@blackbelt-technology/pi-agent-dashboard 0.2.8 → 0.3.0

package/packages/server/src/__tests__/pi-core-updater.test.ts

@@ -0,0 +1,214 @@
+import { describe, it, expect, vi, beforeEach } from "vitest";
+import { PiCoreUpdater } from "../pi-core-updater.js";
+import {
+	PackageManagerWrapper,
+	PackageOperationBusyError,
+} from "../package-manager-wrapper.js";
+import type { PiCorePackage } from "@blackbelt-technology/pi-dashboard-shared/rest-api.js";
+
+// Pi PM is mocked in other tests via vi.mock; we don't need it here because
+// we never call the install/remove/update methods — only runExclusive().
+vi.mock("@mariozechner/pi-coding-agent", () => ({
+	DefaultPackageManager: function () {
+		return {};
+	},
+	SettingsManager: { create: () => ({}) },
+}));
+
+function pkg(name: string, source: "global" | "managed" = "global"): PiCorePackage {
+	return {
+		name,
+		displayName: name,
+		currentVersion: "0.1.0",
+		latestVersion: "0.2.0",
+		updateAvailable: true,
+		installSource: source,
+	};
+}
+
+describe("PiCoreUpdater", () => {
+	let wrapper: PackageManagerWrapper;
+
+	beforeEach(() => {
+		wrapper = new PackageManagerWrapper();
+	});
+
+	it("updates packages sequentially and emits start/output/complete events", async () => {
+		const events: Array<{ name: string; phase: string; message?: string }> = [];
+		const updater = new PiCoreUpdater({
+			packageManagerWrapper: wrapper,
+			runNpmUpdate: async (p, onOutput) => {
+				onOutput("added 1 package");
+			},
+		});
+		updater.setProgressListener((e) => events.push(e));
+
+		const out = await updater.update([pkg("pi-foo"), pkg("pi-bar")]);
+
+		expect(out.results).toEqual([
+			{ name: "pi-foo", success: true },
+			{ name: "pi-bar", success: true },
+		]);
+		// Per-package: start, output, complete
+		const phases = events.map((e) => `${e.name}:${e.phase}`);
+		expect(phases).toEqual([
+			"pi-foo:start",
+			"pi-foo:output",
+			"pi-foo:complete",
+			"pi-bar:start",
+			"pi-bar:output",
+			"pi-bar:complete",
+		]);
+	});
+
+	it("continues after a failure and reports per-package errors", async () => {
+		const updater = new PiCoreUpdater({
+			packageManagerWrapper: wrapper,
+			runNpmUpdate: async (p) => {
+				if (p.name === "pi-bad") throw new Error("npm update exited with code 1");
+			},
+		});
+		const events: Array<{ phase: string }> = [];
+		updater.setProgressListener((e) => events.push({ phase: e.phase }));
+
+		const out = await updater.update([pkg("pi-bad"), pkg("pi-good")]);
+
+		expect(out.results).toEqual([
+			{ name: "pi-bad", success: false, error: "npm update exited with code 1" },
+			{ name: "pi-good", success: true },
+		]);
+		// First package emits start + error; second emits start + complete
+		expect(events.map((e) => e.phase)).toEqual(["start", "error", "start", "complete"]);
+	});
+
+	it("invokes onAllComplete only when at least one package succeeded", async () => {
+		const onAllComplete = vi.fn().mockResolvedValue(3);
+		const updater = new PiCoreUpdater({
+			packageManagerWrapper: wrapper,
+			runNpmUpdate: async () => {
+				/* success */
+			},
+			onAllComplete,
+		});
+
+		const out = await updater.update([pkg("pi-foo")]);
+		expect(out.sessionsReloaded).toBe(3);
+		expect(onAllComplete).toHaveBeenCalledTimes(1);
+	});
+
+	it("skips onAllComplete when all packages fail", async () => {
+		const onAllComplete = vi.fn().mockResolvedValue(99);
+		const updater = new PiCoreUpdater({
+			packageManagerWrapper: wrapper,
+			runNpmUpdate: async () => {
