mirror of
https://github.com/garrytan/gstack.git
synced 2026-07-06 16:17:56 +02:00
9fd03fae9e
* fix(gbrain): stop forcing GBRAIN_PREPARE on transaction-mode poolers (#1965) buildGbrainEnv auto-set GBRAIN_PREPARE=true whenever DATABASE_URL targeted port 6543, and the /sync-gbrain capability check exported it for the rest of the skill run. Both had the semantics inverted: gbrain auto-disables prepared statements on transaction-mode poolers because they break every write there ("prepared statement does not exist"); GBRAIN_PREPARE=true is gbrain's documented override for SESSION-mode poolers on 6543, not a requirement for transaction mode. The #1435 search symptom the auto-set worked around was fixed gbrain-side. Remove both force-sets. A caller-set GBRAIN_PREPARE (either value) still passes through untouched, preserving the session-mode-on-6543 escape hatch. isTransactionModePooler stays exported. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * fix(gbrain): classify probe timeout as its own status; sync proceeds instead of skipping (#1964) The 5s engine probe misclassified healthy-but-slow engines (cold Supabase pooler connections measured at 6.9-10.7s) as broken-config, so /sync-gbrain silently skipped code+memory and told the user their config was malformed. - New "timeout" status: probe killed at the deadline with no recognized stderr pattern. Default deadline is now 15s, overridable via GSTACK_GBRAIN_PROBE_TIMEOUT_MS (tests set 300ms against a fake that sleeps 2s). - Sync stages PROCEED on timeout with a stderr warning naming the env knob; a genuinely-dead engine surfaces its real error at the first operation instead of a false config diagnosis. - Consistency everywhere "ok" gated behavior: gstack-gbrain-detect --is-ok exits 0 on timeout, and gen-skill-docs' detection gate accepts it, so a slow engine no longer silently suppresses brain-aware features. - Status cache: key now includes the effective probe timeout (raising it invalidates a cached timeout) and GBRAIN_HOME; config detection honors GBRAIN_HOME so relocated-home users stop being misclassified as missing-config. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * fix(bins): cygpath-normalize SCRIPT_DIR for bun imports; surface learnings-log errors (#1950) Under Windows git-bash, pwd yields a POSIX path (/c/Users/...) that Bun on Windows cannot resolve as an ES module specifier. gstack-learnings-log interpolates SCRIPT_DIR into a bun -e import, so every invocation died with "Cannot find module" — and 2>/dev/null swallowed the error, silently dropping every AI-logged learning for Windows users. - 3-line cygpath -m guard in gstack-learnings-log and gstack-question-log (which gains the same import shape in the next commit). Matches the duplicated IS_WINDOWS convention in setup; no shared shell lib exists. - learnings-log adopts question-log's set +e / TMPERR capture pattern wholesale: validation errors now print to stderr. The old `if [ $? -ne 0 ]` check was dead code under set -euo pipefail — the script exited at the failing assignment before reaching it. - New test/bin-windows-bun-import-paths.test.ts: static invariant (any bash bin interpolating $SCRIPT_DIR into a bun -e import must carry the guard) + behavioral end-to-end run invoked via `bash <bin>` — added to the windows-free-tests workflow list so the conversion is proven on the only platform where the bug exists. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * fix(question-log): dedupe INJECTION_PATTERNS via lib/jsonl-store (#1934) bin/gstack-question-log carried a local copy of the injection-pattern list, so pattern fixes to lib/jsonl-store.ts never propagated — including the /override[:\s]/i false-positive fix arriving via community PR #1940. Import the shared hasInjection instead (enabled by the previous commit's cygpath guard). question-log also gets the lib's stricter superset (human:, disregard, from-now-on, approve-all patterns). Tests pin the contract in a #1940-order-independent way: an "Override: ignore all previous instructions" header is rejected, "prose overrides the deterministic table" is accepted, and a static invariant keeps local INJECTION_PATTERNS duplicates out of the bin. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * fix(security): community-pulse + both dashboards never report fake zeros (#1947) The security-signaling surface failed open at three layers — every failure mode read as a reassuring "0 attacks" / "0 installs": - community-pulse edge function: supabase-js returns {data,error} without throwing, and all five queries discarded `error` — a DB outage produced real-looking zeros via the SUCCESS path, and the catch (also returning zeros with HTTP 200) was unreachable for query failures. Every query now destructures and throws; the catch serves the stale cache (marked "stale": true) when one exists, else 503 {"error":"pulse_unavailable"}. Success responses carry "status":"ok" so clients can distinguish authoritative data from legacy backends. NOTE: the edge function deploys out-of-band (supabase functions deploy community-pulse). - gstack-security-dashboard: captures the HTTP status; non-200 / network failure / error body / missing section → "unknown — backend error"; jq missing → "unknown — install jq" (the lossy grep fallback broke on nested arrays and under-reported attacks as zero — removed); a 200 without the new marker shows figures with an "unverified (legacy backend)" note. Also fixes a latent display bug: the TOTAL grep matched the digit 7 inside "attacks_last_7_days" and misreported every count. - gstack-community-dashboard: same class — curl || echo "{}" plus grep || echo "0" printed "Weekly active installs: 0" on any failure. Now "unknown — backend error (HTTP N)". test/security-dashboard-fallback.test.ts pins the matrix (200+marker, 200-legacy, 503, network failure) x (jq present, jq absent) for both bins: "unknown" states never render as 0. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * fix(telemetry): redact error_message spans before they leave the machine (#1947) error_message was uploaded with only quote/newline escaping — stack traces and failed-API errors can embed credentials, private paths, and hostnames, and the sync path strips only _repo_slug/_branch. New lib/redact-engine.ts export redactFindingSpans(): replaces EVERY finding's span with <REDACTED-{id}> regardless of tier (applyRedactions is the interactive PII-only path and exits nonzero on credential findings, so it can't serve machine egress). Returns null when a span can't be located — callers drop the whole payload rather than risk a leak. gstack-telemetry-log pipes error_message through it at LOG time, so the local JSONL at rest is clean too; surrounding text survives for crash triage. FAIL CLOSED: bun missing, engine error, or non-JSON-string output all null the field. Tests pin: embedded ghp_ token → <REDACTED-github.pat> with context intact; redactor unavailable → null; raw bytes on disk never contain the token. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * fix(redact): prepush guard fails closed on git failure; /ship owns hook install (#1946) Two gaps closed: 1. Fail closed. The git() helper returned "" on ANY non-zero exit or maxBuffer overflow (status null), addedLinesFor produced an empty string, and the push sailed through unscanned — fail-open on exactly the oversized-diff case where a large secret-bearing blob is most likely. The diff call now uses a strict variant that throws; main blocks with a clear message naming the GSTACK_REDACT_PREPUSH=skip escape valve. Probe calls (symbolic-ref, rev-parse, merge-base) keep the permissive helper — their failures are normal control flow. 2. Install path. The hook was installed by nothing ("opt-in, installed by nothing" was the issue's words). ./setup runs in the gstack checkout — the wrong repo for a per-project hook — so it gets a one-line hint only. /ship owns per-repo install: config redact_prepush_hook=true + hook missing → silent install (consent already given); config unset + no ~/.gstack/.redact-prepush-prompted marker → one-time machine-wide AskUserQuestion offer, answer persisted. ship/SKILL.md regenerated in this same commit (check-freshness bisect discipline). Tests: unscannable diff (bogus SHAs) → exit 1 + valve named; empty-but- successful diff → exit 0; static asserts pin setup as hint-only and the ship template as the installer surface. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * feat(redact): six new credential patterns — GitLab, HuggingFace, npm, DigitalOcean, Bearer, GCP SA (#1946) Coverage gaps from the #1946 security review, including token types for tooling gstack itself drives (glab): HIGH (block): gitlab.token (glpat-/glptt-/gldt-), huggingface.token (hf_), npm.token (npm_), digitalocean.token (dop_v1_), gcp.service_account (the JSON-escaped "private_key" form that dodges pem.private_key's literal-block match when minified, confirmed by "private_key_id" proximity). MEDIUM (warn): auth.bearer — the most FP-prone shape in the set (docs are full of "Authorization: Bearer <token>"), so it requires header-context proximity and the same entropy>=3.0 + placeholder validator recipe as env.kv. "Bearer YOUR_TOKEN_HERE" never fires; calibration over coverage, per the cries-wolf principle. All shapes are linear-time; test/redact-pattern-lint.test.ts covers them automatically. Engine tests add positive + placeholder-negative cases per pattern. