@lobu/core 3.0.13 → 3.0.19

package/src/__tests__/fixtures/mock-redis.ts

@@ -1,300 +0,0 @@
-/**
- * Unified in-memory Redis mock for testing.
- *
- * Replaces three duplicated implementations:
- *   - MockRedisClient in gateway setup.ts
- *   - FakeRedis in system-message-limiter.test.ts
- *   - queue mock getRedisClient
- *
- * Supports string, set, list, and hash operations with TTL tracking.
- */
-
-type SetMode = "NX" | undefined;
-
-export class MockRedisClient {
-  private store = new Map<string, { value: string; ttl?: number }>();
-  private sets = new Map<string, Set<string>>();
-  private lists = new Map<string, string[]>();
-  private currentTime = Date.now();
-
-  // --- String operations ---
-
-  async exists(key: string): Promise<number> {
-    const entry = this.store.get(key);
-    if (!entry) return 0;
-    if (entry.ttl && entry.ttl < this.currentTime) {
-      this.store.delete(key);
-      return 0;
-    }
-    return 1;
-  }
-
-  async get(key: string): Promise<string | null> {
-    const entry = this.store.get(key);
-    if (!entry) return null;
-    if (entry.ttl && entry.ttl < this.currentTime) {
-      this.store.delete(key);
-      return null;
-    }
-    return entry.value;
-  }
-
-  /**
-   * ioredis-compatible set with optional EX / NX flags.
-   * Supports: set(key, value), set(key, value, "EX", sec), set(key, value, "EX", sec, "NX")
-   */
-  async set(
-    key: string,
-    value: string,
-    exTokenOrTtl?: "EX" | number,
-    exSeconds?: number,
-    mode?: SetMode
-  ): Promise<"OK" | null> {
-    // NX check must be synchronous to avoid TOCTOU race
-    if (mode === "NX") {
-      const entry = this.store.get(key);
-      const alive = entry && (!entry.ttl || entry.ttl >= this.currentTime);
-      if (alive) return null;
-    }
-
-    let ttl: number | undefined;
-    if (exTokenOrTtl === "EX" && typeof exSeconds === "number") {
-      ttl = this.currentTime + exSeconds * 1000;
-    } else if (typeof exTokenOrTtl === "number") {
-      ttl = this.currentTime + exTokenOrTtl * 1000;
-    }
-
-    this.store.set(key, { value, ttl });
-    return "OK";
-  }
-
-  async setex(key: string, ttlSeconds: number, value: string): Promise<void> {
-    const ttl = this.currentTime + ttlSeconds * 1000;
-    this.store.set(key, { value, ttl });
-  }
-
-  async incr(key: string): Promise<number> {
-    const current = await this.get(key);
-    const nextValue = (current ? Number.parseInt(current, 10) : 0) + 1;
-    const entry = this.store.get(key);
-    this.store.set(key, {
-      value: String(nextValue),
-      ttl: entry?.ttl,
-    });
-    return nextValue;
-  }
-
-  async del(...keys: string[]): Promise<number> {
-    let deleted = 0;
-    for (const key of keys) {
-      const existed =
-        this.store.has(key) || this.sets.has(key) || this.lists.has(key);
-      this.store.delete(key);
-      this.sets.delete(key);
-      this.lists.delete(key);
-      if (existed) deleted++;
-    }
-    return deleted;
-  }
-
-  async getdel(key: string): Promise<string | null> {
-    const value = await this.get(key);
-    if (value !== null) {
-      await this.del(key);
-    }
-    return value;
-  }
-
-  async expire(key: string, seconds: number): Promise<number> {
-    if (this.store.has(key)) {
-      const entry = this.store.get(key)!;
-      entry.ttl = this.currentTime + seconds * 1000;
-      return 1;
-    }
-    return 0;
-  }
-
-  async ttl(key: string): Promise<number> {
-    const entry = this.store.get(key);
-    if (!entry) return -2;
-    if (!entry.ttl) return -1;
