@gotgenes/pi-permission-system 10.2.0 → 10.3.1

package/src/session-logger.ts

@@ -1,4 +1,10 @@
-import type { ExtensionRuntime } from "./runtime";
+import { join } from "node:path";
+import { DEBUG_LOG_FILENAME, REVIEW_LOG_FILENAME } from "./config-paths";
+import {
+  ensurePermissionSystemLogsDirectory,
+  type PermissionSystemExtensionConfig,
+} from "./extension-config";
+import { createPermissionSystemLogger } from "./logging";
 
 /**
  * Unified logging + notification surface for handler deps.
@@ -13,17 +19,48 @@ export interface SessionLogger {
   warn(message: string): void;
 }
 
+/** Narrow dependencies for constructing a {@link SessionLogger}. */
+export interface SessionLoggerDeps {
+  /** Root logs directory; the debug + review log file paths derive from it. */
+  globalLogsDir: string;
+  /** Reads current config for the debug/review write toggles (call-time). */
+  getConfig: () => PermissionSystemExtensionConfig;
+  /** Surfaces a warning message to the user; called at warn/IO-failure time. */
+  notify: (message: string) => void;
+}
+
 /**
- * Create a SessionLogger backed by an ExtensionRuntime.
+ * Create a SessionLogger from narrow dependencies.
  *
- * Captures `runtime` by reference so `warn` always reads the current
- * `runtimeContext` at call time — matching the behavior of the inline
- * closures it replaces in `src/index.ts`.
+ * Composes the JSONL log writer, owns the IO-failure warning dedup Set,
+ * and routes both IO-failure warnings and explicit warn() calls through
+ * the injected notify sink. No ExtensionRuntime reference required.
  */
-export function createSessionLogger(runtime: ExtensionRuntime): SessionLogger {
+export function createSessionLogger(deps: SessionLoggerDeps): SessionLogger {
+  const writer = createPermissionSystemLogger({
+    getConfig: deps.getConfig,
+    debugLogPath: join(deps.globalLogsDir, DEBUG_LOG_FILENAME),
+    reviewLogPath: join(deps.globalLogsDir, REVIEW_LOG_FILENAME),
+    ensureLogsDirectory: () =>
+      ensurePermissionSystemLogsDirectory(deps.globalLogsDir),
+  });
+
+  const reported = new Set<string>();
+  const reportOnce = (warning: string): void => {
+    if (reported.has(warning)) return;
+    reported.add(warning);
+    deps.notify(warning);
+  };
+
   return {
-    debug: (event, details) => runtime.writeDebugLog(event, details),
-    review: (event, details) => runtime.writeReviewLog(event, details),
-    warn: (message) => runtime.runtimeContext?.ui.notify(message, "warning"),
+    debug: (event, details) => {
+      const warning = writer.debug(event, details);
+      if (warning) reportOnce(warning);
+    },
+    review: (event, details) => {
+      const warning = writer.review(event, details);
+      if (warning) reportOnce(warning);
+    },
+    warn: (message) => deps.notify(message),
   };
 }

package/test/composition-root.test.ts

@@ -31,7 +31,10 @@ import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
 import { getGlobalConfigPath } from "#src/config-paths";
 import { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
 import piPermissionSystemExtension from "#src/index";
-import { PERMISSIONS_READY_CHANNEL } from "#src/permission-events";
+import {
+  PERMISSIONS_READY_CHANNEL,
+  PERMISSIONS_RPC_CHECK_CHANNEL,
+} from "#src/permission-events";
 import {
   createPermissionForwardingLocation,
   type ForwardedPermissionRequest,
@@ -359,6 +362,87 @@ describe("ready emitted after service publication", () => {
   });
 });
 