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * test: coverage-audit additions for the fix wave Ship Step 7 gap-fill (all passing, 248 tests across the touched suites): memory + dream stage probe-timeout proceeds, gbrain-detect override paths, stale-flag passthrough, 200-body-missing-.security fail-closed case, telemetry redaction edges, and credential-pattern edge cases. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * fix: pre-landing review fixes Review army findings (1 critical, auto-fixed with regression tests): - CRITICAL (security specialist, verified live): redactFindingSpans spliced only the regex capture span, and pem.private_key / gcp.service_account capture just the BEGIN-header — the key body survived "redaction" and shipped via telemetry. Marker-only patterns now drop the whole payload (null, fail closed). Overlapping spans (Bearer+JWT on the same bytes) are coalesced before splicing so stale offsets can't leave partial secret bytes behind. - gitStrict: drop the dead `|| r.status === null` disjunct (null !== 0 already covers it); add the signal-kill/null-status regression test the docstring promised. - security-dashboard human mode flags stale snapshots ("figures may be out of date") instead of presenting frozen counts as current. - community-dashboard marker check uses jq when available — the grep-only variant misclassified whitespaced/reserialized bodies as legacy. - telemetry fail-closed test now shadows bun with a failing stub (deterministic on any host layout); stale "five status cases" describe title renamed. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * fix: adversarial review fixes (Claude + Codex cross-model passes) Both adversarial passes ran against the wave; every FIXABLE finding landed with a regression test: - probeTimeoutMs clamps to >=1ms: a fractional override floored to 0, and execFileSync treats timeout:0 as NO timeout — the probe that exists to bound hangs could hang forever (found by both models independently). - /ship silent hook install now requires the hooks dir to live inside .git: with core.hooksPath (husky's COMMITTED .husky/), the chaining installer would have renamed the team's committed pre-push and written a machine-local wrapper into the working tree (found by both models). - gstack-config gbrain-refresh accepts the "timeout" status — the last consumer still gating on literal "ok" (Codex); gstack-gbrain-detect's config-derived fields honor GBRAIN_HOME so the detection JSON can't report status ok alongside config_exists false (Codex). - prepush: a remote sha absent locally (shallow clone / stale fetch) falls back to the merge-base/empty-tree range — scans MORE, never blocks a legitimate push into training users toward --no-verify. - dashboards: curl's own 000 no longer doubles to "HTTP 000000"; the community dashboard flags stale snapshots like the security one; array sections parse via jq (the sed/grep loops truncated at the first ']'); the no-jq marker grep tolerates whitespace. - telemetry: multi-line redactor output nulls the field instead of corrupting the JSONL record; setup's hint fires only when the config key is genuinely unset (an explicit false is a recorded decline); the /ship prompt marker honors GSTACK_HOME. Kept as designed (cross-model tension noted): Bearer stays MEDIUM in the prepush gate — a HIGH Bearer would block every docs example; the entropy validator can't eliminate that FP class, and MEDIUM warns visibly. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * chore: bump version and changelog (v1.57.11.0) Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * docs: P1 TODO — eval harness live progress + incremental persistence Root-caused during this ship: a killed eval run was indistinguishable from a healthy one for hours (per-file output buffering across mega test files, no incremental eval-store writes, no honest liveness signal). Full context and starting points in the entry. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * test: fix operational-learning E2E fixture — copy lib/jsonl-store.ts Pre-existing breakage, proven on main: gstack-learnings-log has imported lib/jsonl-store.ts (shared injection patterns) since v1.57.5.0 / #1910, but the fixture copies only the bin scripts — the bin exits 1 before writing anything, on main silently (stderr swallowed) and on this branch loudly (the #1950 error-surfacing made the four-day-old failure visible). A real install always ships bin/ and lib/ together; the fixture now does too. Verified: the fixture-shaped invocation writes the learning (exit 0) with lib present, exits 1 on both main and this branch without it. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * fix(ios-qa): isolate E2E tests under --concurrent (3 real races) The ios-qa E2E file failed intermittently under `bun test --concurrent` (the eval harness default). Three distinct shared-state races, all fixed: 1. Shared pidfile: a module-level `workDir` reassigned in beforeEach was clobbered by parallel tests, so concurrent daemons collided on the same pidfile and the loser returned `already_running`. Each test now gets its own dir via makeWorkDir(). 2. process.env path globals: tests set GSTACK_IOS_AUDIT_PATH / _ATTEMPTS_PATH / _ALLOWLIST_PATH on the shared process env; concurrent tests stomped each other's audit/attempts destinations. Threaded auditPath/attemptsPath/allowlistPath through DaemonOptions (and mintForCaller) as explicit args — env is no longer load-bearing. 3. afterEach cleanup race: the per-test cleanup drained a shared dir array, so the first test to finish deleted still-running tests' workDirs mid-assertion. Moved to afterAll (cleans once, after all settle). Verified: 5/5 clean full-suite runs at --max-concurrency 15 (was intermittent); daemon unit suite 91/91; daemon source compiles. The paths default to the env-derived locations when options are omitted, so the production CLI path is unchanged. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * test(pty): pin spawned claude to EVALS model chain (default claude-sonnet-4-6) launchClaudePty spawned the interactive `claude` TUI with no --model flag, so the child inherited the operator's ~/.claude/settings.json model. On a slow-thinking model that meant 5+ min of extended thinking on empty plan-mode context, timing out the plan-mode smoke tests regardless of contention. Pin the model via opts.model ?? EVALS_MODEL ?? 'claude-sonnet-4-6' — byte-identical to session-runner.ts:144, so PTY and `claude -p` evals always agree. Pushed before extraArgs (last flag wins, so a per-test --model still overrides). Placement leaves the spawn region byte-stable for a clean merge with the in-flight hermetic-env branch. Plumbed model through the three plan-skill wrappers. Static-grep tripwires guard the pin, its fallback chain, the before-extraArgs ordering, and all three wrapper forwards. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * test(pty): detect markdown bold-bullet prose AUQs (fixes office-hours smoke) office-hours auto-mode renders its mode question as `- **Building a startup**` markdown bullets (office-hours/SKILL.md.tmpl:102) with no letter/number marker. isProseAUQVisible only matched `A)`-style lettered or `1.`-style numbered options, so the question went undetected: the model surfaced it at ~2m19s (well under the 300s budget) but the harness kept scoring the run "working" off the spinner glyphs and timed out — a false timeout on a question that was already on screen. Add Pattern 3: when an interrogative line ('?') is present AND 3+ bold-bullet markers (`- **`) appear in the 4KB tail, classify as a prose AUQ. Bold is the discriminator vs incidental prose bullets; the line anchor is dropped (stripAnsi can collapse option lines) and the existing `❯ 1.` cursor gate still defers to a live native list. Wires through the existing classifyVisible 'asked' path and the timeout high-water-mark, so office-hours now classifies 'asked' instead of 'timeout'. Five unit cases: the office-hours render passes; no-'?', <3-bullet, plain-bullet, and native-cursor cases stay false. