@jamie-tam/forge 6.0.0

package/dist/__tests__/wiki.test.js

@@ -0,0 +1,472 @@
+/**
+ * Smoke tests for src/wiki.ts (listDreams, getDreamDetails, acceptDream,
+ * rejectDream). Same zero-framework pattern as work-manifest.test.ts —
+ * each test sets up a temp aiwiki/ tree, exercises the function, asserts
+ * by throwing.
+ *
+ * Run with: npm run build && node dist/__tests__/wiki.test.js
+ */
+import * as crypto from "node:crypto";
+import * as fs from "node:fs";
+import * as os from "node:os";
+import * as path from "node:path";
+import { execFileSync } from "node:child_process";
+import { acceptDream, assertInsideRoot, getDreamDetails, listDreams, rejectDream, } from "../wiki.js";
+let passed = 0;
+let failed = 0;
+const fails = [];
+function test(name, fn) {
+    const run = async () => {
+        try {
+            await fn();
+            passed++;
+            console.log(`  PASS  ${name}`);
+        }
+        catch (e) {
+            failed++;
+            const msg = e instanceof Error ? e.message : String(e);
+            fails.push(`${name}: ${msg}`);
+            console.log(`  FAIL  ${name}\n        ${msg}`);
+        }
+    };
+    return run();
+}
+function mkTempRoot() {
+    const root = fs.mkdtempSync(path.join(os.tmpdir(), "forge-wiki-test-"));
+    // Git init so wiki.ts's git diff helper has a repo to operate in.
+    execFileSync("git", ["init", "-q"], { cwd: root });
+    execFileSync("git", ["config", "user.email", "test@example.com"], { cwd: root });
+    execFileSync("git", ["config", "user.name", "Test"], { cwd: root });
+    return root;
+}
+function sha256(content) {
+    return `sha256:${crypto.createHash("sha256").update(content).digest("hex")}`;
+}
+function writeFile(root, rel, content) {
+    const full = path.join(root, rel);
+    fs.mkdirSync(path.dirname(full), { recursive: true });
+    fs.writeFileSync(full, content);
+}
+function writeManifest(root, dreamId, overrides = {}) {
+    const m = {
+        dream_id: dreamId,
+        trigger: "manual",
+        scope: ["aiwiki/gotchas/"],
+        created_at: new Date().toISOString(),
+        changed_pages: 0,
+        new_pages: 0,
+        deleted_pages: 0,
+        lint_status: "passed",
+        review_status: "pending",
+        reviewed_at: null,
+        operations: [],
+        ...overrides,
+    };
+    writeFile(root, `aiwiki/proposed/${dreamId}/.dream-manifest.json`, JSON.stringify(m, null, 2));
+    return m;
+}
+console.log("\n=== wiki.ts smoke tests ===\n");
+console.log("listDreams");
+await test("returns [] when proposed dir missing", async () => {
+    const root = mkTempRoot();
+    const dreams = await listDreams(root);
+    if (dreams.length !== 0)
+        throw new Error(`expected 0 dreams, got ${dreams.length}`);
+});
+await test("returns one entry for a single pending dream", async () => {
+    const root = mkTempRoot();
+    writeManifest(root, "2026-05-12-first", { new_pages: 1 });
+    const dreams = await listDreams(root);
+    if (dreams.length !== 1)
+        throw new Error(`expected 1, got ${dreams.length}`);
+    if (dreams[0].dream_id !== "2026-05-12-first") {
+        throw new Error(`got dream_id=${dreams[0].dream_id}`);
+    }
+    if (dreams[0].new_pages !== 1)
+        throw new Error(`expected new_pages=1`);
+});
+await test("excludes dreams with review_status != pending", async () => {
+    const root = mkTempRoot();
+    writeManifest(root, "accepted-1", { review_status: "accepted" });
+    writeManifest(root, "rejected-1", { review_status: "rejected" });
+    writeManifest(root, "pending-1", { review_status: "pending" });
+    const dreams = await listDreams(root);
+    if (dreams.length !== 1)
+        throw new Error(`expected 1 pending, got ${dreams.length}`);
+    if (dreams[0].dream_id !== "pending-1")
+        throw new Error(`got ${dreams[0].dream_id}`);
+});
+await test("sorts by created_at ascending (oldest first)", async () => {
+    const root = mkTempRoot();