+describe("single source of truth for session state", () => {
+  // Regression guard for the split-brain bug: before the fix, the gate path
+  // recorded session approvals into a private SessionRules instance that the
+  // RPC check and the service never saw. After the fix, both readers use the
+  // same SessionRules the gate writes into.
+  it("gate session-approval is visible to the RPC check and the service", async () => {
+    writeGlobalConfig({
+      permission: { "*": "allow", demo: "ask" },
+    });
+
+    const cwd = mkdtempSync(join(tmpdir(), "pi-perm-sot-cwd-"));
+    const pi = makeFakePi({ toolNames: ["demo"] });
+    piPermissionSystemExtension(pi as unknown as ExtensionAPI);
+
+    // UI ctx that approves the gate prompt for this session (options[1]).
+    const ctx = {
+      cwd,
+      hasUI: true,
+      sessionManager: {
+        getEntries: (): unknown[] => [],
+        getSessionId: (): string => "sot-session",
+        getSessionDir: (): string => cwd,
+      },
+      ui: {
+        notify: (): void => {},
+        setStatus: (): void => {},
+        // Return the second option label-agnostically — always the
+        // "for this session" choice regardless of the exact label text.
+        select: async (
+          _title: string,
+          options: string[],
+        ): Promise<string | undefined> => options[1],
+        input: async (): Promise<string | undefined> => undefined,
+      },
+    };
+
+    await fireSessionStart(pi, ctx);
+
+    // Drive a tool_call on "demo"; the gate prompts and the mock selects
+    // options[1], recording a session-scoped approval.
+    await pi.fire(
+      "tool_call",
+      {
+        toolName: "demo",
+        toolCallId: "demo-for-session",
+        input: { foo: "bar" },
+      },
+      ctx,
+    );
+
+    // RPC check — the deprecated channel must now reflect the session approval.
+    // eslint-disable-next-line @typescript-eslint/no-deprecated -- intentionally testing the deprecated RPC channel's session-rules visibility
+    const rpcCheckChannel: string = PERMISSIONS_RPC_CHECK_CHANNEL;
+    const requestId = "sot-rpc-1";
+    const replyPromise = new Promise<unknown>((resolve) => {
+      const unsub = pi.events.on(
+        `${rpcCheckChannel}:reply:${requestId}`,
+        (data) => {
+          unsub();
+          resolve(data);
+        },
+      );
+    });
+    pi.events.emit(rpcCheckChannel, { requestId, surface: "demo" });
+    const reply = (await replyPromise) as {
+      success: boolean;
+      data?: { result: string };
+    };
+
+    expect(reply.success).toBe(true);
+    // Before the fix this was "ask" — the RPC channel read an empty SessionRules.
+    expect(reply.data?.result).toBe("allow");
+
+    // Service accessor must also see the session approval.
+    const serviceResult = getPermissionsService()!.checkPermission("demo");
+    expect(serviceResult.state).toBe("allow");
+
+    rmSync(cwd, { recursive: true, force: true });
+  });
+});
+
 describe("multi-instance global service interplay", () => {
   // The fix (#302) scopes the process-global service slot to the publishing
   // instance. The parent publishes at its session_start; an in-process child

package/test/config-modal.test.ts

@@ -3,6 +3,7 @@ import { tmpdir } from "node:os";
 import { join } from "node:path";
 import { expect, test, vi } from "vitest";
 import { registerPermissionSystemCommand } from "#src/config-modal";
+import type { CommandConfigStore } from "#src/config-store";
 import {
   DEFAULT_EXTENSION_CONFIG,
   normalizePermissionSystemConfig,
@@ -79,11 +80,14 @@ test("permission-system command completions expose top-level config actions", ()
   let config: PermissionSystemExtensionConfig = { ...DEFAULT_EXTENSION_CONFIG };
 
   try {
-    const controller = {
-      getConfig: () => config,
-      setConfig: (next: PermissionSystemExtensionConfig) => {
+    const configStore: CommandConfigStore = {
+      current: () => config,
+      save: (next) => {
         config = next;
       },
+    };
+    const controller = {
+      config: configStore,
       getConfigPath: () => configPath,
     };
 
@@ -136,9 +140,9 @@ test("permission-system command handlers manage config summary, persistence, and
       "utf-8",
     );
 
-    const controller = {
-      getConfig: () => config,
-      setConfig: (next: PermissionSystemExtensionConfig) => {
+    const configStore: CommandConfigStore = {
+      current: () => config,
+      save: (next) => {
         const currentConfig = normalizePermissionSystemConfig(
           JSON.parse(readFileSync(configPath, "utf-8")) as unknown,
         );
@@ -153,6 +157,9 @@ test("permission-system command handlers manage config summary, persistence, and
         );
         expect(config).not.toEqual(currentConfig);
       },
+    };
+    const controller = {
+      config: configStore,
       getConfigPath: () => configPath,
     };
 
