@enactprotocol/cli 1.2.8 → 2.0.0

package/tests/commands/trust.test.ts

@@ -0,0 +1,236 @@
+/**
+ * Tests for the trust command
+ */
+
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { existsSync, mkdirSync, rmSync } from "node:fs";
+import { join } from "node:path";
+import { Command } from "commander";
+import { configureTrustCommand } from "../../src/commands/trust";
+
+// Test fixtures directory
+const FIXTURES_DIR = join(import.meta.dir, "..", "fixtures", "trust-cmd");
+
+describe("trust command", () => {
+  beforeAll(() => {
+    mkdirSync(FIXTURES_DIR, { recursive: true });
+  });
+
+  beforeEach(() => {
+    if (existsSync(FIXTURES_DIR)) {
+      rmSync(FIXTURES_DIR, { recursive: true, force: true });
+      mkdirSync(FIXTURES_DIR, { recursive: true });
+    }
+  });
+
+  afterAll(() => {
+    if (existsSync(FIXTURES_DIR)) {
+      rmSync(FIXTURES_DIR, { recursive: true, force: true });
+    }
+  });
+
+  describe("command configuration", () => {
+    test("configures trust command on program", () => {
+      const program = new Command();
+      configureTrustCommand(program);
+
+      const trustCmd = program.commands.find((cmd) => cmd.name() === "trust");
+      expect(trustCmd).toBeDefined();
+    });
+
+    test("has correct description", () => {
+      const program = new Command();
+      configureTrustCommand(program);
+
+      const trustCmd = program.commands.find((cmd) => cmd.name() === "trust");
+      expect(trustCmd?.description()).toBe("Manage trusted publishers and auditors");
+    });
+
+    test("has optional identity argument", () => {
+      const program = new Command();
+      configureTrustCommand(program);
+
+      const trustCmd = program.commands.find((cmd) => cmd.name() === "trust");
+      const args = trustCmd?.registeredArguments ?? [];
+      expect(args.length).toBe(1);
+      expect(args[0]?.name()).toBe("identity");
+      expect(args[0]?.required).toBe(false);
+    });
+
+    test("has --remove option", () => {
+      const program = new Command();
+      configureTrustCommand(program);
+
+      const trustCmd = program.commands.find((cmd) => cmd.name() === "trust");
+      const opts = trustCmd?.options ?? [];
+      const removeOpt = opts.find((o) => o.long === "--remove");
+      expect(removeOpt).toBeDefined();
+    });
+
+    test("has -r short option for remove", () => {
+      const program = new Command();
+      configureTrustCommand(program);
+
+      const trustCmd = program.commands.find((cmd) => cmd.name() === "trust");
+      const opts = trustCmd?.options ?? [];
+      const removeOpt = opts.find((o) => o.short === "-r");
+      expect(removeOpt).toBeDefined();
+    });
+
+    test("has list subcommand", () => {
+      const program = new Command();
+      configureTrustCommand(program);
+
+      const trustCmd = program.commands.find((cmd) => cmd.name() === "trust");
+      const listCmd = trustCmd?.commands.find((cmd) => cmd.name() === "list");
+      expect(listCmd).toBeDefined();
+    });
+
+    test("has check subcommand", () => {
+      const program = new Command();
+      configureTrustCommand(program);
+
+      const trustCmd = program.commands.find((cmd) => cmd.name() === "trust");
+      const checkCmd = trustCmd?.commands.find((cmd) => cmd.name() === "check");
+      expect(checkCmd).toBeDefined();
+    });
+  });
+
+  describe("trust check subcommand", () => {
+    test("has tool argument", () => {
+      const program = new Command();
+      configureTrustCommand(program);
+
+      const trustCmd = program.commands.find((cmd) => cmd.name() === "trust");
+      const checkCmd = trustCmd?.commands.find((cmd) => cmd.name() === "check");
+      const args = checkCmd?.registeredArguments ?? [];
+      expect(args.length).toBe(1);
+      expect(args[0]?.name()).toBe("tool");
+    });
+
+    test("has --json option", () => {
+      const program = new Command();
+      configureTrustCommand(program);
+
+      const trustCmd = program.commands.find((cmd) => cmd.name() === "trust");
+      const checkCmd = trustCmd?.commands.find((cmd) => cmd.name() === "check");
+      const opts = checkCmd?.options ?? [];
+      const jsonOpt = opts.find((o) => o.long === "--json");
+      expect(jsonOpt).toBeDefined();
+    });
+  });
+
+  describe("identity parsing", () => {
+    // Helper function that mirrors the command's identity parsing logic
+    const parseIdentity = (identity: string): { type: "publisher" | "auditor"; value: string } => {
