@hellcoder/companion 0.96.0

package/server/linear-project-manager.test.ts

@@ -0,0 +1,162 @@
+import { mkdtempSync, rmSync, readFileSync, writeFileSync } from "node:fs";
+import { join } from "node:path";
+import { tmpdir } from "node:os";
+import {
+  listMappings,
+  getMapping,
+  upsertMapping,
+  removeMapping,
+  _resetForTest,
+} from "./linear-project-manager.js";
+
+let tempDir: string;
+let filePath: string;
+
+beforeEach(() => {
+  tempDir = mkdtempSync(join(tmpdir(), "linear-project-manager-test-"));
+  filePath = join(tempDir, "linear-projects.json");
+  _resetForTest(filePath);
+});
+
+afterEach(() => {
+  rmSync(tempDir, { recursive: true, force: true });
+  _resetForTest();
+});
+
+describe("linear-project-manager", () => {
+  it("returns empty list when file is missing", () => {
+    expect(listMappings()).toEqual([]);
+  });
+
+  it("returns null for unknown repo root", () => {
+    expect(getMapping("/unknown/repo")).toBeNull();
+  });
+
+  it("upsert creates a new mapping", () => {
+    const mapping = upsertMapping("/home/user/project", {
+      projectId: "proj-uuid-1",
+      projectName: "My Feature",
+    });
+
+    expect(mapping.repoRoot).toBe("/home/user/project");
+    expect(mapping.projectId).toBe("proj-uuid-1");
+    expect(mapping.projectName).toBe("My Feature");
+    expect(mapping.createdAt).toBeGreaterThan(0);
+    expect(mapping.updatedAt).toBe(mapping.createdAt);
+  });
+
+  it("upsert updates an existing mapping", () => {
+    const first = upsertMapping("/home/user/project", {
+      projectId: "proj-uuid-1",
+      projectName: "My Feature",
+    });
+
+    const second = upsertMapping("/home/user/project", {
+      projectId: "proj-uuid-2",
+      projectName: "New Feature",
+    });
+
+    expect(second.repoRoot).toBe("/home/user/project");
+    expect(second.projectId).toBe("proj-uuid-2");
+    expect(second.projectName).toBe("New Feature");
+    // createdAt should be preserved from the first mapping
+    expect(second.createdAt).toBe(first.createdAt);
+    expect(second.updatedAt).toBeGreaterThanOrEqual(first.updatedAt);
+
+    // Should still be only one mapping
+    expect(listMappings()).toHaveLength(1);
+  });
+
+  it("getMapping retrieves a stored mapping", () => {
+    upsertMapping("/home/user/project", {
+      projectId: "proj-uuid-1",
+      projectName: "My Feature",
+    });
+
+    const mapping = getMapping("/home/user/project");
+    expect(mapping).not.toBeNull();
+    expect(mapping!.projectName).toBe("My Feature");
+  });
+
+  it("removeMapping deletes an entry and returns true", () => {
+    upsertMapping("/home/user/project", {
+      projectId: "proj-uuid-1",
+      projectName: "My Feature",
+    });
+
+    expect(removeMapping("/home/user/project")).toBe(true);
+    expect(listMappings()).toHaveLength(0);
+    expect(getMapping("/home/user/project")).toBeNull();
+  });
+
+  it("removeMapping returns false for unknown repo", () => {
+    expect(removeMapping("/unknown/repo")).toBe(false);
+  });
+
+  it("normalizes trailing slashes on repoRoot", () => {
+    upsertMapping("/home/user/project/", {
+      projectId: "proj-uuid-1",
+      projectName: "My Feature",
+    });
+
+    // Should find it without trailing slash
+    expect(getMapping("/home/user/project")).not.toBeNull();
+    expect(getMapping("/home/user/project/")).not.toBeNull();
+
+    // Should be only one mapping
+    expect(listMappings()).toHaveLength(1);
+    expect(listMappings()[0].repoRoot).toBe("/home/user/project");
+  });
+
+  it("persists to disk and survives reload", () => {
+    upsertMapping("/home/user/project", {
+      projectId: "proj-uuid-1",
+      projectName: "My Feature",
+    });
+
+    // Verify file written to disk
+    const raw = JSON.parse(readFileSync(filePath, "utf-8"));
+    expect(raw).toHaveLength(1);
+    expect(raw[0].projectName).toBe("My Feature");