@@ -249,8 +256,7 @@ test("show output includes rule origins when getComposedRules is provided", asyn
   ];
 
   const controller = {
-    getConfig: () => config,
-    setConfig: () => {},
+    config: { current: () => config, save: () => {} } as CommandConfigStore,
     getConfigPath: () => "/fake/config.json",
     getComposedRules: () => composedRules,
   };
@@ -282,8 +288,7 @@ test("show output omits rule summary when getComposedRules is not provided", asy
   const config = { ...DEFAULT_EXTENSION_CONFIG, yoloMode: true };
 
   const controller = {
-    getConfig: () => config,
-    setConfig: () => {},
+    config: { current: () => config, save: () => {} } as CommandConfigStore,
     getConfigPath: () => "/fake/config.json",
     // no getComposedRules
   };

package/test/config-store.test.ts

@@ -0,0 +1,428 @@
+import { beforeEach, describe, expect, it, vi } from "vitest";
+
+// ── Module mocks (hoisted) ─────────────────────────────────────────────────
+
+const {
+  mockLoadAndMergeConfigs,
+  mockLoadUnifiedConfig,
+  mockSyncPermissionSystemStatus,
+  mockBuildResolvedConfigLogEntry,
+  mockExistsSync,
+  mockMkdirSync,
+  mockWriteFileSync,
+  mockRenameSync,
+  mockUnlinkSync,
+} = vi.hoisted(() => ({
+  mockLoadAndMergeConfigs: vi.fn(),
+  mockLoadUnifiedConfig: vi.fn(),
+  mockSyncPermissionSystemStatus: vi.fn(),
+  mockBuildResolvedConfigLogEntry: vi.fn(),
+  mockExistsSync: vi.fn<(path: string) => boolean>(),
+  mockMkdirSync: vi.fn(),
+  mockWriteFileSync: vi.fn(),
+  mockRenameSync: vi.fn(),
+  mockUnlinkSync: vi.fn(),
+}));
+
+vi.mock("../src/config-loader", () => ({
+  loadAndMergeConfigs: mockLoadAndMergeConfigs,
+  loadUnifiedConfig: mockLoadUnifiedConfig,
+}));
+
+vi.mock("../src/status", () => ({
+  syncPermissionSystemStatus: mockSyncPermissionSystemStatus,
+}));
+
+vi.mock("../src/config-reporter", () => ({
+  buildResolvedConfigLogEntry: mockBuildResolvedConfigLogEntry,
+}));
+
+vi.mock("node:fs", () => ({
+  existsSync: mockExistsSync,
+  mkdirSync: mockMkdirSync,
+  writeFileSync: mockWriteFileSync,
+  renameSync: mockRenameSync,
+  unlinkSync: mockUnlinkSync,
+  default: {
+    existsSync: mockExistsSync,
+    mkdirSync: mockMkdirSync,
+    writeFileSync: mockWriteFileSync,
+    renameSync: mockRenameSync,
+    unlinkSync: mockUnlinkSync,
+  },
+}));
+
+// ── Imports ────────────────────────────────────────────────────────────────
+
+import type {
+  ExtensionCommandContext,
+  ExtensionContext,
+} from "@earendil-works/pi-coding-agent";
+import {
+  ConfigStore,
+  type ConfigStoreDeps,
+  type ResolvedPolicyPathProvider,
+} from "#src/config-store";
+import { DEFAULT_EXTENSION_CONFIG } from "#src/extension-config";
+import type { ResolvedPolicyPaths } from "#src/policy-loader";
+
+// ── Helpers ────────────────────────────────────────────────────────────────
+
+function makePolicyPathProvider(
+  paths?: Partial<ResolvedPolicyPaths>,
+): ResolvedPolicyPathProvider {
+  return {
+    getResolvedPolicyPaths: vi.fn(
+      (): ResolvedPolicyPaths => ({
+        globalConfigPath: "/agent/config.json",
+        globalConfigExists: false,
+        projectConfigPath: null,
+        projectConfigExists: false,
+        agentsDir: "/agent/agents",
+        agentsDirExists: false,
+        projectAgentsDir: null,
+        projectAgentsDirExists: false,
+        ...paths,
+      }),
+    ),
+  };
+}
+
+function makeLogger() {
+  return {
+    writeDebugLog:
+      vi.fn<(event: string, details?: Record<string, unknown>) => void>(),
+    writeReviewLog:
+      vi.fn<(event: string, details?: Record<string, unknown>) => void>(),
+  };
+}
+
+function makeCtx(overrides: Partial<ExtensionContext> = {}): ExtensionContext {
+  return {
+    cwd: "/test/project",
+    hasUI: false,
+    ui: { notify: vi.fn(), setStatus: vi.fn() },
