@aaronshaf/ger 1.2.11 → 2.0.0

package/tests/unit/utils/message-filters.test.ts

@@ -0,0 +1,227 @@
+import { describe, expect, test } from 'bun:test'
+import { filterMeaningfulMessages, sortMessagesByDate } from '@/utils/message-filters'
+import type { MessageInfo } from '@/schemas/gerrit'
+
+describe('Message Filters', () => {
+  describe('filterMeaningfulMessages', () => {
+    test('should filter out empty messages', () => {
+      const messages: MessageInfo[] = [
+        {
+          id: 'msg1',
+          message: 'Code-Review+2',
+          author: { _account_id: 1001, name: 'Jane Reviewer' },
+          date: '2024-01-15 11:30:00.000000000',
+        },
+        {
+          id: 'msg2',
+          message: '',
+          author: { _account_id: 1002, name: 'Bob Reviewer' },
+          date: '2024-01-15 11:31:00.000000000',
+        },
+        {
+          id: 'msg3',
+          message: '   ',
+          author: { _account_id: 1003, name: 'Alice Reviewer' },
+          date: '2024-01-15 11:32:00.000000000',
+        },
+      ]
+
+      const filtered = filterMeaningfulMessages(messages)
+
+      expect(filtered).toHaveLength(1)
+      expect(filtered[0].id).toBe('msg1')
+    })
+
+    test('should filter out autogenerated newPatchSet messages', () => {
+      const messages: MessageInfo[] = [
+        {
+          id: 'msg1',
+          message: 'Uploaded patch set 1.',
+          author: { _account_id: 1001, name: 'Author' },
+          date: '2024-01-15 11:30:00.000000000',
+          tag: 'autogenerated:gerrit:newPatchSet',
+        },
+        {
+          id: 'msg2',
+          message: 'Code-Review+2',
+          author: { _account_id: 1002, name: 'Reviewer' },
+          date: '2024-01-15 11:31:00.000000000',
+        },
+      ]
+
+      const filtered = filterMeaningfulMessages(messages)
+
+      expect(filtered).toHaveLength(1)
+      expect(filtered[0].id).toBe('msg2')
+    })
+
+    test('should filter out autogenerated merged messages', () => {
+      const messages: MessageInfo[] = [
+        {
+          id: 'msg1',
+          message: 'Change has been successfully merged',
+          author: { _account_id: 1001, name: 'Author' },
+          date: '2024-01-15 11:30:00.000000000',
+          tag: 'autogenerated:gerrit:merged',
+        },
+        {
+          id: 'msg2',
+          message: 'Code-Review+2',
+          author: { _account_id: 1002, name: 'Reviewer' },
+          date: '2024-01-15 11:31:00.000000000',
+        },
+      ]
+
+      const filtered = filterMeaningfulMessages(messages)
+
+      expect(filtered).toHaveLength(1)
+      expect(filtered[0].id).toBe('msg2')
+    })
+
+    test('should keep build and review status messages', () => {
+      const messages: MessageInfo[] = [
+        {
+          id: 'msg1',
+          message: 'Patch Set 1: Verified+1\\n\\nBuild Successful',
+          author: { _account_id: 1001, name: 'Jenkins' },
+          date: '2024-01-15 11:30:00.000000000',
+        },
+        {
+          id: 'msg2',
+          message: 'Patch Set 1: Code-Review+2',
+          author: { _account_id: 1002, name: 'Reviewer' },
+          date: '2024-01-15 11:31:00.000000000',
+        },
+        {
+          id: 'msg3',
+          message: 'Patch Set 1: Lint-Review-1\\n\\nThis commit may not be safe to merge',
+          author: { _account_id: 1003, name: 'Lint Bot' },
+          date: '2024-01-15 11:32:00.000000000',
+        },
+      ]
+
+      const filtered = filterMeaningfulMessages(messages)
+
+      expect(filtered).toHaveLength(3)
+      expect(filtered.map((m) => m.id)).toEqual(['msg1', 'msg2', 'msg3'])
+    })
+
+    test('should handle messages without author', () => {
+      const messages: MessageInfo[] = [
+        {
+          id: 'msg1',
+          message: 'System message',
+          date: '2024-01-15 11:30:00.000000000',
+        },
+      ]
+
+      const filtered = filterMeaningfulMessages(messages)
+
+      expect(filtered).toHaveLength(1)
+      expect(filtered[0].id).toBe('msg1')
+    })
+
+    test('should handle empty input array', () => {
