Add comprehensive edge case, race condition, and boundary tests

603 new tests bringing total from 639 to 1,242:

Edge cases (532 tests):
- Every detector tested against 7 hostile inputs: empty, binary
  garbage, malformed UTF-8, unicode (Chinese/Arabic/emoji), null
  bytes, special chars in paths, 50K-line files
- Zero crashes across all 76 detectors

Thread safety (4 tests):
- Concurrent detector execution (8 workers)
- Same detector instance from 10 threads simultaneously
- Concurrent GraphStore node addition
- Full analyzer 3-run determinism check

Graph edge cases (48 tests, parametrized across NetworkX + SQLite):
- Self-loops, circular dependencies, duplicate nodes/edges
- Dangling edge rejection, empty graph operations
- 1000-node insertion, subgraph extraction, property updates

Flow edge cases (19 tests):
- Empty graph, single node, infra-only, auth-only, CI-only
- 5000+ node graph collapsed to <=30 flow nodes
- Mermaid special char escaping, HTML all-views inclusion
- Determinism across all views

Benchmark: 2,314 nodes / 2,906 edges, 3.67s — no regression.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: aksOps

README.md

@@ -22,9 +22,9 @@
   <!-- DYNAMIC:vulnerabilities --><a href="https://github.com/RandomCodeSpace/code-iq/security/dependabot"><img src="https://img.shields.io/badge/vulnerabilities-0-brightgreen?style=flat-square&logo=hackthebox&logoColor=white" alt="0 Vulnerabilities"></a><!-- /DYNAMIC:vulnerabilities -->
   <!-- DYNAMIC:detectors --><a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/detectors-76-brightgreen?style=flat-square&logo=codefactor&logoColor=white" alt="76 Detectors"></a><!-- /DYNAMIC:detectors -->
   <!-- DYNAMIC:languages --><a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/languages-35-blue?style=flat-square&logo=stackblitz&logoColor=white" alt="35 Languages"></a><!-- /DYNAMIC:languages -->
-  <!-- DYNAMIC:tests --><a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/tests-639%20passed-brightgreen?style=flat-square&logo=pytest&logoColor=white" alt="639 passed Tests"></a><!-- /DYNAMIC:tests -->
-  <!-- DYNAMIC:files --><a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/files-238-informational?style=flat-square&logo=files&logoColor=white" alt="238 Files"></a><!-- /DYNAMIC:files -->
-  <!-- DYNAMIC:loc --><a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/LOC-27%2C365-informational?style=flat-square&logo=codacy&logoColor=white" alt="27,365 Loc"></a><!-- /DYNAMIC:loc -->
+  <!-- DYNAMIC:tests --><a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/tests-1242%20passed-brightgreen?style=flat-square&logo=pytest&logoColor=white" alt="1242 passed Tests"></a><!-- /DYNAMIC:tests -->
+  <!-- DYNAMIC:files --><a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/files-242-informational?style=flat-square&logo=files&logoColor=white" alt="242 Files"></a><!-- /DYNAMIC:files -->
+  <!-- DYNAMIC:loc --><a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/LOC-28%2C130-informational?style=flat-square&logo=codacy&logoColor=white" alt="28,130 Loc"></a><!-- /DYNAMIC:loc -->
 </p>
 
 ---

tests/conftest.py

@@ -6,6 +6,9 @@
 
 import pytest
 
+from code_intelligence.detectors.base import DetectorContext, DetectorResult
+from code_intelligence.detectors.registry import DetectorRegistry
+
 
