Revisit tests involving source interface propagation

[PurelyApplied]

Bug report

Describe the bug
While iterating #278, I noticed that internal/pkg/levee/testdata/test-config.yaml will pass all tests with the following Source specification removed:

Sources:
  # ...
  - Package: "levee_analysistest/example/core"
    Type: "SourceManipulator"

This was introduced in #264.

To Reproduce
Remove or comment out the above configuration. Observe that tests pass. See #278 first test run for demonstration.

[mlevesquedion]

The "superfluous" configuration element is in */levee/*, not */config/*.

The relevant test case is:

func TestMethodCallOnStaticallyUnknownReceiverPropagatesTaint(sm core.SourceManipulator, s core.Source) {
	data := sm.Propagate(s.Data)
	core.Sink(data) // want "a source has reached a sink"
}

The intent of the test is to validate that taint propagates via the argument when SourceManipulator is identified as a source type. In #264, originally this was not the case and the test was failing.

When SourceManipulator isn't identified as a source type, the propagation behavior for methods on non-source types is observed, but that's not what the test is interested in.

So the config element is actually needed.

[PurelyApplied]

Just looking at it from a fuzzing perspective, there needs to be some test that relies on that piece of the configuration. Otherwise, we don't really know what codepath this test is taking. Is it testing what you think it is, or is it handling it in the non-source way?

I suppose this overlaps a bit with #272, since this was introduced before we had a firm idea of how we wanted to handle interfaces. We can't really add core.Sink(sm.Produce()) // want "a source has reached a sink" since those methods aren't handled yet.

[mlevesquedion]

I agree. Currently I don't have a good idea for how to do that, though. If you have any ideas, let me know.