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * test(pty): detect stripAnsi-collapsed prose AUQs + judge spinner-precedence The plan-eng/plan-design plan-mode + finding-floor smokes timed out even when the skill HAD rendered a complete prose AskUserQuestion and was waiting: the PTY strips cursor-positioning escapes, collapsing the option newlines/spaces so "A) ..." arrives as "A(recommended)" / "-B:" and "Reply with A, B, or C" as "ReplywithA,B,orC". Every line-anchored detector (Patterns 1-3) returns false on those bytes, so proseAUQEverObserved never latched and the run timed out on a question that was already on screen. Add Pattern 4/5: a two-signal collapsed-form detector — a reply/recommendation marker (space-insensitive "reply with [A-D]", "Recommendation:", or "(recommended)") AND 2+ distinct A-D letters each punctuated by ) : or (. The conjunction is what separates a real AUQ from incidental report prose; verified true on the verbatim failing-run buffers where Patterns 1-3 return false. Also fix the Haiku judge spinner bias: of 614 verdicts, 569 were 'working' and 95 of those noted a question was visible — Claude Code keeps the spinner animating at an idle prose decision, so the judge coin-flipped. Add a precedence override: when an option list AND a Recommendation/Reply instruction are both visible, classify WAITING even with spinner glyphs. Kept the strict dual-signal gate (never option-list-alone) so auto-decide-preserved doesn't flip. 5 unit tests pin the two-signal contract (2 true on real collapsed bytes, 3 false guards). 90 -> 95 pass. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * feat(plan-review): ask-first scope gate for plan-eng + plan-design review On an empty/cold invocation, plan-eng-review and plan-design-review would dive straight into repo exploration (plan-eng) or a 7-pass mockup+audit (plan-design) and only ask the user much later, if at all. plan-ceo-review already asks first via an unconditional Step-0 gate and behaves well; these two did not. Add a hard-STOP scope gate as the FIRST operational instruction in each skill (above the design-doc check / pre-review audit / mockup defaults it explicitly overrides): the first tool call must be AskUserQuestion confirming the review target, before any git/Read/Grep/Glob/Bash or mockup generation. Under --disallowedTools the options render as plain column-0 lettered prose with a Recommendation + "Reply with A, B, or C" line so the answer is detectable. This is correct cold-start UX (confirm what to review before grinding a full review on nothing) and it is the product half of the plan-mode smoke fix; the harness collapsed-form detector is the deterministic half that catches the ask however it renders. Templates + regenerated SKILL.md (default variant). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * test(tiers): reclassify stochastic plan-eng/plan-design ask-first smokes as periodic plan-eng-review and plan-design-review run a long explore/audit before their first AskUserQuestion, so whether the plan-mode + finding-floor smokes reach a terminal outcome within the 300s/600s budget depends on stochastic ask-first compliance (measured ~50-67%/run even with the hardened gate). Per the "non-deterministic -> periodic" tiering rule, move the four affected smokes (plan-eng/plan-design review-plan-mode + finding-floor) to periodic. The deterministic harness fix (collapsed-form detector + judge precedence) and the ask-first gate lift these from always-failing to mostly-passing and are the real product+harness improvements; periodic monitoring tracks the rate weekly without blocking PRs on an LLM coin-flip. plan-ceo/plan-devex ask-first reliably and stay gate-tier. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * ci(evals): gate the deterministic PTY plan-mode smokes in CI The real-PTY plan-mode smokes never ran in CI — the gate was local-only. Add an e2e-pty-plan-smoke matrix suite running the two deterministically-reliable ones (office-hours-auto-mode, plan-mode-no-op) so a regression there blocks PRs. The stochastic plan-eng/plan-design ask-first smokes stay periodic (touchfiles E2E_TIERS) and are not CI-gated. A fresh CI container has no ~/.claude.json, so the spawned interactive `claude` would wedge on the onboarding + API-key-approval dialog. Add a scoped seed step (hasCompletedOnboarding + key approval, its own ANTHROPIC_API_KEY env) before the run — mirrors what the hermetic E2E child env seeds. Per-suite timeout override (35 min) via matrix.suite.timeout so the PTY suite has headroom for --retry 2 without bumping the other 12 suites. Report runner count 12 -> 13. Validate via workflow_dispatch before relying on the gate (PTY-in-CI is new). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * ci(evals): install gstack skill registry for the PTY smoke suite The first dry-run of e2e-pty-plan-smoke failed: the spawned interactive `claude` printed "Unknown command: /plan-ceo-review". .claude/skills is gitignored, so a fresh CI checkout has no gstack skill registry and the TUI can't resolve /office-hours or /plan-ceo-review. Add a Register step (scoped to the suite, after Seed, before Run) that mirrors setup's --no-prefix user-scoped registry minimally: $HOME/.claude/skills/gstack -> repo (resolves the preambles' absolute ~/.claude/skills/gstack/bin/* and <skill>/sections/* paths) + per-skill SKILL.md/sections symlinks for the two skills these tests invoke. HOME is /github/home in this container and the runner adds no HOME/CLAUDE_CONFIG_DIR override (no hermetic mode), so $HOME is the right anchor — the Seed step already proved claude reads it. No ./setup (binary build + Chromium + fonts + /dev/tty prompt); SKILL.md + bin/ + sections/ are committed. Self-validating: fails the step loudly on a dangling symlink or missing `name:` frontmatter, so a moved target surfaces here instead of as a silent 35-min "Unknown command" timeout. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * chore: bump version and changelog (v1.58.4.0) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
1065 lines
38 KiB
TypeScript
1065 lines
38 KiB
TypeScript
/**
|
||
* Deterministic unit tests for claude-pty-runner.ts behavior changes.
|
||
*
|
||
* Free-tier (no EVALS=1 needed). Runs in <1s on every `bun test`. Catches
|
||
* harness plumbing bugs before stochastic PTY runs surface them.
|
||
*
|
||
* Two surface areas tested:
|
||
*
|
||
* 1. Permission-dialog short-circuit in 'asked' classification: a TTY frame
|
||
* that matches BOTH isPermissionDialogVisible AND isNumberedOptionListVisible
|
||
* must NOT be classified as a skill question — permission dialogs render
|
||
* as numbered lists too, but they're not what we're guarding.
|
||
*
|
||
* 2. Env passthrough surface: runPlanSkillObservation accepts an `env`
|
||
* option and threads it to launchClaudePty. We can't fully exercise the
|
||
* spawn pipeline without paying for a PTY session, but we CAN verify the
|
||
* option exists in the type signature and that calling without env still
|
||
* works (no regression).
|
||
*
|
||
* The PTY test (skill-e2e-plan-ceo-plan-mode.test.ts) is the integration
|
||
* check; this file is the cheap deterministic guard for the harness primitives
|
||
* those tests stand on.
|
||
*/
|
||
|
||
import { describe, test, expect } from 'bun:test';
|
||
import { readFileSync } from 'node:fs';
|
||
import {
|
||
isPermissionDialogVisible,
|
||
isNumberedOptionListVisible,
|
||
isProseAUQVisible,
|
||
isPlanReadyVisible,
|
||
parseNumberedOptions,
|
||
classifyVisible,
|
||
TAIL_SCAN_BYTES,
|
||
optionsSignature,
|
||
parseQuestionPrompt,
|
||
auqFingerprint,
|
||
COMPLETION_SUMMARY_RE,
|
||
assertReviewReportAtBottom,
|
||
ceoStep0Boundary,
|
||
engStep0Boundary,
|
||
designStep0Boundary,
|
||
devexStep0Boundary,
|
||
type ClaudePtyOptions,
|
||
type AskUserQuestionFingerprint,
|
||
} from './claude-pty-runner';
|
||
|
||
describe('isPermissionDialogVisible', () => {
|
||
test('matches "Bash command requires permission" prompts', () => {
|
||
const sample = `
|
||
Some preamble output
|
||
|
||
Bash command \`gstack-config get telemetry\` requires permission to run.
|
||
|
||
❯ 1. Yes
|
||
2. Yes, and always allow
|
||
3. No, abort
|
||
`;
|
||
expect(isPermissionDialogVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('matches "allow all edits" file-edit prompts', () => {
|
||
// Isolated to the "allow all edits" clause only — no overlapping
|
||
// "Do you want to proceed?" co-trigger, so this asserts the clause works.
|
||
const sample = `
|
||
Edit to ~/.gstack/config.yaml
|
||
|
||
❯ 1. Yes
|
||
2. Yes, allow all edits during this session
|
||
3. No
|
||
`;
|
||
expect(isPermissionDialogVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('matches the "Do you want to proceed?" file-edit confirmation by itself', () => {
|
||
// Separate fixture so weakening this clause is detected by a dedicated test.
|
||
const sample = `
|
||
Edit to ~/.gstack/config.yaml
|
||
|
||
Do you want to proceed?
|
||
|
||
❯ 1. Yes
|
||
2. No
|
||
`;
|
||
expect(isPermissionDialogVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('matches workspace-trust "always allow access to" prompt', () => {
|
||
const sample = `
|
||
Do you trust the files in this folder?
|
||
|
||
❯ 1. Yes, proceed
|
||
2. Yes, and always allow access to /Users/me/repo
|
||
3. No, exit
|
||
`;
|
||
expect(isPermissionDialogVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('does NOT match a skill AskUserQuestion list', () => {
|
||
const sample = `
|
||
D1 — Premise challenge: do users actually want this?
|
||
|
||
❯ 1. Yes, validated
|
||
2. No, premise is wrong
|
||
3. Need more info
|
||
`;
|
||
expect(isPermissionDialogVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('does NOT match a plan-ready confirmation', () => {
|
||
const sample = `
|
||
Ready to execute the plan?