+
+    // Reset and reload from disk
+    _resetForTest(filePath);
+    const mapping = getMapping("/home/user/project");
+    expect(mapping).not.toBeNull();
+    expect(mapping!.projectName).toBe("My Feature");
+  });
+
+  it("handles corrupt JSON file gracefully", () => {
+    writeFileSync(filePath, "not-json", "utf-8");
+    _resetForTest(filePath);
+
+    expect(listMappings()).toEqual([]);
+  });
+
+  it("handles non-array JSON file gracefully", () => {
+    writeFileSync(filePath, JSON.stringify({ foo: "bar" }), "utf-8");
+    _resetForTest(filePath);
+
+    expect(listMappings()).toEqual([]);
+  });
+
+  it("manages multiple mappings", () => {
+    upsertMapping("/repo/alpha", {
+      projectId: "p1",
+      projectName: "Alpha Project",
+    });
+    upsertMapping("/repo/beta", {
+      projectId: "p2",
+      projectName: "Beta Project",
+    });
+
+    expect(listMappings()).toHaveLength(2);
+    expect(getMapping("/repo/alpha")!.projectName).toBe("Alpha Project");
+    expect(getMapping("/repo/beta")!.projectName).toBe("Beta Project");
+
+    removeMapping("/repo/alpha");
+    expect(listMappings()).toHaveLength(1);
+    expect(getMapping("/repo/alpha")).toBeNull();
+    expect(getMapping("/repo/beta")!.projectName).toBe("Beta Project");
+  });
+});

package/server/linear-project-manager.ts

@@ -0,0 +1,111 @@
+import {
+  mkdirSync,
+  readFileSync,
+  writeFileSync,
+  existsSync,
+} from "node:fs";
+import { join, dirname } from "node:path";
+import { COMPANION_HOME } from "./paths.js";
+
+export interface LinearProjectMapping {
+  /** Normalized git repo root path (the key) */
+  repoRoot: string;
+  /** Linear project UUID */
+  projectId: string;
+  /** Human-readable project name */
+  projectName: string;
+  /** When the mapping was created */
+  createdAt: number;
+  /** When the mapping was last updated */
+  updatedAt: number;
+}
+
+const DEFAULT_PATH = join(COMPANION_HOME, "linear-projects.json");
+
+let loaded = false;
+let filePath = DEFAULT_PATH;
+let mappings: LinearProjectMapping[] = [];
+
+function normalizeRoot(root: string): string {
+  return root.replace(/\/+$/, "") || "/";
+}
+
+function ensureLoaded(): void {
+  if (loaded) return;
+  try {
+    if (existsSync(filePath)) {
+      const raw = JSON.parse(readFileSync(filePath, "utf-8"));
+      if (Array.isArray(raw)) {
+        mappings = raw.filter(
+          (m: unknown): m is LinearProjectMapping =>
+            typeof m === "object" &&
+            m !== null &&
+            typeof (m as LinearProjectMapping).repoRoot === "string" &&
+            typeof (m as LinearProjectMapping).projectId === "string",
+        );
+      } else {
+        mappings = [];
+      }
+    }
+  } catch {
+    mappings = [];
+  }
+  loaded = true;
+}
+
+function persist(): void {
+  mkdirSync(dirname(filePath), { recursive: true });
+  writeFileSync(filePath, JSON.stringify(mappings, null, 2), "utf-8");
+}
+
+export function listMappings(): LinearProjectMapping[] {
+  ensureLoaded();
+  return [...mappings];
+}
+
+export function getMapping(repoRoot: string): LinearProjectMapping | null {
+  ensureLoaded();
+  const key = normalizeRoot(repoRoot);
+  return mappings.find((m) => m.repoRoot === key) ?? null;
+}
+
+export function upsertMapping(
+  repoRoot: string,
+  data: { projectId: string; projectName: string },
+): LinearProjectMapping {
+  ensureLoaded();
+  const key = normalizeRoot(repoRoot);
+  const now = Date.now();
+  const existing = mappings.find((m) => m.repoRoot === key);
+  if (existing) {
+    existing.projectId = data.projectId;
+    existing.projectName = data.projectName;
+    existing.updatedAt = now;
+  } else {
+    mappings.push({
+      repoRoot: key,
+      projectId: data.projectId,
+      projectName: data.projectName,
+      createdAt: now,
+      updatedAt: now,
+    });
+  }
+  persist();
