@dailephd/my-dev-kit-lab 0.2.0

package/dist/src/securityValidation/cliAdversarial/adversarialCliConfig.js

@@ -0,0 +1,38 @@
+import path from "node:path";
+const FAKE_CLI_PATH = path.resolve(process.cwd(), "tests", "fixtures", "fake-adversarial-cli.js");
+/**
+ * Returns the adversarial CLI target from environment or falls back to the
+ * deterministic fake fixture.
+ *
+ * To use a real my-dev-kit command in opt-in mode:
+ *   MY_DEV_KIT_SECURITY_TARGET_COMMAND=my-dev-kit npm run test:security
+ *
+ * The real target will be treated as a full command string.
+ * If the command is not found or not executable, individual checks are skipped.
+ */
+export function getAdversarialCliTarget() {
+    const realTarget = process.env.MY_DEV_KIT_SECURITY_TARGET_COMMAND;
+    if (realTarget) {
+        return {
+            nodeExec: process.execPath,
+            cliArgs: [realTarget],
+            isRealTarget: true,
+            timeoutMs: 30_000,
+        };
+    }
+    return {
+        nodeExec: process.execPath,
+        cliArgs: [FAKE_CLI_PATH],
+        isRealTarget: false,
+        timeoutMs: 10_000,
+    };
+}
+/**
+ * Returns the base command array (nodeExec + cliArgs) plus any additional args.
+ */
+export function buildCliCommand(target, extraArgs) {
+    return {
+        command: target.nodeExec,
+        args: [...target.cliArgs, ...extraArgs],
+    };
+}

package/dist/src/securityValidation/cliAdversarial/dataVolumeChecks.js

@@ -0,0 +1,194 @@
+import { mkdirSync, writeFileSync } from "node:fs";
+import path from "node:path";
+import { buildCliCommand } from "./adversarialCliConfig.js";
+import { makeFinding, runAdversarialCheck } from "./runAdversarialCheck.js";
+import { createTempWorkspace, diffSnapshots, snapshotDir } from "./tempWorkspace.js";
+// ---------------------------------------------------------------------------
+// Data-volume smoke checks
+//
+// Verifies that the CLI handles unusually large inputs without crashing
+// or corrupting source files. Tests are bounded to stay CI-fast.
+//
+// Smoke-level targets:
+//   - Large source file: 5,000 lines (≈ 100KB)
+//   - Many files: 100 source files in the workspace
+//   - Deeply nested directory: 10 levels of subdirectories
+// ---------------------------------------------------------------------------
+const LARGE_FILE_LINES = 5_000;
+const MANY_FILES_COUNT = 100;
+const DEEP_NESTING_LEVELS = 10;
+function generateLargeFileContent(lineCount) {
+    const lines = [];
+    for (let i = 0; i < lineCount; i++) {
+        lines.push(`export const value_${i} = ${i}; // line ${i} of large file`);
+    }
+    return lines.join("\n") + "\n";
+}
+function populateManyFiles(dir, count) {
+    mkdirSync(dir, { recursive: true });
+    for (let i = 0; i < count; i++) {
+        const filename = `module_${String(i).padStart(4, "0")}.ts`;
+        writeFileSync(path.join(dir, filename), `export const id = ${i};\nexport function fn_${i}() { return id; }\n`, "utf8");
+    }
+}
+function populateDeepNesting(baseDir, levels) {
+    let current = baseDir;
+    for (let i = 0; i < levels; i++) {
+        current = path.join(current, `level_${i}`);
+        mkdirSync(current, { recursive: true });
+        writeFileSync(path.join(current, `deep_${i}.ts`), `export const depth = ${i};\n`, "utf8");
+    }
+}
+// ---------------------------------------------------------------------------
+// Exported checks
+// ---------------------------------------------------------------------------
+/**
+ * Checks that the CLI handles a workspace with a large source file (5,000 lines)
+ * without hanging, crashing, or modifying the source file.
+ */
+export async function checkHugeSourceFile(target) {
+    const workspace = createTempWorkspace("p5-large-file-");
+    try {
+        // Place a large file in the source directory.