|
||
|
||
❯ 1. Yes
|
||
2. No, keep planning
|
||
`;
|
||
expect(isPermissionDialogVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('does NOT match a skill question that contains the bare phrase "Do you want to proceed?"', () => {
|
||
// Co-trigger requirement: "Do you want to proceed?" alone is not enough.
|
||
// It must appear with "Edit to <path>" or "Write to <path>" to count as
|
||
// a permission dialog. This guards against a skill question like
|
||
// "Do you want to proceed with HOLD SCOPE?" being mis-classified.
|
||
const sample = `
|
||
Choose your scope mode for this review.
|
||
Do you want to proceed?
|
||
|
||
❯ 1. HOLD SCOPE
|
||
2. SCOPE EXPANSION
|
||
3. SELECTIVE EXPANSION
|
||
`;
|
||
expect(isPermissionDialogVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('does NOT mis-match when adversarial prose includes "Edit to <path>" alongside the bare proceed phrase', () => {
|
||
// Adversarial fixture: a skill question whose body legitimately mentions
|
||
// "Edit to <path>" in prose AND ends with "Do you want to proceed?". The
|
||
// current co-trigger regex would mis-classify this as a permission
|
||
// dialog. We DO want this test to fail until the regex is tightened
|
||
// further (e.g., proximity constraint, or anchoring "Edit to" to a
|
||
// line-start). For now this is documented as a known limitation: a
|
||
// skill question that talks about "Edit to" in prose IS still treated
|
||
// as a permission dialog. The test asserts the current behavior so a
|
||
// future fix can flip it intentionally.
|
||
const sample = `
|
||
Plan: I will Edit to ./plan.md to capture the decision.
|
||
Do you want to proceed?
|
||
|
||
❯ 1. HOLD SCOPE
|
||
2. SCOPE EXPANSION
|
||
`;
|
||
// KNOWN LIMITATION: the co-trigger fires here. Documented as a
|
||
// post-merge follow-up. Flip this assertion once the regex tightens.
|
||
expect(isPermissionDialogVisible(sample)).toBe(true);
|
||
});
|
||
});
|
||
|
||
describe('isNumberedOptionListVisible', () => {
|
||
test('matches a basic ❯ 1. + 2. cursor list', () => {
|
||
const sample = `
|
||
❯ 1. Option one
|
||
2. Option two
|
||
3. Option three
|
||
`;
|
||
expect(isNumberedOptionListVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('returns false on a single-option prompt', () => {
|
||
const sample = `
|
||
❯ 1. Only option
|
||
`;
|
||
expect(isNumberedOptionListVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('returns false when no cursor renders', () => {
|
||
const sample = `
|
||
Just some prose with 1. a numbered point and 2. another.
|
||
`;
|
||
expect(isNumberedOptionListVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('overlaps permission dialogs (this is why D5 short-circuits)', () => {
|
||
// The whole point of D5: this string matches BOTH classifiers, so the
|
||
// runner must consult isPermissionDialogVisible to disambiguate.
|
||
const sample = `
|
||
Bash command \`do-thing\` requires permission to run.
|
||
|
||
❯ 1. Yes
|
||
2. No
|
||
`;
|
||
expect(isNumberedOptionListVisible(sample)).toBe(true);
|
||
expect(isPermissionDialogVisible(sample)).toBe(true);
|
||
});
|
||
});
|
||
|
||
describe('isProseAUQVisible', () => {
|
||
test('matches 4 lettered options A) B) C) D) at line starts (plan-eng prose AUQ shape)', () => {
|
||
const sample = `
|
||
What would you like me to review? Options:
|
||
A) Point me at an existing design doc or plan file (path).
|
||
B) Describe new work you're planning — I'll explore the codebase.
|
||
C) You meant /review for the diff already on this branch.
|
||
D) Something else (tell me).
|
||
Recommendation: A if you have a doc in mind, otherwise B.
|
||
❯
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('matches 2 lettered options (minimum threshold)', () => {
|
||
const sample = `
|
||
A) First option
|
||
B) Second option
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('matches 3 numbered options 1. 2. 3. without ❯ 1. cursor (autoplan prose AUQ shape)', () => {
|
||
const sample = `
|
||
What's the task? A few options:
|
||
1. You have a plan idea in mind — describe it.
|
||
2. You want to review an existing plan elsewhere.
|
||
3. You meant a different command — /plan-ceo-review etc.
|
||
❯
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('returns false when ❯ 1. cursor is present in the recent tail (native UI handled by isNumberedOptionListVisible)', () => {
|
||
const sample = `
|
||
❯ 1. First option
|
||
2. Second option
|
||
3. Third option
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('does NOT suppress numbered-prose detection when ❯ 1. is only in early scrollback (trust dialog)', () => {
|
||
// Boot trust dialog rendered ❯ 1. Yes at startup, then a long body of
|
||
// model output, then prose-rendered numbered options now. The historic
|
||
// ❯ 1. is in the full buffer but NOT in the recent tail. Should detect
|
||
// the prose AUQ.
|
||
const trustHeader = '❯ 1. Yes, trust\n 2. No\n';
|
||
const filler = 'x'.repeat(5000); // pushes trust dialog out of last 4KB tail
|
||
const proseAUQ = `\n 1. Review the docs\n 2. Investigate the code\n 3. Defer to next session\n❯ \n`;
|
||
const sample = trustHeader + filler + proseAUQ;
|
||
expect(isProseAUQVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('returns false on single lettered option', () => {
|
||
const sample = `
|
||
A) Only one option mentioned in passing.
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('matches 2 numbered options (threshold matches lettered branch — tails miss option 1)', () => {
|
||
const sample = `
|
||
1. First note.
|
||
2. Second note.
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('returns false on a single numbered option', () => {
|
||
const sample = `
|
||
1. Only one option mentioned.
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('does not match mid-prose lettered text like "(see option B) above"', () => {
|
||
const sample = `
|
||
This refers to (see option B) above and also to point A) earlier.
|
||
`;
|
||
// The B) and A) markers are mid-line, not at line starts, so they don't count.
|
||
expect(isProseAUQVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('matches with leading whitespace and ❯ prefix on options', () => {
|
||
const sample = `
|
||
A) Option with whitespace prefix
|
||
❯ B) Option with cursor prefix
|
||
C) Another option
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('returns false on plain text with no option markers', () => {
|
||
expect(isProseAUQVisible('Just some plain text output from the model.')).toBe(false);
|
||
expect(isProseAUQVisible('')).toBe(false);
|
||
});
|
||
|
||
// Pattern 3: markdown bold-bullet options — office-hours renders its mode
|
||
// question this way under --disallowedTools, with no letter/number marker.
|
||
test('matches office-hours markdown bold-bullet mode question (Pattern 3)', () => {
|
||
const sample = `
|
||
> Before we dig in — what's your goal with this?
|
||
>
|
||
> - **Building a startup** (or thinking about it)
|
||
> - **Intrapreneurship** — internal project at a company, need to ship fast
|
||
> - **Hackathon / demo** — time-boxed, need to impress
|
||
> - **Open source / research** — building for a community
|
||
> - **Learning** — teaching yourself to code
|
||
❯
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('bold-bullets require a preceding interrogative — no "?" => false', () => {
|
||
// 3+ bold bullets but no question stem: this is a feature list, not an AUQ.
|
||
const sample = `
|
||
Here is what shipped:
|
||
- **Faster builds** via caching
|
||
- **Smaller binaries** through tree-shaking
|
||
- **Better errors** with source maps
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('a question with fewer than 3 bold bullets stays false (guard)', () => {
|
||
const sample = `
|
||
Which approach do you prefer?
|
||
- **Option one** is simpler
|
||
- **Option two** is faster
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('plain (non-bold) bullets after a question do not trigger Pattern 3', () => {
|
||
// Only bold bullets count — plain "- text" prose lists are too common.
|
||
const sample = `
|
||
What should we do about this?
|
||
- run the tests
|
||
- ship the fix
|
||
- file a follow-up
|
||
`;
|
||
expect(isProseAUQVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('Pattern 3 still defers to a live native cursor list (❯ 1.)', () => {
|
||
const sample = `
|
||
> What's your goal?
|
||
❯ 1. **Building a startup**
|
||
2. **Intrapreneurship**
|
||
3. **Hackathon**
|
||
`;
|
||
// The ❯1. cursor gate fires first — native list handling owns this.
