@meltstudio/meltctl 4.27.0 → 4.28.1

package/dist/commands/templates.test.js

@@ -0,0 +1,89 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+vi.mock('fs-extra', () => ({
+    default: {
+        ensureDir: vi.fn(),
+        writeFile: vi.fn(),
+    },
+}));
+vi.mock('../utils/auth.js', () => ({
+    isAuthenticated: vi.fn(),
+}));
+vi.mock('../utils/templates.js', () => ({
+    fetchTemplates: vi.fn(),
+}));
+import fs from 'fs-extra';
+import { isAuthenticated } from '../utils/auth.js';
+import { fetchTemplates } from '../utils/templates.js';
+import { templatesCommand } from './templates.js';
+beforeEach(() => {
+    vi.clearAllMocks();
+    vi.spyOn(console, 'log').mockImplementation(() => { });
+    vi.spyOn(console, 'error').mockImplementation(() => { });
+    vi.spyOn(process, 'exit').mockImplementation((code) => {
+        throw new Error(`process.exit(${code})`);
+    });
+});
+describe('templatesCommand', () => {
+    it('exits when not authenticated', async () => {
+        ;
+        isAuthenticated.mockResolvedValue(false);
+        await expect(templatesCommand()).rejects.toThrow('process.exit(1)');
+        expect(console.error).toHaveBeenCalled();
+        expect(fetchTemplates).not.toHaveBeenCalled();
+    });
+    it('fetches and writes templates to temp dir', async () => {
+        ;
+        isAuthenticated.mockResolvedValue(true);
+        fetchTemplates.mockResolvedValue({
+            'AGENTS.md': '# Agents\nContent here',
+            '.claude/skills/setup.md': '# Setup skill',
+        });
+        await templatesCommand();
+        // Should have called ensureDir for the temp dir and subdirectories
+        expect(fs.ensureDir).toHaveBeenCalled();
+        // Should have written both files
+        expect(fs.writeFile).toHaveBeenCalledTimes(2);
+        // First file
+        const writeFileCalls = fs.writeFile.mock.calls;
+        const filePaths = writeFileCalls.map((c) => c[0]);
+        expect(filePaths.some((p) => p.endsWith('AGENTS.md'))).toBe(true);
+        expect(filePaths.some((p) => p.endsWith('setup.md'))).toBe(true);
+        // Verify content
+        const agentsCall = writeFileCalls.find((c) => c[0].endsWith('AGENTS.md'));
+        expect(agentsCall[1]).toBe('# Agents\nContent here');
+        // Should print the temp dir path
+        expect(console.log).toHaveBeenCalled();
+    });
+    it('exits with error when session expired', async () => {
+        ;
+        isAuthenticated.mockResolvedValue(true);
+        fetchTemplates.mockRejectedValue(new Error('Session expired'));
+        await expect(templatesCommand()).rejects.toThrow('process.exit(1)');
+        const errorCalls = console.error.mock.calls.map((c) => String(c[0]));
+        expect(errorCalls.some((msg) => msg.includes('expired'))).toBe(true);
+    });
+    it('exits with error on fetch/network error', async () => {
+        ;
+        isAuthenticated.mockResolvedValue(true);
+        fetchTemplates.mockRejectedValue(new Error('fetch failed'));
+        await expect(templatesCommand()).rejects.toThrow('process.exit(1)');
+        const errorCalls = console.error.mock.calls.map((c) => String(c[0]));
+        expect(errorCalls.some((msg) => msg.includes('connection'))).toBe(true);
+    });
+    it('exits with generic error for unknown failures', async () => {
+        ;
+        isAuthenticated.mockResolvedValue(true);
+        fetchTemplates.mockRejectedValue(new Error('Something weird'));
+        await expect(templatesCommand()).rejects.toThrow('process.exit(1)');
+        const errorCalls = console.error.mock.calls.map((c) => String(c[0]));
+        expect(errorCalls.some((msg) => msg.includes('Something weird'))).toBe(true);
+    });
+    it('exits with generic message for non-Error thrown values', async () => {
+        ;
+        isAuthenticated.mockResolvedValue(true);
+        fetchTemplates.mockRejectedValue('string error');
+        await expect(templatesCommand()).rejects.toThrow('process.exit(1)');
+        const errorCalls = console.error.mock.calls.map((c) => String(c[0]));
+        expect(errorCalls.some((msg) => msg.includes('Unknown error'))).toBe(true);
+    });
+});

package/dist/commands/version.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/commands/version.test.js