+      if (identity.includes(":")) {
+        return { type: "auditor", value: identity };
+      }
+      return { type: "publisher", value: identity };
+    };
+
+    test("parses publisher identity (no colon)", () => {
+      const result = parseIdentity("alice");
+      expect(result.type).toBe("publisher");
+      expect(result.value).toBe("alice");
+    });
+
+    test("parses publisher with dashes", () => {
+      const result = parseIdentity("acme-corp");
+      expect(result.type).toBe("publisher");
+      expect(result.value).toBe("acme-corp");
+    });
+
+    test("parses github auditor identity", () => {
+      const result = parseIdentity("github:EnactProtocol");
+      expect(result.type).toBe("auditor");
+      expect(result.value).toBe("github:EnactProtocol");
+    });
+
+    test("parses google auditor identity", () => {
+      const result = parseIdentity("google:security@company.com");
+      expect(result.type).toBe("auditor");
+      expect(result.value).toBe("google:security@company.com");
+    });
+
+    test("parses microsoft auditor identity", () => {
+      const result = parseIdentity("microsoft:user@company.com");
+      expect(result.type).toBe("auditor");
+      expect(result.value).toBe("microsoft:user@company.com");
+    });
+
+    test("parses wildcard auditor identity", () => {
+      const result = parseIdentity("github:my-org/*");
+      expect(result.type).toBe("auditor");
+      expect(result.value).toBe("github:my-org/*");
+    });
+
+    test("parses email wildcard auditor identity", () => {
+      const result = parseIdentity("google:*@company.com");
+      expect(result.type).toBe("auditor");
+      expect(result.value).toBe("google:*@company.com");
+    });
+  });
+
+  describe("trust config structure", () => {
+    test("default trust config shape", () => {
+      const defaultTrust = {
+        publishers: [] as string[],
+        auditors: [] as string[],
+        policy: "warn" as const,
+      };
+
+      expect(Array.isArray(defaultTrust.publishers)).toBe(true);
+      expect(Array.isArray(defaultTrust.auditors)).toBe(true);
+      expect(defaultTrust.policy).toBe("warn");
+    });
+
+    test("trust policies", () => {
+      const validPolicies = ["require_audit", "prompt", "allow", "warn"];
+      expect(validPolicies).toContain("require_audit");
+      expect(validPolicies).toContain("prompt");
+      expect(validPolicies).toContain("allow");
+      expect(validPolicies).toContain("warn");
+    });
+
+    test("publishers array manipulation", () => {
+      const publishers: string[] = [];
+
+      // Add
+      publishers.push("alice");
+      expect(publishers).toContain("alice");
+
+      // Prevent duplicates
+      if (!publishers.includes("alice")) {
+        publishers.push("alice");
+      }
+      expect(publishers.filter((p) => p === "alice").length).toBe(1);
+
+      // Remove
+      const index = publishers.indexOf("alice");
+      if (index > -1) {
+        publishers.splice(index, 1);
+      }
+      expect(publishers).not.toContain("alice");
+    });
+
+    test("auditors array manipulation", () => {
+      const auditors: string[] = [];
+
+      // Add
+      auditors.push("github:EnactProtocol");
+      expect(auditors).toContain("github:EnactProtocol");
+
+      // Check existence
+      const exists = auditors.includes("github:EnactProtocol");
+      expect(exists).toBe(true);
+
+      // Remove
+      const index = auditors.indexOf("github:EnactProtocol");
+      if (index > -1) {
+        auditors.splice(index, 1);
+      }
+      expect(auditors).not.toContain("github:EnactProtocol");
+    });
+  });
+});

package/tests/commands/unyank.test.ts

@@ -0,0 +1,114 @@
+/**
+ * Tests for the unyank command
+ */
+
+import { describe, expect, test } from "bun:test";
+import { Command } from "commander";
+import { configureUnyankCommand } from "../../src/commands/unyank";
+
+describe("unyank command", () => {
+  describe("command configuration", () => {
+    test("configures unyank command on program", () => {
+      const program = new Command();
+      configureUnyankCommand(program);
+
+      const unyankCmd = program.commands.find((cmd) => cmd.name() === "unyank");
+      expect(unyankCmd).toBeDefined();
+    });
+
+    test("has correct description", () => {
+      const program = new Command();
+      configureUnyankCommand(program);
+
