From 760a3f2b05435b88edf8330c0323684f64d44f9f Mon Sep 17 00:00:00 2001 From: Greyson LaLonde Date: Sun, 12 Apr 2026 05:13:57 +0800 Subject: [PATCH] test: assert Azure endpoint hostname instead of substring match MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit CodeQL flagged the `"test.openai.azure.com" in llm.endpoint` substring check as incomplete URL sanitization — the substring could match in an arbitrary position. Parse the URL and assert against `urlparse(...).hostname` instead, which is the precise check we want. --- lib/crewai/tests/llms/azure/test_azure.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/crewai/tests/llms/azure/test_azure.py b/lib/crewai/tests/llms/azure/test_azure.py index f113bba29..d42e2d7fe 100644 --- a/lib/crewai/tests/llms/azure/test_azure.py +++ b/lib/crewai/tests/llms/azure/test_azure.py @@ -2,6 +2,7 @@ import os import sys import types from unittest.mock import patch, MagicMock, Mock +from urllib.parse import urlparse import pytest from crewai.llm import LLM @@ -442,7 +443,7 @@ def test_azure_lazy_build_reads_env_vars_set_after_construction(): assert client is not None assert llm.api_key == "late-key" assert llm.endpoint is not None - assert "test.openai.azure.com" in llm.endpoint + assert urlparse(llm.endpoint).hostname == "test.openai.azure.com" assert llm.is_azure_openai_endpoint is True