CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-01 19:25:10 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
822e843a60c6c13508f70dd1ffcc163e8fc79be5
gstack/browse/test/data-platform.test.ts
T
Garry Tan b73f364411 feat: browser data platform for AI agents (v0.16.0.0) (#907) 
* refactor: extract path-security.ts shared module

validateOutputPath, validateReadPath, and SAFE_DIRECTORIES were duplicated
across write-commands.ts, meta-commands.ts, and read-commands.ts. Extract
to a single shared module with re-exports for backward compatibility.

Also adds validateTempPath() for the upcoming GET /file endpoint (TEMP_DIR
only, not cwd, to prevent remote agents from reading project files).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: default paired agents to full access, split SCOPE_CONTROL

The trust boundary for paired agents is the pairing ceremony itself, not
the scope. An agent with write scope can already click anything and navigate
anywhere. Gating js/cookies behind --admin was security theater.

Changes:
- Default pair scopes: read+write+admin+meta (was read+write)
- New SCOPE_CONTROL for browser-wide destructive ops (stop, restart,
  disconnect, state, handoff, resume, connect)
- --admin flag now grants control scope (backward compat)
- New --restrict flag for limited access (e.g., --restrict read)
- Updated hint text: "re-pair with --control" instead of "--admin"

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: add media and data commands for page content extraction

media command: discovers all img/video/audio/background-image elements
on the page. Returns JSON with URLs, dimensions, srcset, loading state,
HLS/DASH detection. Supports --images/--videos/--audio filters and
optional CSS selector scoping.

data command: extracts structured data embedded in pages (JSON-LD,
Open Graph, Twitter Cards, meta tags). One command returns product
prices, article metadata, social share info without DOM scraping.

Both are READ scope with untrusted content wrapping.
Shared media-extract.ts helper for reuse by the upcoming scrape command.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: add download, scrape, and archive commands

download: fetch any URL or @ref element to disk using browser session
cookies via page.request.fetch(). Supports blob: URLs via in-page
base64 conversion. --base64 flag returns inline data URI (cap 10MB).
Detects HLS/DASH and rejects with yt-dlp hint.

scrape: bulk media download composing media discovery + download loop.
Sequential with 100ms delay, URL deduplication, configurable --limit.
Writes manifest.json with per-file metadata for machine consumption.

archive: saves complete page as MHTML via CDP Page.captureSnapshot.
No silent fallback -- errors clearly if CDP unavailable.

All three are WRITE scope (write to disk, blocked in watch mode).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: add GET /file endpoint for remote agent file retrieval

Remote paired agents can now retrieve downloaded files over HTTP.
TEMP_DIR only (not cwd) to prevent project file exfiltration.

- Bearer token auth (root or scoped with read scope)
- Path validation via validateTempPath() (symlink-aware)
- 200MB size cap
- Extension-based MIME detection
- Zero-copy streaming via Bun.file()

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: add scroll --times N for automated repeated scrolling

Extends the scroll command with --times N flag for infinite feed
scraping. Scrolls N times with configurable --wait delay (default
1000ms) between each scroll for content loading.

Usage: scroll --times 10
       scroll --times 5 --wait 2000
       scroll --times 3 .feed-container

Composable with scrape: scroll to load content, then scrape images.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: add network response body capture (--capture/--export/--bodies)

The killer feature for social media scraping. Extends the existing
network command to intercept API response bodies:

  network --capture [--filter graphql]  # start capturing
  network --capture stop                # stop
  network --export /tmp/api.jsonl       # export as JSONL
  network --bodies                      # show summary

Uses page.on('response') listener with URL pattern filtering.
SizeCappedBuffer (50MB total, 5MB per-entry cap) evicts oldest
entries when full. Binary responses stored as base64, text as-is.

This lets agents tap Instagram's GraphQL API, TikTok's hydration
data, and any SPA's internal API responses instead of fragile DOM
scraping.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: add screenshot --base64 for inline image return

Returns data:image/png;base64,... instead of writing to disk.
Cap at 10MB. Works with all screenshot modes (element, clip, viewport).

Eliminates the two-step screenshot+file-serve dance for remote agents.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: add data platform tests and media fixture

Tests for SizeCappedBuffer (eviction, export, summary), validateTempPath
(TEMP_DIR only, rejects cwd), command registration (all new commands in
correct scope sets), and MIME mapping source checks.

Rich HTML fixture with: standard images, lazy-loaded images, srcset,
video with sources + HLS, audio, CSS background-images, JSON-LD,
Open Graph, Twitter Cards, and meta tags.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* docs: regenerate SKILL.md with Extraction category

Add Extraction category to browse command table ordering. Regenerate
SKILL.md files to include media, data, download, scrape, archive
commands in the generated documentation.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* chore: bump version and changelog (v0.16.0.0)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-08 00:41:55 -07:00