+      const filtered = filterMeaningfulMessages([])
+
+      expect(filtered).toHaveLength(0)
+    })
+  })
+
+  describe('sortMessagesByDate', () => {
+    test('should sort messages by date with newest first', () => {
+      const messages: MessageInfo[] = [
+        {
+          id: 'msg1',
+          message: 'First message',
+          date: '2024-01-15 11:30:00.000000000',
+          author: { _account_id: 1001 },
+        },
+        {
+          id: 'msg2',
+          message: 'Second message',
+          date: '2024-01-15 11:31:00.000000000',
+          author: { _account_id: 1002 },
+        },
+        {
+          id: 'msg3',
+          message: 'Third message',
+          date: '2024-01-15 11:29:00.000000000',
+          author: { _account_id: 1003 },
+        },
+      ]
+
+      const sorted = sortMessagesByDate(messages)
+
+      expect(sorted.map((m) => m.id)).toEqual(['msg2', 'msg1', 'msg3'])
+    })
+
+    test('should handle messages with same timestamp', () => {
+      const messages: MessageInfo[] = [
+        {
+          id: 'msg1',
+          message: 'First message',
+          date: '2024-01-15 11:30:00.000000000',
+          author: { _account_id: 1001 },
+        },
+        {
+          id: 'msg2',
+          message: 'Second message',
+          date: '2024-01-15 11:30:00.000000000',
+          author: { _account_id: 1002 },
+        },
+      ]
+
+      const sorted = sortMessagesByDate(messages)
+
+      expect(sorted).toHaveLength(2)
+      // Order should be maintained for same timestamps
+      expect(sorted.map((m) => m.id)).toEqual(['msg1', 'msg2'])
+    })
+
+    test('should not mutate original array', () => {
+      const messages: MessageInfo[] = [
+        {
+          id: 'msg1',
+          message: 'First message',
+          date: '2024-01-15 11:31:00.000000000',
+          author: { _account_id: 1001 },
+        },
+        {
+          id: 'msg2',
+          message: 'Second message',
+          date: '2024-01-15 11:30:00.000000000',
+          author: { _account_id: 1002 },
+        },
+      ]
+
+      const originalOrder = messages.map((m) => m.id)
+      const sorted = sortMessagesByDate(messages)
+
+      expect(messages.map((m) => m.id)).toEqual(originalOrder)
+      expect(sorted.map((m) => m.id)).toEqual(['msg1', 'msg2'])
+    })
+
+    test('should handle empty input array', () => {
+      const sorted = sortMessagesByDate([])
+
+      expect(sorted).toHaveLength(0)
+    })
+
+    test('should handle readonly arrays', () => {
+      const messages: readonly MessageInfo[] = [
+        {
+          id: 'msg1',
+          message: 'Message',
+          date: '2024-01-15 11:30:00.000000000',
+          author: { _account_id: 1001 },
+        },
+      ] as const
+
+      const sorted = sortMessagesByDate(messages)
+
+      expect(sorted).toHaveLength(1)
+      expect(sorted[0].id).toBe('msg1')
+    })
+  })
+})

package/tests/unit/utils/shell-safety.test.ts

@@ -0,0 +1,230 @@
+import { test, expect, describe } from 'bun:test'
+import { Effect } from 'effect'
+import {
+  sanitizeUrl,
+  sanitizeUrlSync,
+  getOpenCommand,
+  sanitizeCDATA,
+  escapeXML,
+} from '@/utils/shell-safety'
+
+describe('Shell Safety Utilities', () => {
+  describe('sanitizeUrl (Effect-based)', () => {
+    test('should accept valid HTTPS URLs', async () => {
+      const url = 'https://gerrit.example.com/c/project/+/12345'
+      const result = await Effect.runPromise(sanitizeUrl(url).pipe(Effect.either))
+
+      expect(result._tag).toBe('Right')
+      if (result._tag === 'Right') {
+        expect(result.right).toBe(url)
+      }
+    })
+
+    test('should reject HTTP URLs', async () => {
+      const url = 'http://gerrit.example.com/c/project/+/12345'
+      const result = await Effect.runPromise(sanitizeUrl(url).pipe(Effect.either))
+
+      expect(result._tag).toBe('Left')
+      if (result._tag === 'Left') {
+        expect(result.left.message).toContain('Invalid protocol')
+      }
+    })
+
+    test('should reject URLs with dangerous characters', async () => {
