Skip to content

Fixture

provide.testkit.quality.security.fixture

Pytest fixtures for security scanning.

Classes

SecurityFixture 

SecurityFixture(
    config: dict[str, Any] | None = None,
    artifact_dir: Path | None = None,
)

Bases: BaseQualityFixture

Pytest fixture for security scanning integration.

Initialize security fixture.

Parameters:

Name Type Description Default
config dict[str, Any] | None

Security scanner configuration

 None
artifact_dir Path | None

Directory for artifacts

 None
Source code in provide/testkit/quality/security/fixture.py 
24
25
26
27
28
29
30
31
32
def __init__(self, config: dict[str, Any] | None = None, artifact_dir: Path | None = None) -> None:
    """Initialize security fixture.

    Args:
        config: Security scanner configuration
        artifact_dir: Directory for artifacts
    """
    super().__init__(config, artifact_dir)
    self.scanner: SecurityScanner | None = None
Functions
generate_report 
generate_report(format: str = 'terminal') -> str

Generate security report.

Parameters:

Name Type Description Default
format str

Report format (terminal, json)

 'terminal'

Returns:

Type Description
str

Formatted report
Source code in provide/testkit/quality/security/fixture.py 
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
def generate_report(self, format: str = "terminal") -> str:
    """Generate security report.

    Args:
        format: Report format (terminal, json)

    Returns:
        Formatted report
    """
    if not self.scanner:
        return "No security scanner available"

    results = self.get_results_by_tool()
    if "security" not in results:
        return "No security results available"

    return self.scanner.report(results["security"], format)
scan 
scan(path: Path) -> dict[str, Any]

Perform security scan.

Parameters:

Name Type Description Default
path Path

Path to scan

 required

Returns:

Type Description
dict[str, Any]

Security scan results
Source code in provide/testkit/quality/security/fixture.py 
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
def scan(self, path: Path) -> dict[str, Any]:
    """Perform security scan.

    Args:
        path: Path to scan

    Returns:
        Security scan results
    """
    self.ensure_setup()
    if not self.scanner:
        return {"error": "Scanner not available"}

    result = self.scanner.analyze(path, artifact_dir=self.artifact_dir)
    self.add_result(result)
    return {
        "passed": result.passed,
        "score": result.score,
        "issues": result.details.get("total_issues", 0),
        "details": result.details,
    }
setup 
setup() -> None

Setup security scanning.

Source code in provide/testkit/quality/security/fixture.py 
34
35
36
37
38
39
40
41
42
def setup(self) -> None:
    """Setup security scanning."""
    if not BANDIT_AVAILABLE:
        pytest.skip("Bandit not available")

    try:
        self.scanner = SecurityScanner(self.config)
    except Exception as e:
        pytest.skip(f"Failed to initialize security scanner: {e}")
teardown 
teardown() -> None

Cleanup security scanner.

Source code in provide/testkit/quality/security/fixture.py 
44
45
46
47
def teardown(self) -> None:
    """Cleanup security scanner."""
    # No cleanup needed for security scanner
    pass

Functions

auto_security_marker 

auto_security_marker(
    request: FixtureRequest,
) -> Generator[None, None, None]

Automatically apply security scanning to marked tests.

Tests marked with @pytest.mark.security will automatically get security scanning without needing to explicitly use fixtures.

Source code in provide/testkit/quality/security/fixture.py 
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
@pytest.fixture(autouse=True)
def auto_security_marker(request: FixtureRequest) -> Generator[None, None, None]:
    """Automatically apply security scanning to marked tests.

    Tests marked with @pytest.mark.security will automatically
    get security scanning without needing to explicitly use fixtures.
    """
    if request.node.get_closest_marker("security"):
        # Test is marked for security - enable automatic scanning
        if not request.node.get_closest_marker("no_security"):
            # Create temporary security fixture
            security_fixture = SecurityFixture()
            try:
                security_fixture.setup()
                # Security scan would be applied here in a real implementation
                # For now, we just yield to continue the test
                yield
            finally:
                security_fixture.teardown()
        else:
            yield
    else:
        yield

parametrized_security 

parametrized_security(
    request: FixtureRequest, tmp_path: Path
) -> Generator[SecurityFixture, None, None]

Parametrized security fixture for testing different configurations.