+				throw new Error("boom");
+			},
+			onAllComplete,
+		});
+
+		const out = await updater.update([pkg("pi-foo"), pkg("pi-bar")]);
+		expect(out.sessionsReloaded).toBe(0);
+		expect(onAllComplete).not.toHaveBeenCalled();
+		expect(out.results.every((r) => !r.success)).toBe(true);
+	});
+
+	it("returns 0 sessionsReloaded and does not throw when onAllComplete rejects", async () => {
+		const onAllComplete = vi.fn().mockRejectedValue(new Error("reload failed"));
+		const updater = new PiCoreUpdater({
+			packageManagerWrapper: wrapper,
+			runNpmUpdate: async () => {
+				/* success */
+			},
+			onAllComplete,
+		});
+
+		const out = await updater.update([pkg("pi-foo")]);
+		expect(out.results[0].success).toBe(true);
+		expect(out.sessionsReloaded).toBe(0);
+	});
+
+	it("acquires the shared busy-lock and throws when wrapper is already busy", async () => {
+		// Start a long-running runExclusive on the wrapper to simulate an
+		// extension operation in flight.
+		let release!: () => void;
+		const held = new Promise<void>((r) => {
+			release = r;
+		});
+		const locked = wrapper.runExclusive(() => held);
+
+		const updater = new PiCoreUpdater({
+			packageManagerWrapper: wrapper,
+			runNpmUpdate: async () => {
+				/* no-op */
+			},
+		});
+
+		await expect(updater.update([pkg("pi-foo")])).rejects.toBeInstanceOf(
+			PackageOperationBusyError,
+		);
+
+		// Release the held lock and confirm a subsequent update succeeds.
+		release();
+		await locked;
+
+		const out = await updater.update([pkg("pi-foo")]);
+		expect(out.results[0].success).toBe(true);
+	});
+
+	it("releases the busy-lock after update completes (success path)", async () => {
+		const updater = new PiCoreUpdater({
+			packageManagerWrapper: wrapper,
+			runNpmUpdate: async () => {
+				/* success */
+			},
+		});
+		await updater.update([pkg("pi-foo")]);
+		expect(wrapper.isBusy()).toBe(false);
+		// Second call should be immediately permitted.
+		const out = await updater.update([pkg("pi-bar")]);
+		expect(out.results[0].success).toBe(true);
+	});
+
+	it("releases the busy-lock even when every package fails", async () => {
+		const updater = new PiCoreUpdater({
+			packageManagerWrapper: wrapper,
+			runNpmUpdate: async () => {
+				throw new Error("nope");
+			},
+		});
+		await updater.update([pkg("pi-foo")]);
+		expect(wrapper.isBusy()).toBe(false);
+	});
+
+	it("passes install-source-aware args & cwd to runNpmUpdate", async () => {
+		const seen: Array<{ name: string; source: "global" | "managed" }> = [];
+		const updater = new PiCoreUpdater({
+			packageManagerWrapper: wrapper,
+			runNpmUpdate: async (p) => {
+				seen.push({ name: p.name, source: p.installSource });
+			},
+		});
+		await updater.update([pkg("pi-foo", "global"), pkg("pi-bar", "managed")]);
+		expect(seen).toEqual([
+			{ name: "pi-foo", source: "global" },
+			{ name: "pi-bar", source: "managed" },
+		]);
+	});
+
+	it("swallows progress-listener exceptions without failing the update", async () => {
+		const updater = new PiCoreUpdater({
+			packageManagerWrapper: wrapper,
+			runNpmUpdate: async () => {
+				/* success */
+			},
+		});
+		updater.setProgressListener(() => {
+			throw new Error("listener explosion");
+		});
+		// Silence the console.error emitted by the safe-emit guard
+		const err = vi.spyOn(console, "error").mockImplementation(() => {});
+		const out = await updater.update([pkg("pi-foo")]);
+		expect(out.results[0].success).toBe(true);
+		err.mockRestore();
+	});
+});