 FIXTURES_DIR = Path(__file__).parent / "fixtures"
 JAVA_FIXTURES = FIXTURES_DIR / "java"
@@ -91,3 +94,116 @@ def connectors_resource_source() -> bytes:
 @pytest.fixture
 def consumer_config_source() -> bytes:
     return (JAVA_FIXTURES / "ConsumerConfig.java").read_bytes()
+
+
+# ---------------------------------------------------------------------------
+# Detector discovery fixture
+# ---------------------------------------------------------------------------
+
+def _all_detectors():
+    """Discover all registered detectors for parametrized tests."""
+    registry = DetectorRegistry()
+    registry.load_builtin_detectors()
+    return registry.all_detectors()
+
+
+ALL_DETECTORS = _all_detectors()
+ALL_DETECTOR_IDS = [d.name for d in ALL_DETECTORS]
+
+
+@pytest.fixture(params=ALL_DETECTORS, ids=ALL_DETECTOR_IDS)
+def detector(request):
+    """Parametrized fixture yielding each registered detector."""
+    return request.param
+
+
+# ---------------------------------------------------------------------------
+# Hostile input fixtures
+# ---------------------------------------------------------------------------
+
+@pytest.fixture
+def empty_ctx():
+    """Empty file -- zero bytes."""
+    def _make(language="java", path="empty.txt"):
+        return DetectorContext(file_path=path, language=language, content=b"", module_name=None)
+    return _make
+
+
+@pytest.fixture
+def binary_ctx():
+    """Binary garbage -- should not crash any detector."""
+    data = bytes(range(256)) * 10  # 2560 bytes of every byte value
+    def _make(language="java", path="binary.bin"):
+        return DetectorContext(file_path=path, language=language, content=data, module_name=None)
+    return _make
+
+
+@pytest.fixture
+def malformed_utf8_ctx():
+    """Invalid UTF-8 sequences -- tests decode error handling."""
+    data = b"public class Foo {\n" + b"\xff\xfe\x80\x81" * 50 + b"\n}\n"
+    def _make(language="java", path="malformed.java"):
+        return DetectorContext(file_path=path, language=language, content=data, module_name=None)
+    return _make
+
+
+@pytest.fixture
+def unicode_ctx():
+    """Unicode content -- Chinese, Arabic, emoji in identifiers."""
+    data = (
+        "class \u4f60\u597d\u4e16\u754c {\n"  # Chinese
+        "    public void \u0645\u0631\u062d\u0628\u0627() {}\n"  # Arabic
+        "    String emoji = \"\U0001f680\U0001f4a5\";\n"  # Rocket + explosion
+        "    // Comment with \u00e9\u00e8\u00ea\u00eb\n"  # French accents
+        "}\n"
+    ).encode("utf-8")
+    def _make(language="java", path="unicode.java"):
+        return DetectorContext(file_path=path, language=language, content=data, module_name=None)
+    return _make
+
+
+@pytest.fixture
+def huge_ctx():
+    """Large file -- 50K lines of repetitive content."""
+    lines = ["public void method_%d() { return; }" % i for i in range(50000)]
+    data = "\n".join(lines).encode("utf-8")
+    def _make(language="java", path="huge.java"):
+        return DetectorContext(file_path=path, language=language, content=data, module_name=None)
+    return _make
+
+
+@pytest.fixture
+def null_bytes_ctx():
+    """File with null bytes embedded in otherwise valid content."""
+    data = b"class Foo {\n\x00\x00\x00\n    void bar() {}\n\x00}\n"
+    def _make(language="java", path="nulls.java"):
+        return DetectorContext(file_path=path, language=language, content=data, module_name=None)
+    return _make
+
+
+@pytest.fixture
+def deeply_nested_json_ctx():
+    """Deeply nested JSON -- 100 levels deep."""
+    nested = "{}"
+    for i in range(100):
+        nested = '{"level_%d": %s}' % (i, nested)
+    def _make(path="deep.json"):
+        import json
+        return DetectorContext(
+            file_path=path, language="json", content=nested.encode(),
+            parsed_data={"type": "json", "file": path, "data": json.loads(nested)},
+            module_name=None,
+        )
+    return _make
+
+
+@pytest.fixture
+def special_chars_path_ctx():
+    """File path with spaces, parentheses, and special characters."""
+    data = b"class Normal { void test() {} }"
+    def _make(language="java"):
+        return DetectorContext(
+            file_path="path with spaces/file (copy).java",
+            language=language, content=data, module_name=None,
+        )
+    return _make