+      const dangerousUrls = [
+        'https://gerrit.example.com/c/project/+/12345;rm -rf /',
+        'https://gerrit.example.com/c/project/+/12345`whoami`',
+        'https://gerrit.example.com/c/project/+/12345$(whoami)',
+        'https://gerrit.example.com/c/project/+/12345|ls',
+        'https://gerrit.example.com/c/project/+/12345&sleep 10',
+      ]
+
+      for (const url of dangerousUrls) {
+        const result = await Effect.runPromise(sanitizeUrl(url).pipe(Effect.either))
+        expect(result._tag).toBe('Left')
+        if (result._tag === 'Left') {
+          expect(result.left.message).toContain('dangerous characters')
+        }
+      }
+    })
+
+    test('should reject malformed URLs', async () => {
+      const invalidUrls = ['not-a-url', 'https://', 'https:///', '', 'ftp://example.com']
+
+      for (const url of invalidUrls) {
+        const result = await Effect.runPromise(sanitizeUrl(url).pipe(Effect.either))
+        expect(result._tag).toBe('Left')
+        if (result._tag === 'Left') {
+          expect(result.left.message).toContain('Invalid')
+        }
+      }
+    })
+
+    test('should accept complex but safe URLs', async () => {
+      const safeUrls = [
+        'https://gerrit.example.com/c/project/+/12345',
+        'https://gerrit.example.com/c/my-project/+/12345/1',
+        'https://gerrit.example.com:8080/c/project/+/12345',
+        'https://gerrit-review.example.com/c/project-name/+/12345',
+      ]
+
+      for (const url of safeUrls) {
+        const result = await Effect.runPromise(sanitizeUrl(url).pipe(Effect.either))
+        expect(result._tag).toBe('Right')
+        if (result._tag === 'Right') {
+          expect(result.right).toBe(url)
+        }
+      }
+    })
+  })
+
+  describe('sanitizeUrlSync (synchronous)', () => {
+    test('should accept valid HTTPS URLs', () => {
+      const url = 'https://gerrit.example.com/c/project/+/12345'
+      expect(() => sanitizeUrlSync(url)).not.toThrow()
+      expect(sanitizeUrlSync(url)).toBe(url)
+    })
+
+    test('should reject HTTP URLs', () => {
+      const url = 'http://gerrit.example.com/c/project/+/12345'
+      expect(() => sanitizeUrlSync(url)).toThrow('Invalid protocol')
+    })
+
+    test('should reject URLs with dangerous characters', () => {
+      const url = 'https://gerrit.example.com/c/project/+/12345;rm -rf /'
+      expect(() => sanitizeUrlSync(url)).toThrow('dangerous characters')
+    })
+
+    test('should reject malformed URLs', () => {
+      const url = 'not-a-url'
+      expect(() => sanitizeUrlSync(url)).toThrow('Invalid URL format')
+    })
+  })
+
+  describe('getOpenCommand', () => {
+    test('should return correct command for each platform', () => {
+      const originalPlatform = process.platform
+
+      // Test macOS
+      Object.defineProperty(process, 'platform', { value: 'darwin' })
+      expect(getOpenCommand()).toBe('open')
+
+      // Test Windows
+      Object.defineProperty(process, 'platform', { value: 'win32' })
+      expect(getOpenCommand()).toBe('start')
+
+      // Test Linux
+      Object.defineProperty(process, 'platform', { value: 'linux' })
+      expect(getOpenCommand()).toBe('xdg-open')
+
+      // Test other Unix-like systems
+      Object.defineProperty(process, 'platform', { value: 'freebsd' })
+      expect(getOpenCommand()).toBe('xdg-open')
+
+      // Restore original platform
+      Object.defineProperty(process, 'platform', { value: originalPlatform })
+    })
+  })
+
+  describe('URL edge cases', () => {
+    test('should handle URLs with ports', () => {
+      const url = 'https://gerrit.example.com:8080/c/project/+/12345'
+      expect(() => sanitizeUrlSync(url)).not.toThrow()
+      expect(sanitizeUrlSync(url)).toBe(url)
+    })
+
+    test('should handle URLs with query parameters', () => {
+      const url = 'https://gerrit.example.com/c/project/+/12345?tab=comments'
+      expect(() => sanitizeUrlSync(url)).not.toThrow()
+      expect(sanitizeUrlSync(url)).toBe(url)
+    })
+
+    test('should handle URLs with fragments', () => {
