T or otherwise use t.TempDir() for creating
the temp directory so files are isolated and auto-cleaned; locate and modify the
tempFixturePath function and any callers to either accept a *testing.T parameter
or obtain t.TempDir(), replacing suite.tempDir usage, and preserve the existing
replacement logic and file write steps.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@internal/tests/integration/ssl_test.go`:
- Line 76: The test call to testutils.RunNucleiTemplateAndGetResults passes the
stray "-V" flag with no value for the "protocols/ssl/multi-req.yaml" template;
remove the "-V" token from the call (or replace it with a proper key=value pair
if you actually need a custom variable) so the invocation matches the template's
placeholders (update the invocation in the RunNucleiTemplateAndGetResults call
that references "protocols/ssl/multi-req.yaml").

In `@internal/tests/integration/websocket_test.go`:
- Around line 67-78: The NewWebsocketServer function is ignoring its path
parameter by registering the handler with the hardcoded string "/test"; update
the router.HandlerFunc call inside NewWebsocketServer to use the passed-in path
variable (and any other places in that function that reference "/test") so the
handler is registered at the runtime path argument instead of the constant
"/test"; ensure the server's URL and any origin/handler wiring remain consistent
with the provided path.

---

Outside diff comments:
In `@internal/tests/integration/http_test.go`:
- Around line 700-708: The error handling returns the wrong variable: inside the
block that checks "if errx != nil" you should return the validation error
variable errx instead of err so the actual validation failure isn't swallowed;
update the handler where testutils.RunNucleiTemplateAndGetResults is called and
the subsequent check for errx to return errx, leaving the final return
expectResultsCount(results, 1) unchanged.

---

Nitpick comments:
In `@internal/tests/integration/http_test.go`:
- Around line 1110-1128: The tempFixturePath helper creates temp dirs under
suite.tempDir (via os.MkdirTemp) which is inconsistent with tempFixtureCopy that
uses t.TempDir() — update tempFixturePath to accept a testing.T or otherwise use
t.TempDir() for creating the temp directory so files are isolated and
auto-cleaned; locate and modify the tempFixturePath function and any callers to
either accept a *testing.T parameter or obtain t.TempDir(), replacing
suite.tempDir usage, and preserve the existing replacement logic and file write
steps.

In `@internal/tests/integration/integration_test.go`:
- Around line 269-279: The regex unsignedTemplatesRegex is being compiled on
every call inside filterUnsignedTemplatesWarnings; move the compile out to a
package-level variable (e.g., declare var unsignedTemplatesRegex =
regexp.MustCompile(`Loading \d+ unsigned templates for scan\. Use with
caution\.`)) and update filterUnsignedTemplatesWarnings to reuse that
package-level unsignedTemplatesRegex instead of calling regexp.MustCompile each
time.

In `@internal/tests/integration/runner_test.go`:
- Around line 168-182: Remove the redundant retries variable and use the loop's
attempt variable to determine how many attempts were made; call
testCase.TestCase.Execute in the for attempt := 1; attempt <= maxFailureReruns;
attempt++ loop, return nil on success, and after the loop return a formatted
error using attempt-1 (or maxFailureReruns) and the last err (e.g.,
fmt.Errorf("test %s failed after %d attempts: %w", testCase.Path, attempt-1,
err)), eliminating the always-true retries > 1 check.
- Around line 122-138: runIntegrationPass currently mutates the package-level
variable debug (debug) which is unsafe; instead remove the debug assignment and
pass debugMode down to callers: update runIntegrationPass to stop changing
debug, add a debugMode parameter to runIntegrationFamily and any downstream
helpers that currently read the global debug, and thread that boolean through
where needed (e.g., runIntegrationFamily and the functions it calls) so behavior
is driven by the argument not global state; keep the semaphore/failures logic
unchanged and ensure all references to the global debug in this call path are
replaced with the new parameter.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: ee4d05d1-c173-45f8-bd5a-9b4d9f4f2030

📥 Commits

Reviewing files that changed from the base of the PR and between f076f6a and 88ea433.