+    writeManifest(root, "newest", { created_at: "2026-05-12T15:00:00Z" });
+    writeManifest(root, "oldest", { created_at: "2026-05-10T10:00:00Z" });
+    writeManifest(root, "middle", { created_at: "2026-05-11T12:00:00Z" });
+    const dreams = await listDreams(root);
+    if (dreams.map((d) => d.dream_id).join(",") !== "oldest,middle,newest") {
+        throw new Error(`order: ${dreams.map((d) => d.dream_id).join(",")}`);
+    }
+});
+await test("ignores malformed manifests without crashing", async () => {
+    const root = mkTempRoot();
+    writeFile(root, "aiwiki/proposed/broken/.dream-manifest.json", "{ not valid json");
+    writeManifest(root, "good-1");
+    const dreams = await listDreams(root);
+    if (dreams.length !== 1)
+        throw new Error(`expected 1 good, got ${dreams.length}`);
+});
+console.log("\ngetDreamDetails");
+await test("returns null when dream does not exist", async () => {
+    const root = mkTempRoot();
+    const detail = await getDreamDetails("nope", root);
+    if (detail !== null)
+        throw new Error("expected null");
+});
+await test("classifies new vs changed files correctly", async () => {
+    const root = mkTempRoot();
+    const dreamId = "2026-05-12-changed-file";
+    // Existing file in aiwiki
+    writeFile(root, "aiwiki/gotchas/2026-05-10-foo.md", "original content\n");
+    // Proposed: one changed, one new
+    writeFile(root, `aiwiki/proposed/${dreamId}/gotchas/2026-05-10-foo.md`, "new content\n");
+    writeFile(root, `aiwiki/proposed/${dreamId}/gotchas/2026-05-12-new.md`, "brand new\n");
+    writeManifest(root, dreamId, {
+        base_file_hashes: {
+            "aiwiki/gotchas/2026-05-10-foo.md": sha256("original content\n"),
+        },
+    });
+    const detail = await getDreamDetails(dreamId, root);
+    if (!detail)
+        throw new Error("expected detail, got null");
+    const kinds = detail.files.map((f) => `${f.kind}:${f.path}`).sort();
+    if (!kinds.includes("changed:gotchas/2026-05-10-foo.md")) {
+        throw new Error(`missing changed file; got: ${kinds.join(", ")}`);
+    }
+    if (!kinds.includes("new:gotchas/2026-05-12-new.md")) {
+        throw new Error(`missing new file; got: ${kinds.join(", ")}`);
+    }
+});
+await test("flags conflict when current aiwiki file hash differs from base", async () => {
+    const root = mkTempRoot();
+    const dreamId = "conflict-dream";
+    // Original content recorded at dream-creation time
+    const originalContent = "original\n";
+    const baseHash = sha256(originalContent);
+    // User edited it after the dream was created — content now differs
+    writeFile(root, "aiwiki/gotchas/foo.md", "user-edited\n");
+    writeFile(root, `aiwiki/proposed/${dreamId}/gotchas/foo.md`, "dream-proposes\n");
+    writeManifest(root, dreamId, {
+        base_file_hashes: { "aiwiki/gotchas/foo.md": baseHash },
+    });
+    const detail = await getDreamDetails(dreamId, root);
+    if (!detail)
+        throw new Error("expected detail");
+    if (!detail.has_conflicts)
+        throw new Error("expected has_conflicts=true");
+    const conflicted = detail.files.find((f) => f.conflict !== undefined);
+    if (!conflicted)
+        throw new Error("expected one file with conflict info");
+});
+await test("surfaces deletions from prune operations", async () => {
+    const root = mkTempRoot();
+    const dreamId = "prune-dream";
+    writeFile(root, "aiwiki/raw/stale.md", "stale entry\n");
+    writeManifest(root, dreamId, {
+        deleted_pages: 1,
+        operations: [{ op: "prune", file: "aiwiki/raw/stale.md", reason: "investigated; superseded" }],
+    });
+    const detail = await getDreamDetails(dreamId, root);
+    if (!detail)
+        throw new Error("expected detail");
+    const deleted = detail.files.find((f) => f.kind === "deleted");
+    if (!deleted)
+        throw new Error("expected one deleted file");
+    if (deleted.path !== "raw/stale.md")
