Update documentation for security tests

ademuri · ademuri · commit 9612ec9fa98b · 2026-02-01T22:19:50.000-07:00
- Added instructions on how to run security tests locally.
- Explained the automated testssl.sh dependency management.
- Noted the CI trigger condition (including 'security_test' in commit/PR).
diff --git a/deluge/tests/test_security.py b/deluge/tests/test_security.py
@@ -72,7 +72,6 @@ def testssl_bin():
     return str(testssl_sh)
 
 
-# TODO: This whole module has not been tested since migrating tests fully to pytest
 class SecurityBaseTestCase:
     @pytest.fixture(autouse=True)
     def setvars(self, testssl_bin):
diff --git a/docs/source/contributing/testing.md b/docs/source/contributing/testing.md
@@ -20,6 +20,16 @@ Running the tests for a specific plugin (requires [pytest](https://pypi.python.o
 
     pytest deluge/plugins/<name-of-plugin>
 
+### Security
+
+Running the security tests requires `testssl.sh`. The test suite will automatically manage this dependency by cloning the repository into `deluge/tests/data/testssl_repo` if it is missing.
+
+To run the security tests locally:
+
+    SECURITY_TESTS=true pytest deluge/tests/test_security.py
+
+In CI (GitHub Actions), these tests are skipped by default to save time. To trigger them, include `security_test` in your commit message or pull request body.
+
 ## Tox
 
 All the tests for Deluge can be run using [Tox](https://pypi.python.org/pypi/tox)
