Fix CI, add 147 tests, clean up code duplication (#173)

* Fix CI, add 155 tests, clean up code duplication and import side-effects

- Regenerate poetry.lock to fix CI sync issue
- Disable python version updates in Renovate config
- Extract shared utils (sizeof_fmt, delta_fmt, count_package_prefixes) into dyana/utils.py
- Extract SECURITY_EVENTS constant into dyana/constants.py
- Replace module-level docker.from_env() with lazy _get_client() to prevent
  import-time crashes in CI (no Docker daemon required at import time)
- Guard Loader import in view.py with TYPE_CHECKING to break unnecessary import chain
- Fix unhashable dict bug in view_security_events (set comprehension → list)
- Remove dead commented-out code from tracee.py, loader.py, pip/main.py
- Add comprehensive test suite: 155 tests across 9 test files covering cli,
  utils, docker, view, view_legacy, tracee, loader, settings, and base/dyana
- Add .pre-commit-config.yaml with ruff and pre-commit-hooks
- Expand settings_test.py with 12 additional edge case tests

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(tests): strip ANSI escape codes from CLI help output assertions

Rich/Typer emits ANSI color codes in CI, causing string assertions
on --help output to fail. Strip them before matching.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Author: GangGreenTemperTatum

.github/renovate.json5

@@ -36,10 +36,8 @@
       separateMinorPatch: true,
     },
     {
-      matchManagers: ["poetry", "pip_requirements"],
-      matchDepTypes: ["python"],
-      allowedVersions: "^3.10",
-      enabled: true,
+      matchPackageNames: ["python"],
+      enabled: false,
     },
     {
       description: "Auto merge non-major updates",

.pre-commit-config.yaml

@@ -0,0 +1,14 @@
+repos:
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: v0.15.0
+    hooks:
+      - id: ruff
+        args: [--fix]
+      - id: ruff-format
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v5.0.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+      - id: check-added-large-files

