fix(#37878): Address review feedback — fix trailing whitespace and add ANTHROPIC_API_KEY test

Review feedback from egilewski: 1. Remove trailing whitespace from test docstring and mock patches (lines 1430, 1469, 1476, 1482) 2. Expand test coverage: also verify ANTHROPIC_API_KEY is stripped (not just OPENAI_API_KEY) Changes: - Remove trailing whitespace from test file - Add ANTHROPIC_API_KEY to test environment - Add assertion verifying ANTHROPIC_API_KEY is stripped from cua-driver subprocess env - Syntax verified: python3 -m py_compile tests/tools/test_computer_use.py ✓
2026-06-21 10:22:18 +00:00 · 2026-06-08 12:56:51 -05:00 · 2026-06-08 12:56:51 -05:00 · 3c3ac19d9c
commit 3c3ac19d9c
parent 2e5c04aaf7
1 changed files with 8 additions and 5 deletions
--- a/tests/tools/test_computer_use.py
+++ b/tests/tools/test_computer_use.py
@ -1457,7 +1457,7 @@ class TestCuaEnvironmentScrubbing:

    def test_cua_session_sanitizes_provider_env_vars(self):
        """_CuaDriverSession._aenter() must sanitize sensitive env vars.
-        
+
        The cua-driver MCP subprocess should not inherit Hermes-managed credentials
        or other sensitive environment variables — only runtime-required vars.
        This is a regression test for issue #37878.
@ -1475,6 +1475,7 @@ class TestCuaEnvironmentScrubbing:
            # Set up test environment with both safe and blocked vars
            test_env = {
                "OPENAI_API_KEY": "sk-secret",  # blocked
+                "ANTHROPIC_API_KEY": "sk-ant-secret",  # blocked
                "PATH": "/usr/bin:/bin",  # safe
                "HOME": "/home/user",  # safe
                "SAFE_VAR": "allowed",  # safe
@ -1496,20 +1497,20 @@ class TestCuaEnvironmentScrubbing:
                         patch("mcp.client.stdio.stdio_client") as mock_stdio, \
                         patch("mcp.ClientSession") as mock_session_class, \
                         patch("contextlib.AsyncExitStack"):
-                        
+
                        # Setup mocks for stdio_client and ClientSession
                        mock_read = MagicMock()
                        mock_write = MagicMock()
                        mock_stdio.return_value.__aenter__ = AsyncMock(
                            return_value=(mock_read, mock_write))
                        mock_stdio.return_value.__aexit__ = AsyncMock(return_value=None)
-                        
+
                        mock_session = MagicMock()
                        mock_session.initialize = AsyncMock()
                        mock_session_class.return_value.__aenter__ = AsyncMock(
                            return_value=mock_session)
                        mock_session_class.return_value.__aexit__ = AsyncMock(return_value=None)
-                        
+
                        try:
                            await session._aenter()
                        except Exception:
@ -1520,7 +1521,9 @@ class TestCuaEnvironmentScrubbing:
        # Verify blocked credentials are not in the passed env
        assert "OPENAI_API_KEY" not in captured_env, \
            "OPENAI_API_KEY should be stripped from cua-driver subprocess"
-        
+        assert "ANTHROPIC_API_KEY" not in captured_env, \
+            "ANTHROPIC_API_KEY should be stripped from cua-driver subprocess"
+
        # Verify PATH is preserved (safe var)
        assert "PATH" in captured_env or "SAFE_VAR" in captured_env, \
            "At least one safe environment variable should be preserved"