|
||
expect(isProseAUQVisible(sample)).toBe(false);
|
||
});
|
||
|
||
// Pattern 4/5: collapsed-form prose AUQ. stripAnsi destroys the newlines +
|
||
// inter-word spaces, so a real prose AUQ arrives collapsed and defeats the
|
||
// line-anchored Patterns 1-3. These are the dominant Shape-B render mode in
|
||
// the plan-design smoke + floor timeouts — verbatim de-spinnered bytes from
|
||
// the real failing runs (bdm3sucql.output).
|
||
test('matches the real collapsed floor render (colon-delimited, Pattern 4/5)', () => {
|
||
const sample =
|
||
'The review is blocked on D1—reply withA, B, r Cabovetocontinue:' +
|
||
'- A(recommended): Spec thefull P1AskUserQuestioncopy in this review' +
|
||
'-B:LeaveP1copytotheimplementerwithstructuralrequirements' +
|
||
'C: Add a placeholder template to the plan';
|
||
expect(isProseAUQVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('matches the real collapsed plan-mode render (Recommendation + collapsed A)/B), Pattern 4/5)', () => {
|
||
const sample =
|
||
'Recommendation:A—writethecopynow.(recommended)A) Writ the fullcopy in thisdesign review— now.' +
|
||
'(recommended) Completeness:10/10 B) Leveit to theimplemente — task spec is enough.' +
|
||
'Reply withA (write the copy now)orB(leavetoimplementer)';
|
||
expect(isProseAUQVisible(sample)).toBe(true);
|
||
});
|
||
|
||
test('collapsed-form requires BOTH signals — single B) + word "recommendation" stays false', () => {
|
||
// Only one punctuated letter marker: the two-signal contract is not met.
|
||
const sample =
|
||
'We should consider option B) here. My recommendation is to do it now.';
|
||
expect(isProseAUQVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('collapsed-form requires letter punctuation — comma-only "ReplywithA,B,orC" stays false', () => {
|
||
// Reply-instruction present, but the letters carry no ) : or ( punctuation,
|
||
// so they could be incidental enumerations in running prose. Stays false.
|
||
const sample = 'ReplywithA,B,orC';
|
||
expect(isProseAUQVisible(sample)).toBe(false);
|
||
});
|
||
|
||
test('collapsed-form does not regress the existing FP guard (see option B) ... point A))', () => {
|
||
// The classic citation FP: a model referencing prior options in prose.
|
||
// No reply-instruction / recommendation marker on its own line, so the
|
||
// collapsed-form signal does not fire either.
|
||
const sample =
|
||
'As noted (see option B) above, and the earlier point A) we discussed, this is fine.';
|
||
expect(isProseAUQVisible(sample)).toBe(false);
|
||
});
|
||
});
|
||
|
||
describe('classifyVisible (runtime path through the runner classifier)', () => {
|
||
// These tests call the actual classifier so a future contributor who
|
||
// reorders branches (e.g. moves the permission short-circuit before
|
||
// isPlanReadyVisible) is caught deterministically.
|
||
|
||
test('skill question → returns asked', () => {
|
||
const visible = `
|
||
D1 — Choose your scope mode
|
||
|
||
❯ 1. HOLD SCOPE
|
||
2. SCOPE EXPANSION
|
||
3. SELECTIVE EXPANSION
|
||
4. SCOPE REDUCTION
|
||
`;
|
||
const result = classifyVisible(visible);
|
||
expect(result?.outcome).toBe('asked');
|
||
});
|
||
|
||
test('permission dialog (Bash) → returns null (skip, keep polling)', () => {
|
||
const visible = `
|
||
Bash command \`gstack-update-check\` requires permission to run.
|
||
|
||
❯ 1. Yes
|
||
2. No
|
||
`;
|
||
expect(isNumberedOptionListVisible(visible)).toBe(true); // pre-filter
|
||
expect(classifyVisible(visible)).toBeNull(); // post-filter
|
||
});
|
||
|
||
test('plan-ready confirmation → returns plan_ready (wins over asked)', () => {
|
||
const visible = `
|
||
Ready to execute the plan?
|
||
|
||
❯ 1. Yes, proceed
|
||
2. No, keep planning
|
||
`;
|
||
const result = classifyVisible(visible);
|
||
expect(result?.outcome).toBe('plan_ready');
|
||
});
|
||
|
||
test('silent write to unsanctioned path → returns silent_write', () => {
|
||
const visible = `
|
||
⏺ Write(src/app/dangerous-write.ts)
|
||
⎿ Wrote 42 lines
|
||
`;
|
||
const result = classifyVisible(visible);
|
||
expect(result?.outcome).toBe('silent_write');
|
||
expect(result?.summary).toContain('src/app/dangerous-write.ts');
|
||
});
|
||
|
||
test('write to sanctioned path (.claude/plans) → returns null (allowed)', () => {
|
||
const visible = `
|
||
⏺ Write(/Users/me/.claude/plans/some-plan.md)
|
||
⎿ Wrote 42 lines
|
||
`;
|
||
expect(classifyVisible(visible)).toBeNull();
|
||
});
|
||
|
||
test('write while a permission dialog is on screen → returns null (gated, not silent, not asked)', () => {
|
||
const visible = `
|
||
⏺ Write(src/app/edit-with-permission.ts)
|
||
|
||
Edit to src/app/edit-with-permission.ts
|
||
|
||
Do you want to proceed?
|
||
|
||
❯ 1. Yes
|
||
2. No
|
||
`;
|
||
// The numbered prompt is a permission dialog (Edit to + Do you want to proceed?);
|
||
// silent_write is suppressed because a numbered prompt is visible, AND
|
||
// 'asked' is suppressed because the prompt is a permission dialog.
|
||
expect(classifyVisible(visible)).toBeNull();
|
||
});
|
||
|
||
test('write while a real skill question is on screen → returns asked (write is captured but not silent)', () => {
|
||
const visible = `
|
||
⏺ Write(src/app/foo.ts)
|
||
|
||
D1 — Choose your scope mode
|
||
|
||
❯ 1. HOLD SCOPE
|
||
2. SCOPE EXPANSION
|
||
`;
|
||
// The numbered prompt is a skill question, not a permission dialog;
|
||
// silent_write is suppressed (numbered prompt is visible) and the
|
||
// outcome is 'asked' — Step 0 fired.
|
||
const result = classifyVisible(visible);
|
||
expect(result?.outcome).toBe('asked');
|
||
});
|
||
|
||
test('idle / no signals → returns null', () => {
|
||
const visible = `
|
||
Some prose without any classifier signals.
|
||
`;
|
||
expect(classifyVisible(visible)).toBeNull();
|
||
});
|
||
|
||
test('TAIL_SCAN_BYTES is exported as 1500', () => {
|
||
// Shared between runner and routing test; a regression that desyncs the
|
||
// recent-tail window would surface here.
|
||
expect(TAIL_SCAN_BYTES).toBe(1500);
|
||
});
|
||
|
||
// D4-B: strictPlanWrites detector. Catches the transcript bug where the
|
||
// model writes findings to the plan file before any AskUserQuestion fires.
|
||
test('strictPlanWrites: plan write before any AUQ → wrote_findings_before_asking', () => {
|
||
const visible = `
|
||
⏺ Edit(/Users/me/.claude/plans/some-plan.md)
|
||
⎿ Updated 12 lines
|
||
`;
|
||
const result = classifyVisible(visible, { strictPlanWrites: true });
|
||
expect(result?.outcome).toBe('wrote_findings_before_asking');
|
||
expect(result?.summary).toContain('.claude/plans/some-plan.md');
|
||
});
|
||
|
||
test('strictPlanWrites: plan write AFTER an AUQ render → not flagged', () => {
|
||
// AUQ renders first, then the model writes the plan post-answer. This is
|
||
// the legitimate end-of-workflow flow and must NOT trigger the detector.
|
||
const visible = `
|
||
D1 — Some scope question
|
||
|
||
❯ 1. Option A
|
||
2. Option B
|
||
|
||
⏺ Edit(/Users/me/.claude/plans/some-plan.md)
|
||
⎿ Updated 12 lines
|
||
`;
|
||
const result = classifyVisible(visible, { strictPlanWrites: true });
|
||
// Outcome is 'asked' (the numbered list rendered); the post-AUQ plan
|
||
// write is ignored by the detector.