+  return mappings.find((m) => m.repoRoot === key)!;
+}
+
+export function removeMapping(repoRoot: string): boolean {
+  ensureLoaded();
+  const key = normalizeRoot(repoRoot);
+  const idx = mappings.findIndex((m) => m.repoRoot === key);
+  if (idx === -1) return false;
+  mappings.splice(idx, 1);
+  persist();
+  return true;
+}
+
+export function _resetForTest(customPath?: string): void {
+  loaded = false;
+  filePath = customPath || DEFAULT_PATH;
+  mappings = [];
+}

package/server/linear-prompt-builder.test.ts

@@ -0,0 +1,74 @@
+import { describe, it, expect } from "vitest";
+import { buildLinearSystemPrompt, buildLinearOAuthSystemPrompt } from "./linear-prompt-builder.js";
+
+describe("buildLinearSystemPrompt", () => {
+  const connection = {
+    workspaceName: "Acme Corp",
+    viewerName: "Jane Doe",
+    viewerEmail: "jane@acme.com",
+  };
+
+  const issue = {
+    identifier: "ENG-42",
+    title: "Fix login redirect",
+    stateName: "In Progress",
+    teamName: "Engineering",
+    url: "https://linear.app/acme/issue/ENG-42",
+  };
+
+  it("includes workspace info and API instructions", () => {
+    // Verifies the core prompt contains workspace context and API usage guidance
+    const prompt = buildLinearSystemPrompt(connection);
+    expect(prompt).toContain("LINEAR_API_KEY");
+    expect(prompt).toContain("Acme Corp");
+    expect(prompt).toContain("Jane Doe");
+    expect(prompt).toContain("jane@acme.com");
+    expect(prompt).toContain("https://api.linear.app/graphql");
+    expect(prompt).toContain("Authorization: Bearer $LINEAR_API_KEY");
+  });
+
+  it("includes issue context when provided", () => {
+    // When a Linear issue is linked, the prompt should include issue details
+    const prompt = buildLinearSystemPrompt(connection, issue);
+    expect(prompt).toContain("ENG-42");
+    expect(prompt).toContain("Fix login redirect");
+    expect(prompt).toContain("In Progress");
+    expect(prompt).toContain("Engineering");
+    expect(prompt).toContain("https://linear.app/acme/issue/ENG-42");
+  });
+
+  it("omits issue section when no issue provided", () => {
+    // Without an issue, the prompt should only contain workspace + API info
+    const prompt = buildLinearSystemPrompt(connection);
+    expect(prompt).not.toContain("Linked issue:");
+    expect(prompt).not.toContain("Issue URL:");
+  });
+
+  it("includes common operations guidance", () => {
+    // The prompt should tell the agent what it can do with the Linear API
+    const prompt = buildLinearSystemPrompt(connection);
+    expect(prompt).toContain("add comments");
+    expect(prompt).toContain("transition issue status");
+    expect(prompt).toContain("read issue details");
+  });
+
+  it("returns a multi-line string with newlines", () => {
+    // The prompt must be multi-line for readability in the system prompt
+    const prompt = buildLinearSystemPrompt(connection, issue);
+    const lines = prompt.split("\n");
+    expect(lines.length).toBeGreaterThan(3);
+  });
+});
+
+describe("buildLinearOAuthSystemPrompt", () => {
+  it("includes OAuth token guidance for app-scoped Linear access", () => {
+    const prompt = buildLinearOAuthSystemPrompt({ name: "Enrich" });
+
+    expect(prompt).toContain("LINEAR_OAUTH_ACCESS_TOKEN");
+    expect(prompt).toContain('Connected Linear OAuth app: "Enrich"');
+    expect(prompt).toContain("actor=app");
+    expect(prompt).toContain("https://api.linear.app/graphql");
+    expect(prompt).toContain("Authorization: Bearer $LINEAR_OAUTH_ACCESS_TOKEN");
+    expect(prompt).toContain("LINEAR_API_KEY");
+  });
+});

package/server/linear-prompt-builder.ts

@@ -0,0 +1,61 @@
+// ─── Linear System Prompt Builder ─────────────────────────────────────────────
+//
+// Builds a system prompt snippet that tells Claude Code / Codex about the
+// LINEAR_API_KEY environment variable and the linked Linear issue context.