+      const unyankCmd = program.commands.find((cmd) => cmd.name() === "unyank");
+      expect(unyankCmd?.description()).toBe("Restore a previously yanked tool version");
+    });
+
+    test("accepts tool@version argument", () => {
+      const program = new Command();
+      configureUnyankCommand(program);
+
+      const unyankCmd = program.commands.find((cmd) => cmd.name() === "unyank");
+      const args = unyankCmd?.registeredArguments ?? [];
+      expect(args.length).toBeGreaterThanOrEqual(1);
+    });
+
+    test("has --verbose option", () => {
+      const program = new Command();
+      configureUnyankCommand(program);
+
+      const unyankCmd = program.commands.find((cmd) => cmd.name() === "unyank");
+      const opts = unyankCmd?.options ?? [];
+      const verboseOpt = opts.find((o) => o.long === "--verbose");
+      expect(verboseOpt).toBeDefined();
+    });
+
+    test("has --json option", () => {
+      const program = new Command();
+      configureUnyankCommand(program);
+
+      const unyankCmd = program.commands.find((cmd) => cmd.name() === "unyank");
+      const opts = unyankCmd?.options ?? [];
+      const jsonOpt = opts.find((o) => o.long === "--json");
+      expect(jsonOpt).toBeDefined();
+    });
+  });
+
+  describe("tool spec parsing", () => {
+    // Helper function that mirrors the command's parseToolSpec
+    const parseToolSpec = (spec: string): { name: string; version: string } => {
+      const atIndex = spec.lastIndexOf("@");
+      if (atIndex === -1 || atIndex === 0) {
+        throw new Error(`Invalid tool specification: ${spec}\nExpected format: tool-name@version`);
+      }
+      return {
+        name: spec.slice(0, atIndex),
+        version: spec.slice(atIndex + 1),
+      };
+    };
+
+    test("parses tool@version format", () => {
+      const result = parseToolSpec("alice/utils/greeter@1.0.0");
+      expect(result.name).toBe("alice/utils/greeter");
+      expect(result.version).toBe("1.0.0");
+    });
+
+    test("parses tool with semver prerelease", () => {
+      const result = parseToolSpec("alice/utils/greeter@2.0.0-beta.1");
+      expect(result.name).toBe("alice/utils/greeter");
+      expect(result.version).toBe("2.0.0-beta.1");
+    });
+
+    test("throws error for missing version", () => {
+      expect(() => parseToolSpec("alice/utils/greeter")).toThrow();
+    });
+
+    test("parses scoped package with version", () => {
+      const result = parseToolSpec("@scope/package@1.2.3");
+      expect(result.name).toBe("@scope/package");
+      expect(result.version).toBe("1.2.3");
+    });
+  });
+
+  describe("yank/unyank workflow", () => {
+    test("unyank requires same tool@version format as yank", () => {
+      // Both yank and unyank use the same parseToolSpec format
+      const spec = "alice/tools/helper@1.0.0";
+      const atIndex = spec.lastIndexOf("@");
+
+      expect(atIndex).toBeGreaterThan(0);
+      expect(spec.slice(0, atIndex)).toBe("alice/tools/helper");
+      expect(spec.slice(atIndex + 1)).toBe("1.0.0");
+    });
+
+    test("unyank is the inverse of yank", () => {
+      // Conceptual test - unyank should restore a yanked version
+      const yankedState = { yanked: true, version: "1.0.0" };
+      const unyankedState = { yanked: false, version: "1.0.0" };
+
+      expect(yankedState.yanked).toBe(true);
+      expect(unyankedState.yanked).toBe(false);
+      expect(yankedState.version).toBe(unyankedState.version);
+    });
+  });
+});

package/tests/commands/yank.test.ts

@@ -0,0 +1,154 @@
+/**
+ * Tests for the yank command
+ */
+
+import { describe, expect, test } from "bun:test";
+import { Command } from "commander";
+import { configureYankCommand } from "../../src/commands/yank";
+
+describe("yank command", () => {
+  describe("command configuration", () => {
+    test("configures yank command on program", () => {
+      const program = new Command();
+      configureYankCommand(program);
+
+      const yankCmd = program.commands.find((cmd) => cmd.name() === "yank");
+      expect(yankCmd).toBeDefined();
+    });
+
+    test("has correct description", () => {
+      const program = new Command();
+      configureYankCommand(program);
+
+      const yankCmd = program.commands.find((cmd) => cmd.name() === "yank");
+      expect(yankCmd?.description()).toBe("Yank a published tool version from the registry");
+    });
+
+    test("accepts tool@version argument", () => {
+      const program = new Command();
