knacky/mimic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: code-review cleanups (NITs + filename defense-in-depth test)

Browse Source 
- NIT-1: remove dead _technique_names() and _technique_ids() helpers (no callers)
- NIT-2: rename engagement → _engagement in render_engagement_csv signature
- NIT-4: remove duplicate inline User import in test_export_csv_escapes_special_characters
- NIT-5: add comment on _CSV_FORMULA_TRIGGERS explaining \t and \r inclusion
- REUSE: replace custom _html_escape with stdlib html.escape (quote=True default)
- Remove now-unnecessary type: ignore comments on weasyprint (stubs resolve cleanly)
- Add test_export_filename_never_contains_quote_or_crlf defense-in-depth test

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Knacky
2026-06-08 18:23:39 +02:00
parent 123d9812bc
commit 3725d4415e
3 changed files with 19 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/tests/test_export_engagement.py
View File

@@ -136,8 +136,6 @@ def test_export_csv_escapes_special_characters(
eng = _make_engagement(client, admin_token)
with app.app_context():
from backend.app.models import User
admin = User.query.filter_by(username="admin1").first()
sim = Simulation(
engagement_id=eng["id"],