cashubtc/cdk
1
0
Fork 0
Code Issues 25 Pull requests 23 Projects Releases 43 Packages Wiki Activity Actions

test: add mutation testing infrastructure #1210

Merged
thesimplekid merged 1 commit from mutants into main 2025-11-14 16:36:17 +00:00
Conversation 0 Commits 1 Files changed 11 +1101 -2
thesimplekid commented 2025-10-26 02:14:39 +00:00 (Migrated from github.com)
Copy link

Mutation testing validates test quality by introducing code changes and checking if tests catch them. This is critical for security code where missing negative tests could allow bypasses.

What This Adds

Infrastructure:

  • .cargo/mutants.toml - Configuration with timeout exclusions
  • justfile commands - mutants-quick, mutants-check, mutants-diff
  • GitHub Actions - Weekly mutation testing with issue creation

Security-Critical Tests:

  • NUT12 (DLEQ): 5 tests ensuring signature verification (prevents token forgery)
  • NUT14 (HTLC): 6 tests ensuring spending conditions (prevents unauthorized spending)
  • Amount operations: Tests for subtraction, checked_add, try_sum (prevents infinite loops)

Results

  • Mutations Caught: 301 → 308 (+7, +2.3%)
  • Mutations Missed: 281 → 274 (-7, -2.5%)
  • Mutation Coverage: 35.5% → 36.4% (+0.9%)
  • All critical verification functions: 100% coverage

Description

Notes to the reviewers

Suggested CHANGELOG Updates

CHANGED

ADDED

REMOVED

FIXED

Checklist

Mutation testing validates test quality by introducing code changes and checking if tests catch them. This is critical for security code where missing negative tests could allow bypasses. ## What This Adds **Infrastructure:** - `.cargo/mutants.toml` - Configuration with timeout exclusions - `justfile` commands - `mutants-quick`, `mutants-check`, `mutants-diff` - GitHub Actions - Weekly mutation testing with issue creation **Security-Critical Tests:** - NUT12 (DLEQ): 5 tests ensuring signature verification (prevents token forgery) - NUT14 (HTLC): 6 tests ensuring spending conditions (prevents unauthorized spending) - Amount operations: Tests for subtraction, checked_add, try_sum (prevents infinite loops) ## Results - Mutations Caught: 301 → 308 (+7, +2.3%) - Mutations Missed: 281 → 274 (-7, -2.5%) - Mutation Coverage: 35.5% → 36.4% (+0.9%) - All critical verification functions: 100% coverage ### Description <!-- Describe the purpose of this PR, what's being adding and/or fixed --> ----- ### Notes to the reviewers <!-- In this section you can include notes directed to the reviewers, like explaining why some parts of the PR were done in a specific way --> ----- ### Suggested [CHANGELOG](https://github.com/cashubtc/cdk/blob/main/CHANGELOG.md) Updates <!-- Please do not edit the actual changelog but note what you changed here. --> #### CHANGED #### ADDED #### REMOVED #### FIXED ---- ### Checklist * [ ] I followed the [code style guidelines](https://github.com/cashubtc/cdk/blob/main/CODE_STYLE.md) * [ ] I ran `just final-check` before committing
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
DB & Storage

   
Deployment

   
Error Handling & Logging

   
Maintenance

   
Payment Backend

   
backport

   
backport v0.13.x

   
backport v0.14.x

   
backport v0.15.x

   
bindings

   
blocked

   
bug

Something isn't working

  
cdk-sql

   
ci

   
cli

   
deps

   
documentation

Improvements or additions to documentation

  
duplicate

This issue or pull request already exists

  
enhancement

New feature or request

  
good first issue

Good for newcomers

  
help wanted

Extra attention is needed

  
invalid

This doesn't seem right

  
keep-open

   
ldk-node-ui

   
migrations

   
mint

   
mutation-testing

   
needs rebase

   
needs review

   
new nut

This PR is held pending the merge of a new or updated NUT

  
nut change

   
question

Further information is requested

  
ready

   
rust-version

   
rustfmt

   
stacked hold

PR is based on top of another PR, so should be merged in sequence. See comments for details.

  
stale

   
testing

   
wallet

   
weekly-report

   
wontfix

This will not be worked on

No labels
DB & Storage
Deployment
Error Handling & Logging
Maintenance
Payment Backend
backport
backport v0.13.x
backport v0.14.x
backport v0.15.x
bindings
blocked
bug
cdk-sql
ci
cli
deps
documentation
duplicate
enhancement
good first issue
help wanted
invalid
keep-open
ldk-node-ui
migrations
mint
mutation-testing
needs rebase
needs review
new nut
nut change
question
ready
rust-version
rustfmt
stacked hold
stale
testing
wallet
weekly-report
wontfix
Milestone
Clear milestone
No items
No milestone
0.14.0
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
cashubtc/cdk!1210
No description provided.