|
||
expect(result?.outcome).toBe('asked');
|
||
});
|
||
|
||
test('strictPlanWrites: AUQ first then plan write — write_pos > auq_pos → not flagged', () => {
|
||
// Same scenario, more explicit ordering: the regex finds the write at a
|
||
// position AFTER the numbered list. Detector lets it through.
|
||
const visible = [
|
||
'D1 — Choose your approach',
|
||
'',
|
||
'❯ 1. Approach A',
|
||
' 2. Approach B',
|
||
'',
|
||
'⏺ Write(/Users/me/.claude/plans/draft.md)',
|
||
'⎿ Wrote 42 lines',
|
||
].join('\n');
|
||
const result = classifyVisible(visible, { strictPlanWrites: true });
|
||
expect(result?.outcome).toBe('asked');
|
||
});
|
||
|
||
test('strictPlanWrites: only a permission dialog visible → plan write still flagged', () => {
|
||
// A permission dialog ❯ 1./2. is NOT an AUQ; pre-AUQ plan writes still
|
||
// hit the detector even when a permission prompt is on screen.
|
||
const visible = `
|
||
⏺ Edit(/Users/me/.claude/plans/some-plan.md)
|
||
|
||
Edit to /Users/me/.claude/plans/some-plan.md
|
||
|
||
Do you want to proceed?
|
||
|
||
❯ 1. Yes
|
||
2. No
|
||
`;
|
||
const result = classifyVisible(visible, { strictPlanWrites: true });
|
||
expect(result?.outcome).toBe('wrote_findings_before_asking');
|
||
});
|
||
|
||
test('strictPlanWrites OFF: plan write before AUQ → returns null (legacy behavior preserved)', () => {
|
||
const visible = `
|
||
⏺ Edit(/Users/me/.claude/plans/some-plan.md)
|
||
⎿ Updated 12 lines
|
||
`;
|
||
// Without strictPlanWrites, the sanctioned-path list lets this through.
|
||
expect(classifyVisible(visible)).toBeNull();
|
||
});
|
||
});
|
||
|
||
describe('parseNumberedOptions', () => {
|
||
test('extracts options from a clean cursor list', () => {
|
||
const visible = `
|
||
❯ 1. HOLD SCOPE
|
||
2. SCOPE EXPANSION
|
||
`;
|
||
const opts = parseNumberedOptions(visible);
|
||
expect(opts).toHaveLength(2);
|
||
expect(opts[0]).toEqual({ index: 1, label: 'HOLD SCOPE' });
|
||
expect(opts[1]).toEqual({ index: 2, label: 'SCOPE EXPANSION' });
|
||
});
|
||
|
||
test('returns empty array on prose-with-numbers (no cursor)', () => {
|
||
expect(parseNumberedOptions('text 1. one 2. two')).toEqual([]);
|
||
});
|
||
|
||
test('extracts options when the cursor is INLINE with prompt header (box-layout)', () => {
|
||
// Real /plan-ceo-review rendering: the TTY's cursor-positioning escapes
|
||
// collapse divider + header + prompt + cursor onto one logical line.
|
||
// Subsequent options (2..7) still start their own lines.
|
||
const visible = [
|
||
'────────────────────────────────────────',
|
||
'☐ Review scope What scope do you want me to CEO-review? ❯ 1. The branch\'s diff vs main',
|
||
' Review the full branch: ~10K LOC.',
|
||
'2. A specific plan file or design doc',
|
||
' You point me at a file (path) and I review that.',
|
||
'3. An idea you\'ll describe inline',
|
||
'4. Cancel — wrong skill',
|
||
'5. Type something.',
|
||
'────────────────────────────────────────',
|
||
'6. Chat about this',
|
||
'7. Skip interview and plan immediately',
|
||
].join('\n');
|
||
const opts = parseNumberedOptions(visible);
|
||
expect(opts).toHaveLength(7);
|
||
expect(opts[0]).toEqual({ index: 1, label: "The branch's diff vs main" });
|
||
expect(opts[1]?.index).toBe(2);
|
||
expect(opts[6]?.index).toBe(7);
|
||
expect(opts[6]?.label).toBe('Skip interview and plan immediately');
|
||
});
|
||
|
||
test('inline-cursor and start-of-line cursor both produce 7 options for the box-layout case', () => {
|
||
// The inline path captures option 1 from the cursor line itself; the
|
||
// subsequent-lines path captures 2..7 with the existing optionRe.
|
||
const inlineLayout = [
|
||
'header text ❯ 1. first option',
|
||
'2. second',
|
||
'3. third',
|
||
].join('\n');
|
||
expect(parseNumberedOptions(inlineLayout)).toEqual([
|
||
{ index: 1, label: 'first option' },
|
||
{ index: 2, label: 'second' },
|
||
{ index: 3, label: 'third' },
|
||
]);
|
||
|
||
const cleanLayout = [
|
||
' ❯ 1. first option',
|
||
' 2. second',
|
||
' 3. third',
|
||
].join('\n');
|
||
expect(parseNumberedOptions(cleanLayout)).toEqual([
|
||
{ index: 1, label: 'first option' },
|
||
{ index: 2, label: 'second' },
|
||
{ index: 3, label: 'third' },
|
||
]);
|
||
});
|
||
});
|
||
|
||
describe('runPlanSkillObservation env passthrough surface', () => {
|
||
test('ClaudePtyOptions exposes env: Record<string, string>', () => {
|
||
// Type-level guard: this file would fail to compile if the env field
|
||
// were removed or its shape regressed. The actual env merge happens in
|
||
// launchClaudePty's spawn call (`env: { ...process.env, ...opts.env }`),
|
||
// so a regression where `env: opts.env` gets dropped from the
|
||
// runPlanSkillObservation -> launchClaudePty handoff is only caught by
|
||
// the live PTY test, not here.
|
||
const opts: ClaudePtyOptions = {
|
||
env: { QUESTION_TUNING: 'false', EXPLAIN_LEVEL: 'default' },
|
||
};
|
||
expect(opts.env).toEqual({ QUESTION_TUNING: 'false', EXPLAIN_LEVEL: 'default' });
|
||
});
|
||
});
|
||
|
||
describe('launchClaudePty model pin (static tripwire)', () => {
|
||
// Why static-grep, not a behavioral assert: the spawn fires immediately
|
||
// inside launchClaudePty, so asserting the built args array would require
|
||
// extracting an arg-builder seam — which rewrites the exact region kyoto-v5's
|
||
// hermetic --strict-mcp-config insertion edits, reintroducing a merge
|
||
// conflict the placement deliberately avoids. The end-to-end behavioral proof
|
||
// is the live PTY smoke (skill-e2e-plan-*-plan-mode.test.ts) running under the
|
||
// pinned model. These grep-level guards stop a refactor from silently
|
||
// dropping the pin or reordering it past extraArgs.
|
||
const src = readFileSync(new URL('./claude-pty-runner.ts', import.meta.url), 'utf-8');
|
||
|
||
test('ClaudePtyOptions exposes model?: string', () => {
|
||
const opts: ClaudePtyOptions = { model: 'claude-sonnet-4-6' };
|
||
expect(opts.model).toBe('claude-sonnet-4-6');
|
||
});
|
||
|
||
test('spawn args push --model from the EVALS_MODEL fallback chain', () => {
|
||
expect(src).toContain("args.push('--model', model)");
|
||
// opts.model -> EVALS_MODEL -> 'claude-sonnet-4-6' (mirrors session-runner.ts:144)
|
||
expect(src).toMatch(
|
||
/opts\.model\s*\?\?\s*process\.env\.EVALS_MODEL\s*\?\?\s*'claude-sonnet-4-6'/,
|
||
);
|
||
});
|
||
|
||
test('--model is pushed BEFORE extraArgs so a per-test --model override wins', () => {
|
||
const modelPush = src.indexOf("args.push('--model', model)");
|
||
const extraArgsPush = src.indexOf('if (opts.extraArgs) args.push(...opts.extraArgs)');
|
||
expect(modelPush).toBeGreaterThan(-1);
|
||
expect(extraArgsPush).toBeGreaterThan(-1);
|
||
expect(modelPush).toBeLessThan(extraArgsPush);
|
||
});
|
||
|
||
test('all three plan-skill wrappers forward model to launchClaudePty', () => {
|
||
// Count must match the number of wrappers (observation, counting, floor).