@@ -0,0 +1,86 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+vi.mock('../utils/version-check.js', () => ({
+    getCurrentCliVersion: vi.fn(),
+    getLatestCliVersion: vi.fn(),
+    compareVersions: vi.fn(),
+}));
+vi.mock('../utils/package-manager.js', () => ({
+    getUpdateInstructions: vi.fn(),
+}));
+import { getCurrentCliVersion, getLatestCliVersion, compareVersions, } from '../utils/version-check.js';
+import { getUpdateInstructions } from '../utils/package-manager.js';
+import { versionCheckCommand } from './version.js';
+beforeEach(() => {
+    vi.clearAllMocks();
+    vi.spyOn(console, 'log').mockImplementation(() => { });
+    vi.spyOn(console, 'error').mockImplementation(() => { });
+    vi.spyOn(process, 'exit').mockImplementation((code) => {
+        throw new Error(`process.exit(${code})`);
+    });
+});
+describe('versionCheckCommand', () => {
+    it('displays up-to-date message when versions match', async () => {
+        ;
+        getCurrentCliVersion.mockResolvedValue('4.26.0');
+        getLatestCliVersion.mockResolvedValue('4.26.0');
+        compareVersions.mockReturnValue(false);
+        await versionCheckCommand();
+        const logCalls = console.log.mock.calls.map((c) => c[0]);
+        expect(logCalls.some((msg) => typeof msg === 'string' && msg.includes('up to date'))).toBe(true);
+    });
+    it('displays update available when newer version exists', async () => {
+        ;
+        getCurrentCliVersion.mockResolvedValue('4.25.0');
+        getLatestCliVersion.mockResolvedValue('4.26.0');
+        compareVersions.mockReturnValue(true);
+        getUpdateInstructions.mockReturnValue([
+            'npm install -g @meltstudio/meltctl@latest',
+            '',
+            'Or with yarn:',
+            '  yarn global add @meltstudio/meltctl@latest',
+        ]);
+        await versionCheckCommand();
+        const logCalls = console.log.mock.calls.map((c) => c[0]);
+        expect(logCalls.some((msg) => typeof msg === 'string' && msg.includes('Update available'))).toBe(true);
+    });
+    it('shows update instructions when update is available', async () => {
+        ;
+        getCurrentCliVersion.mockResolvedValue('4.25.0');
+        getLatestCliVersion.mockResolvedValue('4.26.0');
+        compareVersions.mockReturnValue(true);
+        getUpdateInstructions.mockReturnValue(['npm install -g @meltstudio/meltctl@latest']);
+        await versionCheckCommand();
+        expect(getUpdateInstructions).toHaveBeenCalled();
+        const logCalls = console.log.mock.calls.map((c) => c[0]);
+        expect(logCalls.some((msg) => typeof msg === 'string' && msg.includes('To update, run'))).toBe(true);
+    });
+    it('shows warning when unable to check for updates (network error)', async () => {
+        ;
+        getCurrentCliVersion.mockResolvedValue('4.26.0');
+        getLatestCliVersion.mockResolvedValue(null);
+        await versionCheckCommand();
+        const logCalls = console.log.mock.calls.map((c) => c[0]);
+        expect(logCalls.some((msg) => typeof msg === 'string' && msg.includes('Unable to check for updates'))).toBe(true);
+    });
+    it('shows current version when network check fails', async () => {
+        ;
+        getCurrentCliVersion.mockResolvedValue('4.26.0');
+        getLatestCliVersion.mockResolvedValue(null);
+        await versionCheckCommand();
+        const logCalls = console.log.mock.calls.map((c) => c[0]);
+        expect(logCalls.some((msg) => typeof msg === 'string' && msg.includes('4.26.0'))).toBe(true);
+    });
+    it('exits with error when getCurrentCliVersion throws', async () => {
+        ;
+        getCurrentCliVersion.mockRejectedValue(new Error('Cannot read package.json'));
+        await expect(versionCheckCommand()).rejects.toThrow('process.exit(1)');
+        expect(console.error).toHaveBeenCalled();
+    });
+    it('exits with error when getLatestCliVersion throws', async () => {
+        ;
+        getCurrentCliVersion.mockResolvedValue('4.26.0');
+        getLatestCliVersion.mockRejectedValue(new Error('Unexpected error'));
+        await expect(versionCheckCommand()).rejects.toThrow('process.exit(1)');
+        expect(console.error).toHaveBeenCalled();
+    });
+});