+    sessionManager: { getEntries: vi.fn(), addEntry: vi.fn() },
+    ...overrides,
+  } as unknown as ExtensionContext;
+}
+
+function makeCommandCtx(
+  overrides: Partial<ExtensionCommandContext> = {},
+): ExtensionCommandContext {
+  return {
+    cwd: "/test/project",
+    ui: { notify: vi.fn(), setStatus: vi.fn() },
+    ...overrides,
+  } as unknown as ExtensionCommandContext;
+}
+
+function makeStore(overrides: Partial<ConfigStoreDeps> = {}): {
+  store: ConfigStore;
+  logger: ReturnType<typeof makeLogger>;
+} {
+  const logger = makeLogger();
+  const deps: ConfigStoreDeps = {
+    agentDir: "/test/agent",
+    policyPaths: makePolicyPathProvider(),
+    logger,
+    ...overrides,
+  };
+  return { store: new ConfigStore(deps), logger };
+}
+
+// ── Tests ──────────────────────────────────────────────────────────────────
+
+describe("ConfigStore", () => {
+  beforeEach(() => {
+    mockLoadAndMergeConfigs.mockReset().mockReturnValue({
+      merged: { ...DEFAULT_EXTENSION_CONFIG },
+      issues: [],
+    });
+    mockLoadUnifiedConfig.mockReset().mockReturnValue({ config: {} });
+    mockSyncPermissionSystemStatus.mockReset();
+    mockBuildResolvedConfigLogEntry
+      .mockReset()
+      .mockReturnValue({ resolved: true });
+    mockExistsSync.mockReset().mockReturnValue(false);
+    mockMkdirSync.mockReset();
+    mockWriteFileSync.mockReset();
+    mockRenameSync.mockReset();
+    mockUnlinkSync.mockReset();
+  });
+
+  // ── current() ─────────────────────────────────────────────────────────
+
+  describe("current()", () => {
+    it("returns DEFAULT_EXTENSION_CONFIG before any refresh", () => {
+      const { store } = makeStore();
+      expect(store.current()).toEqual(DEFAULT_EXTENSION_CONFIG);
+    });
+  });
+
+  // ── refresh() ─────────────────────────────────────────────────────────
+
+  describe("refresh()", () => {
+    it("uses the passed ctx cwd for loadAndMergeConfigs", () => {
+      const { store } = makeStore();
+      store.refresh(makeCtx({ cwd: "/my/project" }));
+      expect(mockLoadAndMergeConfigs).toHaveBeenCalledWith(
+        "/test/agent",
+        "/my/project",
+        expect.any(String),
+      );
+    });
+
+    it("uses empty string cwd when no ctx is provided", () => {
+      const { store } = makeStore();
+      store.refresh();
+      expect(mockLoadAndMergeConfigs).toHaveBeenCalledWith(
+        "/test/agent",
+        "",
+        expect.any(String),
+      );
+    });
+
+    it("updates current() with normalized merged result", () => {
+      const { store } = makeStore();
+      mockLoadAndMergeConfigs.mockReturnValue({
+        merged: { debugLog: true, permissionReviewLog: false, yoloMode: false },
+        issues: [],
+      });
+      store.refresh();
+      expect(store.current().debugLog).toBe(true);
+      expect(store.current().permissionReviewLog).toBe(false);
+    });
+
+    it("writes config.loaded debug log", () => {
+      const { store, logger } = makeStore();
+      store.refresh();
+      expect(logger.writeDebugLog).toHaveBeenCalledWith(
+        "config.loaded",
+        expect.objectContaining({ debugLog: false }),
+      );
+    });
+
+    it("sets warning when issues are present", () => {
+      const { store } = makeStore();
+      const ctx = makeCtx({ hasUI: false });
+      mockLoadAndMergeConfigs.mockReturnValue({
+        merged: { ...DEFAULT_EXTENSION_CONFIG },
+        issues: ["legacy config detected"],
+      });
+      store.refresh(ctx);
+      // Verify the warning is tracked (next identical call should not re-notify)
+      const mockNotify = vi.fn();
+      const ctx2 = makeCtx({
+        hasUI: true,
+        ui: { notify: mockNotify } as never,
+      });
+      mockLoadAndMergeConfigs.mockReturnValue({
+        merged: { ...DEFAULT_EXTENSION_CONFIG },