Automatically runs tests with different security thresholds to validate behavior under various settings.

Usage

def test_security_configs(parametrized_security): # Test runs multiple times with different configs result = parametrized_security.scan(Path('./src')) # Behavior will vary based on configuration

Source code in provide/testkit/quality/security/fixture.py 
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
@pytest.fixture(
    params=[
        {"max_high_severity": 0, "max_medium_severity": 0, "min_score": 100.0},  # Strict
        {"max_high_severity": 1, "max_medium_severity": 5, "min_score": 80.0},  # Normal
        {"max_high_severity": 5, "max_medium_severity": 10, "min_score": 60.0},  # Lenient
    ]
)
def parametrized_security(
    request: FixtureRequest,
    tmp_path: Path,
) -> Generator[SecurityFixture, None, None]:
    """Parametrized security fixture for testing different configurations.

    Automatically runs tests with different security thresholds
    to validate behavior under various settings.

    Usage:
        def test_security_configs(parametrized_security):
            # Test runs multiple times with different configs
            result = parametrized_security.scan(Path('./src'))
            # Behavior will vary based on configuration
    """
    config = request.param
    artifact_dir = tmp_path / f"security_{id(config)}"

    fixture = SecurityFixture(config=config, artifact_dir=artifact_dir)

    try:
        fixture.setup()
        yield fixture
    finally:
        fixture.teardown()

pytest_configure 

pytest_configure(config: Config) -> None

Configure pytest with security markers.

Source code in provide/testkit/quality/security/fixture.py 
180
181
182
183
def pytest_configure(config: pytest.Config) -> None:
    """Configure pytest with security markers."""
    config.addinivalue_line("markers", "security: mark test to run with security scanning")
    config.addinivalue_line("markers", "no_security: mark test to skip security scanning")

security_config 

security_config() -> dict[str, Any]

Default security configuration fixture.

Returns standard security configuration that can be customized per test or project.

Usage

def test_custom_security(security_config): security_config["max_high_severity"] = 0 security_config["min_score"] = 95.0 # Use with parametrized security_scanner

Source code in provide/testkit/quality/security/fixture.py 
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
@pytest.fixture
def security_config() -> dict[str, Any]:
    """Default security configuration fixture.

    Returns standard security configuration that can be customized
    per test or project.

    Usage:
        def test_custom_security(security_config):
            security_config["max_high_severity"] = 0
            security_config["min_score"] = 95.0
            # Use with parametrized security_scanner
    """
    return {
        "confidence": "medium",
        "severity": "medium",
        "max_high_severity": 0,
        "max_medium_severity": 5,
        "min_score": 80.0,
        "exclude": ["*/tests/*", "*/test_*", "*/.venv/*", "*/venv/*", "*/__pycache__/*", "*/migrations/*"],
    }

security_scanner 

security_scanner(
    request: FixtureRequest, tmp_path: Path
) -> Generator[SecurityFixture, None, None]

Pytest fixture for security scanning.

Provides a SecurityFixture instance for security vulnerability scanning.

Usage

def test_security_scan(security_scanner): result = security_scanner.scan(Path('./src')) assert result['passed'] assert result['issues'] == 0

Source code in provide/testkit/quality/security/fixture.py 
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
@pytest.fixture
def security_scanner(
    request: FixtureRequest,
    tmp_path: Path,
) -> Generator[SecurityFixture, None, None]:
    """Pytest fixture for security scanning.

    Provides a SecurityFixture instance for security vulnerability scanning.

    Usage:
        def test_security_scan(security_scanner):
            result = security_scanner.scan(Path('./src'))
            assert result['passed']
            assert result['issues'] == 0
    """
    # Get configuration from pytest request
    config = getattr(request, "param", {})

    # Create artifact directory for this test
    artifact_dir = tmp_path / "security"

    # Initialize fixture
    fixture = SecurityFixture(config=config, artifact_dir=artifact_dir)

    try:
        fixture.setup()
        yield fixture
    finally:
        fixture.teardown()