package/packages/server/src/__tests__/provider-auth-routes.test.ts

@@ -44,14 +44,22 @@ function createMockPiGateway() {
   } as any;
 }
 
+function createMockBrowserGateway() {
+  return {
+    broadcastToAll: vi.fn(),
+  } as any;
+}
+
 describe("provider-auth-routes", () => {
   let app: ReturnType<typeof Fastify>;
   let piGateway: ReturnType<typeof createMockPiGateway>;
+  let browserGateway: ReturnType<typeof createMockBrowserGateway>;
 
   beforeEach(async () => {
     app = Fastify();
     piGateway = createMockPiGateway();
-    registerProviderAuthRoutes(app, { piGateway });
+    browserGateway = createMockBrowserGateway();
+    registerProviderAuthRoutes(app, { piGateway, browserGateway });
     await app.ready();
   });
 
@@ -106,7 +114,7 @@ describe("provider-auth-routes", () => {
 
   // /exchange endpoint removed — token exchange happens in the callback server's onCode
 
-  it("PUT /api/provider-auth/api-key saves and notifies", async () => {
+  it("PUT /api/provider-auth/api-key saves and notifies bridges and browsers", async () => {
     const { writeCredential } = await import("../provider-auth-storage.js");
     const res = await app.inject({
       method: "PUT",
@@ -117,9 +125,10 @@ describe("provider-auth-routes", () => {
     expect(JSON.parse(res.payload).ok).toBe(true);
     expect(writeCredential).toHaveBeenCalledWith("openai", { type: "api_key", key: "sk-test" });
     expect(piGateway.broadcast).toHaveBeenCalledWith({ type: "credentials_updated" });
+    expect(browserGateway.broadcastToAll).toHaveBeenCalledWith({ type: "models_refreshed" });
   });
 
-  it("DELETE /api/provider-auth/:provider removes and notifies", async () => {
+  it("DELETE /api/provider-auth/:provider removes and notifies bridges and browsers", async () => {
     const { removeCredential } = await import("../provider-auth-storage.js");
     const res = await app.inject({
       method: "DELETE",
@@ -128,6 +137,7 @@ describe("provider-auth-routes", () => {
     expect(res.statusCode).toBe(200);
     expect(removeCredential).toHaveBeenCalledWith("anthropic");
     expect(piGateway.broadcast).toHaveBeenCalledWith({ type: "credentials_updated" });
+    expect(browserGateway.broadcastToAll).toHaveBeenCalledWith({ type: "models_refreshed" });
   });
 
   // /callback/:provider route removed — temp callback server handles this directly

