npm - @orderful/droid - Versions diffs - 0.45.1 → 0.46.0 - Mend

@orderful/droid 0.45.1 → 0.46.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/.claude-plugin/plugin.json +4 -1
package/.github/workflows/claude-issue-agent.yml +1 -1
package/CHANGELOG.md +6 -0
package/dist/tools/pii/.claude-plugin/plugin.json +25 -0
package/dist/tools/pii/TOOL.yaml +22 -0
package/dist/tools/pii/agents/pii-scanner.md +85 -0
package/dist/tools/pii/commands/pii.md +33 -0
package/dist/tools/pii/skills/pii/SKILL.md +97 -0
package/dist/tools/pii/skills/pii/references/supported-entities.md +90 -0
package/dist/tools/pii/skills/pii/scripts/presidio-analyze.d.ts +18 -0
package/dist/tools/pii/skills/pii/scripts/presidio-analyze.d.ts.map +1 -0
package/dist/tools/pii/skills/pii/scripts/presidio-analyze.ts +258 -0
package/dist/tools/pii/skills/pii/scripts/presidio-init.d.ts +17 -0
package/dist/tools/pii/skills/pii/scripts/presidio-init.d.ts.map +1 -0
package/dist/tools/pii/skills/pii/scripts/presidio-init.ts +151 -0
package/dist/tools/pii/skills/pii/scripts/presidio-redact.d.ts +21 -0
package/dist/tools/pii/skills/pii/scripts/presidio-redact.d.ts.map +1 -0
package/dist/tools/pii/skills/pii/scripts/presidio-redact.ts +294 -0
package/dist/tools/pii/skills/pii/scripts/presidio.test.ts +444 -0
package/package.json +1 -1
package/src/tools/pii/.claude-plugin/plugin.json +25 -0
package/src/tools/pii/TOOL.yaml +22 -0
package/src/tools/pii/agents/pii-scanner.md +85 -0
package/src/tools/pii/commands/pii.md +33 -0
package/src/tools/pii/skills/pii/SKILL.md +97 -0
package/src/tools/pii/skills/pii/references/supported-entities.md +90 -0
package/src/tools/pii/skills/pii/scripts/presidio-analyze.ts +258 -0
package/src/tools/pii/skills/pii/scripts/presidio-init.ts +151 -0
package/src/tools/pii/skills/pii/scripts/presidio-redact.ts +294 -0
package/src/tools/pii/skills/pii/scripts/presidio.test.ts +444 -0

package/src/tools/pii/skills/pii/scripts/presidio.test.ts ADDED Viewed

@@ -0,0 +1,444 @@
+import { describe, it, expect, beforeEach, afterEach } from 'bun:test';
+import { spawnSync } from 'child_process';
+import { mkdtempSync, rmSync, mkdirSync, writeFileSync, existsSync } from 'fs';
+import { join } from 'path';
+import { tmpdir } from 'os';
+/**
+ * Integration tests for presidio scripts.
+ *
+ * These tests validate argument parsing, error paths, and JSON output shape.
+ * They do NOT invoke Presidio/Python directly — all Python-dependent paths
+ * are gated by existsSync checks in the scripts, so tests run without Python.