-    if (entry.ttl < this.currentTime) {
-      this.store.delete(key);
-      return -2;
-    }
-    return Math.max(0, Math.ceil((entry.ttl - this.currentTime) / 1000));
-  }
-
-  // --- Set operations ---
-
-  async sadd(key: string, ...members: string[]): Promise<number> {
-    if (!this.sets.has(key)) this.sets.set(key, new Set());
-    const set = this.sets.get(key)!;
-    let added = 0;
-    for (const m of members) {
-      if (!set.has(m)) {
-        set.add(m);
-        added++;
-      }
-    }
-    return added;
-  }
-
-  async srem(key: string, ...members: string[]): Promise<number> {
-    const set = this.sets.get(key);
-    if (!set) return 0;
-    let removed = 0;
-    for (const m of members) {
-      if (set.delete(m)) removed++;
-    }
-    return removed;
-  }
-
-  async smembers(key: string): Promise<string[]> {
-    const set = this.sets.get(key);
-    return set ? Array.from(set) : [];
-  }
-
-  async sismember(key: string, member: string): Promise<number> {
-    const set = this.sets.get(key);
-    return set?.has(member) ? 1 : 0;
-  }
-
-  // --- List operations ---
-
-  async rpush(key: string, ...values: string[]): Promise<number> {
-    if (!this.lists.has(key)) this.lists.set(key, []);
-    const list = this.lists.get(key)!;
-    list.push(...values);
-    return list.length;
-  }
-
-  async lrange(key: string, start: number, stop: number): Promise<string[]> {
-    const list = this.lists.get(key);
-    if (!list) return [];
-    const end = stop === -1 ? list.length : stop + 1;
-    return list.slice(start, end);
-  }
-
-  // --- Scan ---
-
-  async scan(
-    _cursor: string,
-    ...args: (string | number)[]
-  ): Promise<[string, string[]]> {
-    // Extract pattern from args: "MATCH", pattern, "COUNT", count
-    let pattern = "*";
-    for (let i = 0; i < args.length - 1; i++) {
-      if (String(args[i]).toUpperCase() === "MATCH") {
-        pattern = String(args[i + 1]);
-        break;
-      }
-    }
-
-    const allKeys = new Set<string>();
-    for (const key of this.store.keys()) allKeys.add(key);
-    for (const key of this.sets.keys()) allKeys.add(key);
-    for (const key of this.lists.keys()) allKeys.add(key);
-
-    const matching: string[] = [];
-    for (const key of allKeys) {
-      if (pattern === "*") {
-        matching.push(key);
-      } else if (pattern.endsWith("*")) {
-        const prefix = pattern.slice(0, -1);
-        if (key.startsWith(prefix)) matching.push(key);
-      } else if (key === pattern) {
-        matching.push(key);
-      }
-    }
-
-    return ["0", matching];
-  }
-
-  // --- Batch get ---
-
-  async mget(...keys: string[]): Promise<(string | null)[]> {
-    return Promise.all(keys.map((key) => this.get(key)));
-  }
-
-  // --- Watch / Unwatch (no-ops) ---
-
-  async watch(..._keys: string[]): Promise<"OK"> {
-    return "OK";
-  }
-
-  async unwatch(): Promise<"OK"> {
-    return "OK";
-  }
-
-  // --- Multi ---
-
-  multi(): {
-    set(key: string, value: string): any;
-    exec(): Promise<[null, string][]>;
-  } {
-    const pending: Array<{ key: string; value: string }> = [];
-    const self = this;
-    const chain = {
-      set(key: string, value: string) {
-        pending.push({ key, value });
-        return chain;
-      },
-      async exec(): Promise<[null, string][]> {
-        const results: [null, string][] = [];
-        for (const op of pending) {
-          self.store.set(op.key, { value: op.value });
-          results.push([null, "OK"]);
-        }
-        return results;
-      },
-    };
