mirror of
https://github.com/garrytan/gstack.git
synced 2026-06-17 15:20:11 +02:00
Garry Tan
2a55953387
All 7 failures existed on main before this branch — verified via `git stash`
round-trip. Bundling them into the long-lived-sidebar PR because we kept
tripping over them while running `bun test` to verify Commit 0.
* Global afterEach restores `process.env.PATH` (new bunfig.toml +
test-setup.ts). browser-skill-commands.test.ts sets
`PATH = '/test/bin:/usr/bin'` to exercise a scrubbed-env fixture and
used the broken `process.env = origEnv` reassignment pattern that
swaps the proxy reference; the underlying env stayed mutated and
leaked downstream. Fixed three call sites in that file and added a
narrow PATH-only global guardrail so a future polluter can't bring
the bug back. Killed: pair-agent-tunnel-eval (bun ENOENT),
security.test.ts > resolveBashBinary (Bun.which('bash') null),
server-no-import-side-effects (bun ENOENT).
* server-auth.test.ts: two `sliceBetween` markers referenced strings
deleted when sidebar-agent.ts was ripped — `'Sidebar agent started'`
→ `'Terminal agent started'`, `'Sidebar endpoints'` → `'Batch endpoint'`.
Also fixed the pair-agent BROWSE_PARENT_PID assertion (the literal
`serverEnv.BROWSE_PARENT_PID` never existed in source; the actual
contract is the object-literal `BROWSE_PARENT_PID: '0'` inside the
`const serverEnv` declaration).
* test/upgrade-migration-v1.test.ts: also overrides HOME in the spawn
env. The migration shells out to `${HOME}/.claude/skills/gstack/bin/gstack-config`
and a developer's real config with `explain_level` set causes the
script to take the "user already decided" branch and skip writing
the pending-prompt flag the test asserts on.
* test/setup-codesign.test.ts: replaced fragile `bun run build`
string-match (which hit a comment 700 lines later) with the actual
invocation `bun_cmd run build` used in the setup script.
Net: full suite is now green; CI no longer trips on bash/bun-ENOENT
from PATH pollution or on test markers that drifted with the codebase.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
81 lines
3.8 KiB
TypeScript
81 lines
3.8 KiB
TypeScript
import { describe, test, expect } from 'bun:test';
|
|
import { spawnSync } from 'child_process';
|
|
import * as path from 'path';
|
|
import * as fs from 'fs';
|
|
import * as os from 'os';
|
|
|
|
const ROOT = path.resolve(import.meta.dir, '..');
|
|
const SETUP_SCRIPT = path.join(ROOT, 'setup');
|
|
|
|
describe('setup: Apple Silicon codesign', () => {
|
|
test('setup script contains codesign block for Darwin arm64', () => {
|
|
const content = fs.readFileSync(SETUP_SCRIPT, 'utf-8');
|
|
// Verify the codesign guard checks both Darwin and arm64
|
|
expect(content).toContain('$(uname -s)" = "Darwin"');
|
|
expect(content).toContain('$(uname -m)" = "arm64"');
|
|
// Verify remove-then-resign two-step pattern
|
|
expect(content).toContain('codesign --remove-signature');
|
|
expect(content).toContain('codesign -s - -f');
|
|
});
|
|
|
|
test('codesign block covers all compiled binaries', () => {
|
|
const content = fs.readFileSync(SETUP_SCRIPT, 'utf-8');
|
|
// Extract the binaries from the codesign for-loop
|
|
const forMatch = content.match(/for _bin in ([^;]+);/);
|
|
expect(forMatch).toBeTruthy();
|
|
const binaries = forMatch![1].trim().split(/\s+/);
|
|
// All four compiled binaries from `bun run build` must be covered
|
|
expect(binaries).toContain('browse/dist/browse');
|
|
expect(binaries).toContain('browse/dist/find-browse');
|
|
expect(binaries).toContain('design/dist/design');
|
|
expect(binaries).toContain('bin/gstack-global-discover');
|
|
});
|
|
|
|
test('codesign block is inside the NEEDS_BUILD=1 branch', () => {
|
|
const content = fs.readFileSync(SETUP_SCRIPT, 'utf-8');
|
|
// The codesign block should appear after the build command and before the
|
|
// `if [ ! -x "$BROWSE_BIN" ]` guard that checks the build succeeded. The
|
|
// setup script invokes the build via `bun_cmd run build` (not literal
|
|
// `bun run build`) so the wrapper can route through asdf/volta/etc;
|
|
// matching the wrapped form keeps this test stable across that indirection.
|
|
const buildIdx = content.indexOf('bun_cmd run build');
|
|
const codesignIdx = content.indexOf('codesign --remove-signature');
|
|
const browseCheckIdx = content.indexOf('gstack setup failed: browse binary missing');
|
|
expect(buildIdx).toBeGreaterThan(-1);
|
|
expect(codesignIdx).toBeGreaterThan(buildIdx);
|
|
expect(browseCheckIdx).toBeGreaterThan(codesignIdx);
|
|
});
|
|
|
|
test('codesign block is idempotent (skips missing binaries)', () => {
|
|
const content = fs.readFileSync(SETUP_SCRIPT, 'utf-8');
|
|
// The loop must guard with a file-existence + executable check before codesigning
|
|
expect(content).toContain('[ -f "$_bin_path" ] && [ -x "$_bin_path" ] || continue');
|
|
});
|
|
|
|
test('codesign failure is a warning, not a fatal error', () => {
|
|
const content = fs.readFileSync(SETUP_SCRIPT, 'utf-8');
|
|
// On codesign failure, log a warning but don't exit
|
|
expect(content).toContain('warning: codesign failed for');
|
|
// Should NOT have `set -e` causing exit on codesign failure
|
|
// (the `|| true` after --remove-signature and the if-guard around -s - -f handle this)
|
|
expect(content).toContain('codesign --remove-signature "$_bin_path" 2>/dev/null || true');
|
|
});
|
|
|
|
test('codesign shell snippet is syntactically valid', () => {
|
|
// Extract the codesign block and validate it parses as bash
|
|
const content = fs.readFileSync(SETUP_SCRIPT, 'utf-8');
|
|
const match = content.match(
|
|
/# macOS Apple Silicon: ad-hoc codesign[\s\S]*?done\n\s*fi/
|
|
);
|
|
expect(match).toBeTruthy();
|
|
const snippet = match![0];
|
|
// Wrap in a function to make it a complete script, then syntax-check
|
|
const testScript = `#!/usr/bin/env bash\nset -e\n_test_fn() {\n${snippet}\n}\n`;
|
|
const result = spawnSync('bash', ['-n', '-c', testScript], {
|
|
stdio: ['pipe', 'pipe', 'pipe'],
|
|
timeout: 5000,
|
|
});
|
|
expect(result.status).toBe(0);
|
|
});
|
|
});
|