Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Copilot Integration tests can generate false positives for insight.stacklok.com links #767

Open
wright-io opened this issue Jan 24, 2025 · 0 comments
Open

Copilot Integration tests can generate false positives for insight.stacklok.com links #767

wright-io opened this issue Jan 24, 2025 · 0 comments
Labels
bug needs-triage

Comments

@wright-io
Copy link
Contributor

Describe the issue

In attempting to add a utm_source=codegate querystring to links generated to insight.stacklok.com for malicious packages, I was able to make changes that caused the integration tests to pass (e.g. Copilot User asks about a malicious package). But this did not result in the build package providing the new link format.

NOTE: [The issue with the utm_source not being added has been fixed](- #765) but this issue is to track a possible issue with the integration testing approach.

The updated copilot integration tests passed (the response https://www.insight.stacklok.com/report/pypi/invokehttp?utm_source=codegate) but when I built the container locally, it generates the warning about invokehttp, but the links don't contain the string.
CodeGate version: v0.1.13-25c2368-dev, so it seems like I'm building and running the right container.

In order to get the desired behavior in the built container, it seems that the generated insight link needed to be updated in output.py.
But, the integration tests passed without doing this (just by updating default.yaml to have the querystring added and changing the integraton test expectations, but the actual result in the codegate response wasn't correctly changed without adjusting output.py.

Related Issues

Steps to Reproduce

  1. Update prompts/default.yaml to change the format of the malicious package reporting example

For example:

"**Warning:** CodeGate detected one or more malicious, deprecated or archived packages."
  - Pkg 1: [https://www.insight.stacklok.com/report/ecosystem/package_name](https://www.insight.stacklok.com/report/ecosystem/package_name?utm_source=codegate)
  - Pkg 2: [https://www.insight.stacklok.com/report/ecosystem/package_name](https://www.insight.stacklok.com/report/ecosystem/package_name?utm_source=codegate)
  - ...
  1. Update the copilot_malicious_package_question test case to expect the new format
  2. Run the integration tests for the copilot provider. The tests will pass.
  3. Build the container and run it locally
  4. Configure copilot with codegate
  5. Manually test (e.g. asking something like "Show me how to use invokehttp")
  6. Confirm that the resulting insight link does not contain the changes (see more details in the description above)

Operating System

MacOS (Arm)

IDE and Version

n/a

Extension and Version

n/a

Provider

OpenAI

Model

GPT-40

Codegate version

v0.1.13-25c2368-dev

Logs

No response

Additional Context

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug needs-triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wright-io