leviso-cheat-test 0.1.3

Proc-macro for cheat-aware test documentation
Documentation

cheat-test

Proc-macro crate for creating "cheat-aware" tests that document how they could be cheated and what users would experience if they were.

Status

Metric Value
Stage Beta
Target Rust (any platform)
Last verified 2026-01-23

Works

  • #[cheat_aware] - Full cheat documentation for tests
  • #[cheat_reviewed] - Acknowledgment marker
  • #[cheat_canary] - Honeypot tests for audit triggers

Known Issues

  • See parent repo issues

Author

[Waiting for human input]

Why This Exists

On 2026-01-20, a developer created false positives by moving missing binaries to "OPTIONAL" lists to make tests pass while shipping a broken product. This crate ensures every test documents:

  1. What user scenario it protects
  2. How the test could be cheated
  3. What users experience when the test is cheated
  4. The severity and ease of cheating

Installation

[dev-dependencies]
cheat-test = { path = "../cheat-test" }

Macros

#[cheat_aware]

The primary macro for tests that protect user-facing functionality.

use cheat_test::cheat_aware;

#[cheat_aware(
    protects = "User can run sudo commands",
    severity = "CRITICAL",
    ease = "EASY",
    cheats = ["Move sudo to OPTIONAL list", "Remove sudo from essential binaries"],
    consequence = "bash: sudo: command not found",
    legitimate_change = "If sudo is genuinely not needed for a headless profile, \
        add it to the profile's optional list in builder/src/profiles.rs"
)]
#[test]
fn test_sudo_binary_present() {
    assert!(tarball_contains("./usr/bin/sudo"));
}

Attributes:

Attribute Type Description
protects string What user scenario this test protects
severity string CRITICAL, HIGH, MEDIUM, or LOW
ease string How easy to cheat: EASY, MEDIUM, HARD
cheats array List of ways to cheat this test
consequence string What users see when cheated
legitimate_change string (Optional) How to legitimately change behavior

#[cheat_reviewed]

For tests that have been reviewed but don't need full cheat documentation.

use cheat_test::cheat_reviewed;

#[cheat_reviewed("Unit test for version parsing - no cheat vectors")]
#[test]
fn test_parse_version() {
    assert_eq!(parse_version("1.2.3"), Version::new(1, 2, 3));
}

#[cheat_canary]

Marks a test as a canary - an intentionally verbose test that triggers extra scrutiny if modified.

use cheat_test::cheat_canary;

#[cheat_canary(
    bait = "This test looks tedious and tempts simplification to a loop",
    tripwire = "Any modification triggers full audit of all test changes"
)]
#[test]
fn canary_verbose_binary_check() {
    // Intentionally verbose - checks each binary individually
    assert!(exists("/usr/bin/ls"), "ls missing");
    assert!(exists("/usr/bin/cat"), "cat missing");
    assert!(exists("/usr/bin/mount"), "mount missing");
    // ... many more individual assertions
}

CI Integration: Check if files containing #[cheat_canary] are modified and require additional reviewer approval.

On Failure

When a #[cheat_aware] test fails, it prints:

======================================================================
=== TEST FAILED: test_sudo_binary_present ===
======================================================================

PROTECTS: User can run sudo commands
SEVERITY: CRITICAL
EASE OF CHEATING: EASY

CHEAT VECTORS:
  1. Move sudo to OPTIONAL list
  2. Remove sudo from essential binaries

LEGITIMATE CHANGE PATH:
  If sudo is genuinely not needed for a headless profile,
  add it to the profile's optional list in builder/src/profiles.rs

USER CONSEQUENCE:
  bash: sudo: command not found

ORIGINAL ERROR:
  assertion failed: tarball_contains("./usr/bin/sudo")
======================================================================

License

MIT