+        const largeFilePath = path.join(workspace.sourceDir, "large-module.ts");
+        writeFileSync(largeFilePath, generateLargeFileContent(LARGE_FILE_LINES), "utf8");
+        const beforeSource = snapshotDir(workspace.sourceDir);
+        const { command, args } = buildCliCommand(target, [
+            "--root",
+            workspace.sourceDir,
+            "--out",
+            workspace.outputDir,
+        ]);
+        return await runAdversarialCheck({
+            id: "huge-source-file",
+            name: `Large source file (${LARGE_FILE_LINES} lines) is handled safely`,
+            category: "cli-adversarial",
+            severity: "major",
+            command,
+            args,
+            cwd: workspace.root,
+            timeoutMs: target.timeoutMs,
+            evaluate: () => {
+                const afterSource = snapshotDir(workspace.sourceDir);
+                const diff = diffSnapshots(beforeSource, afterSource);
+                const problems = [...diff.modified, ...diff.removed];
+                if (problems.length > 0) {
+                    return [
+                        makeFinding({
+                            id: "large-file-source-modified",
+                            title: "Source files were modified while processing a large file",
+                            severity: "blocker",
+                            category: "cli-adversarial",
+                            description: `Source files modified: ${problems.join(", ")}`,
+                            affectedFiles: problems,
+                            recommendation: "CLI must treat large source files as read-only, same as any other source file.",
+                        }),
+                    ];
+                }
+                return [];
+            },
+        });
+    }
+    finally {
+        await workspace.cleanup();
+    }
+}
+/**
+ * Checks that the CLI handles a workspace with many files (100 source files)
+ * without crashing or corrupting source files.
+ */
+export async function checkManyFiles(target) {
+    const workspace = createTempWorkspace("p5-many-files-");
+    try {
+        // Add many files to the source directory.
+        populateManyFiles(workspace.sourceDir, MANY_FILES_COUNT);
+        const beforeSource = snapshotDir(workspace.sourceDir);
+        const { command, args } = buildCliCommand(target, [
+            "--root",
+            workspace.sourceDir,
+            "--out",
+            workspace.outputDir,
+        ]);
+        return await runAdversarialCheck({
+            id: "many-graph-nodes-edges",
+            name: `Many files (${MANY_FILES_COUNT}) in workspace are handled safely`,
+            category: "cli-adversarial",
+            severity: "major",
+            command,
+            args,
+            cwd: workspace.root,
+            timeoutMs: target.timeoutMs,
+            evaluate: () => {
+                const afterSource = snapshotDir(workspace.sourceDir);
+                const diff = diffSnapshots(beforeSource, afterSource);
+                const problems = [...diff.modified, ...diff.removed];
+                if (problems.length > 0) {
+                    return [
+                        makeFinding({
+                            id: "many-files-source-modified",
+                            title: "Source files were modified in a many-file workspace",
+                            severity: "blocker",
+                            category: "cli-adversarial",
+                            description: `${problems.length} source files were modified or removed: ${problems.slice(0, 5).join(", ")}${problems.length > 5 ? " ..." : ""}`,
+                            affectedFiles: problems,
+                            recommendation: "CLI must treat all source files as read-only regardless of workspace size.",
+                        }),
+                    ];
+                }
+                return [];
+            },
+        });
+    }
+    finally {
+        await workspace.cleanup();
+    }
+}
+/**
+ * Checks that the CLI handles a deeply nested directory structure safely.
+ */
+export async function checkDeeplyNestedSource(target) {
+    const workspace = createTempWorkspace("p5-deep-nest-");
+    try {
+        // Add deeply nested directories to the source directory.
