test: generate random test tokens instead of hard-coded literals

[tablackburn]

What

Test fixtures constructed SecureStrings from literal token strings ('token-1', 'tok-2', 'token', 'bad', …). This removes those literals in favor of randomly generated values.

• Add New-TestToken to tests/TestHelpers.ps1, returning a fresh [guid]::NewGuid().ToString('N') per call.
• Make New-TestSecureString's -Value optional, defaulting to a random token when omitted (-Value retained for the rare case a test depends on exact characters).
• Switch every call site in Connect-JsmService.tests.ps1 and Get-JsmConnection.tests.ps1 to the random form; the env-var fallback test's literal token becomes New-TestToken. Asserted email/cloud literals left intact.

Why

GitGuardian's "ConvertTo-SecureString Password" detector flagged the historical inline ConvertTo-SecureString variants of these fixtures as publicly-exposed secrets (the repo is public). The move to New-TestSecureString already stopped the detector firing on main, but the literal token strings remained a latent re-introduction risk. No test asserts on a token's contents — they only need a token — so generating them at runtime leaves zero credential-shaped literals in the test source: neither GitGuardian nor PSScriptAnalyzer has anything to flag, and a careless refactor can't reintroduce a real-looking secret here.

Testing

./build.ps1 -Task Test — 118 passed, 0 failed, 2 skipped (pre-existing git-tag tests), PSScriptAnalyzer clean, coverage 100%.

🤖 Generated with Claude Code

Summary by CodeRabbit

• Tests
  • Added a test helper function for generating random test credentials, supporting more flexible test construction.
  • Refactored unit tests to use dynamically generated tokens instead of hardcoded values, improving test reliability and maintainability.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 17c10ef6-9524-4864-9b2e-90ca880ffc04

📥 Commits

Reviewing files that changed from the base of the PR and between d8addf2 and 50b5989.

📒 Files selected for processing (3)

• tests/TestHelpers.ps1
• tests/Unit/Public/Connect-JsmService.tests.ps1
• tests/Unit/Public/Get-JsmConnection.tests.ps1

---

📝 Walkthrough

Walkthrough

This PR refactors the test suite to use randomized test credentials instead of hardcoded literal strings. It introduces a new New-TestToken helper for GUID generation and restructures New-TestSecureString with parameter sets, then updates all test cases across the Connect-JsmService and Get-JsmConnection test files to leverage this infrastructure.

Changes

Test Token Randomization

Layer / File(s)	Summary
Test helper infrastructure: randomization support tests/TestHelpers.ps1	New-TestToken returns a fresh random GUID string on each invocation. New-TestSecureString now supports two parameter sets: default "Random" mode auto-generates the secure string via New-TestToken, and explicit "Value" mode accepts a supplied -Value; docstrings and CmdletBinding metadata are updated to reflect both paths.
Test cases using randomized tokens tests/Unit/Public/Connect-JsmService.tests.ps1, tests/Unit/Public/Get-JsmConnection.tests.ps1	All test cases constructing API tokens are updated to call New-TestSecureString without explicit -Value (using the new Random default). The environment-variable fallback test uses New-TestToken instead of a fixed string. Changes are applied consistently across Email parameter set, Credential parameter set, Validation scenarios, Smoke test, PassThru test, and Get-JsmConnection test cases.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

A rabbit hops through tests with glee,
Fresh tokens bloom like springtime spree—
No hardcoded strings to tie them down,
Each run unique, a random crown! 🐰✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly and clearly summarizes the main change: replacing hard-coded test token literals with randomly generated values across test files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch test/randomize-test-tokens

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR updates the PowerShell test suite to avoid any hard-coded, credential-shaped token literals by generating throwaway tokens at runtime, reducing the risk of secret-scanner false positives and accidental reintroduction of token-like strings in committed test sources.

Changes:

• Added New-TestToken test helper to generate a fresh GUID-based token string per call.
• Updated New-TestSecureString so -Value is optional and defaults to a random token.
• Replaced literal token usages in unit tests with the random-token helpers (including the env-var fallback test).

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File	Description
tests/TestHelpers.ps1	Adds New-TestToken and makes New-TestSecureString default to a generated token when -Value is omitted.
tests/Unit/Public/Connect-JsmService.tests.ps1	Removes hard-coded token literals; uses New-TestSecureString / New-TestToken for token setup paths.
tests/Unit/Public/Get-JsmConnection.tests.ps1	Removes hard-coded token literal; uses New-TestSecureString for the connection fixture.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.