+      const url = 'https://gerrit.example.com/c/project/+/12345#message-abc123'
+      expect(() => sanitizeUrlSync(url)).not.toThrow()
+      expect(sanitizeUrlSync(url)).toBe(url)
+    })
+
+    test('should reject URLs with empty hostnames', () => {
+      // Note: new URL('https:///path') actually creates a valid URL object with hostname 'c'
+      // So let's test with a truly malformed URL
+      expect(() => sanitizeUrlSync('https:///')).toThrow('Invalid URL format')
+    })
+  })
+
+  describe('sanitizeCDATA', () => {
+    test('should handle normal text content', () => {
+      const input = 'This is normal text content\nwith multiple lines'
+      expect(sanitizeCDATA(input)).toBe(input)
+    })
+
+    test('should escape CDATA end sequences', () => {
+      const input = 'Some content with ]]> dangerous sequence'
+      const expected = 'Some content with ]]> dangerous sequence'
+      expect(sanitizeCDATA(input)).toBe(expected)
+    })
+
+    test('should remove null bytes', () => {
+      const input = 'Content with\x00null bytes'
+      const expected = 'Content withnull bytes'
+      expect(sanitizeCDATA(input)).toBe(expected)
+    })
+
+    test('should remove control characters but keep allowed ones', () => {
+      const input = 'Content\twith\ntab\rand\x08backspace\x1fcontrol'
+      const expected = 'Content\twith\ntab\randbackspacecontrol'
+      expect(sanitizeCDATA(input)).toBe(expected)
+    })
+
+    test('should handle empty string', () => {
+      expect(sanitizeCDATA('')).toBe('')
+    })
+
+    test('should throw error for non-string input', () => {
+      expect(() => sanitizeCDATA(123 as never)).toThrow('Content must be a string')
+      expect(() => sanitizeCDATA(null as never)).toThrow('Content must be a string')
+      expect(() => sanitizeCDATA(undefined as never)).toThrow('Content must be a string')
+    })
+
+    test('should handle complex CDATA injection attempts', () => {
+      const input = 'Normal content]]><script>alert("xss")</script><![CDATA[more content'
+      const expected = 'Normal content]]&gt;<script>alert("xss")</script><![CDATA[more content'
+      expect(sanitizeCDATA(input)).toBe(expected)
+    })
+  })
+
+  describe('escapeXML', () => {
+    test('should escape all XML special characters', () => {
+      const input = 'Text with & < > " \' characters'
+      const expected = 'Text with &amp; &lt; &gt; &quot; &apos; characters'
+      expect(escapeXML(input)).toBe(expected)
+    })
+
+    test('should handle normal text without special characters', () => {
+      const input = 'Normal text content'
+      expect(escapeXML(input)).toBe(input)
+    })
+
+    test('should handle empty string', () => {
+      expect(escapeXML('')).toBe('')
+    })
+
+    test('should throw error for non-string input', () => {
+      expect(() => escapeXML(123 as never)).toThrow('Content must be a string')
+      expect(() => escapeXML(null as never)).toThrow('Content must be a string')
+      expect(() => escapeXML(undefined as never)).toThrow('Content must be a string')
+    })
+
+    test('should handle complex XML injection attempts', () => {
+      const input = '<script src="evil.js"></script>&malicious;'
+      const expected = '&lt;script src=&quot;evil.js&quot;&gt;&lt;/script&gt;&amp;malicious;'
+      expect(escapeXML(input)).toBe(expected)
+    })
+
+    test('should handle ampersand properly', () => {
+      const input = 'AT&T & Johnson & Johnson'
+      const expected = 'AT&amp;T &amp; Johnson &amp; Johnson'
+      expect(escapeXML(input)).toBe(expected)
+    })
+  })
+})

package/tests/unit/utils/status-indicators.test.ts

@@ -0,0 +1,137 @@
+import { test, expect, describe } from 'bun:test'
+import {
+  getStatusIndicators,
+  getStatusString,
+  getLabelValue,
+  getLabelColor,
+  DEFAULT_STATUS_INDICATORS,
+} from '@/utils/status-indicators'
+import { generateMockChange } from '@/test-utils/mock-generator'
+
+describe('Status Indicators Utility', () => {
+  describe('getStatusIndicators', () => {
+    test('should return approved indicators for approved changes', () => {