+        populateDeepNesting(workspace.sourceDir, DEEP_NESTING_LEVELS);
+        const beforeSource = snapshotDir(workspace.sourceDir);
+        const { command, args } = buildCliCommand(target, [
+            "--root",
+            workspace.sourceDir,
+            "--out",
+            workspace.outputDir,
+        ]);
+        return await runAdversarialCheck({
+            id: "deeply-nested-tsx",
+            name: `Deeply nested source (${DEEP_NESTING_LEVELS} levels) is handled safely`,
+            category: "cli-adversarial",
+            severity: "minor",
+            command,
+            args,
+            cwd: workspace.root,
+            timeoutMs: target.timeoutMs,
+            evaluate: () => {
+                const afterSource = snapshotDir(workspace.sourceDir);
+                const diff = diffSnapshots(beforeSource, afterSource);
+                const problems = [...diff.modified, ...diff.removed];
+                if (problems.length > 0) {
+                    return [
+                        makeFinding({
+                            id: "deep-nest-source-modified",
+                            title: "Source files were modified in a deeply nested workspace",
+                            severity: "blocker",
+                            category: "cli-adversarial",
+                            description: `Source files modified: ${problems.join(", ")}`,
+                            affectedFiles: problems,
+                            recommendation: "CLI must treat deeply nested source directories as read-only.",
+                        }),
+                    ];
+                }
+                return [];
+            },
+        });
+    }
+    finally {
+        await workspace.cleanup();
+    }
+}

package/dist/src/securityValidation/cliAdversarial/jsonStdoutChecks.js

@@ -0,0 +1,359 @@
+import { spawn } from "node:child_process";
+import { buildCliCommand } from "./adversarialCliConfig.js";
+import { makeFinding, skippedCheck } from "./runAdversarialCheck.js";
+import { createTempWorkspace } from "./tempWorkspace.js";
+function runAndCapture(command, args, cwd, timeoutMs) {
+    return new Promise((resolve) => {
+        let child;
+        try {
+            child = spawn(command, args, {
+                cwd,
+                shell: false,
+                stdio: ["ignore", "pipe", "pipe"],
+                env: { ...process.env },
+            });
+        }
+        catch {
+            resolve({ exitCode: 1, stdout: "", stderr: "" });
+            return;
+        }
+        const stdoutChunks = [];
+        const stderrChunks = [];
+        child.stdout.on("data", (chunk) => stdoutChunks.push(chunk));
+        child.stderr.on("data", (chunk) => stderrChunks.push(chunk));
+        const timer = setTimeout(() => {
+            try {
+                child.kill();
+            }
+            catch {
+                // ignore
+            }
+            resolve({
+                exitCode: 1,
+                stdout: Buffer.concat(stdoutChunks).toString("utf8"),
+                stderr: Buffer.concat(stderrChunks).toString("utf8"),
+            });
+        }, timeoutMs);
+        child.on("close", (code) => {
+            clearTimeout(timer);
+            resolve({
+                exitCode: code ?? 1,
+                stdout: Buffer.concat(stdoutChunks).toString("utf8"),
+                stderr: Buffer.concat(stderrChunks).toString("utf8"),
+            });
+        });
+        child.on("error", () => {
+            clearTimeout(timer);
+            resolve({
+                exitCode: 1,
+                stdout: Buffer.concat(stdoutChunks).toString("utf8"),
+                stderr: Buffer.concat(stderrChunks).toString("utf8"),
+            });
+        });
+    });
+}
+// ---------------------------------------------------------------------------
+// Exported checks
+// ---------------------------------------------------------------------------
+/**
+ * Checks that `--format json` produces parseable JSON on stdout.
+ */
+export async function checkJsonOutputIsParseable(target) {
+    const started = new Date();
+    const workspace = createTempWorkspace("p5-json-parse-");
+    try {
+        const { command, args } = buildCliCommand(target, [
+            "--root",
+            workspace.sourceDir,
+            "--out",
+            workspace.outputDir,
+            "--format",
+            "json",
+        ]);
+        const result = await runAndCapture(command, args, workspace.root, target.timeoutMs);
+        const finished = new Date();
+        const findings = [];
+        const stdout = result.stdout.trim();
+        if (stdout.length === 0) {
+            if (!target.isRealTarget) {
+                findings.push(makeFinding({
+                    id: "json-stdout-empty",
+                    title: "JSON mode produced no stdout output",
+                    severity: "major",
+                    category: "cli-adversarial",
+                    description: "Expected JSON on stdout but got empty output.",
+                    recommendation: "CLI should emit a JSON object to stdout when --format json is requested.",
+                }));
+            }
+            // For real targets: empty stdout may be intentional; skip finding
+        }
+        else {
+            try {
+                const parsed = JSON.parse(stdout);
+                if (typeof parsed !== "object" || parsed === null || Array.isArray(parsed)) {
+                    findings.push(makeFinding({
+                        id: "json-stdout-not-object",
+                        title: "JSON output is not an object",
+                        severity: "minor",
+                        category: "cli-adversarial",
+                        description: `Parsed JSON is ${Array.isArray(parsed) ? "array" : typeof parsed}, not an object.`,
+                        recommendation: "JSON output should be a top-level object.",
+                    }));
+                }
+            }
+            catch (e) {
+                findings.push(makeFinding({
+                    id: "json-stdout-not-parseable",
+                    title: "stdout is not valid JSON in JSON mode",
+                    severity: "major",
+                    category: "cli-adversarial",
+                    description: `JSON.parse failed: ${e.message}. stdout was: ${stdout.slice(0, 200)}`,
+                    recommendation: "CLI must emit only valid JSON to stdout when --format json is requested.",
+                }));
+            }
+        }
+        return {
+            id: "json-mode-parseable-output",
+            name: "JSON mode produces parseable JSON on stdout",
+            category: "cli-adversarial",
+            severity: "major",
+            status: findings.some((f) => f.severity === "major" || f.severity === "blocker")
+                ? "failed"
+                : findings.length > 0
+                    ? "warning"
+                    : "passed",
+            findings,
+            startedAt: started.toISOString(),
+            finishedAt: finished.toISOString(),
+            durationMs: finished.getTime() - started.getTime(),
+        };
+    }
+    finally {
+        await workspace.cleanup();
+    }
+}
+/**
+ * Checks that warning messages go to stderr and do not corrupt stdout.
