Hartmut
01f8974314
CI / Architecture Guardrails (pull_request) Successful in 2m59s
CI / Typecheck (pull_request) Successful in 6m41s
CI / Lint (pull_request) Successful in 4m18s
CI / Assistant Split Regression (pull_request) Successful in 5m6s
CI / Unit Tests (pull_request) Successful in 7m21s
CI / Build (pull_request) Successful in 5m21s
CI / Fresh-Linux Docker Deploy (pull_request) Failing after 38s
CI / E2E Tests (pull_request) Successful in 3m28s
CI / Release Images (pull_request) Has been skipped
- docker-compose.yml / .prod.yml / .ci.yml: project names, POSTGRES_DB/USER, pg_isready, DATABASE_URL, volume names (nexus_pgdata, nexus_prod_*) - .github/workflows/ci.yml: POSTGRES_PASSWORD, pg_isready, psql credentials, GRANT statements, POSTGRES_PASSWORD=nexus_dev for Docker Deploy job - scripts/db-target-guard.mjs: expectedDatabase default, NEXUS_EXPECTED_DB_NAME - scripts/prisma-with-env.mjs, e2e/test-server.mjs: env-var rename - packages/db/src/safe-destructive-env.ts + reset-dispo-import.ts: DB name set - packages/db/src/destructive-db-guard.ts: PROTECTED_DATABASE_NAMES → "nexus" - packages/db/src/destructive-db-guard.test.ts: all fixture DB names + comments - .env.example, tooling/deploy/deploy.env.example: DATABASE_URL, image refs - packages/api: Redis channel/key prefixes (rbac-invalidate, sse, ratelimit), logger service name, app-base-url log prefix - E2E: DB container names, localStorage/sessionStorage keys, email domains - scripts: architecture-guardrails filter, export/import-dev-seed defaults, harden-postgres defaults, start.sh pg_isready, worktree-hygiene fixture - tooling/migrate/rename-to-nexus.sh: new maintenance-window cutover script Only intentional capakraken survivor: anonymization.ts DEFAULT_ANONYMIZATION_SEED (functional cryptographic constant — changing it would invalidate stored aliases). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
94 lines
3.0 KiB
JavaScript
94 lines
3.0 KiB
JavaScript
import assert from "node:assert/strict";
|
|
import { describe, it } from "node:test";
|
|
import {
|
|
inspectWorktreeHygiene,
|
|
parseArgs,
|
|
parsePorcelain,
|
|
} from "./worktree-hygiene.mjs";
|
|
|
|
function createGitStub(statusOutput) {
|
|
return (args) => {
|
|
if (args[0] === "rev-parse" && args[1] === "--show-toplevel") {
|
|
return "/tmp/nexus\n";
|
|
}
|
|
if (args[0] === "rev-parse" && args[1] === "--abbrev-ref") {
|
|
return "main\n";
|
|
}
|
|
if (args[0] === "status" && args[1] === "--short") {
|
|
return statusOutput;
|
|
}
|
|
|
|
throw new Error(`Unexpected git args: ${args.join(" ")}`);
|
|
};
|
|
}
|
|
|
|
describe("worktree hygiene", () => {
|
|
it("fails when a scope value is missing", () => {
|
|
assert.throws(() => parseArgs(["--scope"]), /--scope requires a path value\./);
|
|
});
|
|
|
|
it("fails on unknown arguments", () => {
|
|
assert.throws(() => parseArgs(["--wat"]), /Unknown argument: --wat/);
|
|
});
|
|
|
|
it("normalizes rename targets in porcelain output", () => {
|
|
assert.deepEqual(parsePorcelain("R docs/old.md -> docs/new.md\n"), [
|
|
{
|
|
xy: "R ",
|
|
path: "docs/new.md",
|
|
},
|
|
]);
|
|
});
|
|
|
|
it("returns exit code 1 when fail-on-dirty is enabled", () => {
|
|
const result = inspectWorktreeHygiene(
|
|
["--fail-on-dirty"],
|
|
createGitStub(" M scripts/worktree-hygiene.mjs\n?? scripts/worktree-hygiene.test.mjs\n"),
|
|
);
|
|
|
|
assert.equal(result.exitCode, 1);
|
|
assert.match(result.output, /Dirty entries: 2/);
|
|
assert.equal(result.status?.totals.untracked, 1);
|
|
});
|
|
|
|
it("returns exit code 2 when dirty files escape the declared scope", () => {
|
|
const result = inspectWorktreeHygiene(
|
|
["--scope", "docs/", "--fail-outside-scope"],
|
|
createGitStub(" M docs/guide.md\n M scripts/worktree-hygiene.mjs\n"),
|
|
);
|
|
|
|
assert.equal(result.exitCode, 2);
|
|
assert.equal(result.entries.outOfScope.length, 1);
|
|
assert.match(result.output, /outside-scope changes detected\./);
|
|
});
|
|
|
|
it("keeps fail-outside-scope authoritative even when allow-outside-scope is set", () => {
|
|
const result = inspectWorktreeHygiene(
|
|
["--scope", ".\\docs", "--allow-outside-scope", "--fail-outside-scope", "--json"],
|
|
createGitStub(" M docs/guide.md\n M scripts/worktree-hygiene.mjs\n"),
|
|
);
|
|
|
|
assert.equal(result.exitCode, 2);
|
|
|
|
const parsed = JSON.parse(result.output);
|
|
assert.equal(parsed.scopes[0], "docs");
|
|
assert.equal(parsed.inScope, 1);
|
|
assert.equal(parsed.outOfScope, 1);
|
|
});
|
|
|
|
it("tolerates outside-scope files when explicitly allowed and emits json", () => {
|
|
const result = inspectWorktreeHygiene(
|
|
["--scope", "docs/", "--allow-outside-scope", "--json"],
|
|
createGitStub("R docs/old.md -> docs/new.md\n?? scripts/worktree-hygiene.test.mjs\n"),
|
|
);
|
|
|
|
assert.equal(result.exitCode, 0);
|
|
|
|
const parsed = JSON.parse(result.output);
|
|
assert.equal(parsed.inScope, 1);
|
|
assert.equal(parsed.outOfScope, 1);
|
|
assert.deepEqual(parsed.entries.inScope, [{ xy: "R ", path: "docs/new.md" }]);
|
|
assert.deepEqual(parsed.entries.outOfScope, [{ xy: "??", path: "scripts/worktree-hygiene.test.mjs" }]);
|
|
});
|
|
});
|