tests/flow/test_flow_edge_cases.py

@@ -0,0 +1,201 @@
+"""Flow view edge case tests — degenerate graphs, boundary conditions."""
+
+import pytest
+
+from code_intelligence.flow.engine import FlowEngine, AVAILABLE_VIEWS
+from code_intelligence.flow.models import FlowDiagram
+from code_intelligence.flow.renderer import render_mermaid, render_json, render_html
+from code_intelligence.graph.store import GraphStore
+from code_intelligence.models.graph import GraphNode, GraphEdge, NodeKind, EdgeKind
+
+
+class TestEmptyGraph:
+    """All views should handle an empty graph gracefully."""
+
+    def test_overview_empty(self):
+        d = FlowEngine(GraphStore()).generate("overview")
+        assert isinstance(d, FlowDiagram)
+        assert d.view == "overview"
+        assert len(d.all_nodes()) == 0
+
+    def test_all_views_empty(self):
+        engine = FlowEngine(GraphStore())
+        for view in AVAILABLE_VIEWS:
+            d = engine.generate(view)
+            assert isinstance(d, FlowDiagram)
+            assert d.view == view
+
+    def test_render_mermaid_empty(self):
+        d = FlowEngine(GraphStore()).generate("overview")
+        mmd = render_mermaid(d)
+        assert "graph" in mmd
+        assert isinstance(mmd, str)
+
+    def test_render_json_empty(self):
+        d = FlowEngine(GraphStore()).generate("overview")
+        j = render_json(d)
+        import json
+        data = json.loads(j)
+        assert data["view"] == "overview"
+
+    def test_render_html_empty(self):
+        html = FlowEngine(GraphStore()).render_interactive()
+        assert "<!DOCTYPE html>" in html
+
+
+class TestSingleNode:
+    """Graph with exactly 1 node."""
+
+    @pytest.fixture
+    def single_endpoint_store(self):
+        s = GraphStore()
+        s.add_node(GraphNode(id="ep1", kind=NodeKind.ENDPOINT, label="GET /health"))
+        return s
+
+    def test_overview_single_endpoint(self, single_endpoint_store):
+        d = FlowEngine(single_endpoint_store).generate("overview")
+        assert len(d.all_nodes()) >= 1
+        assert d.stats.get("endpoints", 0) == 1
+
+    def test_auth_single_endpoint_unprotected(self, single_endpoint_store):
+        d = FlowEngine(single_endpoint_store).generate("auth")
+        # Should show 1 unprotected endpoint
+        unprotected = [n for n in d.all_nodes() if n.style == "danger"]
+        assert len(unprotected) >= 1
+
+    def test_runtime_single_endpoint(self, single_endpoint_store):
+        d = FlowEngine(single_endpoint_store).generate("runtime")
+        assert isinstance(d, FlowDiagram)
+
+
+class TestInfraOnly:
+    """Graph with only infrastructure nodes (no app code)."""
+
+    @pytest.fixture
+    def infra_store(self):
+        s = GraphStore()
+        for i in range(5):
+            s.add_node(GraphNode(id=f"k8s:default/deploy-{i}", kind=NodeKind.INFRA_RESOURCE,
+                                 label=f"Deployment {i}", properties={"kind": "Deployment"}))
+        s.add_node(GraphNode(id="k8s:default/svc-0", kind=NodeKind.INFRA_RESOURCE,
+                             label="Service 0", properties={"kind": "Service"}))
+        s.add_edge(GraphEdge(source="k8s:default/svc-0", target="k8s:default/deploy-0", kind=EdgeKind.CONNECTS_TO))
+        return s
+
+    def test_overview_infra_only(self, infra_store):
+        d = FlowEngine(infra_store).generate("overview")
+        # Should have infra subgraph, no app subgraph
+        infra_sgs = [sg for sg in d.subgraphs if "infra" in sg.id.lower() or "deploy" in sg.label.lower()]
+        assert len(infra_sgs) >= 1
+
+    def test_deploy_view_infra(self, infra_store):
+        d = FlowEngine(infra_store).generate("deploy")
+        assert len(d.all_nodes()) >= 1
+
+    def test_runtime_empty_for_infra(self, infra_store):
+        d = FlowEngine(infra_store).generate("runtime")
+        # Runtime view should still work (may be empty or minimal)
+        assert isinstance(d, FlowDiagram)
+
+
+class TestAuthOnly:
+    """Graph with guards but no endpoints."""
+
+    @pytest.fixture
+    def guards_no_endpoints(self):
+        s = GraphStore()
+        s.add_node(GraphNode(id="g1", kind=NodeKind.GUARD, label="JwtGuard", properties={"auth_type": "jwt"}))