package/dist/index.js

@@ -102,7 +102,7 @@ audit
 audit
     .command('list')
     .description('list submitted audits (Team Managers only)')
-    .option('--type <type>', 'filter by type (audit, ux-audit)')
+    .option('--type <type>', 'filter by type (audit, ux-audit, security-audit)')
     .option('--repository <repo>', 'filter by repository (owner/repo)')
     .option('--latest', 'show only the latest audit per project and type')
     .option('--limit <n>', 'max results (default 50, max 200)')

package/dist/utils/api.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/utils/api.test.js

@@ -0,0 +1,96 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+vi.mock('./auth.js', () => ({
+    getStoredAuth: vi.fn(),
+    API_BASE: 'https://test-api.example.com',
+}));
+import { getStoredAuth, API_BASE } from './auth.js';
+import { getToken, tokenFetch } from './api.js';
+beforeEach(() => {
+    vi.clearAllMocks();
+    vi.spyOn(console, 'error').mockImplementation(() => { });
+    vi.spyOn(process, 'exit').mockImplementation((code) => {
+        throw new Error(`process.exit(${code})`);
+    });
+    delete process.env['MELTCTL_TOKEN'];
+});
+describe('getToken', () => {
+    it('returns env token when MELTCTL_TOKEN is set', async () => {
+        process.env['MELTCTL_TOKEN'] = 'env-token-123';
+        const token = await getToken();
+        expect(token).toBe('env-token-123');
+        expect(getStoredAuth).not.toHaveBeenCalled();
+    });
+    it('returns stored auth token when valid', async () => {
+        ;
+        getStoredAuth.mockResolvedValue({
+            token: 'stored-token',
+            email: 'dev@meltstudio.co',
+            expiresAt: '2099-12-31T00:00:00Z',
+        });
+        const token = await getToken();
+        expect(token).toBe('stored-token');
+    });
+    it('exits when no auth is available', async () => {
+        ;
+        getStoredAuth.mockResolvedValue(undefined);
+        await expect(getToken()).rejects.toThrow('process.exit(1)');
+        expect(console.error).toHaveBeenCalled();
+    });
+    it('exits when stored token is expired', async () => {
+        ;
+        getStoredAuth.mockResolvedValue({
+            token: 'expired-token',
+            email: 'dev@meltstudio.co',
+            expiresAt: '2020-01-01T00:00:00Z',
+        });
+        await expect(getToken()).rejects.toThrow('process.exit(1)');
+        expect(console.error).toHaveBeenCalled();
+    });
+});
+describe('tokenFetch', () => {
+    it('makes request with bearer token', async () => {
+        const mockResponse = { status: 200, ok: true };
+        const fetchMock = vi.fn().mockResolvedValue(mockResponse);
+        vi.stubGlobal('fetch', fetchMock);
+        const result = await tokenFetch('my-token', '/audits');
+        expect(result).toBe(mockResponse);
+        expect(fetchMock).toHaveBeenCalledWith(`${API_BASE}/audits`, expect.objectContaining({
+            headers: expect.objectContaining({
+                Authorization: 'Bearer my-token',
+            }),
+        }));
+        vi.unstubAllGlobals();
+    });
+    it('merges custom options and headers', async () => {
+        const fetchMock = vi.fn().mockResolvedValue({ status: 200, ok: true });
+        vi.stubGlobal('fetch', fetchMock);
+        await tokenFetch('tok', '/test', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: '{}',
+        });
+        expect(fetchMock).toHaveBeenCalledWith(`${API_BASE}/test`, expect.objectContaining({
+            method: 'POST',
+            body: '{}',
+            headers: expect.objectContaining({
+                Authorization: 'Bearer tok',
+                'Content-Type': 'application/json',
+            }),
+        }));
+        vi.unstubAllGlobals();
+    });
+    it('throws when API returns 401', async () => {
+        const fetchMock = vi.fn().mockResolvedValue({ status: 401, ok: false });
+        vi.stubGlobal('fetch', fetchMock);
+        await expect(tokenFetch('bad-token', '/test')).rejects.toThrow('Authentication failed');
+        vi.unstubAllGlobals();
+    });
+    it('returns response for non-401 errors without throwing', async () => {
+        const mockResponse = { status: 500, ok: false, statusText: 'Internal Server Error' };
+        const fetchMock = vi.fn().mockResolvedValue(mockResponse);
+        vi.stubGlobal('fetch', fetchMock);
+        const result = await tokenFetch('tok', '/test');
+        expect(result.status).toBe(500);
+        vi.unstubAllGlobals();
+    });
+});