+ */
+const SCRIPTS_DIR = __dirname;
+interface ScriptResult {
+  success: boolean;
+  already_existed?: boolean;
+  initialized?: boolean;
+  python_path?: string;
+  venv_path?: string;
+  entities?: Array<{ type: string; start: number; end: number; score: number; line: number; text?: string }>;
+  dry_run?: boolean;
+  original_path?: string;
+  output_path?: string;
+  entities_found?: number;
+  entities_redacted?: number;
+  redacted_text?: string;
+  error?: string;
+  init_required?: boolean;
+}
+function runScript(scriptName: string, args: string[]): ScriptResult {
+  const scriptPath = join(SCRIPTS_DIR, `${scriptName}.ts`);
+  const result = spawnSync('bun', ['run', scriptPath, ...args], {
+    encoding: 'utf-8',
+    cwd: process.cwd(),
+  });
+  if (result.error) {
+    return { success: false, error: result.error.message };
+  }
+  try {
+    return JSON.parse(result.stdout.trim());
+  } catch {
+    return {
+      success: false,
+      error: `Failed to parse output: ${result.stdout}\nStderr: ${result.stderr}`,
+    };
+  }
+}
+function createFakeVenvWithPython(tempHome: string, scriptContent: string): string {
+  const venvPath = join(tempHome, '.droid', 'runtimes', 'presidio');
+  const binDir = join(venvPath, 'bin');
+  mkdirSync(binDir, { recursive: true });
+  writeFileSync(join(binDir, 'python3'), scriptContent, { mode: 0o755 });
+  return venvPath;
+}
+// ─── presidio-init ───────────────────────────────────────────────────────────
+describe('presidio-init', () => {
+  let tempHome: string;
+  let originalHome: string;
+  beforeEach(() => {
+    originalHome = process.env.HOME || '';
+    tempHome = mkdtempSync(join(tmpdir(), 'pii-test-home-'));
+    process.env.HOME = tempHome;
+  });
+  afterEach(() => {
+    process.env.HOME = originalHome;
+    try {
+      rmSync(tempHome, { recursive: true, force: true });
+    } catch {
+      // Ignore cleanup errors
+    }
+  });
+  it('returns already_existed:true when marker file and venv binary both exist', () => {
+    // Pre-create the venv structure
+    const venvPath = join(tempHome, '.droid', 'runtimes', 'presidio');
+    const binDir = join(venvPath, 'bin');
+    mkdirSync(binDir, { recursive: true });
+    writeFileSync(join(venvPath, '.droid-initialized'), new Date().toISOString());
+    writeFileSync(join(binDir, 'python3'), '#!/bin/bash\necho "Python 3.9.0"', { mode: 0o755 });
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-init.ts')],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: tempHome },
+      }
+    );
+    let parsed: ScriptResult;
+    try {
+      parsed = JSON.parse(result.stdout.trim());
+    } catch {
+      parsed = { success: false, error: `Parse error: ${result.stdout}` };
+    }
+    expect(parsed.success).toBe(true);
+    expect(parsed.already_existed).toBe(true);
+  });
+  it('returns success:false with clear error when python3 is not available', () => {
+    // Override PATH to have no python3
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-init.ts')],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: tempHome, PATH: '/nonexistent' },
+      }
+    );
+    let parsed: ScriptResult;
+    try {
+      parsed = JSON.parse(result.stdout.trim());
+    } catch {
+      // If Python is truly not found, the error may be in stderr
+      parsed = { success: false, error: 'python3 not found' };
+    }
+    expect(parsed.success).toBe(false);
+    expect(parsed.error).toBeDefined();
+  });
+});
+// ─── presidio-analyze ────────────────────────────────────────────────────────
+describe('presidio-analyze', () => {
+  let tempDir: string;
+  beforeEach(() => {
+    tempDir = mkdtempSync(join(tmpdir(), 'pii-analyze-test-'));
+  });
+  afterEach(() => {
+    try {
+      rmSync(tempDir, { recursive: true, force: true });
+    } catch {
+      // Ignore
+    }
+  });
+  it('returns success:false with init_required when venv does not exist', () => {
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-analyze.ts'), '--file', join(tempDir, 'test.md')],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: join(tempDir, 'nonexistent-home') },
+      }
+    );
+    let parsed: ScriptResult;
+    try {
+      parsed = JSON.parse(result.stdout.trim());
+    } catch {