+// This is injected via the `initialize` control request's `appendSystemPrompt`
+// field (Claude Code) or the `instructions` field in `thread/start` (Codex).
+
+interface LinearConnectionContext {
+  workspaceName: string;
+  viewerName: string;
+  viewerEmail: string;
+}
+
+interface LinearIssueContext {
+  identifier: string;
+  title: string;
+  stateName: string;
+  teamName: string;
+  url: string;
+}
+
+export function buildLinearSystemPrompt(
+  connection: LinearConnectionContext,
+  issue?: LinearIssueContext,
+): string {
+  const lines = [
+    "You have access to the Linear API via the LINEAR_API_KEY environment variable.",
+    `Connected workspace: "${connection.workspaceName}" (viewer: ${connection.viewerName}, ${connection.viewerEmail})`,
+  ];
+  if (issue) {
+    lines.push(
+      `Linked issue: ${issue.identifier} — "${issue.title}" (status: ${issue.stateName}, team: ${issue.teamName})`,
+    );
+    lines.push(`Issue URL: ${issue.url}`);
+  }
+  lines.push("");
+  lines.push(
+    "You can use this key to call the Linear GraphQL API at https://api.linear.app/graphql.",
+  );
+  lines.push(
+    "Use the Authorization header: `Authorization: Bearer $LINEAR_API_KEY`",
+  );
+  lines.push(
+    "Common operations: add comments, transition issue status, read issue details, update issue fields.",
+  );
+  return lines.join("\n");
+}
+
+export function buildLinearOAuthSystemPrompt(connection: { name: string }): string {
+  const lines = [
+    "You have access to the Linear GraphQL API via the LINEAR_OAUTH_ACCESS_TOKEN environment variable.",
+    `Connected Linear OAuth app: "${connection.name}"`,
+    "This token was authorized with `actor=app`, so Linear mutations run as the installed app rather than as the installing user.",
+    "",
+    "Call the Linear GraphQL API at https://api.linear.app/graphql.",
+    "Use the Authorization header: `Authorization: Bearer $LINEAR_OAUTH_ACCESS_TOKEN`",
+    "For compatibility with existing tooling, the same token is also available as `LINEAR_API_KEY`.",
+    "Common operations: read issue details, add comments, transition issue status, update issue fields, and create follow-up issues.",
+  ];
+  return lines.join("\n");
+}

package/server/linear-staging.test.ts

@@ -0,0 +1,276 @@
+import { describe, it, expect, beforeEach, afterEach } from "vitest";
+import { mkdirSync, rmSync, readdirSync, readFileSync, writeFileSync } from "node:fs";
+import { join } from "node:path";
+import { tmpdir } from "node:os";
+
+// Redirect COMPANION_HOME to a temp directory so tests don't touch real config
+const TEST_HOME = join(tmpdir(), `linear-staging-test-${Date.now()}`);
+process.env.COMPANION_HOME = TEST_HOME;
+
+// Import after setting env var so the module picks up the test directory
+const staging = await import("./linear-staging.js");
+
+describe("linear-staging", () => {
+  beforeEach(() => {
+    mkdirSync(TEST_HOME, { recursive: true });
+  });
+
+  afterEach(() => {
+    try {
+      rmSync(TEST_HOME, { recursive: true, force: true });
+    } catch { /* ok */ }
+  });
+
+  describe("createSlot", () => {
+    it("creates a slot and returns a hex ID", () => {
+      const id = staging.createSlot({
+        clientId: "cid",
+        clientSecret: "csecret",
+        webhookSecret: "wsecret",
+      });
+      expect(id).toMatch(/^[0-9a-f]{32}$/);
+    });
+
+    it("creates the staging directory and JSON file", () => {
+      const id = staging.createSlot({
+        clientId: "cid",
+        clientSecret: "csecret",
+        webhookSecret: "wsecret",
+      });
+      const files = readdirSync(join(TEST_HOME, "staging"));
+      expect(files).toContain(`${id}.json`);
+    });
+  });
+
+  describe("getSlot", () => {
+    it("returns the slot with matching credentials", () => {
+      const id = staging.createSlot({
+        clientId: "my-client",
+        clientSecret: "my-secret",
+        webhookSecret: "my-webhook",
+      });
+      const slot = staging.getSlot(id);
+      expect(slot).not.toBeNull();
+      expect(slot!.clientId).toBe("my-client");
+      expect(slot!.clientSecret).toBe("my-secret");