|
||
const forwards = src.match(/^\s*model: opts\.model,$/gm) ?? [];
|
||
expect(forwards.length).toBe(3);
|
||
});
|
||
});
|
||
|
||
// ────────────────────────────────────────────────────────────────────────────
|
||
// Per-finding count primitives — Section 3 unit tests #1–#5, #7, #12.
|
||
// ────────────────────────────────────────────────────────────────────────────
|
||
|
||
describe('optionsSignature', () => {
|
||
test('returns a "|"-joined `index:label` string for a clean list', () => {
|
||
const sig = optionsSignature([
|
||
{ index: 1, label: 'HOLD SCOPE' },
|
||
{ index: 2, label: 'SCOPE EXPANSION' },
|
||
]);
|
||
expect(sig).toBe('1:HOLD SCOPE|2:SCOPE EXPANSION');
|
||
});
|
||
|
||
test('order-independent: shuffled inputs produce the same signature', () => {
|
||
// parseNumberedOptions already returns sorted, but defensive sort means
|
||
// a future caller that hands us shuffled input still produces a stable
|
||
// dedupe signature.
|
||
const a = optionsSignature([
|
||
{ index: 2, label: 'B' },
|
||
{ index: 1, label: 'A' },
|
||
{ index: 3, label: 'C' },
|
||
]);
|
||
const b = optionsSignature([
|
||
{ index: 1, label: 'A' },
|
||
{ index: 2, label: 'B' },
|
||
{ index: 3, label: 'C' },
|
||
]);
|
||
expect(a).toBe(b);
|
||
});
|
||
|
||
test('empty list returns empty string', () => {
|
||
expect(optionsSignature([])).toBe('');
|
||
});
|
||
|
||
test('single-item list returns just that entry', () => {
|
||
expect(optionsSignature([{ index: 1, label: 'Only' }])).toBe('1:Only');
|
||
});
|
||
});
|
||
|
||
describe('parseQuestionPrompt', () => {
|
||
test('captures 1-line prompt above the cursor', () => {
|
||
const visible = `
|
||
D1 — Pick a mode
|
||
|
||
❯ 1. HOLD SCOPE
|
||
2. SCOPE EXPANSION
|
||
`;
|
||
const prompt = parseQuestionPrompt(visible);
|
||
expect(prompt).toBe('D1 — Pick a mode');
|
||
});
|
||
|
||
test('captures multi-line prompt above the cursor', () => {
|
||
const visible = `
|
||
D2 — Approach selection
|
||
|
||
Which architecture should we follow?
|
||
|
||
❯ 1. Bypass existing helper
|
||
2. Reuse existing helper
|
||
`;
|
||
const prompt = parseQuestionPrompt(visible);
|
||
// Multi-line prompts get joined with single spaces.
|
||
expect(prompt).toContain('D2 — Approach selection');
|
||
expect(prompt).toContain('Which architecture should we follow?');
|
||
});
|
||
|
||
test('returns "" when no cursor is rendered', () => {
|
||
expect(parseQuestionPrompt('Just some prose.\nNo cursor.')).toBe('');
|
||
});
|
||
|
||
test('truncates to 240 chars', () => {
|
||
const longPrompt = 'A'.repeat(500);
|
||
const visible = `${longPrompt}\n\n ❯ 1. yes\n 2. no`;
|
||
expect(parseQuestionPrompt(visible).length).toBeLessThanOrEqual(240);
|
||
});
|
||
|
||
test('does not pull text from a previous numbered list above', () => {
|
||
const visible = `
|
||
❯ 1. previous answered question
|
||
2. previous option two
|
||
|
||
D2 — A new question text
|
||
|
||
❯ 1. fresh option A
|
||
2. fresh option B
|
||
`;
|
||
const prompt = parseQuestionPrompt(visible);
|
||
// Stops at the previous numbered-list line; should NOT contain "previous answered question".
|
||
expect(prompt).toContain('D2 — A new question text');
|
||
expect(prompt).not.toContain('previous answered question');
|
||
});
|
||
|
||
test('normalizes whitespace (collapses runs of spaces and tabs)', () => {
|
||
const visible = `D1 — Spaced out
|
||
|
||
❯ 1. yes
|
||
2. no`;
|
||
expect(parseQuestionPrompt(visible)).toBe('D1 — Spaced out');
|
||
});
|
||
|
||
test('inline-cursor box-layout: extracts prompt text BEFORE ❯1. on the cursor line', () => {
|
||
// Real /plan-ceo-review rendering: divider + ☐ header + prompt text +
|
||
// cursor are all on one logical line because TTY cursor-positioning
|
||
// escapes collapse the box layout under stripAnsi.
|
||
const visible = [
|
||
'──────────────────',
|
||
'☐ Review scope What scope do you want me to CEO-review? ❯ 1. The branch\'s diff vs main',
|
||
'2. A specific plan file',
|
||
'3. An idea inline',
|
||
].join('\n');
|
||
const prompt = parseQuestionPrompt(visible);
|
||
// Should extract "Review scope" and the prompt text, dropping the ☐ box-drawing sigil.
|
||
expect(prompt).toContain('Review scope');
|
||
expect(prompt).toContain('What scope do you want me to CEO-review?');
|
||
expect(prompt).not.toContain('❯');
|
||
expect(prompt).not.toMatch(/^☐/);
|
||
});
|
||
});
|
||
|
||
describe('auqFingerprint', () => {
|
||
test('returns the same fingerprint for identical inputs', () => {
|
||
const opts = [
|
||
{ index: 1, label: 'A' },
|
||
{ index: 2, label: 'B' },
|
||
];
|
||
expect(auqFingerprint('hello', opts)).toBe(auqFingerprint('hello', opts));
|
||
});
|
||
|
||
test('different prompts with shared option labels produce DIFFERENT fingerprints', () => {
|
||
// The collision regression Codex F1 caught: option-label-only fingerprints
|
||
// collapsed multiple distinct findings into one when they shared menu shape.
|
||
const sharedOpts = [
|
||
{ index: 1, label: 'Add to plan' },
|
||
{ index: 2, label: 'Defer' },
|
||
{ index: 3, label: 'Build now' },
|
||
];
|
||
const fpFinding1 = auqFingerprint('D5 — Architecture: bypass helper?', sharedOpts);
|
||
const fpFinding2 = auqFingerprint('D6 — Tests: zero coverage?', sharedOpts);
|
||
expect(fpFinding1).not.toBe(fpFinding2);
|
||
});
|
||
|
||
test('same prompt with different options produces DIFFERENT fingerprints', () => {
|
||
const prompt = 'D1 — Pick a mode';
|
||
const fpA = auqFingerprint(prompt, [
|
||
{ index: 1, label: 'HOLD SCOPE' },
|
||
{ index: 2, label: 'SCOPE EXPANSION' },
|
||
]);
|
||
const fpB = auqFingerprint(prompt, [
|
||
{ index: 1, label: 'HOLD SCOPE' },
|
||
{ index: 2, label: 'SCOPE REDUCTION' },
|
||
]);
|
||
expect(fpA).not.toBe(fpB);
|
||
});
|
||
|
||
test('whitespace-only differences in prompt do NOT change the fingerprint', () => {
|
||
// Same content, different rendering whitespace (TTY redraw artifact)
|
||
// must produce the same fingerprint so dedupe survives reflow.
|
||
const opts = [{ index: 1, label: 'A' }, { index: 2, label: 'B' }];
|
||
const fpA = auqFingerprint('Pick a mode', opts);
|
||
const fpB = auqFingerprint('Pick a mode', opts);
|
||
expect(fpA).toBe(fpB);
|
||
});
|
||
|
||
test('empty prompt + same options collide (caller must guard against this)', () => {
|
||
// Documents the contract: empty-prompt fingerprints WILL collide if the
|
||
// caller fingerprints them. runPlanSkillCounting must skip empty-prompt
|
||
// AUQs and re-poll instead.