+      parsed = { success: false, error: `Parse error: ${result.stdout}` };
+    }
+    expect(parsed.success).toBe(false);
+    expect(parsed.init_required).toBe(true);
+    expect(parsed.error).toContain('presidio-init');
+  });
+  it('returns success:false when neither --file nor --text is provided', () => {
+    // Use a fake home so venv won't be found — still validates arg parsing
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-analyze.ts')],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: join(tempDir, 'nonexistent-home') },
+      }
+    );
+    let parsed: ScriptResult;
+    try {
+      parsed = JSON.parse(result.stdout.trim());
+    } catch {
+      parsed = { success: false, error: `Parse error: ${result.stdout}` };
+    }
+    // Either init_required or missing arg error — both are valid failures
+    expect(parsed.success).toBe(false);
+    expect(parsed.error).toBeDefined();
+  });
+  it('returns success:false when --file does not exist (and venv exists)', () => {
+    // Pre-create a fake venv so the script gets past the venv check
+    const fakeHome = join(tempDir, 'fake-home');
+    createFakeVenvWithPython(fakeHome, '#!/bin/bash\necho ""');
+    const nonExistentFile = join(tempDir, 'does-not-exist.md');
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-analyze.ts'), '--file', nonExistentFile],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: fakeHome },
+      }
+    );
+    let parsed: ScriptResult;
+    try {
+      parsed = JSON.parse(result.stdout.trim());
+    } catch {
+      parsed = { success: false, error: `Parse error: ${result.stdout}` };
+    }
+    expect(parsed.success).toBe(false);
+    expect(parsed.error).toContain('not found');
+  });
+  it('rejects invalid entity names before invoking Python', () => {
+    const fakeHome = join(tempDir, 'fake-home');
+    createFakeVenvWithPython(fakeHome, '#!/bin/bash\necho \'[]\'');
+    const result = spawnSync(
+      'bun',
+      [
+        'run',
+        join(SCRIPTS_DIR, 'presidio-analyze.ts'),
+        '--text',
+        'Call me at 555-1234',
+        '--entities',
+        'EMAIL_ADDRESS,__import__("os").system("whoami")',
+      ],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: fakeHome },
+      }
+    );
+    const parsed = JSON.parse(result.stdout.trim()) as ScriptResult;
+    expect(parsed.success).toBe(false);
+    expect(parsed.error).toContain('Invalid entity type');
+  });
+  it('does not include raw text in analyzer output entities', () => {
+    const fakeHome = join(tempDir, 'fake-home-no-text');
+    createFakeVenvWithPython(
+      fakeHome,
+      `#!/bin/bash
+if grep -q "'text': text\\[r.start:r.end\\]" "$1"; then
+  echo '[{"type":"EMAIL_ADDRESS","start":11,"end":27,"score":0.99,"text":"jane@example.com"}]'
+else
+  echo '[{"type":"EMAIL_ADDRESS","start":11,"end":27,"score":0.99}]'
+fi`,
+    );
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-analyze.ts'), '--text', 'Contact me: jane@example.com'],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: fakeHome },
+      }
+    );
+    const parsed = JSON.parse(result.stdout.trim()) as ScriptResult;
+    expect(parsed.success).toBe(true);
+    expect(parsed.entities?.[0]?.type).toBe('EMAIL_ADDRESS');
+    expect(parsed.entities?.[0]).not.toHaveProperty('text');
+  });
+});
+// ─── presidio-redact ─────────────────────────────────────────────────────────
+describe('presidio-redact', () => {
+  let tempDir: string;
+  beforeEach(() => {
+    tempDir = mkdtempSync(join(tmpdir(), 'pii-redact-test-'));
+  });
+  afterEach(() => {
+    try {
+      rmSync(tempDir, { recursive: true, force: true });
+    } catch {
+      // Ignore
+    }
+  });
+  it('returns success:false when --file is missing', () => {
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-redact.ts')],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: join(tempDir, 'nonexistent-home') },
+      }
+    );
+    let parsed: ScriptResult;
+    try {
+      parsed = JSON.parse(result.stdout.trim());
+    } catch {
+      parsed = { success: false, error: `Parse error: ${result.stdout}` };
+    }
+    expect(parsed.success).toBe(false);
+    // Either init_required or missing --file error
+    expect(parsed.error).toBeDefined();
+  });