package/dist/utils/auth.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/utils/auth.test.js

@@ -0,0 +1,165 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+vi.mock('fs-extra', () => ({
+    default: {
+        pathExists: vi.fn(),
+        readJson: vi.fn(),
+        ensureDir: vi.fn(),
+        writeJson: vi.fn(),
+        remove: vi.fn(),
+    },
+}));
+import fs from 'fs-extra';
+import { getStoredAuth, storeAuth, clearAuth, isAuthenticated, authenticatedFetch, API_BASE, } from './auth.js';
+beforeEach(() => {
+    vi.clearAllMocks();
+});
+describe('API_BASE', () => {
+    it('has a default value', () => {
+        expect(API_BASE).toBeTruthy();
+        expect(typeof API_BASE).toBe('string');
+    });
+});
+describe('getStoredAuth', () => {
+    it('returns undefined when auth file does not exist', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(false);
+        const result = await getStoredAuth();
+        expect(result).toBeUndefined();
+    });
+    it('returns stored auth data when file exists', async () => {
+        const mockAuth = { token: 'abc', email: 'dev@meltstudio.co', expiresAt: '2026-12-31' };
+        fs.pathExists.mockResolvedValue(true);
+        fs.readJson.mockResolvedValue(mockAuth);
+        const result = await getStoredAuth();
+        expect(result).toEqual(mockAuth);
+    });
+    it('returns undefined when readJson throws', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(true);
+        fs.readJson.mockRejectedValue(new Error('parse error'));
+        const result = await getStoredAuth();
+        expect(result).toBeUndefined();
+    });
+});
+describe('storeAuth', () => {
+    it('creates directory and writes auth file', async () => {
+        const auth = { token: 'tok', email: 'a@meltstudio.co', expiresAt: '2026-12-31' };
+        await storeAuth(auth);
+        expect(fs.ensureDir).toHaveBeenCalled();
+        expect(fs.writeJson).toHaveBeenCalledWith(expect.stringContaining('auth.json'), auth, {
+            spaces: 2,
+        });
+    });
+});
+describe('clearAuth', () => {
+    it('removes auth file when it exists', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(true);
+        await clearAuth();
+        expect(fs.remove).toHaveBeenCalled();
+    });
+    it('does nothing when auth file does not exist', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(false);
+        await clearAuth();
+        expect(fs.remove).not.toHaveBeenCalled();
+    });
+});
+describe('isAuthenticated', () => {
+    it('returns false when no stored auth', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(false);
+        expect(await isAuthenticated()).toBe(false);
+    });
+    it('returns false when token is expired', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(true);
+        fs.readJson.mockResolvedValue({
+            token: 'tok',
+            email: 'a@meltstudio.co',
+            expiresAt: '2020-01-01T00:00:00Z',
+        });
+        expect(await isAuthenticated()).toBe(false);
+    });
+    it('returns true when token is valid and not expired', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(true);
+        fs.readJson.mockResolvedValue({
+            token: 'tok',
+            email: 'a@meltstudio.co',
+            expiresAt: '2099-12-31T00:00:00Z',
+        });
+        expect(await isAuthenticated()).toBe(true);
+    });
+});
+describe('authenticatedFetch', () => {
+    it('throws when not authenticated', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(false);
+        await expect(authenticatedFetch('/test')).rejects.toThrow('Not authenticated');
+    });
+    it('throws when session expired', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(true);
+        fs.readJson.mockResolvedValue({
+            token: 'tok',
+            email: 'a@meltstudio.co',
+            expiresAt: '2020-01-01T00:00:00Z',
+        });
+        await expect(authenticatedFetch('/test')).rejects.toThrow('expired');
+    });
+    it('makes authenticated request with bearer token', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(true);
+        fs.readJson.mockResolvedValue({
+            token: 'my-jwt',
+            email: 'a@meltstudio.co',
+            expiresAt: '2099-12-31T00:00:00Z',
+        });
+        const mockResponse = { status: 200, ok: true };
+        const fetchMock = vi.fn().mockResolvedValue(mockResponse);
+        vi.stubGlobal('fetch', fetchMock);
+        const result = await authenticatedFetch('/templates');
+        expect(result).toBe(mockResponse);
+        expect(fetchMock).toHaveBeenCalledWith(`${API_BASE}/templates`, expect.objectContaining({
+            headers: expect.objectContaining({
+                Authorization: 'Bearer my-jwt',
+            }),
+        }));
+        vi.unstubAllGlobals();
+    });
+    it('throws when API returns 401', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(true);
+        fs.readJson.mockResolvedValue({
+            token: 'expired-jwt',
+            email: 'a@meltstudio.co',
+            expiresAt: '2099-12-31T00:00:00Z',
+        });
+        const fetchMock = vi.fn().mockResolvedValue({ status: 401, ok: false });
+        vi.stubGlobal('fetch', fetchMock);
+        await expect(authenticatedFetch('/test')).rejects.toThrow('expired');
+        vi.unstubAllGlobals();
+    });
+    it('merges custom headers with auth header', async () => {
+        ;
+        fs.pathExists.mockResolvedValue(true);
+        fs.readJson.mockResolvedValue({
+            token: 'jwt',
+            email: 'a@meltstudio.co',
+            expiresAt: '2099-12-31T00:00:00Z',
+        });
+        const fetchMock = vi.fn().mockResolvedValue({ status: 200, ok: true });
+        vi.stubGlobal('fetch', fetchMock);
+        await authenticatedFetch('/test', {
+            headers: { 'Content-Type': 'application/json' },
+        });
+        expect(fetchMock).toHaveBeenCalledWith(expect.any(String), expect.objectContaining({
+            headers: expect.objectContaining({
+                Authorization: 'Bearer jwt',
+                'Content-Type': 'application/json',
+            }),
+        }));
+        vi.unstubAllGlobals();
+    });
+});