+        throw new Error(`got path=${deleted.path}`);
+});
+console.log("\nacceptDream");
+await test("happy path: applies file replacements + prunes + archives originals", async () => {
+    const root = mkTempRoot();
+    const dreamId = "happy-accept";
+    const oldContent = "old\n";
+    writeFile(root, "aiwiki/gotchas/foo.md", oldContent);
+    writeFile(root, "aiwiki/raw/stale.md", "stale\n");
+    writeFile(root, `aiwiki/proposed/${dreamId}/gotchas/foo.md`, "new\n");
+    writeFile(root, `aiwiki/proposed/${dreamId}/conventions/handler-naming.md`, "convention body\n");
+    writeManifest(root, dreamId, {
+        base_file_hashes: { "aiwiki/gotchas/foo.md": sha256(oldContent) },
+        operations: [{ op: "prune", file: "aiwiki/raw/stale.md", reason: "consolidated" }],
+    });
+    const result = await acceptDream(dreamId, root);
+    // Replaced file
+    const replaced = fs.readFileSync(path.join(root, "aiwiki/gotchas/foo.md"), "utf8");
+    if (replaced !== "new\n")
+        throw new Error(`expected new content, got "${replaced}"`);
+    // New file written
+    if (!fs.existsSync(path.join(root, "aiwiki/conventions/handler-naming.md"))) {
+        throw new Error("expected new file written");
+    }
+    // Pruned file gone
+    if (fs.existsSync(path.join(root, "aiwiki/raw/stale.md"))) {
+        throw new Error("expected prune to remove stale.md");
+    }
+    // Archive contains the originals
+    if (!result.archived_to)
+        throw new Error("expected archived_to in result");
+    if (!fs.existsSync(path.join(root, result.archived_to, "aiwiki/gotchas/foo.md"))) {
+        throw new Error("expected archived original gotcha");
+    }
+    if (!fs.existsSync(path.join(root, result.archived_to, "aiwiki/raw/stale.md"))) {
+        throw new Error("expected archived pruned file");
+    }
+    // Proposed dir moved to archive
+    if (fs.existsSync(path.join(root, "aiwiki/proposed", dreamId))) {
+        throw new Error("expected proposed dir moved to archive");
+    }
+    // History appended
+    const history = fs.readFileSync(path.join(root, ".forge/dream-history.jsonl"), "utf8");
+    if (!history.includes("accepted"))
+        throw new Error("expected accepted entry in history");
+});
+await test("refuses to accept when base hashes mismatch (conflict)", async () => {
+    const root = mkTempRoot();
+    const dreamId = "conflict-accept";
+    const baseHash = sha256("recorded content\n");
+    writeFile(root, "aiwiki/gotchas/foo.md", "current-different-content\n");
+    writeFile(root, `aiwiki/proposed/${dreamId}/gotchas/foo.md`, "dream content\n");
+    writeManifest(root, dreamId, {
+        base_file_hashes: { "aiwiki/gotchas/foo.md": baseHash },
+    });
+    let threw = false;
+    try {
+        await acceptDream(dreamId, root);
+    }
+    catch (e) {
+        threw = true;
+        const msg = e.message;
+        if (!msg.includes("Concurrent changes")) {
+            throw new Error(`expected concurrent-changes error, got: ${msg}`);
+        }
+    }
+    if (!threw)
+        throw new Error("expected acceptDream to throw on conflict");
+    // State unchanged: original file content preserved
+    const current = fs.readFileSync(path.join(root, "aiwiki/gotchas/foo.md"), "utf8");
+    if (current !== "current-different-content\n") {
+        throw new Error("expected aiwiki file unchanged after refused accept");
+    }
+});
+await test("refuses to accept a dream that's already accepted", async () => {
+    const root = mkTempRoot();
+    writeManifest(root, "already-done", { review_status: "accepted" });
+    let threw = false;
+    try {
+        await acceptDream("already-done", root);
+    }
+    catch (e) {
+        threw = true;
+        if (!e.message.includes("already accepted")) {
+            throw new Error(`got: ${e.message}`);
+        }
+    }
+    if (!threw)
+        throw new Error("expected refusal");
+});
+console.log("\nrejectDream");