⛔ Files ignored due to path filters (217)
  • .github/workflows/flamegraph.yaml is excluded by !**/*.yaml
  • .github/workflows/generate-pgo.yaml is excluded by !**/*.yaml
  • .github/workflows/perf-regression.yaml is excluded by !**/*.yaml
  • .github/workflows/tests.yaml is excluded by !**/*.yaml
  • internal/runner/testdata/test-issue-tracker-config1.yaml is excluded by !**/*.yaml
  • internal/runner/testdata/test-issue-tracker-config2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/dsl/hide-version-warning.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/dsl/show-version-warning.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/conditional-flow-negative.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/conditional-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/dns-ns-probe.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/flow-hide-matcher.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/iterate-one-value-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/flow/iterate-values-flow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-generic-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-json-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-multipart-form-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-params-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body-xml-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-cookie-error-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-headless.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-host-header-injection.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-mode.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-multi-mode.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-path-sqli.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-query-num-replace.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-query.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/fuzz-type.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/fuzz/testData/ginandjuice.proxify.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/generic/auth/certificate/http-get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/library/test.json is excluded by !**/*.json
  • internal/tests/integration/testdata/library/test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/condition-matched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/excluded-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/get-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/template-list.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/loader/workflow-list.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/profile-loader/basic.yml is excluded by !**/*.yml
  • internal/tests/integration/testdata/protocols/code/pre-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/ps1-snippet.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/pwsh-echo.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-env-var.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-file.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-interactsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-nosig.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-snippet.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/py-virtual.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/sh-virtual.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/code/unsigned.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/a.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/aaaa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/caa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/cname-fingerprint.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/cname.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/dsl-matcher-variable.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/ns.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/payload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/ptr.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/srv.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/tlsa.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/txt.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/dns/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/extract.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-nested-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/file/matcher-with-or.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/file-upload-negative.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/file-upload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-dsl.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-extract-values.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-header-action.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-header-status-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-local.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-payloads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/headless-waitevent.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/headless/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/annotation-timeout.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cl-body-with-header.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cl-body-without-header.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/cli-with-constants.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/constants-with-threads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/custom-attack-type.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/default-matcher-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/disable-path-automerge.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/disable-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/dsl-functions.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/dsl-matcher-variable.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-all-ips.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-case-insensitive.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-host-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-override-sni.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-query-string.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-redirects-chain-headers.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-redirects.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-sni-unsafe.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-sni.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get-without-scheme.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-matcher-extractor-dy-extractor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-paths.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/http-preprocessor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-requests-mc-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-stop-at-first-match.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh-with-payloads.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/interactsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status-and-cluster.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status-and.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/matcher-status.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/multi-http-var-sharing.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/multi-request.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-json-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/post-multipart-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-condition-with-delay.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-multiple.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-simple.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/race-with-variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-cookie-reuse.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-dynamic-extractor.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-get-query.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-get.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-path-single-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-path-trailing-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-payload.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-post-body.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-path-single-slash.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-request.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-unsafe-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/raw-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/redirect-match-url.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/request-condition-new.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/request-condition.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/response-data-literal-reuse.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-file-input.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-with-params.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained-with-path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/stop-at-first-match-with-extractors.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/stop-at-first-match.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variable-dsl-function.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variables-threads-previous.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/http/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/multi-ports.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/mysql-connect.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/net-https.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/net-multi-step.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/no-port-args.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/postgres-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/redis-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/rsync-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/ssh-server-fingerprint.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/telnet-auth-test.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/javascript/vnc-pass-brute.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/keys/ci-private-key.pem is excluded by !**/*.pem