+  it('returns success:false with init_required when venv does not exist', () => {
+    const testFile = join(tempDir, 'test.md');
+    writeFileSync(testFile, 'Hello, my email is test@example.com');
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-redact.ts'), '--file', testFile],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: join(tempDir, 'nonexistent-home') },
+      }
+    );
+    let parsed: ScriptResult;
+    try {
+      parsed = JSON.parse(result.stdout.trim());
+    } catch {
+      parsed = { success: false, error: `Parse error: ${result.stdout}` };
+    }
+    expect(parsed.success).toBe(false);
+    expect(parsed.init_required).toBe(true);
+    expect(parsed.error).toContain('presidio-init');
+  });
+  it('does not write output file with --dry-run (venv missing path)', () => {
+    const testFile = join(tempDir, 'test.md');
+    writeFileSync(testFile, 'Hello, my email is test@example.com');
+    const expectedOutput = join(tempDir, 'test-redacted.md');
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-redact.ts'), '--file', testFile, '--dry-run'],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: join(tempDir, 'nonexistent-home') },
+      }
+    );
+    // With no venv, it will fail before writing
+    expect(existsSync(expectedOutput)).toBe(false);
+    let parsed: ScriptResult;
+    try {
+      parsed = JSON.parse(result.stdout.trim());
+    } catch {
+      parsed = { success: false, error: `Parse error: ${result.stdout}` };
+    }
+    expect(parsed.success).toBe(false);
+    expect(parsed.init_required).toBe(true);
+  });
+  it('correctly parses --output path argument', () => {
+    const testFile = join(tempDir, 'source.md');
+    writeFileSync(testFile, 'Contact: jane@example.com');
+    const customOutput = join(tempDir, 'custom-output.md');
+    // Without venv this will fail, but we can check the argument is parsed
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-redact.ts'), '--file', testFile, '--output', customOutput],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: join(tempDir, 'nonexistent-home') },
+      }
+    );
+    let parsed: ScriptResult;
+    try {
+      parsed = JSON.parse(result.stdout.trim());
+    } catch {
+      parsed = { success: false, error: `Parse error: ${result.stdout}` };
+    }
+    // With no venv this will fail with init_required
+    expect(parsed.success).toBe(false);
+    expect(parsed.init_required).toBe(true);
+    // Confirm the output file was NOT created
+    expect(existsSync(customOutput)).toBe(false);
+  });
+  it('omits redacted_text in non-dry-run output', () => {
+    const fakeHome = join(tempDir, 'fake-home-no-redacted-text');
+    createFakeVenvWithPython(fakeHome, '#!/bin/bash\necho \'{"redacted_text":"masked text","entities_found":1,"entities_redacted":1}\'');
+    const testFile = join(tempDir, 'source.md');
+    const outputFile = join(tempDir, 'source-redacted.md');
+    writeFileSync(testFile, 'Contact: jane@example.com');
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-redact.ts'), '--file', testFile],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: fakeHome },
+      }
+    );
+    const parsed = JSON.parse(result.stdout.trim()) as ScriptResult;
+    expect(parsed.success).toBe(true);
+    expect(parsed.dry_run).toBe(false);
+    expect(parsed.redacted_text).toBeUndefined();
+    expect(parsed.output_path).toBe(outputFile);
+    expect(existsSync(outputFile)).toBe(true);
+  });
+  it('rejects unsupported entity names', () => {
+    const fakeHome = join(tempDir, 'fake-home');
+    createFakeVenvWithPython(fakeHome, '#!/bin/bash\necho \'{"redacted_text":"ok","entities_found":0,"entities_redacted":0}\'');
+    const testFile = join(tempDir, 'source.md');
+    writeFileSync(testFile, 'Contact: jane@example.com');
+    const result = spawnSync(
+      'bun',
+      ['run', join(SCRIPTS_DIR, 'presidio-redact.ts'), '--file', testFile, '--entities', 'NOT_A_REAL_ENTITY'],
+      {
+        encoding: 'utf-8',
+        env: { ...process.env, HOME: fakeHome },
+      }
+    );
+    const parsed = JSON.parse(result.stdout.trim()) as ScriptResult;
+    expect(parsed.success).toBe(false);
+    expect(parsed.error).toContain('Unsupported entity type');
+  });
+});