CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-02 03:35:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

test(security): make sidebar-agent destructure check regex-tolerant

Browse Source 
The test asserted the exact string `const { prompt, args, stateFile, cwd, tabId } = queueEntry`
which breaks whenever security or other extensions add fields (canary, pageUrl,
etc.). Switch to a regex that requires the core fields in order but tolerates
additional fields in between. Preserves the test's intent (args come from the
queue entry, not rebuilt) while allowing the destructure to grow.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Garry Tan
2026-04-19 18:51:18 +08:00
parent d50cdc4611
commit 65bf4514b8
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
browse/test/sidebar-security.test.ts
+5 -2
View File
@@ -111,8 +111,11 @@ describe('Sidebar prompt injection defense', () => {
// The agent should use args from the queue entry
// It should NOT rebuild args from scratch (the old bug)
expect(AGENT_SRC).toContain('args || [');
// Verify the destructured args come from queueEntry
expect(AGENT_SRC).toContain('const { prompt, args, stateFile, cwd, tabId } = queueEntry');
// Verify args come from queueEntry. Regex tolerates additional destructured
// fields like `canary` and `pageUrl` added by the security module.
expect(AGENT_SRC).toMatch(
/const \{[^}]*\bprompt\b[^}]*\bargs\b[^}]*\bstateFile\b[^}]*\bcwd\b[^}]*\btabId\b[^}]*\} = queueEntry/
);
});
test('sidebar-agent falls back to defaults if queue has no args', () => {