-    return chain;
-  }
-
-  // --- Pipeline ---
-
-  pipeline(): {
-    setex(key: string, ttl: number, value: string): any;
-    del(...keys: string[]): any;
-    exec(): Promise<Array<[null, any]>>;
-  } {
-    const ops: Array<() => Promise<any>> = [];
-    const self = this;
-    const chain = {
-      setex(key: string, ttl: number, value: string) {
-        ops.push(() => self.setex(key, ttl, value));
-        return chain;
-      },
-      del(...keys: string[]) {
-        ops.push(() => self.del(...keys));
-        return chain;
-      },
-      async exec(): Promise<Array<[null, any]>> {
-        const results: Array<[null, any]> = [];
-        for (const op of ops) {
-          const result = await op();
-          results.push([null, result ?? "OK"]);
-        }
-        return results;
-      },
-    };
-    return chain;
-  }
-
-  // --- Test helpers ---
-
-  advanceTime(ms: number): void {
-    this.currentTime += ms;
-  }
-
-  has(key: string): boolean {
-    return this.store.has(key);
-  }
-
-  clear(): void {
-    this.store.clear();
-    this.sets.clear();
-    this.lists.clear();
-  }
-}

package/src/__tests__/retry.test.ts

@@ -1,134 +0,0 @@
-import { describe, expect, mock, test } from "bun:test";
-import { retryWithBackoff } from "../utils/retry";
-
-describe("retryWithBackoff", () => {
-  test("returns result on first success", async () => {
-    const fn = mock(() => Promise.resolve("ok"));
-    const result = await retryWithBackoff(fn);
-    expect(result).toBe("ok");
-    expect(fn).toHaveBeenCalledTimes(1);
-  });
-
-  test("retries on failure and returns on eventual success", async () => {
-    let attempt = 0;
-    const fn = mock(async () => {
-      attempt++;
-      if (attempt < 3) throw new Error(`fail ${attempt}`);
-      return "success";
-    });
-
-    const result = await retryWithBackoff(fn, {
-      maxRetries: 3,
-      baseDelay: 0,
-    });
-    expect(result).toBe("success");
-    expect(fn).toHaveBeenCalledTimes(3);
-  });
-
-  test("throws last error when all retries exhausted", async () => {
-    const fn = mock(async () => {
-      throw new Error("always fails");
-    });
-
-    await expect(
-      retryWithBackoff(fn, { maxRetries: 2, baseDelay: 0 })
-    ).rejects.toThrow("always fails");
-    // 1 initial + 2 retries = 3 calls
-    expect(fn).toHaveBeenCalledTimes(3);
-  });
-
-  test("maxRetries=0 means single attempt, no retries", async () => {
-    const fn = mock(async () => {
-      throw new Error("fail");
-    });
-
-    await expect(
-      retryWithBackoff(fn, { maxRetries: 0, baseDelay: 0 })
-    ).rejects.toThrow("fail");
-    expect(fn).toHaveBeenCalledTimes(1);
-  });
-
-  test("calls onRetry callback with attempt number and error", async () => {
-    let attempt = 0;
-    const fn = async () => {
-      attempt++;
-      if (attempt < 3) throw new Error(`err-${attempt}`);
-      return "done";
-    };
-
-    const retries: { attempt: number; message: string }[] = [];
-    await retryWithBackoff(fn, {
-      maxRetries: 3,
-      baseDelay: 0,
-      onRetry: (attempt, error) => {
-        retries.push({ attempt, message: error.message });
-      },
-    });
-
-    expect(retries).toEqual([
-      { attempt: 1, message: "err-1" },
-      { attempt: 2, message: "err-2" },
-    ]);
-  });
-
-  test("uses defaults when no options provided", async () => {
-    const fn = mock(() => Promise.resolve(42));
-    const result = await retryWithBackoff(fn);
-    expect(result).toBe(42);
-  });
-
-  test("linear strategy increases delay linearly", async () => {