  • internal/tests/integration/testdata/protocols/multi/dynamic-values.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/multi/evaluate-variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/multi/exported-response-vars.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/hex.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/multi-step.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/net-https-timeout.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/net-https.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/network-port.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/same-address.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/self-contained.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/network/variables.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/offline-allowed-paths.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/offline-raw.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/offlinehttp/rfc-req-resp.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/basic-ztls.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/custom-cipher.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/custom-version.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/multi-req.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/ssl/ssl-with-vars.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/cswsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/no-cswsh.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/websocket/path.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/protocols/whois/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/test-issue-tracker-config1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/test-issue-tracker-config2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/basic.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/code-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/complex-conditions.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/condition-matched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/condition-unmatched.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-template-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/dns-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/headless-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-template-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-template-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/http-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-2.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/match-3.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/matcher-name.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multimatch-value-share-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multimatch-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multiprotocol-value-share-template.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/multiprotocol-value-share-workflow.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/nomatch-1.yaml is excluded by !**/*.yaml
  • internal/tests/integration/testdata/workflow/shared-cookie.yaml is excluded by !**/*.yaml
📒 Files selected for processing (75)
  • .gitignore
  • .run/DSLFunctionsIT.run.xml
  • .run/IntegrationTests.run.xml
  • .run/RegressionTests.run.xml
  • CLAUDE.md
  • DESIGN.md
  • Makefile
  • _typos.toml
  • cmd/functional-test/main.go
  • cmd/functional-test/run.sh
  • cmd/integration-test/custom-dir.go
  • cmd/integration-test/dns.go
  • cmd/integration-test/file.go
  • cmd/integration-test/flow.go
  • cmd/integration-test/integration-test.go
  • cmd/integration-test/javascript.go
  • cmd/integration-test/loader.go
  • cmd/integration-test/network.go
  • cmd/integration-test/ssl.go
  • cmd/integration-test/template-dir.go
  • cmd/integration-test/templates-dir-env.go
  • cmd/integration-test/websocket.go
  • cmd/tools/fuzzplayground/main.go
  • cmd/tools/signer/main.go
  • gh_retry.sh
  • integration_tests/debug.sh
  • integration_tests/run.sh
  • internal/fuzzplayground/db.go
  • internal/fuzzplayground/server.go
  • internal/fuzzplayground/sqli_test.go
  • internal/runner/runner_test.go
  • internal/tests/functional/functional_test.go
  • internal/tests/functional/testdata/targets-1000.txt
  • internal/tests/functional/testdata/targets-150.txt
  • internal/tests/functional/testdata/targets-250.txt
  • internal/tests/functional/testdata/targets.txt
  • internal/tests/functional/testdata/testcases.txt
  • internal/tests/integration/code_test.go
  • internal/tests/integration/config_and_templates_test.go
  • internal/tests/integration/dns_test.go
  • internal/tests/integration/dsl_test.go
  • internal/tests/integration/exporters_test.go
  • internal/tests/integration/file_test.go
  • internal/tests/integration/flow_test.go
  • internal/tests/integration/fuzz_test.go
  • internal/tests/integration/generic_test.go
  • internal/tests/integration/headless_test.go
  • internal/tests/integration/http_test.go
  • internal/tests/integration/integration_test.go
  • internal/tests/integration/interactsh_test.go
  • internal/tests/integration/javascript_test.go
  • internal/tests/integration/library_test.go
  • internal/tests/integration/loader_test.go
  • internal/tests/integration/matcher-status_test.go
  • internal/tests/integration/multi_test.go
  • internal/tests/integration/network_test.go
  • internal/tests/integration/offline-http_test.go
  • internal/tests/integration/profile-loader_test.go
  • internal/tests/integration/runner_test.go
  • internal/tests/integration/ssl_test.go
  • internal/tests/integration/template-path_test.go
  • internal/tests/integration/testdata/generic/auth/certificate/assets/client.crt
  • internal/tests/integration/testdata/generic/auth/certificate/assets/client.key
  • internal/tests/integration/testdata/generic/auth/certificate/assets/server.crt
  • internal/tests/integration/testdata/protocols/code/pyfile.py
  • internal/tests/integration/testdata/protocols/file/data/test1.txt
  • internal/tests/integration/testdata/protocols/file/data/test2.txt
  • internal/tests/integration/testdata/protocols/file/data/test3.txt
  • internal/tests/integration/testdata/protocols/keys/README.md
  • internal/tests/integration/testdata/protocols/keys/ci.crt
  • internal/tests/integration/testdata/protocols/offlinehttp/data/req-resp-with-http-keywords.txt
  • internal/tests/integration/testdata/subdomains.txt
  • internal/tests/integration/websocket_test.go
  • internal/tests/integration/whois_test.go
  • internal/tests/integration/workflow_test.go
💤 Files with no reviewable changes (20)
  • .run/IntegrationTests.run.xml
  • .run/DSLFunctionsIT.run.xml
  • cmd/integration-test/custom-dir.go
  • .run/RegressionTests.run.xml
  • integration_tests/run.sh
  • integration_tests/debug.sh
  • cmd/integration-test/template-dir.go
  • cmd/functional-test/run.sh
  • cmd/integration-test/dns.go
  • cmd/integration-test/loader.go
  • cmd/integration-test/flow.go
  • cmd/integration-test/websocket.go
  • cmd/integration-test/network.go
  • cmd/integration-test/templates-dir-env.go
  • cmd/integration-test/ssl.go
  • gh_retry.sh
  • cmd/functional-test/main.go
  • cmd/integration-test/file.go
  • cmd/integration-test/javascript.go
  • cmd/integration-test/integration-test.go
✅ Files skipped from review due to trivial changes (9)
  • _typos.toml
  • DESIGN.md
  • cmd/tools/fuzzplayground/main.go
  • internal/runner/runner_test.go
  • internal/tests/integration/exporters_test.go
  • internal/tests/integration/whois_test.go
  • internal/tests/integration/dns_test.go
  • CLAUDE.md
  • internal/tests/integration/network_test.go
🚧 Files skipped from review as they are similar to previous changes (12)
  • .gitignore
  • internal/tests/integration/headless_test.go
  • internal/tests/integration/dsl_test.go
  • cmd/tools/signer/main.go
  • internal/tests/integration/generic_test.go
  • internal/tests/integration/interactsh_test.go
  • internal/tests/integration/profile-loader_test.go
  • internal/tests/integration/offline-http_test.go
  • internal/tests/integration/multi_test.go
  • internal/tests/integration/file_test.go
  • internal/tests/integration/flow_test.go
  • internal/tests/integration/code_test.go