+        issues: ["legacy config detected"],
+      });
+      store.refresh(ctx2);
+      // Same warning — should not re-notify
+      expect(mockNotify).not.toHaveBeenCalled();
+    });
+
+    it("notifies UI when a new warning appears and hasUI is true", () => {
+      const mockNotify = vi.fn();
+      const { store } = makeStore();
+      const ctx = makeCtx({ hasUI: true, ui: { notify: mockNotify } as never });
+      mockLoadAndMergeConfigs.mockReturnValue({
+        merged: { ...DEFAULT_EXTENSION_CONFIG },
+        issues: ["new warning"],
+      });
+      store.refresh(ctx);
+      expect(mockNotify).toHaveBeenCalledWith("new warning", "warning");
+    });
+
+    it("does not re-notify the same warning on subsequent calls", () => {
+      const mockNotify = vi.fn();
+      const { store } = makeStore();
+      const ctx = makeCtx({ hasUI: true, ui: { notify: mockNotify } as never });
+      mockLoadAndMergeConfigs.mockReturnValue({
+        merged: { ...DEFAULT_EXTENSION_CONFIG },
+        issues: ["persistent warning"],
+      });
+      store.refresh(ctx);
+      store.refresh(ctx);
+      expect(mockNotify).toHaveBeenCalledTimes(1);
+    });
+
+    it("clears warning when no issues on next refresh", () => {
+      const mockNotify = vi.fn();
+      const { store } = makeStore();
+      // First call: set a warning
+      const ctxWithUI = makeCtx({
+        hasUI: true,
+        ui: { notify: mockNotify } as never,
+      });
+      mockLoadAndMergeConfigs.mockReturnValue({
+        merged: { ...DEFAULT_EXTENSION_CONFIG },
+        issues: ["warning"],
+      });
+      store.refresh(ctxWithUI);
+      // Second call: no issues — warning should clear
+      mockLoadAndMergeConfigs.mockReturnValue({
+        merged: { ...DEFAULT_EXTENSION_CONFIG },
+        issues: [],
+      });
+      store.refresh();
+      // Third call: same warning reappears — should notify again (dedup cleared)
+      mockLoadAndMergeConfigs.mockReturnValue({
+        merged: { ...DEFAULT_EXTENSION_CONFIG },
+        issues: ["warning"],
+      });
+      store.refresh(ctxWithUI);
+      expect(mockNotify).toHaveBeenCalledTimes(2);
+    });
+
+    it("calls syncPermissionSystemStatus when hasUI is true", () => {
+      const { store } = makeStore();
+      const ctx = makeCtx({ hasUI: true });
+      store.refresh(ctx);
+      expect(mockSyncPermissionSystemStatus).toHaveBeenCalledWith(
+        ctx,
+        expect.any(Object),
+      );
+    });
+
+    it("does not call syncPermissionSystemStatus when hasUI is false", () => {
+      const { store } = makeStore();
+      const ctx = makeCtx({ hasUI: false });
+      store.refresh(ctx);
+      expect(mockSyncPermissionSystemStatus).not.toHaveBeenCalled();
+    });
+  });
+
+  // ── save() ─────────────────────────────────────────────────────────────
+
+  describe("save()", () => {
+    it("writes merged config to the global path", () => {
+      const { store } = makeStore();
+      mockLoadUnifiedConfig.mockReturnValue({
+        config: { permission: { "*": "ask" } },
+      });
+      const next = { ...DEFAULT_EXTENSION_CONFIG, debugLog: true };
+      const ctx = makeCommandCtx();
+      store.save(next, ctx);
+      expect(mockWriteFileSync).toHaveBeenCalledWith(
+        expect.stringContaining(".tmp"),
+        expect.stringContaining('"debugLog": true'),
+        "utf-8",
+      );
+      expect(mockRenameSync).toHaveBeenCalled();
+    });
+
+    it("updates current() after a successful save", () => {
+      const { store } = makeStore();
+      const next = { ...DEFAULT_EXTENSION_CONFIG, debugLog: true };
+      store.save(next, makeCommandCtx());
+      expect(store.current().debugLog).toBe(true);
+    });
+
+    it("calls syncPermissionSystemStatus after a successful save", () => {
