A test case without assertions ensures only that no exceptions are thrown. Beyond basic runnability, it ensures nothing about the behavior of thecode under test.
This rule raises an exception when no assertions from any of the following known frameworks are found in a test:
Furthermore, as new or custom assertion frameworks may be used, the rule can be parametrized to define specific methods that will also beconsidered as assertions. No issue will be raised when such methods are found in test cases. The parameter value should have the following format<FullyQualifiedClassName>#<MethodName>, where MethodName can end with the wildcard character. For constructors,the pattern should be <FullyQualifiedClassName>#<init>.
A test case without assertions ensures only that no exceptions are thrown. Beyond basic runnability, it ensures nothing about the behavior of thecode under test.
This rule raises an exception when no assertions from any of the following known frameworks are found in a test:
org.springframework.test.web.servlet.ResultActions.andExpect()Furthermore, as new or custom assertion frameworks may be used, the rule can be parametrized to define specific methods that will also beconsidered as assertions. No issue will be raised when such methods are found in test cases. The parameter value should have the following format
<FullyQualifiedClassName>#<MethodName>, whereMethodNamecan end with the wildcard character. For constructors,the pattern should be<FullyQualifiedClassName>#<init>.Example:
com.company.CompareToTester#compare*,com.company.CustomAssert#customAssertMethod,com.company.CheckVerifier#<init>.Noncompliant Code Example
@Testpublic void testDoSomething() { // Noncompliant MyClass myClass = new MyClass(); myClass.doSomething();}Compliant Solution
Example when
com.company.CompareToTester#compare*is used as parameter to the rule.import com.company.CompareToTester;@Testpublic void testDoSomething() { MyClass myClass = new MyClass(); assertNull(myClass.doSomething()); // JUnit assertion assertThat(myClass.doSomething()).isNull(); // Fest assertion}@Testpublic void testDoSomethingElse() { MyClass myClass = new MyClass(); new CompareToTester().compareWith(myClass); // Compliant - custom assertion method defined as rule parameter CompareToTester.compareStatic(myClass); // Compliant}File Path: webgoat-lessons/jwt/src/test/java/org/owasp/webgoat/jwt/JWTVotesEndpointTest.java:108
Mitigation: Add at least one assertion to this test case.
https://preprod.armorcode.ai/#/findings/5407950