|
||
const opts = [{ index: 1, label: 'A' }];
|
||
expect(auqFingerprint('', opts)).toBe(auqFingerprint('', opts));
|
||
});
|
||
});
|
||
|
||
describe('COMPLETION_SUMMARY_RE', () => {
|
||
test('matches GSTACK REVIEW REPORT heading', () => {
|
||
expect(COMPLETION_SUMMARY_RE.test('## GSTACK REVIEW REPORT')).toBe(true);
|
||
});
|
||
|
||
test('matches Completion Summary heading (ceo + eng)', () => {
|
||
expect(COMPLETION_SUMMARY_RE.test('## Completion Summary')).toBe(true);
|
||
expect(COMPLETION_SUMMARY_RE.test('## Completion summary')).toBe(true);
|
||
});
|
||
|
||
test('matches Status: clean (CEO review-log shape)', () => {
|
||
expect(COMPLETION_SUMMARY_RE.test('Status: clean')).toBe(true);
|
||
expect(COMPLETION_SUMMARY_RE.test('Status: issues_open')).toBe(true);
|
||
});
|
||
|
||
test('matches VERDICT: line', () => {
|
||
expect(COMPLETION_SUMMARY_RE.test('VERDICT: CLEARED — Eng Review passed')).toBe(true);
|
||
});
|
||
|
||
test('does NOT match prose mentions of "verdict" mid-line', () => {
|
||
// VERDICT must be at the start of a line to count.
|
||
expect(COMPLETION_SUMMARY_RE.test('the final verdict: undecided')).toBe(false);
|
||
});
|
||
});
|
||
|
||
describe('assertReviewReportAtBottom', () => {
|
||
test('passes when REVIEW REPORT is the only/last ## heading', () => {
|
||
const content = `# Plan
|
||
|
||
## Context
|
||
stuff
|
||
|
||
## Approach
|
||
more stuff
|
||
|
||
## GSTACK REVIEW REPORT
|
||
|
||
| col | col |
|
||
`;
|
||
const r = assertReviewReportAtBottom(content);
|
||
expect(r.ok).toBe(true);
|
||
});
|
||
|
||
test('fails when REVIEW REPORT is missing', () => {
|
||
const content = `# Plan
|
||
|
||
## Context
|
||
stuff
|
||
`;
|
||
const r = assertReviewReportAtBottom(content);
|
||
expect(r.ok).toBe(false);
|
||
expect(r.reason).toMatch(/no GSTACK REVIEW REPORT/);
|
||
});
|
||
|
||
test('fails when REVIEW REPORT exists but a ## heading follows it', () => {
|
||
const content = `# Plan
|
||
|
||
## GSTACK REVIEW REPORT
|
||
|
||
| col | col |
|
||
|
||
## Late Section
|
||
oops
|
||
`;
|
||
const r = assertReviewReportAtBottom(content);
|
||
expect(r.ok).toBe(false);
|
||
expect(r.reason).toMatch(/trailing ## heading/);
|
||
expect(r.trailingHeadings).toEqual(['## Late Section']);
|
||
});
|
||
|
||
test('passes when only ### subheadings follow REVIEW REPORT (deeper nesting allowed)', () => {
|
||
const content = `## GSTACK REVIEW REPORT
|
||
|
||
### Cross-model tension
|
||
- F1: resolved
|
||
- F2: resolved
|
||
`;
|
||
const r = assertReviewReportAtBottom(content);
|
||
expect(r.ok).toBe(true);
|
||
});
|
||
|
||
test('fails with multiple trailing ## headings reported', () => {
|
||
const content = `## GSTACK REVIEW REPORT
|
||
|
||
## First trailing
|
||
|
||
## Second trailing
|
||
`;
|
||
const r = assertReviewReportAtBottom(content);
|
||
expect(r.ok).toBe(false);
|
||
expect(r.trailingHeadings).toHaveLength(2);
|
||
});
|
||
});
|
||
|
||
describe('Step0BoundaryPredicate per-skill', () => {
|
||
// Helper to build a synthetic fingerprint for predicate tests.
|
||
function fp(promptSnippet: string, optionLabels: string[]): AskUserQuestionFingerprint {
|
||
const options = optionLabels.map((label, i) => ({ index: i + 1, label }));
|
||
return {
|
||
signature: auqFingerprint(promptSnippet, options),
|
||
promptSnippet,
|
||
options,
|
||
observedAtMs: 0,
|
||
preReview: true,
|
||
};
|
||
}
|
||
|
||
describe('ceoStep0Boundary', () => {
|
||
test('FIRES on Step 0F mode-pick AUQ (HOLD SCOPE in options)', () => {
|
||
const f = fp('Pick a mode', ['HOLD SCOPE', 'SCOPE EXPANSION', 'SELECTIVE EXPANSION', 'SCOPE REDUCTION']);
|
||
expect(ceoStep0Boundary(f)).toBe(true);
|
||
});
|
||
|
||
test('FIRES on scope-selection AUQ with "Skip interview" option (skip-interview path)', () => {
|
||
// After calibration run 1: plan-ceo's first AUQ is scope-selection,
|
||
// and we route via "Skip interview and plan immediately" to bypass
|
||
// Step 0 entirely. Boundary must fire on this AUQ so subsequent
|
||
// AUQs go to reviewCount.
|
||
const f = fp(
|
||
'What scope do you want me to CEO-review?',
|
||
[
|
||
"The branch's diff vs main",
|
||
'A specific plan file',
|
||
"An idea you'll describe inline",
|
||
'Cancel — wrong skill',
|
||
'Type something.',
|
||
'Chat about this',
|
||
'Skip interview and plan immediately',
|
||
],
|
||
);
|
||
expect(ceoStep0Boundary(f)).toBe(true);
|
||
});
|
||
|
||
test('does NOT fire on premise challenge AUQs', () => {
|
||
const f = fp('D1 — Premise check: is this the right problem?', ['Yes', 'No', 'Other']);
|
||
expect(ceoStep0Boundary(f)).toBe(false);
|
||
});
|
||
|
||
test('does NOT fire on review-section AUQs', () => {
|
||
const f = fp('Architecture: bypass helper?', ['Reuse existing', 'Roll new', 'Defer']);
|
||
expect(ceoStep0Boundary(f)).toBe(false);
|
||
});
|
||
});
|
||
|
||
describe('engStep0Boundary', () => {
|
||
test('FIRES on cross-project learnings prompt', () => {
|
||
const f = fp('Enable cross-project learnings on this machine?', ['Yes', 'No']);
|
||
expect(engStep0Boundary(f)).toBe(true);
|
||
});
|
||
|
||
test('FIRES on scope reduction recommendation', () => {
|
||
const f = fp('Scope reduction recommendation: cut to MVP?', ['Reduce', 'Proceed', 'Modify']);
|
||
expect(engStep0Boundary(f)).toBe(true);
|
||
});
|
||
|
||
test('does NOT fire on review-section AUQs', () => {
|
||
const f = fp('Architecture: shared mutable state?', ['Refactor', 'Defer', 'Skip']);
|
||
expect(engStep0Boundary(f)).toBe(false);
|
||
});
|
||
});
|
||
|
||
describe('designStep0Boundary', () => {
|
||
test('FIRES on design system / posture mention', () => {
|
||
const f = fp('Pick a design posture for this review', ['Polish', 'Triage', 'Expansion']);
|
||
expect(designStep0Boundary(f)).toBe(true);
|
||
});
|
||
|
||
test('FIRES on first-dimension prompt', () => {
|
||
const f = fp('First dimension: visual hierarchy. Score?', ['7', '8', '9']);
|
||
expect(designStep0Boundary(f)).toBe(true);
|
||
});
|
||
|
||
test('does NOT fire on later dimension AUQs', () => {
|
||
const f = fp('Spacing dimension score?', ['7', '8', '9']);
|
||
expect(designStep0Boundary(f)).toBe(false);
|
||
});
|
||
});
|
||
|
||
describe('devexStep0Boundary', () => {
|
||
test('FIRES on developer persona selection', () => {
|
||
const f = fp('Pick the target persona for this review', ['Senior backend', 'Junior frontend', 'Other']);
|
||
expect(devexStep0Boundary(f)).toBe(true);
|
||
});
|
||
|
||
test('FIRES on TTHW target prompt', () => {
|
||
const f = fp('What is the TTHW target for first run?', ['<5 min', '<15 min', '<30 min']);
|
||
expect(devexStep0Boundary(f)).toBe(true);
|
||
});
|
||
|
||
test('does NOT fire on review-section AUQs', () => {
|
||
const f = fp('Friction point: 5-min CI wait. Address?', ['Now', 'Defer', 'Skip']);
|
||
expect(devexStep0Boundary(f)).toBe(false);
|
||
});
|
||
});
|
||
});
|