+      const { store } = makeStore();
+      const ctx = makeCommandCtx();
+      store.save({ ...DEFAULT_EXTENSION_CONFIG }, ctx);
+      expect(mockSyncPermissionSystemStatus).toHaveBeenCalledWith(
+        ctx,
+        expect.any(Object),
+      );
+    });
+
+    it("writes config.saved debug log after a successful save", () => {
+      const { store, logger } = makeStore();
+      store.save({ ...DEFAULT_EXTENSION_CONFIG }, makeCommandCtx());
+      expect(logger.writeDebugLog).toHaveBeenCalledWith(
+        "config.saved",
+        expect.objectContaining({ debugLog: false }),
+      );
+    });
+
+    it("notifies with error and returns early when write fails", () => {
+      const mockNotify = vi.fn();
+      const ctx = makeCommandCtx({ ui: { notify: mockNotify } as never });
+      const { store, logger } = makeStore();
+      mockMkdirSync.mockImplementation(() => {
+        throw new Error("disk full");
+      });
+      store.save({ ...DEFAULT_EXTENSION_CONFIG }, ctx);
+      expect(mockNotify).toHaveBeenCalledWith(
+        expect.stringContaining("Failed to save"),
+        "error",
+      );
+      // current() is not updated on failure
+      expect(store.current()).toEqual(DEFAULT_EXTENSION_CONFIG);
+      // no debug log on failure
+      expect(logger.writeDebugLog).not.toHaveBeenCalledWith(
+        "config.saved",
+        expect.anything(),
+      );
+    });
+
+    it("attempts cleanup of tmp file when write fails and tmp exists", () => {
+      const ctx = makeCommandCtx();
+      const { store } = makeStore();
+      mockMkdirSync.mockImplementation(() => {
+        throw new Error("disk full");
+      });
+      mockExistsSync.mockReturnValue(true);
+      store.save({ ...DEFAULT_EXTENSION_CONFIG }, ctx);
+      expect(mockUnlinkSync).toHaveBeenCalled();
+    });
+  });
+
+  // ── logResolvedPaths() ─────────────────────────────────────────────────
+
+  describe("logResolvedPaths()", () => {
+    it("writes config.resolved to both review and debug logs", () => {
+      const { store, logger } = makeStore();
+      store.logResolvedPaths();
+      expect(logger.writeReviewLog).toHaveBeenCalledWith(
+        "config.resolved",
+        expect.any(Object),
+      );
+      expect(logger.writeDebugLog).toHaveBeenCalledWith(
+        "config.resolved",
+        expect.any(Object),
+      );
+    });
+
+    it("calls getResolvedPolicyPaths from the provider", () => {
+      const mockProvider = makePolicyPathProvider();
+      const { store } = makeStore({ policyPaths: mockProvider });
+      store.logResolvedPaths();
+      expect(mockProvider.getResolvedPolicyPaths).toHaveBeenCalled();
+    });
+
+    it("passes legacy detection results to buildResolvedConfigLogEntry", () => {
+      const { store } = makeStore();
+      // Make one legacy path exist
+      mockExistsSync.mockImplementation((p: string) =>
+        p.includes("policies.json"),
+      );
+      store.logResolvedPaths("/some/project");
+      expect(mockBuildResolvedConfigLogEntry).toHaveBeenCalledWith(
+        expect.objectContaining({
+          legacyGlobalPolicyDetected: expect.any(Boolean),
+          legacyProjectPolicyDetected: expect.any(Boolean),
+          legacyExtensionConfigDetected: expect.any(Boolean),
+        }),
+      );
+    });
+
+    it("does not check project legacy path when no cwd is provided", () => {
+      const { store } = makeStore();
+      store.logResolvedPaths(); // no cwd
+      // existsSync called for global and ext-config legacy paths only (not project)
+      const calls = mockExistsSync.mock.calls.map(([p]: [string]) => p);
+      const projectCalls = calls.filter(
+        (p) => p.includes("/null/") || p.includes("null"),
+      );
+      expect(projectCalls).toHaveLength(0);
+    });
+  });
+});