+      configureYankCommand(program);
+
+      const yankCmd = program.commands.find((cmd) => cmd.name() === "yank");
+      const args = yankCmd?.registeredArguments ?? [];
+      expect(args.length).toBeGreaterThanOrEqual(1);
+    });
+
+    test("has --reason option", () => {
+      const program = new Command();
+      configureYankCommand(program);
+
+      const yankCmd = program.commands.find((cmd) => cmd.name() === "yank");
+      const opts = yankCmd?.options ?? [];
+      const reasonOpt = opts.find((o) => o.long === "--reason");
+      expect(reasonOpt).toBeDefined();
+    });
+
+    test("has -r short option for reason", () => {
+      const program = new Command();
+      configureYankCommand(program);
+
+      const yankCmd = program.commands.find((cmd) => cmd.name() === "yank");
+      const opts = yankCmd?.options ?? [];
+      const reasonOpt = opts.find((o) => o.short === "-r");
+      expect(reasonOpt).toBeDefined();
+    });
+
+    test("has --replacement option", () => {
+      const program = new Command();
+      configureYankCommand(program);
+
+      const yankCmd = program.commands.find((cmd) => cmd.name() === "yank");
+      const opts = yankCmd?.options ?? [];
+      const replacementOpt = opts.find((o) => o.long === "--replacement");
+      expect(replacementOpt).toBeDefined();
+    });
+
+    test("has --verbose option", () => {
+      const program = new Command();
+      configureYankCommand(program);
+
+      const yankCmd = program.commands.find((cmd) => cmd.name() === "yank");
+      const opts = yankCmd?.options ?? [];
+      const verboseOpt = opts.find((o) => o.long === "--verbose");
+      expect(verboseOpt).toBeDefined();
+    });
+
+    test("has --json option", () => {
+      const program = new Command();
+      configureYankCommand(program);
+
+      const yankCmd = program.commands.find((cmd) => cmd.name() === "yank");
+      const opts = yankCmd?.options ?? [];
+      const jsonOpt = opts.find((o) => o.long === "--json");
+      expect(jsonOpt).toBeDefined();
+    });
+  });
+
+  describe("tool spec parsing", () => {
+    // Helper function that mirrors the command's parseToolSpec
+    const parseToolSpec = (spec: string): { name: string; version: string } => {
+      const atIndex = spec.lastIndexOf("@");
+      if (atIndex === -1 || atIndex === 0) {
+        throw new Error(`Invalid tool specification: ${spec}\nExpected format: tool-name@version`);
+      }
+      return {
+        name: spec.slice(0, atIndex),
+        version: spec.slice(atIndex + 1),
+      };
+    };
+
+    test("parses tool@version format", () => {
+      const result = parseToolSpec("alice/utils/greeter@1.0.0");
+      expect(result.name).toBe("alice/utils/greeter");
+      expect(result.version).toBe("1.0.0");
+    });
+
+    test("parses tool with semver prerelease", () => {
+      const result = parseToolSpec("alice/utils/greeter@2.0.0-beta.1");
+      expect(result.name).toBe("alice/utils/greeter");
+      expect(result.version).toBe("2.0.0-beta.1");
+    });
+
+    test("throws error for missing version", () => {
+      expect(() => parseToolSpec("alice/utils/greeter")).toThrow();
+    });
+
+    test("throws error for @ at start (scoped without version)", () => {
+      expect(() => parseToolSpec("@scope/package")).toThrow();
+    });
+
+    test("parses scoped package with version", () => {
+      // Scoped packages have @ at the start, so we need lastIndexOf
+      const result = parseToolSpec("@scope/package@1.2.3");
+      expect(result.name).toBe("@scope/package");
+      expect(result.version).toBe("1.2.3");
+    });
+  });
+
+  describe("yank reasons", () => {
+    test("common yank reasons are strings", () => {
+      const reasons = [
+        "Security vulnerability discovered",
+        "Critical bug in this version",
+        "Accidental publish",
+        "Deprecated in favor of newer version",
+      ];
+
+      for (const reason of reasons) {
+        expect(typeof reason).toBe("string");
+        expect(reason.length).toBeGreaterThan(0);
+      }
+    });
+  });
+
+  describe("replacement version format", () => {
+    test("replacement should be a valid version string", () => {
+      const validVersions = ["1.0.1", "2.0.0", "1.2.3-patch.1", "3.0.0+build.123"];
+
+      for (const version of validVersions) {
+        // Basic semver check
+        expect(version).toMatch(/^\d+\.\d+\.\d+/);
+      }
+    });
+  });
+});