dyana/cli_test.py

@@ -0,0 +1,145 @@
+import json
+import re
+import sys
+import typing as t
+from unittest.mock import MagicMock
+
+# Mock cysimdjson before importing cli (not available on macOS ARM)
+_mock_cysimdjson = MagicMock()  # noqa: E402
+
+
+class _FakeJSONParser:
+    def loads(self, raw: str) -> t.Any:
+        return json.loads(raw)
+
+
+_mock_cysimdjson.JSONParser = _FakeJSONParser
+sys.modules.setdefault("cysimdjson", _mock_cysimdjson)
+
+from typer.testing import CliRunner  # noqa: E402
+
+from dyana.cli import cli  # noqa: E402
+
+runner = CliRunner()
+
+_ANSI_RE = re.compile(r"\x1b\[[0-9;]*m")
+
+
+def _strip_ansi(text: str) -> str:
+    return _ANSI_RE.sub("", text)
+
+
+class TestCLIHelp:
+    def test_help(self) -> None:
+        result = runner.invoke(cli, ["--help"])
+        assert result.exit_code == 0
+        assert "Blackbox profiler" in _strip_ansi(result.output)
+
+    def test_trace_help(self) -> None:
+        result = runner.invoke(cli, ["trace", "--help"])
+        assert result.exit_code == 0
+        output = _strip_ansi(result.output)
+        assert "--loader" in output
+        assert "--timeout" in output
+
+    def test_summary_help(self) -> None:
+        result = runner.invoke(cli, ["summary", "--help"])
+        assert result.exit_code == 0
+        assert "--trace-path" in _strip_ansi(result.output)
+
+    def test_help_command_help(self) -> None:
+        result = runner.invoke(cli, ["help", "--help"])
+        assert result.exit_code == 0
+        assert "LOADER" in _strip_ansi(result.output)
+
+    def test_loaders_help(self) -> None:
+        result = runner.invoke(cli, ["loaders", "--help"])
+        assert result.exit_code == 0
+        assert "--build" in _strip_ansi(result.output)
+
+
+class TestSummaryCommand:
+    def test_summary_with_modern_trace(self, tmp_path: t.Any) -> None:
+        trace_data = {
+            "started_at": "2024-01-01T00:00:00",
+            "ended_at": "2024-01-01T00:01:00",
+            "platform": "Linux-6.1.0-x86_64",
+            "run": {
+                "loader_name": "test-loader",
+                "build_platform": None,
+                "build_args": None,
+                "arguments": None,
+                "volumes": None,
+                "errors": None,
+                "warnings": None,
+                "stdout": None,
+                "stderr": None,
+                "exit_code": None,
+                "stages": [
+                    {
+                        "name": "start",
+                        "timestamp": 0,
+                        "ram": 1024,
+                        "gpu": None,
+                        "disk": 2048,
+                        "network": {},
+                        "imports": {},
+                    },
+                    {
+                        "name": "end",
+                        "timestamp": 1000,
+                        "ram": 4096,
+                        "gpu": None,
+                        "disk": 4096,
+                        "network": {},
+                        "imports": {"torch": "/usr/lib/torch/__init__.py"},
+                    },
+                ],
+                "extra": None,
+            },
+            "events": [],
+        }
+        trace_file = tmp_path / "trace.json"
+        trace_file.write_text(json.dumps(trace_data))
+
+        result = runner.invoke(cli, ["summary", "--trace-path", str(trace_file)])
+        assert result.exit_code == 0
+        assert "test-loader" in result.output
+        assert "RAM Usage" in result.output
+        assert "Disk Usage" in result.output
+
+    def test_summary_with_legacy_trace(self, tmp_path: t.Any) -> None:
+        trace_data = {
+            "started_at": "2024-01-01T00:00:00",
+            "ended_at": "2024-01-01T00:01:00",
+            "platform": "Linux-6.1.0-x86_64",
+            "run": {
+                "loader_name": "test-loader",
+                "build_platform": None,
+                "build_args": None,
+                "arguments": None,
+                "volumes": None,
+                "errors": None,
+                "warnings": None,
+                "stdout": None,
+                "stderr": None,
+                "exit_code": None,
+                "ram": {"start": 1024, "end": 2048},
+                "gpu": {},
+                "disk": {"start": 2048, "end": 4096},
+                "network": {},
+                "extra": None,
+            },
+            "events": [],
+        }
+        trace_file = tmp_path / "trace.json"
+        trace_file.write_text(json.dumps(trace_data))
+
+        result = runner.invoke(cli, ["summary", "--trace-path", str(trace_file)])
+        assert result.exit_code == 0
+        assert "test-loader" in result.output
+        assert "WARNING" in result.output
+
+    def test_summary_missing_file(self) -> None:
+        result = runner.invoke(cli, ["summary", "--trace-path", "/nonexistent/trace.json"])
+        assert result.exit_code != 0