package/dist/utils/banner.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/utils/banner.test.js

@@ -0,0 +1,34 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+vi.mock('fs', () => ({
+    readFileSync: vi.fn().mockReturnValue(JSON.stringify({ version: '1.2.3' })),
+}));
+vi.mock('gradient-string', () => ({
+    default: vi.fn().mockReturnValue(vi.fn((str) => str)),
+}));
+import { printBanner } from './banner.js';
+beforeEach(() => {
+    vi.clearAllMocks();
+    vi.spyOn(console, 'log').mockImplementation(() => { });
+});
+describe('printBanner', () => {
+    it('does not throw', () => {
+        expect(() => printBanner()).not.toThrow();
+    });
+    it('calls console.log at least once', () => {
+        printBanner();
+        expect(console.log).toHaveBeenCalled();
+    });
+    it('prints output containing MELTCTL logo text', () => {
+        printBanner();
+        const logCalls = console.log.mock.calls.map((c) => c[0]);
+        const allOutput = logCalls.filter(Boolean).join('\n');
+        // The logo contains block characters for MELTCTL
+        expect(allOutput).toContain('███');
+    });
+    it('prints version info', () => {
+        printBanner();
+        const logCalls = console.log.mock.calls.map((c) => String(c[0] ?? ''));
+        const hasVersion = logCalls.some((msg) => msg.includes('v1.2.3') || msg.includes('1.2.3'));
+        expect(hasVersion).toBe(true);
+    });
+});

package/dist/utils/git.test.d.ts

@@ -0,0 +1 @@
+export {};