+      expect(slot!.webhookSecret).toBe("my-webhook");
+      expect(slot!.accessToken).toBe("");
+      expect(slot!.refreshToken).toBe("");
+    });
+
+    it("returns null for a non-existent slot", () => {
+      expect(staging.getSlot("nonexistent")).toBeNull();
+    });
+  });
+
+  describe("updateSlotTokens", () => {
+    it("updates the access and refresh tokens", () => {
+      const id = staging.createSlot({
+        clientId: "cid",
+        clientSecret: "csecret",
+        webhookSecret: "wsecret",
+      });
+
+      const updated = staging.updateSlotTokens(id, {
+        accessToken: "at_123",
+        refreshToken: "rt_456",
+      });
+      expect(updated).toBe(true);
+
+      const slot = staging.getSlot(id);
+      expect(slot!.accessToken).toBe("at_123");
+      expect(slot!.refreshToken).toBe("rt_456");
+      // Original credentials are preserved
+      expect(slot!.clientId).toBe("cid");
+    });
+
+    it("returns false for a non-existent slot", () => {
+      expect(staging.updateSlotTokens("nope", { accessToken: "a", refreshToken: "r" })).toBe(false);
+    });
+  });
+
+  describe("consumeSlot", () => {
+    it("returns the slot and deletes it", () => {
+      const id = staging.createSlot({
+        clientId: "cid",
+        clientSecret: "csecret",
+        webhookSecret: "wsecret",
+      });
+
+      const slot = staging.consumeSlot(id);
+      expect(slot).not.toBeNull();
+      expect(slot!.clientId).toBe("cid");
+
+      // Slot is gone after consuming
+      expect(staging.getSlot(id)).toBeNull();
+    });
+
+    it("returns null for a non-existent slot", () => {
+      expect(staging.consumeSlot("nonexistent")).toBeNull();
+    });
+  });
+
+  describe("deleteSlot", () => {
+    it("deletes an existing slot", () => {
+      const id = staging.createSlot({
+        clientId: "cid",
+        clientSecret: "csecret",
+        webhookSecret: "wsecret",
+      });
+      expect(staging.deleteSlot(id)).toBe(true);
+      expect(staging.getSlot(id)).toBeNull();
+    });
+
+    it("returns false for a non-existent slot", () => {
+      expect(staging.deleteSlot("nonexistent")).toBe(false);
+    });
+  });
+
+  describe("multiple slots", () => {
+    it("supports multiple concurrent staging slots", () => {
+      // Validates that multiple wizards can run in parallel
+      const id1 = staging.createSlot({
+        clientId: "client-A",
+        clientSecret: "secret-A",
+        webhookSecret: "webhook-A",
+      });
+      const id2 = staging.createSlot({
+        clientId: "client-B",
+        clientSecret: "secret-B",
+        webhookSecret: "webhook-B",
+      });
+
+      expect(id1).not.toBe(id2);
+
+      const slot1 = staging.getSlot(id1);
+      const slot2 = staging.getSlot(id2);
+      expect(slot1!.clientId).toBe("client-A");
+      expect(slot2!.clientId).toBe("client-B");
+
+      // Consuming one doesn't affect the other
+      staging.consumeSlot(id1);
+      expect(staging.getSlot(id1)).toBeNull();
+      expect(staging.getSlot(id2)).not.toBeNull();
+    });
+  });
+
+  describe("TTL / expiry", () => {
+    // Slots have a 30-minute TTL. After that window, getSlot should treat
+    // them as expired and return null (also cleaning up the file).
+    it("getSlot returns null for a slot whose createdAt is older than 30 minutes", () => {
+      const id = staging.createSlot({
+        clientId: "cid",
+        clientSecret: "csecret",
+        webhookSecret: "wsecret",
+      });
+
+      // Backdate createdAt to 31 minutes ago so it exceeds the 30-min TTL
+      const filePath = join(TEST_HOME, "staging", `${id}.json`);
+      const slot = JSON.parse(readFileSync(filePath, "utf-8"));
+      slot.createdAt = Date.now() - 31 * 60 * 1000;
+      writeFileSync(filePath, JSON.stringify(slot, null, 2));
+
+      // The slot should now be treated as expired
+      expect(staging.getSlot(id)).toBeNull();
+    });
+  });
+
+  describe("pruneExpired", () => {
+    // pruneExpired should remove all slot files whose createdAt exceeds
+    // the 30-minute TTL, leaving fresh slots untouched.