dyana/conftest.py

@@ -0,0 +1,116 @@
+import typing as t
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+
+@pytest.fixture
+def sample_run_dict() -> dict[str, t.Any]:
+    return {
+        "loader_name": "test-loader",
+        "build_platform": None,
+        "build_args": None,
+        "arguments": None,
+        "volumes": None,
+        "errors": None,
+        "warnings": None,
+        "stdout": None,
+        "stderr": None,
+        "exit_code": None,
+        "stages": None,
+        "extra": None,
+    }
+
+
+@pytest.fixture
+def sample_trace_dict(sample_run_dict: dict[str, t.Any]) -> dict[str, t.Any]:
+    return {
+        "started_at": "2024-01-01T00:00:00",
+        "ended_at": "2024-01-01T00:01:00",
+        "platform": "Linux-6.1.0-x86_64",
+        "tracee_version": None,
+        "tracee_kernel_release": None,
+        "dyana_version": "0.1.4",
+        "run": sample_run_dict,
+        "events": [],
+    }
+
+
+@pytest.fixture
+def sample_trace_with_events(sample_run_dict: dict[str, t.Any]) -> dict[str, t.Any]:
+    return {
+        "started_at": "2024-01-01T00:00:00",
+        "ended_at": "2024-01-01T00:01:00",
+        "platform": "Linux-6.1.0-x86_64",
+        "tracee_version": None,
+        "tracee_kernel_release": None,
+        "dyana_version": "0.1.4",
+        "run": sample_run_dict,
+        "events": [
+            {
+                "eventName": "sched_process_exec",
+                "timestamp": 1000,
+                "processId": 1,
+                "parentProcessId": 0,
+                "processName": "python",
+                "syscall": "execve",
+                "containerId": "abc123",
+                "args": [
+                    {"name": "cmdpath", "value": "/usr/bin/python"},
+                    {"name": "argv", "value": ["python", "main.py"]},
+                ],
+            },
+            {
+                "eventName": "security_file_open",
+                "timestamp": 2000,
+                "processId": 1,
+                "processName": "python",
+                "containerId": "abc123",
+                "args": [
+                    {"name": "syscall_pathname", "value": "/app/main.py"},
+                    {"name": "pathname", "value": "/app/main.py"},
+                ],
+            },
+            {
+                "eventName": "security_socket_connect",
+                "timestamp": 3000,
+                "processId": 1,
+                "processName": "python",
+                "syscall": "connect",
+                "containerId": "abc123",
+                "args": [
+                    {
+                        "name": "remote_addr",
+                        "value": {
+                            "sa_family": "AF_INET",
+                            "sin_addr": "93.184.216.34",
+                            "sin_port": 443,
+                        },
+                    },
+                ],
+            },
+            {
+                "eventName": "net_packet_dns",
+                "timestamp": 2500,
+                "processId": 1,
+                "processName": "python",
+                "containerId": "abc123",
+                "args": [
+                    {
+                        "name": "proto_dns",
+                        "value": {
+                            "questions": [{"name": "example.com"}],
+                            "answers": [{"name": "example.com", "IP": "93.184.216.34"}],
+                        },
+                    },
+                ],
+            },
+        ],
+    }
+
+
+@pytest.fixture
+def mock_docker_client() -> t.Generator[MagicMock, None, None]:
+    mock_client = MagicMock()
+    with patch("dyana.docker._get_client", return_value=mock_client):
+        yield mock_client

dyana/constants.py

@@ -0,0 +1,40 @@
+SECURITY_EVENTS: list[str] = [
+    # cd tracee/signatures/go && grep -r "EventName:" --exclude="*_test.go" * | cut -d'"' -f2 | sort -u
+    "anti_debugging",
+    "aslr_inspection",
+    "cgroup_notify_on_release",
+    "cgroup_release_agent",
+    "core_pattern_modification",
+    "default_loader_mod",
+    "disk_mount",
+    "docker_abuse",
+    "dropped_executable",
+    "dynamic_code_loading",
+    "fileless_execution",
+    "hidden_file_created",
+    "illegitimate_shell",
+    "k8s_api_connection",
+    "k8s_cert_theft",
+    # Error: invalid event to trace: k8s_service_account_token
+    # "k8s_service_account_token",
+    "kernel_module_loading",
+    "ld_preload",
+    "proc_fops_hooking",
+    "proc_kcore_read",
+    "proc_mem_access",
+    "proc_mem_code_injection",
+    "process_vm_write_inject",
+    "ptrace_code_injection",
+    "rcd_modification",
+    "sched_debug_recon",
+    "scheduled_task_mod",
+    "stdio_over_socket",
+    "sudoers_modification",
+    "syscall_hooking",
+    "system_request_key_mod",
+    # non signature related but still security related
+    "hidden_kernel_module",
+    "bpf_attach",
+    "ftrace_hook",
+    "hooked_syscall",
+]