package/packages/server/src/__tests__/recommended-routes.test.ts

@@ -0,0 +1,389 @@
+/**
+ * Tests for the GET /api/packages/recommended route and its helpers.
+ */
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+import Fastify, { type FastifyInstance } from "fastify";
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+
+// Mock pi dependency (pulled transitively by package-manager-wrapper)
+vi.mock("@mariozechner/pi-coding-agent", () => ({
+	DefaultPackageManager: function () {
+		return {};
+	},
+	SettingsManager: { create: () => ({}) },
+}));
+
+// Mock the npm-search-proxy so we can assert enrichment + failure paths.
+vi.mock("../npm-search-proxy.js", () => ({
+	fetchPackageMeta: vi.fn(),
+	fetchGithubPackageJson: vi.fn(),
+}));
+
+import { fetchPackageMeta, fetchGithubPackageJson } from "../npm-search-proxy.js";
+import {
+	registerRecommendedRoutes,
+	invalidateRecommendedCache,
+	parseSourceKey,
+	sourcesMatch,
+} from "../routes/recommended-routes.js";
+
+function makeWrapper(installed: {
+	global?: Array<{ source: string; installedPath?: string }>;
+	local?: Array<{ source: string; installedPath?: string }>;
+}): any {
+	return {
+		listInstalled: vi.fn(async (scope: string) =>
+			scope === "global" ? installed.global ?? [] : installed.local ?? [],
+		),
+	};
+}
+
+describe("parseSourceKey", () => {
+	it("parses npm: sources", () => {
+		expect(parseSourceKey("npm:pi-web-access")).toEqual({
+			kind: "npm",
+			name: "pi-web-access",
+		});
+	});
+
+	it("parses scoped npm: sources", () => {
+		expect(parseSourceKey("npm:@tintinweb/pi-subagents")).toEqual({
+			kind: "npm",
+			name: "@tintinweb/pi-subagents",
+		});
+	});
+
+	it("strips version from npm: sources", () => {
+		expect(parseSourceKey("npm:pi-web-access@1.2.3")).toEqual({
+			kind: "npm",
+			name: "pi-web-access",
+		});
+		expect(parseSourceKey("npm:@scope/pkg@1.0.0")).toEqual({
+			kind: "npm",
+			name: "@scope/pkg",
+		});
+	});
+
+	it("parses git@ SSH URLs", () => {
+		expect(parseSourceKey("git@github.com:BlackBeltTechnology/pi-flows.git")).toEqual({
+			kind: "git",
+			host: "github.com",
+			owner: "BlackBeltTechnology",
+			repo: "pi-flows",
+		});
+	});
+
+	it("parses https git URLs", () => {
+		expect(
+			parseSourceKey("https://github.com/BlackBeltTechnology/pi-flows.git"),
+		).toEqual({
+			kind: "git",
+			host: "github.com",
+			owner: "BlackBeltTechnology",
+			repo: "pi-flows",
+		});
+	});
+
+	it("falls back to raw for unknown forms", () => {
+		expect(parseSourceKey("/local/path")).toEqual({
+			kind: "raw",
+			source: "/local/path",
+		});
+	});
+});
+
+describe("sourcesMatch", () => {
+	it("matches npm sources with and without version", () => {
+		expect(sourcesMatch("npm:pi-web-access", "npm:pi-web-access@1.0.0")).toBe(true);
+	});
+
+	it("matches git SSH and HTTPS forms of the same repo", () => {
+		expect(
+			sourcesMatch(
+				"git@github.com:BlackBeltTechnology/pi-flows.git",
+				"https://github.com/BlackBeltTechnology/pi-flows.git",
+			),
+		).toBe(true);
+	});
+
+	it("is case-insensitive on the git host/owner/repo", () => {
+		expect(
+			sourcesMatch(
+				"git@github.com:BlackBeltTechnology/pi-flows.git",
+				"git@github.com:blackbelttechnology/pi-flows.git",
+			),
+		).toBe(true);
+	});
+
+	it("distinguishes different repos", () => {
+		expect(
+			sourcesMatch(
+				"git@github.com:BlackBeltTechnology/pi-flows.git",
+				"git@github.com:BlackBeltTechnology/pi-anthropic-messages.git",
+			),
+		).toBe(false);
+	});
+
+	it("matches a git URL against a local path whose basename equals the repo name", () => {
+		expect(
+			sourcesMatch(
+				"git@github.com:BlackBeltTechnology/pi-flows.git",
+				"../pi-flows",
+			),
+		).toBe(true);
+		expect(
+			sourcesMatch(
+				"../pi-anthropic-messages",
+				"git@github.com:BlackBeltTechnology/pi-anthropic-messages.git",
+			),
+		).toBe(true);
+		expect(
+			sourcesMatch(
+				"git@github.com:BlackBeltTechnology/pi-flows.git",
+				"/home/user/src/pi-flows/",
+			),
+		).toBe(true);
+	});
+
+	it("does not cross-match a git URL against an unrelated local path", () => {
+		expect(
+			sourcesMatch(
+				"git@github.com:BlackBeltTechnology/pi-flows.git",
+				"../pi-web-access",
+			),
+		).toBe(false);
+	});
+});
+
+describe("GET /api/packages/recommended", () => {
+	let fastify: FastifyInstance;
+	let tmpHome: string;
+	let origCwd: string;