-    const delays: number[] = [];
-    const originalSetTimeout = globalThis.setTimeout;
-
-    // Patch setTimeout to capture delays (but resolve immediately)
-    globalThis.setTimeout = ((fn: () => void, ms: number) => {
-      delays.push(ms);
-      return originalSetTimeout(fn, 0);
-    }) as any;
-
-    let attempt = 0;
-    try {
-      await retryWithBackoff(
-        async () => {
-          attempt++;
-          if (attempt <= 3) throw new Error("fail");
-          return "ok";
-        },
-        { maxRetries: 3, baseDelay: 100, strategy: "linear" }
-      );
-    } finally {
-      globalThis.setTimeout = originalSetTimeout;
-    }
-
-    // Linear: 100*(0+1)=100, 100*(1+1)=200, 100*(2+1)=300
-    expect(delays).toEqual([100, 200, 300]);
-  });
-
-  test("exponential strategy doubles delay", async () => {
-    const delays: number[] = [];
-    const originalSetTimeout = globalThis.setTimeout;
-
-    globalThis.setTimeout = ((fn: () => void, ms: number) => {
-      delays.push(ms);
-      return originalSetTimeout(fn, 0);
-    }) as any;
-
-    let attempt = 0;
-    try {
-      await retryWithBackoff(
-        async () => {
-          attempt++;
-          if (attempt <= 3) throw new Error("fail");
-          return "ok";
-        },
-        { maxRetries: 3, baseDelay: 100, strategy: "exponential" }
-      );
-    } finally {
-      globalThis.setTimeout = originalSetTimeout;
-    }
-
-    // Exponential: 100*2^0=100, 100*2^1=200, 100*2^2=400
-    expect(delays).toEqual([100, 200, 400]);
-  });
-});

package/src/__tests__/sanitize.test.ts

@@ -1,158 +0,0 @@
-import { describe, expect, test } from "bun:test";
-import {
-  sanitizeConversationId,
-  sanitizeFilename,
-  sanitizeForLogging,
-} from "../utils/sanitize";
-
-describe("sanitizeFilename", () => {
-  test("removes path traversal (strips to basename)", () => {
-    // The regex strips everything up to and including the last / or \
-    expect(sanitizeFilename("../../etc/passwd")).toBe("passwd");
-  });
-
-  test("removes windows path traversal (strips to basename)", () => {
-    expect(sanitizeFilename("..\\..\\windows\\system32")).toBe("system32");
-  });
-
-  test("removes special characters", () => {
-    expect(sanitizeFilename('file<>|*?:"name.txt')).toBe("file_______name.txt");
-  });
-
-  test("removes leading dots (hidden files)", () => {
-    expect(sanitizeFilename(".hidden")).toBe("hidden");
-    expect(sanitizeFilename("...secret")).toBe("secret");
-  });
-
-  test("collapses consecutive dots", () => {
-    expect(sanitizeFilename("file..name..txt")).toBe("file.name.txt");
-  });
-
-  test("returns unnamed_file for empty result", () => {
-    expect(sanitizeFilename("")).toBe("unnamed_file");
-    expect(sanitizeFilename("...")).toBe("unnamed_file");
-    expect(sanitizeFilename("///")).toBe("unnamed_file");
-  });
-
-  test("preserves safe filenames", () => {
-    expect(sanitizeFilename("document.pdf")).toBe("document.pdf");
-    expect(sanitizeFilename("my-file_v2.tar.gz")).toBe("my-file_v2.tar.gz");
-  });
-
-  test("truncates to maxLength", () => {
-    const long = "a".repeat(300);
-    expect(sanitizeFilename(long).length).toBe(255);
-    expect(sanitizeFilename(long, 10).length).toBe(10);
-  });
-
-  test("preserves spaces", () => {
-    expect(sanitizeFilename("my file name.txt")).toBe("my file name.txt");
-  });
-
-  test("strips directory path components", () => {
-    expect(sanitizeFilename("/path/to/file.txt")).toBe("file.txt");
-    expect(sanitizeFilename("C:\\Users\\doc.pdf")).toBe("doc.pdf");