+ * Uses --emit-stderr to trigger a warning and verifies stdout is still valid JSON.
+ */
+export async function checkStderrNotInStdout(target) {
+    const started = new Date();
+    const workspace = createTempWorkspace("p5-stderr-sep-");
+    try {
+        const warningText = "test-warning-signal-abc123";
+        const { command, args } = buildCliCommand(target, [
+            "--root",
+            workspace.sourceDir,
+            "--out",
+            workspace.outputDir,
+            "--format",
+            "json",
+            "--emit-stderr",
+            warningText,
+        ]);
+        const result = await runAndCapture(command, args, workspace.root, target.timeoutMs);
+        const finished = new Date();
+        const findings = [];
+        const stdout = result.stdout.trim();
+        if (stdout.includes(warningText)) {
+            findings.push(makeFinding({
+                id: "warning-in-stdout",
+                title: "Warning message appeared in stdout",
+                severity: "major",
+                category: "cli-adversarial",
+                description: `Warning text '${warningText}' was found in stdout. Warnings must go to stderr only.`,
+                recommendation: "All warning and progress messages must be written to stderr, not stdout.",
+            }));
+        }
+        if (stdout.length > 0) {
+            try {
+                JSON.parse(stdout);
+            }
+            catch (e) {
+                findings.push(makeFinding({
+                    id: "stdout-not-json-with-stderr",
+                    title: "stdout is not valid JSON when stderr warning is emitted",
+                    severity: "major",
+                    category: "cli-adversarial",
+                    description: `JSON.parse failed: ${e.message}. This may indicate stderr contaminated stdout.`,
+                    recommendation: "stderr output must not be mixed into stdout in JSON mode.",
+                }));
+            }
+        }
+        return {
+            id: "warnings-go-to-stderr",
+            name: "Warnings go to stderr and do not corrupt JSON stdout",
+            category: "cli-adversarial",
+            severity: "major",
+            status: findings.some((f) => f.severity === "major" || f.severity === "blocker")
+                ? "failed"
+                : findings.length > 0
+                    ? "warning"
+                    : "passed",
+            findings,
+            startedAt: started.toISOString(),
+            finishedAt: finished.toISOString(),
+            durationMs: finished.getTime() - started.getTime(),
+        };
+    }
+    finally {
+        await workspace.cleanup();
+    }
+}
+/**
+ * Checks that a CLI failure in JSON mode produces a valid JSON error object.
+ * Not a crash, not a raw stack trace, not empty.