+
+	beforeEach(() => {
+		invalidateRecommendedCache();
+		vi.mocked(fetchPackageMeta).mockReset();
+		vi.mocked(fetchGithubPackageJson).mockReset();
+
+		tmpHome = fs.mkdtempSync(path.join(os.tmpdir(), "pi-rec-"));
+		process.env.HOME = tmpHome;
+
+		// chdir to a clean subdirectory so the route's CWD-based local
+		// settings read doesn't pick up the host repo's .pi/settings.json.
+		origCwd = process.cwd();
+		const scratchCwd = path.join(tmpHome, "scratch");
+		fs.mkdirSync(scratchCwd, { recursive: true });
+		process.chdir(scratchCwd);
+	});
+
+	afterEach(async () => {
+		if (fastify) await fastify.close();
+		process.chdir(origCwd);
+		if (fs.existsSync(tmpHome)) fs.rmSync(tmpHome, { recursive: true, force: true });
+	});
+
+	async function setupRoute(installed: {
+		global?: Array<{ source: string; installedPath?: string }>;
+		local?: Array<{ source: string; installedPath?: string }>;
+	} = {}): Promise<FastifyInstance> {
+		fastify = Fastify();
+		const wrapper = makeWrapper(installed);
+		registerRecommendedRoutes(fastify, { packageManagerWrapper: wrapper });
+		await fastify.ready();
+		return fastify;
+	}
+
+	it("returns the 5 manifest entries with default (offline) descriptions", async () => {
+		vi.mocked(fetchPackageMeta).mockResolvedValue(null);
+		vi.mocked(fetchGithubPackageJson).mockResolvedValue(null);
+		await setupRoute();
+
+		const res = await fastify.inject({
+			method: "GET",
+			url: "/api/packages/recommended",
+		});
+		expect(res.statusCode).toBe(200);
+		const body = JSON.parse(res.payload);
+		expect(body.success).toBe(true);
+		const entries = body.data.recommended;
+		expect(entries).toHaveLength(5);
+		// Every entry falls back to fallbackDescription and has no version.
+		for (const e of entries) {
+			expect(typeof e.description).toBe("string");
+			expect(e.description.length).toBeGreaterThan(10);
+			expect(e.version).toBeUndefined();
+			expect(e.installed.scope).toBeNull();
+			expect(e.activeInPi).toBe(false);
+			expect(e.updateAvailable).toBe(false);
+		}
+	});
+
+	it("uses npm metadata when registry is reachable", async () => {
+		vi.mocked(fetchPackageMeta).mockImplementation(async (name: string) => {
+			if (name === "pi-web-access") {
+				return { description: "LIVE npm desc", version: "9.9.9" };
+			}
+			return null;
+		});
+		vi.mocked(fetchGithubPackageJson).mockResolvedValue(null);
+		await setupRoute();
+
+		const res = await fastify.inject({ method: "GET", url: "/api/packages/recommended" });
+		const body = JSON.parse(res.payload);
+		const pwa = body.data.recommended.find((e: any) => e.id === "pi-web-access");
+		expect(pwa.description).toBe("LIVE npm desc");
+		expect(pwa.version).toBe("9.9.9");
+	});
+
+	it("uses GitHub metadata for git-sourced entries", async () => {
+		vi.mocked(fetchPackageMeta).mockResolvedValue(null);
+		vi.mocked(fetchGithubPackageJson).mockImplementation(async (owner, repo) => {
+			if (owner === "BlackBeltTechnology" && repo === "pi-flows") {
+				return { description: "LIVE github desc", version: "0.1.0" };
+			}
+			return null;
+		});
+		await setupRoute();
+
+		const res = await fastify.inject({ method: "GET", url: "/api/packages/recommended" });
+		const body = JSON.parse(res.payload);
+		const flows = body.data.recommended.find((e: any) => e.id === "pi-flows");
+		expect(flows.description).toBe("LIVE github desc");
+		expect(flows.version).toBe("0.1.0");
+	});
+
+	it("reports installed + activeInPi correctly when settings.json lists the source", async () => {
+		vi.mocked(fetchPackageMeta).mockResolvedValue(null);
+		vi.mocked(fetchGithubPackageJson).mockResolvedValue(null);
+
+		// Write settings.json with pi-web-access as an active package
+		const settingsDir = path.join(tmpHome, ".pi", "agent");
+		fs.mkdirSync(settingsDir, { recursive: true });
+		fs.writeFileSync(
+			path.join(settingsDir, "settings.json"),
+			JSON.stringify({ packages: ["npm:pi-web-access"] }),
+		);
+
+		await setupRoute({
+			global: [{ source: "npm:pi-web-access", installedPath: "/fake" }],
+		});
+
+		const res = await fastify.inject({ method: "GET", url: "/api/packages/recommended" });
+		const body = JSON.parse(res.payload);
+		const pwa = body.data.recommended.find((e: any) => e.id === "pi-web-access");
+		expect(pwa.installed.scope).toBe("global");
+		expect(pwa.activeInPi).toBe(true);
+
+		// Entries not in settings.json remain inactive