-  });
-});
-
-describe("sanitizeConversationId", () => {
-  test("preserves valid conversation IDs", () => {
-    expect(sanitizeConversationId("1756766056.836119")).toBe(
-      "1756766056.836119"
-    );
-  });
-
-  test("replaces slashes and special chars", () => {
-    // Only non-alphanumeric (except . and -) are replaced
-    expect(sanitizeConversationId("thread/123/../456")).toBe(
-      "thread_123_.._456"
-    );
-  });
-
-  test("preserves hyphens and dots", () => {
-    expect(sanitizeConversationId("abc-def.123")).toBe("abc-def.123");
-  });
-
-  test("replaces colons and spaces", () => {
-    expect(sanitizeConversationId("a:b c")).toBe("a_b_c");
-  });
-});
-
-describe("sanitizeForLogging", () => {
-  test("redacts default sensitive keys (lowercase match)", () => {
-    const obj = {
-      // "token" is in the sensitive list and matches case-insensitively
-      token: "bearer-xyz",
-      // "password" matches
-      password: "secret123",
-      timeout: 5000,
-    };
-    const result = sanitizeForLogging(obj);
-    expect(result.token).toBe("[REDACTED:10]");
-    expect(result.password).toBe("[REDACTED:9]");
-    expect(result.timeout).toBe(5000);
-  });
-
-  test("matches via includes (key containing sensitive substring)", () => {
-    // Object key "my_api_key_field" lowercased includes "api_key"
-    const obj = { my_api_key_field: "secret-value" };
-    const result = sanitizeForLogging(obj);
-    expect(result.my_api_key_field).toBe("[REDACTED:12]");
-  });
-
-  test("redacts authorization header (case-insensitive key)", () => {
-    // "Authorization" lowered → "authorization" which includes "authorization"
-    const obj = { Authorization: "Bearer tok12" };
-    const result = sanitizeForLogging(obj);
-    expect(result.Authorization).toBe("[REDACTED:12]");
-  });
-
-  test("recursively sanitizes nested objects", () => {
-    const obj = {
-      config: { password: "secret", port: 3000 },
-    };
-    const result = sanitizeForLogging(obj);
-    expect(result.config.password).toBe("[REDACTED:6]");
-    expect(result.config.port).toBe(3000);
-  });
-
-  test("recursively sanitizes env key", () => {
-    const obj = { env: { TOKEN: "abc123" } };
-    const result = sanitizeForLogging(obj);
-    expect(result.env.TOKEN).toBe("[REDACTED:6]");
-  });
-
-  test("handles arrays (recurses into elements)", () => {
-    const arr = [{ token: "secret" }, { name: "safe" }];
-    const result = sanitizeForLogging(arr);
-    expect(result[0].token).toBe("[REDACTED:6]");
-    expect(result[1].name).toBe("safe");
-  });
-
-  test("handles additional sensitive keys", () => {
-    const obj = { customSecret: "hidden", name: "visible" };
-    const result = sanitizeForLogging(obj, ["customsecret"]);
-    expect(result.customSecret).toBe("[REDACTED:6]");
-    expect(result.name).toBe("visible");
-  });
-
-  test("returns primitives unchanged", () => {
-    expect(sanitizeForLogging("string")).toBe("string");
-    expect(sanitizeForLogging(42)).toBe(42);
-    expect(sanitizeForLogging(null)).toBe(null);
-    expect(sanitizeForLogging(undefined)).toBe(undefined);
-  });
-
-  test("does not mutate original object", () => {
-    const obj = { apiKey: "secret" };
-    sanitizeForLogging(obj);
-    expect(obj.apiKey).toBe("secret");
-  });
-
-  test("only redacts string values of sensitive keys", () => {
-    const obj = { token: 12345 };
-    const result = sanitizeForLogging(obj);
-    // Non-string sensitive values are not redacted
-    expect(result.token).toBe(12345);
-  });
-});