177 lines
6.4 KiB
TypeScript
Raw Blame History

/**
* Tests for the browser data platform: media extraction, network capture,
* path security, and structured data extraction.
*/
import { describe, it, expect } from 'bun:test';
import { SizeCappedBuffer, type CapturedResponse } from '../src/network-capture';
import { validateTempPath, validateOutputPath, validateReadPath } from '../src/path-security';
import { TEMP_DIR } from '../src/platform';
import * as fs from 'fs';
import * as path from 'path';
import * as os from 'os';
// ─── SizeCappedBuffer ─────────────────────────────────────────
describe('SizeCappedBuffer', () => {
function makeEntry(size: number, url = 'https://example.com'): CapturedResponse {
return {
url,
status: 200,
headers: {},
body: 'x'.repeat(size),
contentType: 'text/plain',
timestamp: Date.now(),
size,
bodyTruncated: false,
};
}
it('stores entries within capacity', () => {
const buf = new SizeCappedBuffer(1000);
buf.push(makeEntry(100));
buf.push(makeEntry(200));
expect(buf.length).toBe(2);
expect(buf.byteSize).toBe(300);
});
it('evicts oldest entries when over capacity', () => {
const buf = new SizeCappedBuffer(500);
buf.push(makeEntry(200, 'https://a.com'));
buf.push(makeEntry(200, 'https://b.com'));
buf.push(makeEntry(200, 'https://c.com')); // should evict first entry
expect(buf.length).toBe(2);
const urls = buf.toArray().map(e => e.url);
expect(urls).toContain('https://b.com');
expect(urls).toContain('https://c.com');
expect(urls).not.toContain('https://a.com');
});
it('evicts multiple entries for one large push', () => {
const buf = new SizeCappedBuffer(500);
buf.push(makeEntry(100));
buf.push(makeEntry(100));
buf.push(makeEntry(100));
buf.push(makeEntry(400)); // evicts first two (need totalSize + 400 <= 500, so totalSize <= 100)
expect(buf.length).toBe(2); // one 100-byte entry + one 400-byte entry
expect(buf.byteSize).toBe(500);
});
it('clear resets buffer', () => {
const buf = new SizeCappedBuffer(1000);
buf.push(makeEntry(100));
buf.push(makeEntry(200));
buf.clear();
expect(buf.length).toBe(0);
expect(buf.byteSize).toBe(0);
});
it('exports to JSONL file', () => {
const buf = new SizeCappedBuffer(1000);
buf.push(makeEntry(10, 'https://a.com'));
buf.push(makeEntry(20, 'https://b.com'));
const tmpFile = path.join(os.tmpdir(), `test-export-${Date.now()}.jsonl`);
try {
const count = buf.exportToFile(tmpFile);
expect(count).toBe(2);
const lines = fs.readFileSync(tmpFile, 'utf-8').trim().split('\n');
expect(lines.length).toBe(2);
const parsed = JSON.parse(lines[0]);
expect(parsed.url).toBe('https://a.com');
} finally {
fs.unlinkSync(tmpFile);
}
});
it('summary shows entries', () => {
const buf = new SizeCappedBuffer(1000);
buf.push(makeEntry(1024, 'https://api.example.com/graphql'));
const summary = buf.summary();
expect(summary).toContain('1 responses');
expect(summary).toContain('graphql');
expect(summary).toContain('1KB');
});
it('summary shows empty message when no entries', () => {
const buf = new SizeCappedBuffer(1000);
expect(buf.summary()).toBe('No captured responses.');
});
});
// ─── validateTempPath ─────────────────────────────────────────
describe('validateTempPath', () => {
let tmpFile: string;
it('allows paths within /tmp that exist', () => {
tmpFile = path.join(TEMP_DIR, `test-temp-path-${Date.now()}.jpg`);
fs.writeFileSync(tmpFile, 'test');
try {
expect(() => validateTempPath(tmpFile)).not.toThrow();
} finally {
fs.unlinkSync(tmpFile);
}
});
it('rejects non-existent files', () => {
expect(() => validateTempPath('/tmp/nonexistent-file-12345.jpg')).toThrow(/not found/i);
});
it('rejects paths in cwd', () => {
// Create a real file in cwd to test the path check (not the existence check)
const cwdFile = path.join(process.cwd(), 'package.json');
expect(() => validateTempPath(cwdFile)).toThrow(/temp directory/i);
});
it('rejects absolute paths outside safe dirs', () => {
expect(() => validateTempPath('/etc/passwd')).toThrow();
});
});
// ─── Command registration ─────────────────────────────────────
describe('command registration', () => {
it('all new commands have descriptions', () => {
// The load-time validation in commands.ts throws if any command
// is missing from COMMAND_DESCRIPTIONS. If this import succeeds,
// all commands are properly registered.
const { COMMAND_DESCRIPTIONS, ALL_COMMANDS } = require('../src/commands');
const newCommands = ['media', 'data', 'download', 'scrape', 'archive'];
for (const cmd of newCommands) {
expect(ALL_COMMANDS.has(cmd)).toBe(true);
expect(COMMAND_DESCRIPTIONS[cmd]).toBeTruthy();
}
});
it('new commands are in correct scope sets', () => {
const { SCOPE_READ, SCOPE_WRITE } = require('../src/token-registry');
expect(SCOPE_READ.has('media')).toBe(true);
expect(SCOPE_READ.has('data')).toBe(true);
expect(SCOPE_WRITE.has('download')).toBe(true);
expect(SCOPE_WRITE.has('scrape')).toBe(true);
expect(SCOPE_WRITE.has('archive')).toBe(true);
});
it('media and data are in PAGE_CONTENT_COMMANDS', () => {
const { PAGE_CONTENT_COMMANDS } = require('../src/commands');
expect(PAGE_CONTENT_COMMANDS.has('media')).toBe(true);
expect(PAGE_CONTENT_COMMANDS.has('data')).toBe(true);
});
});
// ─── MIME type mapping ─────────────────────────────────────────
describe('mimeToExt', () => {
// mimeToExt is a private function in write-commands.ts,
// so we test it indirectly through command behavior.
// This test verifies the source contains the expected mappings.
it('write-commands.ts contains MIME mappings', () => {
const src = fs.readFileSync(path.join(import.meta.dir, '../src/write-commands.ts'), 'utf-8');
expect(src).toContain("'image/png': '.png'");
expect(src).toContain("'image/jpeg': '.jpg'");
expect(src).toContain("'video/mp4': '.mp4'");
expect(src).toContain("'audio/mpeg': '.mp3'");
});
});
Reference in New Issue View Git Blame Copy Permalink