+		const browser = body.data.recommended.find((e: any) => e.id === "pi-agent-browser");
+		expect(browser.installed.scope).toBeNull();
+		expect(browser.activeInPi).toBe(false);
+	});
+
+	it("matches git SSH source against git HTTPS active source", async () => {
+		vi.mocked(fetchPackageMeta).mockResolvedValue(null);
+		vi.mocked(fetchGithubPackageJson).mockResolvedValue(null);
+
+		const settingsDir = path.join(tmpHome, ".pi", "agent");
+		fs.mkdirSync(settingsDir, { recursive: true });
+		// User wrote HTTPS in settings; manifest has SSH. They should match.
+		fs.writeFileSync(
+			path.join(settingsDir, "settings.json"),
+			JSON.stringify({
+				packages: ["https://github.com/BlackBeltTechnology/pi-flows.git"],
+			}),
+		);
+
+		await setupRoute();
+		const res = await fastify.inject({ method: "GET", url: "/api/packages/recommended" });
+		const body = JSON.parse(res.payload);
+		const flows = body.data.recommended.find((e: any) => e.id === "pi-flows");
+		expect(flows.activeInPi).toBe(true);
+	});
+
+	it("matches git manifest source against a local-path active source (basename heuristic)", async () => {
+		vi.mocked(fetchPackageMeta).mockResolvedValue(null);
+		vi.mocked(fetchGithubPackageJson).mockResolvedValue(null);
+
+		// User has pi-flows checked out locally and registered via `pi install -l`
+		// which records the local path in .pi/settings.json. The manifest has the
+		// git SSH URL. The two should still match via basename.
+		const projectDir = path.join(tmpHome, "workspace");
+		fs.mkdirSync(path.join(projectDir, ".pi"), { recursive: true });
+		fs.writeFileSync(
+			path.join(projectDir, ".pi", "settings.json"),
+			JSON.stringify({ packages: ["../pi-flows", "../pi-anthropic-messages"] }),
+		);
+
+		const origCwd = process.cwd();
+		process.chdir(projectDir);
+		try {
+			await setupRoute();
+			const res = await fastify.inject({ method: "GET", url: "/api/packages/recommended" });
+			const body = JSON.parse(res.payload);
+			const flows = body.data.recommended.find((e: any) => e.id === "pi-flows");
+			const msg = body.data.recommended.find(
+				(e: any) => e.id === "pi-anthropic-messages",
+			);
+			expect(flows.activeInPi).toBe(true);
+			expect(msg.activeInPi).toBe(true);
+		} finally {
+			process.chdir(origCwd);
+		}
+	});
+
+	it("considers project-local .pi/settings.json for activeInPi", async () => {
+		vi.mocked(fetchPackageMeta).mockResolvedValue(null);
+		vi.mocked(fetchGithubPackageJson).mockResolvedValue(null);
+
+		const projectDir = path.join(tmpHome, "workspace");
+		fs.mkdirSync(path.join(projectDir, ".pi"), { recursive: true });
+		fs.writeFileSync(
+			path.join(projectDir, ".pi", "settings.json"),
+			JSON.stringify({ packages: ["npm:pi-web-access"] }),
+		);
+
+		const origCwd = process.cwd();
+		process.chdir(projectDir);
+		try {
+			await setupRoute();
+			const res = await fastify.inject({ method: "GET", url: "/api/packages/recommended" });
+			const body = JSON.parse(res.payload);
+			const pwa = body.data.recommended.find((e: any) => e.id === "pi-web-access");
+			expect(pwa.activeInPi).toBe(true);
+		} finally {
+			process.chdir(origCwd);
+		}
+	});
+
+	it("serves cached data on the second call within 60s", async () => {
+		vi.mocked(fetchPackageMeta).mockResolvedValue({
+			description: "cached",
+			version: "1.0.0",
+		});
+		vi.mocked(fetchGithubPackageJson).mockResolvedValue(null);
+		await setupRoute();
+
+		await fastify.inject({ method: "GET", url: "/api/packages/recommended" });
+		const callsAfterFirst = vi.mocked(fetchPackageMeta).mock.calls.length;
+		await fastify.inject({ method: "GET", url: "/api/packages/recommended" });
+		expect(vi.mocked(fetchPackageMeta).mock.calls.length).toBe(callsAfterFirst);
+	});
+
+	it("refetches after invalidateRecommendedCache()", async () => {
+		vi.mocked(fetchPackageMeta).mockResolvedValue({
+			description: "refresh",
+			version: "1.0.0",
+		});
+		vi.mocked(fetchGithubPackageJson).mockResolvedValue(null);
+		await setupRoute();
+
+		await fastify.inject({ method: "GET", url: "/api/packages/recommended" });
+		const before = vi.mocked(fetchPackageMeta).mock.calls.length;
+		invalidateRecommendedCache();
+		await fastify.inject({ method: "GET", url: "/api/packages/recommended" });
+		expect(vi.mocked(fetchPackageMeta).mock.calls.length).toBeGreaterThan(before);
+	});
+});