internal/tests/integration/ssl_test.go
MinVersion: tls.VersionSSL30,
MaxVersion: tls.VersionTLS11,
})
results, err := testutils.RunNucleiTemplateAndGetResults("protocols/ssl/multi-req.yaml", server.URL, suite.debug, "-V")
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot Apr 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check nuclei's -V flag usage and whether it can be used without a value
rg -n '\-V\b' internal/tests/integration/ -A1 -B1
echo "---"
# Check if -V requires a value in the CLI definition
ast-grep --pattern 'flag$_("-V", $_)'
rg -n '"-V"' cmd/nuclei/ pkg/types/

Repository: projectdiscovery/nuclei

Length of output: 1557

🏁 Script executed:

# Get context around line 76 in ssl_test.go
sed -n '70,85p' internal/tests/integration/ssl_test.go

# Check for nuclei's flag definition for -V
rg -n 'flagSet.*-V|flag\.String\(.*-V|flag\.Bool\(.*-V' pkg/
rg -n 'Variables|Variable.*flag' pkg/types/ -i | head -20

Repository: projectdiscovery/nuclei

Length of output: 1104

🏁 Script executed:

# Search for the -V flag definition in nuclei
rg -n '\-V' cmd/nuclei/ --type go -A2 -B2
rg -n 'Variables.*flag|flag.*Variables' pkg/ --type go -i
# Look for the RunNucleiTemplateAndGetResults function to understand how flags are passed
grep -n "func RunNucleiTemplateAndGetResults" internal/tests/integration/*.go -A15

Repository: projectdiscovery/nuclei

Length of output: 1342

🏁 Script executed:

# Find the main nuclei command file
find cmd/nuclei -name "*.go" -type f

# Look for the main function and flag definitions
grep -r "flag\." cmd/nuclei/ | head -30

# Search for -V in the codebase specifically
rg -n '"-V"' --type go | grep -v test | head -20

Repository: projectdiscovery/nuclei

Length of output: 146

🏁 Script executed:

# Examine the main nuclei command file for flag definitions
head -200 cmd/nuclei/main.go | grep -n "flag\|Variables"

# Search for where -V flag is actually defined
rg -n 'Variables' cmd/nuclei/ -A2 -B2

# Look for flag definitions more broadly
rg -n 'flag.String\(|flag.Bool\(' cmd/nuclei/main.go | head -30

Repository: projectdiscovery/nuclei

Length of output: 1464

🏁 Script executed:

# Search more specifically for the -V flag definition
rg -n 'VarP.*-V|"V".*Variables|Vars.*-V' cmd/nuclei/ --type go -A2 -B2

# Look for all flag definitions in main.go
rg -n 'flagSet\.' cmd/nuclei/main.go | grep -i var

Repository: projectdiscovery/nuclei

Length of output: 27565

🏁 Script executed:

# Look at line 357 more carefully - the RuntimeMapVarP definition
sed -n '355,360p' cmd/nuclei/main.go

# Check if there's documentation about what variables the multi-req.yaml template expects
find . -name "multi-req.yaml" -type f

# Look at the template to see what variables it expects
cat protocols/ssl/multi-req.yaml 2>/dev/null || echo "Template not found in standard location"

Repository: projectdiscovery/nuclei

Length of output: 997

🏁 Script executed:

# Examine the multi-req.yaml template
cat ./internal/tests/integration/testdata/protocols/ssl/multi-req.yaml

# Also look at ssl-with-vars.yaml to compare (line 61 used this one with -V test=asdasdas)
cat ./internal/tests/integration/testdata/protocols/ssl/ssl-with-vars.yaml 2>/dev/null || echo "ssl-with-vars.yaml not found"

Repository: projectdiscovery/nuclei

Length of output: 835

🏁 Script executed:

# Search for RuntimeMapVarP implementation to understand if it accepts empty values
rg -n "RuntimeMapVarP" --type go -A5 -B5

# Check if there's any test or documentation about how -V works when passed without arguments
rg -n "RuntimeMapVar" pkg/ --type go

Repository: projectdiscovery/nuclei

Length of output: 1737

🏁 Script executed:

# Check the goflags package to see how RuntimeMapVarP is implemented
rg -n "RuntimeMapVar" . --type go | head -20

# Look for the goflags package in vendor or dependencies
find . -path "*goflags*" -name "*.go" | head -5

# Check what happens when -V is passed without a value - look at test execution
grep -r "RunNucleiTemplateAndGetResults" internal/tests/integration/testutils/ -A20 | head -50

Repository: projectdiscovery/nuclei

Length of output: 272

🏁 Script executed:

# Find the testutils package
find . -name "testutils*" -type d

# Find where RunNucleiTemplateAndGetResults is defined
rg -n "func RunNucleiTemplateAndGetResults" --type go -A10

Repository: projectdiscovery/nuclei

Length of output: 1146

🏁 Script executed:

# Look at the TemplateResults method to see how arguments are passed
sed -n '320,380p' internal/tests/testutils/integration.go

# Check what the runner does with these arguments
rg -n "func.*TemplateResults" internal/tests/testutils/ --type go -A30

Repository: projectdiscovery/nuclei

Length of output: 4906

🏁 Script executed:

# Let's check if there are any errors or warnings when -V is used without a value
# by looking at how the test behaves and if it's expected to pass/fail
grep -B5 -A10 "MultiReq" internal/tests/integration/ssl_test.go

# Check if there are any issues or TODOs related to this test
grep -n "TODO\|FIXME\|BUG" internal/tests/integration/ssl_test.go | head -20

# Look at how other tests that don't use variables handle this
grep -n "\-V\b" internal/tests/integration/ssl_test.go -B10 | head -30

Repository: projectdiscovery/nuclei

Length of output: 1460

🏁 Script executed:

# Check if the test actually expects to fail when -V is passed without a value
# by running the actual test to see what happens
cd internal/tests/integration && grep -A20 "MultiReq.*func" ssl_test.go | head -40

# Look at the full test file to understand the context better
wc -l internal/tests/integration/ssl_test.go

# Check if there are any comments explaining why -V is used
sed -n '70,85p' internal/tests/integration/ssl_test.go

Repository: projectdiscovery/nuclei

Length of output: 959

🏁 Script executed:

# Use correct path from repository root
wc -l internal/tests/integration/ssl_test.go

# Check the full MultiReq test context
sed -n '70,90p' internal/tests/integration/ssl_test.go

Repository: projectdiscovery/nuclei

Length of output: 832

🏁 Script executed:

# Let's check the git history to see if -V was recently added or if there's a reason for it
git log -p --follow -S '"-V"' -- internal/tests/integration/ssl_test.go | head -100

# Also check if there are any related issues or commits
git log --oneline --all -S 'multi-req.yaml' | head -10

Repository: projectdiscovery/nuclei

Length of output: 153

🏁 Script executed:

# Check the goflags documentation or implementation for RuntimeMapVarP
find . -path "*/vendor/github.com/projectdiscovery/goflags*" -name "*.go" | head -5

# Look at how options.Vars is used in the code
rg -n "options\.Vars" pkg/ --type go -B2 -A2 | head -50

Repository: projectdiscovery/nuclei

Length of output: 1724

Remove -V flag or provide a variable value.