+    it("removes stale files from the staging directory", () => {
+      // Create two slots: one will be backdated (expired), one stays fresh
+      const expiredId = staging.createSlot({
+        clientId: "old-client",
+        clientSecret: "old-secret",
+        webhookSecret: "old-webhook",
+      });
+      const freshId = staging.createSlot({
+        clientId: "new-client",
+        clientSecret: "new-secret",
+        webhookSecret: "new-webhook",
+      });
+
+      // Backdate the first slot to 31 minutes ago
+      const expiredPath = join(TEST_HOME, "staging", `${expiredId}.json`);
+      const expiredSlot = JSON.parse(readFileSync(expiredPath, "utf-8"));
+      expiredSlot.createdAt = Date.now() - 31 * 60 * 1000;
+      writeFileSync(expiredPath, JSON.stringify(expiredSlot, null, 2));
+
+      // Run pruneExpired explicitly
+      staging.pruneExpired();
+
+      // The expired slot file should be gone
+      const remaining = readdirSync(join(TEST_HOME, "staging"));
+      expect(remaining).not.toContain(`${expiredId}.json`);
+
+      // The fresh slot should still be present
+      expect(remaining).toContain(`${freshId}.json`);
+    });
+  });
+
+  describe("updateSlotTokens on expired slot", () => {
+    // updateSlotTokens delegates to getSlot internally, so if the slot is
+    // expired it should return false and not persist any token update.
+    it("returns false when the slot has expired", () => {
+      const id = staging.createSlot({
+        clientId: "cid",
+        clientSecret: "csecret",
+        webhookSecret: "wsecret",
+      });
+
+      // Backdate createdAt to 31 minutes ago
+      const filePath = join(TEST_HOME, "staging", `${id}.json`);
+      const slot = JSON.parse(readFileSync(filePath, "utf-8"));
+      slot.createdAt = Date.now() - 31 * 60 * 1000;
+      writeFileSync(filePath, JSON.stringify(slot, null, 2));
+
+      // Attempting to update tokens on an expired slot should fail
+      const result = staging.updateSlotTokens(id, {
+        accessToken: "at_new",
+        refreshToken: "rt_new",
+      });
+      expect(result).toBe(false);
+    });
+  });
+
+  describe("path traversal protection", () => {
+    // The internal slotPath helper validates IDs against /^[0-9a-f]{32}$/.
+    // Any ID that doesn't match (e.g. containing "../") is rejected.
+    // Public functions that wrap slotPath in try/catch safely return
+    // null/false instead of throwing, but the key invariant is that
+    // no file outside the staging directory is ever accessed.
+
+    const maliciousIds = [
+      "../settings",
+      "../../etc/passwd",
+      "../staging/legit",
+      "a".repeat(31) + "/",   // wrong length + slash
+      "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0", // uppercase hex — regex requires lowercase
+    ];
+
+    it("getSlot safely rejects malicious IDs (returns null)", () => {
+      // getSlot wraps slotPath in a try/catch, so the invalid-ID error
+      // is caught and the function returns null — no file access occurs.
+      for (const id of maliciousIds) {
+        expect(staging.getSlot(id)).toBeNull();
+      }
+    });
+
+    it("deleteSlot safely rejects malicious IDs (returns false)", () => {
+      // deleteSlot wraps unlinkSync(slotPath(id)) in a try/catch,
+      // so the invalid-ID error causes it to return false.
+      for (const id of maliciousIds) {
+        expect(staging.deleteSlot(id)).toBe(false);
+      }
+    });
+
+    it("consumeSlot safely rejects malicious IDs (returns null)", () => {
+      // consumeSlot delegates to getSlot first, which returns null
+      // for invalid IDs, so consumeSlot returns null immediately.
+      for (const id of maliciousIds) {
+        expect(staging.consumeSlot(id)).toBeNull();
+      }
+    });
+  });
+});