+      const change = generateMockChange({
+        labels: {
+          'Code-Review': { approved: { _account_id: 1 }, value: 2 },
+          Verified: { approved: { _account_id: 1 }, value: 1 },
+        },
+      })
+
+      const indicators = getStatusIndicators(change)
+      expect(indicators).toEqual(['✓'])
+    })
+
+    test('should return rejected indicators for rejected changes', () => {
+      const change = generateMockChange({
+        labels: {
+          'Code-Review': { rejected: { _account_id: 1 }, value: -2 },
+          Verified: { rejected: { _account_id: 1 }, value: -1 },
+        },
+      })
+
+      const indicators = getStatusIndicators(change)
+      expect(indicators).toEqual(['✗', '✗'])
+    })
+
+    test('should return recommended and disliked indicators', () => {
+      const change1 = generateMockChange({
+        labels: {
+          'Code-Review': { recommended: { _account_id: 1 }, value: 1 },
+        },
+      })
+
+      const change2 = generateMockChange({
+        labels: {
+          'Code-Review': { disliked: { _account_id: 1 }, value: -1 },
+        },
+      })
+
+      expect(getStatusIndicators(change1)).toEqual(['↑'])
+      expect(getStatusIndicators(change2)).toEqual(['↓'])
+    })
+
+    test('should handle empty labels', () => {
+      const change = generateMockChange({ labels: {} })
+      expect(getStatusIndicators(change)).toEqual([])
+    })
+
+    test('should handle undefined labels', () => {
+      const change = generateMockChange({ labels: undefined })
+      expect(getStatusIndicators(change)).toEqual([])
+    })
+
+    test('should use custom indicator config', () => {
+      const customConfig = {
+        ...DEFAULT_STATUS_INDICATORS,
+        approved: '🟢',
+        rejected: '🔴',
+      }
+
+      const change = generateMockChange({
+        labels: {
+          'Code-Review': { approved: { _account_id: 1 }, value: 2 },
+        },
+      })
+
+      const indicators = getStatusIndicators(change, customConfig)
+      expect(indicators).toEqual(['🟢'])
+    })
+  })
+
+  describe('getStatusString', () => {
+    test('should return padded status string', () => {
+      const change = generateMockChange({
+        labels: {
+          'Code-Review': { recommended: { _account_id: 1 }, value: 1 },
+        },
+      })
+
+      const statusString = getStatusString(change, undefined, 10)
+      expect(statusString).toBe('↑         ')
+      expect(statusString.length).toBe(10)
+    })
+
+    test('should return empty padded string for no indicators', () => {
+      const change = generateMockChange({ labels: {} })
+      const statusString = getStatusString(change, undefined, 8)
+      expect(statusString).toBe('        ')
+      expect(statusString.length).toBe(8)
+    })
+  })
+
+  describe('getLabelValue', () => {
+    test('should extract numeric values correctly', () => {
+      expect(getLabelValue({ value: 2 })).toBe(2)
+      expect(getLabelValue({ value: -1 })).toBe(-1)
+      expect(getLabelValue({ value: 0 })).toBe(0)
+    })
+
+    test('should return 0 for invalid inputs', () => {
+      expect(getLabelValue({})).toBe(0)
+      expect(getLabelValue({ notValue: 2 })).toBe(0)
+      expect(getLabelValue({ value: 'string' })).toBe(0)
+      expect(getLabelValue(null)).toBe(0)
+      expect(getLabelValue(undefined)).toBe(0)
+      expect(getLabelValue('string')).toBe(0)
+      expect(getLabelValue(123)).toBe(0)
+    })
+  })
+
+  describe('getLabelColor', () => {
+    test('should return correct colors for label values', () => {
+      expect(getLabelColor(2)).toBe('green')
+      expect(getLabelColor(1)).toBe('green')
+      expect(getLabelColor(0)).toBe('yellow')
+      expect(getLabelColor(-1)).toBe('red')
+      expect(getLabelColor(-2)).toBe('red')
+    })
+
+    test('should handle edge cases', () => {
+      expect(getLabelColor(0.1)).toBe('green')
+      expect(getLabelColor(-0.1)).toBe('red')
+      expect(getLabelColor(100)).toBe('green')
+      expect(getLabelColor(-100)).toBe('red')
+    })
+  })
+})