+await test("removes proposed dir, appends rejection to history", async () => {
+    const root = mkTempRoot();
+    writeManifest(root, "to-reject");
+    writeFile(root, "aiwiki/proposed/to-reject/gotchas/foo.md", "body\n");
+    const result = await rejectDream("to-reject", "duplicate of another dream", root);
+    if (result.dream_id !== "to-reject")
+        throw new Error(`got dream_id=${result.dream_id}`);
+    if (fs.existsSync(path.join(root, "aiwiki/proposed/to-reject"))) {
+        throw new Error("expected proposed dir removed");
+    }
+    const history = fs.readFileSync(path.join(root, ".forge/dream-history.jsonl"), "utf8");
+    if (!history.includes("rejected"))
+        throw new Error("expected rejected entry");
+    if (!history.includes("duplicate of another dream")) {
+        throw new Error("expected reason in history");
+    }
+});
+await test("rejectDream throws when dream does not exist", async () => {
+    const root = mkTempRoot();
+    let threw = false;
+    try {
+        await rejectDream("ghost", "irrelevant", root);
+    }
+    catch {
+        threw = true;
+    }
+    if (!threw)
+        throw new Error("expected throw for nonexistent dream");
+});
+console.log("\npath containment");
+await test("acceptDream rejects dreamId containing path traversal", async () => {
+    const root = mkTempRoot();
+    // Even though no manifest exists at the escaped location, acceptDream must
+    // reject the traversal before any FS lookup that could read outside root.
+    // Sibling file we want to prove untouched.
+    const sibling = path.join(path.dirname(root), "sibling-secret.md");
+    fs.writeFileSync(sibling, "secret\n");
+    let threw = false;
+    try {
+        await acceptDream("../../../etc", root);
+    }
+    catch (e) {
+        threw = true;
+        if (!/containment/i.test(e.message)) {
+            throw new Error(`expected containment error, got: ${e.message}`);
+        }
+    }
+    if (!threw)
+        throw new Error("expected acceptDream to throw on traversal in dreamId");
+    // Sibling untouched
+    if (fs.readFileSync(sibling, "utf8") !== "secret\n") {
+        throw new Error("sibling file was modified");
+    }
+    fs.unlinkSync(sibling);
+});
+await test("acceptDream rejects op.file with absolute path", async () => {
+    const root = mkTempRoot();
+    const dreamId = "abs-path-attack";
+    // Sibling target the manifest tries to delete. Must not be touched.
+    const sibling = path.join(path.dirname(root), "victim.md");
+    fs.writeFileSync(sibling, "do-not-delete\n");
+    writeManifest(root, dreamId, {
+        operations: [{ op: "prune", file: sibling, reason: "malicious absolute path" }],
+    });
+    let threw = false;
+    try {
+        await acceptDream(dreamId, root);
+    }
+    catch (e) {
+        threw = true;
+        if (!/containment/i.test(e.message)) {
+            throw new Error(`expected containment error, got: ${e.message}`);
+        }
+    }
+    if (!threw)
+        throw new Error("expected acceptDream to throw on absolute op.file");
+    if (!fs.existsSync(sibling) || fs.readFileSync(sibling, "utf8") !== "do-not-delete\n") {
+        throw new Error("sibling file was deleted or modified");
+    }
+    fs.unlinkSync(sibling);
+});
+await test("acceptDream rejects op.file with .. traversal", async () => {
+    const root = mkTempRoot();
+    const dreamId = "dotdot-attack";
+    const sibling = path.join(path.dirname(root), "victim2.md");
+    fs.writeFileSync(sibling, "do-not-delete\n");
+    const rootBasename = path.basename(root);
+    writeManifest(root, dreamId, {
+        operations: [
+            {
+                op: "prune",
+                // Relative path that escapes via ..
+                file: path.join("..", path.relative(path.dirname(root), sibling)),
+                reason: "malicious .. traversal",
+            },
+        ],
+    });
+    // Silence the unused var warning — keep the breadcrumb for debugging.