+        s.add_node(GraphNode(id="g2", kind=NodeKind.GUARD, label="RoleGuard", properties={"auth_type": "rbac"}))
+        return s
+
+    def test_auth_view_guards_only(self, guards_no_endpoints):
+        d = FlowEngine(guards_no_endpoints).generate("auth")
+        guard_nodes = [n for n in d.all_nodes() if n.kind == "guard"]
+        assert len(guard_nodes) >= 1
+        # No endpoint subgraph since there are no endpoints
+        assert d.stats.get("coverage_pct", 0) == 0
+
+
+class TestCIOnly:
+    """Graph with CI nodes but nothing else."""
+
+    @pytest.fixture
+    def ci_store(self):
+        s = GraphStore()
+        s.add_node(GraphNode(id="gha:ci.yml", kind=NodeKind.MODULE, label="CI Workflow"))
+        s.add_node(GraphNode(id="gha:ci.yml:job:build", kind=NodeKind.METHOD, label="build"))
+        s.add_node(GraphNode(id="gha:ci.yml:job:test", kind=NodeKind.METHOD, label="test"))
+        s.add_edge(GraphEdge(source="gha:ci.yml", target="gha:ci.yml:job:build", kind=EdgeKind.CONTAINS))
+        s.add_edge(GraphEdge(source="gha:ci.yml", target="gha:ci.yml:job:test", kind=EdgeKind.CONTAINS))
+        s.add_edge(GraphEdge(source="gha:ci.yml:job:test", target="gha:ci.yml:job:build", kind=EdgeKind.DEPENDS_ON))
+        return s
+
+    def test_overview_ci_only(self, ci_store):
+        d = FlowEngine(ci_store).generate("overview")
+        ci_sgs = [sg for sg in d.subgraphs if sg.drill_down_view == "ci"]
+        assert len(ci_sgs) >= 1
+
+    def test_ci_view_shows_jobs(self, ci_store):
+        d = FlowEngine(ci_store).generate("ci")
+        assert len(d.all_nodes()) >= 2  # At least the 2 jobs
+
+
+class TestLargeGraph:
+    """Graph with thousands of nodes — flow views should still be small."""
+
+    @pytest.fixture
+    def large_store(self):
+        s = GraphStore()
+        for i in range(5000):
+            s.add_node(GraphNode(id=f"method_{i}", kind=NodeKind.METHOD, label=f"method{i}"))
+        for i in range(100):
+            s.add_node(GraphNode(id=f"ep_{i}", kind=NodeKind.ENDPOINT, label=f"GET /api/{i}"))
+            s.add_node(GraphNode(id=f"ent_{i}", kind=NodeKind.ENTITY, label=f"Entity{i}"))
+        return s
+
+    def test_overview_max_nodes(self, large_store):
+        d = FlowEngine(large_store).generate("overview")
+        assert len(d.all_nodes()) <= 30  # Views should collapse, not explode
+
+    def test_runtime_max_nodes(self, large_store):
+        d = FlowEngine(large_store).generate("runtime")
+        assert len(d.all_nodes()) <= 30
+
+
+class TestRenderEdgeCases:
+    """Renderer edge cases."""
+
+    def test_mermaid_special_chars_in_labels(self):
+        s = GraphStore()
+        s.add_node(GraphNode(id="n1", kind=NodeKind.ENDPOINT, label='GET /users?name="foo"&age=<30>'))
+        d = FlowEngine(s).generate("overview")
+        mmd = render_mermaid(d)
+        assert "&" not in mmd or "&#" in mmd  # Should be escaped
+
+    def test_html_with_all_views(self):
+        s = GraphStore()
+        s.add_node(GraphNode(id="ep1", kind=NodeKind.ENDPOINT, label="GET /"))
+        s.add_node(GraphNode(id="g1", kind=NodeKind.GUARD, label="Auth"))
+        s.add_edge(GraphEdge(source="g1", target="ep1", kind=EdgeKind.PROTECTS))
+        html = FlowEngine(s).render_interactive()
+        # Should contain data for all 5 views
+        for view in AVAILABLE_VIEWS:
+            assert view in html
+
+
+class TestDeterminism:
+    """All views must be deterministic."""
+
+    def test_all_views_deterministic(self):
+        s = GraphStore()
+        for i in range(50):
+            s.add_node(GraphNode(id=f"n{i}", kind=NodeKind.METHOD, label=f"m{i}"))
+        for i in range(10):
+            s.add_node(GraphNode(id=f"ep{i}", kind=NodeKind.ENDPOINT, label=f"E{i}"))
+            s.add_node(GraphNode(id=f"g{i}", kind=NodeKind.GUARD, label=f"G{i}", properties={"auth_type": "jwt"}))
+
+        engine = FlowEngine(s)
+        for view in AVAILABLE_VIEWS:
+            d1 = engine.generate(view)
+            d2 = engine.generate(view)
+            assert render_mermaid(d1) == render_mermaid(d2), f"Non-deterministic: {view}"