package/packages/server/src/__tests__/session-file-dedup.test.ts

@@ -4,7 +4,8 @@
  * This prevents resuming a stale session from loading the wrong conversation.
  */
 import { describe, it, expect, afterAll } from "vitest";
-import { createServer, type DashboardServer } from "../server.js";
+import { createTestServer, type TestServerHandle } from "../test-support/test-server.js";
+import type { DashboardServer } from "../server.js";
 import { WebSocket } from "ws";
 
 function waitForOpen(ws: WebSocket): Promise<void> {
@@ -26,22 +27,21 @@ function collectMsgs(ws: WebSocket, ms: number): Promise<any[]> {
 }
 
 const delay = (ms: number) => new Promise((r) => setTimeout(r, ms));
-const httpPort = 19090;
-const piPort = 19091;
+let handle: TestServerHandle;
 let server: DashboardServer;
+let piPort: number;
+
 
 describe("session file deduplication", () => {
   afterAll(async () => {
-    if (server) await server.stop();
+    if (handle) await handle.stop();
   });
 
   it("clears sessionFile from old session when new session registers with same file", async () => {
-    server = await createServer({
-      port: httpPort, piPort, dev: true,
-      autoShutdown: false, shutdownIdleSeconds: 999, tunnel: false,
-    editor: { idleTimeoutMinutes: 10, maxInstances: 3 },
-    });
-    await server.start();
+    handle = await createTestServer();
+    server = handle.server;
+    piPort = handle.piPort;
+    const httpPort = handle.httpPort;
 
     const sharedFile = "/tmp/sessions/test.jsonl";