+    void rootBasename;
+    let threw = false;
+    try {
+        await acceptDream(dreamId, root);
+    }
+    catch (e) {
+        threw = true;
+        if (!/containment/i.test(e.message)) {
+            throw new Error(`expected containment error, got: ${e.message}`);
+        }
+    }
+    if (!threw)
+        throw new Error("expected acceptDream to throw on .. in op.file");
+    if (!fs.existsSync(sibling) || fs.readFileSync(sibling, "utf8") !== "do-not-delete\n") {
+        throw new Error("sibling file was deleted or modified");
+    }
+    fs.unlinkSync(sibling);
+});
+await test("assertInsideRoot returns resolved path for inside-root inputs", () => {
+    const root = mkTempRoot();
+    const rootAbs = path.resolve(root);
+    const inside = assertInsideRoot(rootAbs, path.join(rootAbs, "aiwiki", "foo.md"));
+    if (!inside.startsWith(rootAbs + path.sep)) {
+        throw new Error(`expected resolved path inside root, got ${inside}`);
+    }
+});
+await test("assertInsideRoot rejects NUL byte injection", () => {
+    const root = mkTempRoot();
+    const rootAbs = path.resolve(root);
+    // Inject NUL via string concat — path.join strips NUL via path.normalize,
+    // so it would mask the test. We pass the raw string to assertInsideRoot
+    // directly to verify the helper's own NUL guard fires.
+    const candidate = `${rootAbs}/aiwiki/foo\0.md`;
+    let threw = false;
+    try {
+        assertInsideRoot(rootAbs, candidate);
+    }
+    catch (e) {
+        threw = true;
+        if (!/NUL byte/i.test(e.message)) {
+            throw new Error(`expected NUL byte error, got: ${e.message}`);
+        }
+    }
+    if (!threw)
+        throw new Error("expected assertInsideRoot to reject NUL byte path");
+});
+await test("acceptDream rejects symlink pointing outside root", async () => {
+    const root = mkTempRoot();
+    const dreamId = "symlink-attack";
+    // Sibling file the symlink would target. Must not be touched.
+    const sibling = path.join(path.dirname(root), "symlink-victim.md");
+    fs.writeFileSync(sibling, "do-not-touch\n");
+    // Plant a symlink at aiwiki/gotchas/target.md → sibling. We make the
+    // directory so the *parent* exists and the symlink itself is the dangerous
+    // component. acceptDream copies proposed/{id}/gotchas/target.md → that
+    // symlink path, which without realpath checking would follow the link.
+    const aiwikiGotchas = path.join(root, "aiwiki", "gotchas");
+    fs.mkdirSync(aiwikiGotchas, { recursive: true });
+    const symlinkPath = path.join(aiwikiGotchas, "target.md");
+    try {
+        fs.symlinkSync(sibling, symlinkPath);
+    }
+    catch (e) {
+        const code = e.code;
+        if (code === "EPERM") {
+            // Some FS / OS don't allow symlinks without admin (e.g. Windows). Skip.
+            console.log("    SKIPPED (symlink not permitted on this FS)");
+            return;
+        }
+        throw e;
+    }
+    // Dream proposes to overwrite that path with new content.
+    writeFile(root, `aiwiki/proposed/${dreamId}/gotchas/target.md`, "dream-payload\n");
+    writeManifest(root, dreamId);
+    let threw = false;
+    try {
+        await acceptDream(dreamId, root);
+    }
+    catch (e) {
+        threw = true;
+        if (!/containment/i.test(e.message)) {
+            throw new Error(`expected containment error, got: ${e.message}`);
+        }
+    }
+    if (!threw) {
+        throw new Error("expected acceptDream to reject symlink-out-of-root");
+    }
+    // Sibling untouched
+    if (fs.readFileSync(sibling, "utf8") !== "do-not-touch\n") {
+        throw new Error("symlink-targeted sibling file was modified");
+    }
+    fs.unlinkSync(sibling);
+});
+console.log(`\n=== ${passed} passed, ${failed} failed ===`);
+if (failed > 0) {
+    console.log("\nFailures:");
+    fails.forEach((f) => console.log("  - " + f));
+    process.exit(1);
+}
+process.exit(0);