+ */
+export async function checkFailureProducesJsonError(target) {
+    const started = new Date();
+    const workspace = createTempWorkspace("p5-json-err-");
+    try {
+        const { command, args } = buildCliCommand(target, [
+            "--root",
+            workspace.sourceDir,
+            "--format",
+            "json",
+            "--fail",
+        ]);
+        const result = await runAndCapture(command, args, workspace.root, target.timeoutMs);
+        const finished = new Date();
+        const findings = [];
+        if (result.exitCode === 0) {
+            findings.push(makeFinding({
+                id: "failure-exit-code-zero",
+                title: "CLI exited 0 even though failure was requested",
+                severity: "minor",
+                category: "cli-adversarial",
+                description: "--fail was passed but the CLI exited with code 0.",
+                recommendation: "CLI must exit non-zero on errors.",
+            }));
+        }
+        const stdout = result.stdout.trim();
+        if (stdout.length > 0) {
+            try {
+                const parsed = JSON.parse(stdout);
+                if (typeof parsed !== "object" ||
+                    parsed === null ||
+                    Array.isArray(parsed)) {
+                    findings.push(makeFinding({
+                        id: "json-error-not-object",
+                        title: "JSON error output is not an object",
+                        severity: "minor",
+                        category: "cli-adversarial",
+                        description: "Expected a JSON object with an error field; got a non-object.",
+                        recommendation: "CLI should emit a JSON object with an 'error' field on failure.",
+                    }));
+                }
+            }
+            catch (e) {
+                findings.push(makeFinding({
+                    id: "json-error-not-parseable",
+                    title: "stdout is not valid JSON on failure in JSON mode",
+                    severity: "major",
+                    category: "cli-adversarial",
+                    description: `JSON.parse failed: ${e.message}. stdout: ${stdout.slice(0, 200)}`,
+                    recommendation: "CLI must emit valid JSON to stdout even when reporting an error. Stack traces must not appear on stdout.",
+                }));
+            }
+        }
+        return {
+            id: "json-error-object-on-failure",
+            name: "CLI failure in JSON mode produces a valid JSON error object",
+            category: "cli-adversarial",
+            severity: "minor",
+            status: findings.some((f) => f.severity === "major" || f.severity === "blocker")
+                ? "failed"
+                : findings.length > 0
+                    ? "warning"
+                    : "passed",
+            findings,
+            startedAt: started.toISOString(),
+            finishedAt: finished.toISOString(),
+            durationMs: finished.getTime() - started.getTime(),
+        };
+    }
+    finally {
+        await workspace.cleanup();
+    }
+}
+/**
+ * Verifies that progress/status output does not corrupt JSON stdout.
+ * Runs the CLI with --format json and verifies the output line can be parsed.
+ * This is a structural alias over checkJsonOutputIsParseable for naming alignment
+ * with the test matrix entry.
+ */
+export async function checkProgressNotInJsonStdout(target) {
+    if (target.isRealTarget) {
+        // Real CLI may emit progress on stdout when no --format json is specified.
+        // The check depends on whether the real CLI supports --format json.
+        // Return a skipped result to avoid false positives for unknown real CLIs.
+        return skippedCheck({
+            id: "progress-not-in-json-stdout",
+            name: "Progress output does not corrupt JSON stdout",
+            category: "cli-adversarial",
+            reason: "Real CLI target: --format json behavior is target-specific. Run manually against the real CLI.",
+        });
+    }
+    const started = new Date();
+    const workspace = createTempWorkspace("p5-progress-json-");
+    try {
+        // Emit stderr (simulates progress), request JSON output.
+        const { command, args } = buildCliCommand(target, [
+            "--root",
+            workspace.sourceDir,
+            "--out",
+            workspace.outputDir,
+            "--format",
+            "json",
+            "--emit-stderr",
+            "indexing 3 files...",
+        ]);
+        const result = await runAndCapture(command, args, workspace.root, target.timeoutMs);
+        const finished = new Date();
+        const findings = [];
+        const stdout = result.stdout.trim();
+        if (stdout.includes("indexing")) {
+            findings.push(makeFinding({
+                id: "progress-in-json-stdout",
+                title: "Progress message appeared in JSON stdout",
+                severity: "major",
+                category: "cli-adversarial",
+                description: "Progress message 'indexing 3 files...' was found in stdout. Progress must go to stderr.",
+                recommendation: "All progress, status, and informational messages must be written to stderr.",
+            }));
+        }
+        if (stdout.length > 0) {
+            try {
+                JSON.parse(stdout);
+            }
+            catch (e) {
+                findings.push(makeFinding({
+                    id: "progress-corrupted-json",
+                    title: "stdout is not valid JSON when progress is emitted",
+                    severity: "major",
+                    category: "cli-adversarial",
+                    description: `JSON.parse failed: ${e.message}`,
+                    recommendation: "Progress output must not appear on stdout when JSON mode is active.",
+                }));
+            }
+        }
+        return {
+            id: "progress-not-in-json-stdout",
+            name: "Progress output does not corrupt JSON stdout",
+            category: "cli-adversarial",
+            severity: "major",
+            status: findings.some((f) => f.severity === "major" || f.severity === "blocker")
+                ? "failed"
+                : findings.length > 0
+                    ? "warning"
+                    : "passed",
+            findings,
+            startedAt: started.toISOString(),
+            finishedAt: finished.toISOString(),
+            durationMs: finished.getTime() - started.getTime(),
+        };
+    }
+    finally {
+        await workspace.cleanup();
+    }
+}