Line 76 passes -V without a value. The -V flag is for custom variables in key=value format, but the multi-req.yaml template doesn't use custom variables—it only uses standard placeholders like {{Host}} and {{Port}}. Compare this to line 61, which correctly uses -V "test=asdasdas" for ssl-with-vars.yaml that actually references the test variable. Either remove the -V flag or provide a variable assignment if needed.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/ssl_test.go` at line 76, The test call to
testutils.RunNucleiTemplateAndGetResults passes the stray "-V" flag with no
value for the "protocols/ssl/multi-req.yaml" template; remove the "-V" token
from the call (or replace it with a proper key=value pair if you actually need a
custom variable) so the invocation matches the template's placeholders (update
the invocation in the RunNucleiTemplateAndGetResults call that references
"protocols/ssl/multi-req.yaml").

internal/tests/integration/websocket_test.go
Comment on lines +67 to +78
t.Run("Path", func(t *testing.T) {
server := testutils.NewWebsocketServer("/test", func(conn net.Conn) {}, func(origin string) bool { return origin == "https://google.com" })
defer server.Close()

results, err := testutils.RunNucleiTemplateAndGetResults("protocols/websocket/path.yaml", strings.ReplaceAll(server.URL, "http", "ws"), suite.debug)
if err != nil {
t.Fatalf("path websocket request failed: %v", err)
}
if err := expectResultsCount(results, 0); err != nil {
t.Fatal(err)
}
})
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot Apr 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify the hardcoded path bug in NewWebsocketServer
ast-grep --pattern $'func NewWebsocketServer($_, $_, $_, $_) $_ {
  $$$
  router.HandlerFunc($_, "/test", $_)
  $$$
}'

Repository: projectdiscovery/nuclei

Length of output: 49

🏁 Script executed:

#!/bin/bash
# First, find the integration.go file
fd -type f -name "integration.go" | grep testutils

Repository: projectdiscovery/nuclei

Length of output: 237

🏁 Script executed:

#!/bin/bash
# Find the integration.go file with correct fd syntax
fd -t f "integration.go" internal/tests/

Repository: projectdiscovery/nuclei

Length of output: 106

🏁 Script executed:

#!/bin/bash
# Read the integration.go file and search for NewWebsocketServer
cat -n internal/tests/testutils/integration.go | grep -A 20 "func NewWebsocketServer"

Repository: projectdiscovery/nuclei

Length of output: 729

🏁 Script executed:

#!/bin/bash
# Read more lines to see the complete function and find router.HandlerFunc call
cat -n internal/tests/testutils/integration.go | sed -n '454,490p'

Repository: projectdiscovery/nuclei

Length of output: 977

Bug in NewWebsocketServer: The path parameter is ignored.

At line 478 of internal/tests/testutils/integration.go, the function hardcodes "/test" instead of using the path parameter:

router.HandlerFunc("*", "/test", handlerFunc)  // Should be `path`

The path parameter is accepted by the function but never used. The handler is always registered at "/test" regardless of the passed path value. This means the "Path" subtest does not actually validate path-based routing behavior—it only works because the test happens to pass "/test" as the path argument.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@internal/tests/integration/websocket_test.go` around lines 67 - 78, The
NewWebsocketServer function is ignoring its path parameter by registering the
handler with the hardcoded string "/test"; update the router.HandlerFunc call
inside NewWebsocketServer to use the passed-in path variable (and any other
places in that function that reference "/test") so the handler is registered at
the runtime path argument instead of the constant "/test"; ensure the server's
URL and any origin/handler wiring remain consistent with the provided path.

@dogancanbakir dogancanbakir requested a review from Ice3man543 April 8, 2026 13:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@dogancanbakir dogancanbakir Awaiting requested review from dogancanbakir

@Mzack9999 Mzack9999 Awaiting requested review from Mzack9999

@Ice3man543 Ice3man543 Awaiting requested review from Ice3man543

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[FEATURE] Centralize Functional/Integration Test Scripts into a Unified Dir Investigate parallell execution of Integration/Functional tests

1 participant

@dwisiswant0