@pixelbyte-software/pixcode 1.51.2 → 1.51.3

package/scripts/smoke/v138-diagnostics.mjs

@@ -1,63 +1,63 @@
-#!/usr/bin/env node
-import { collectDiagnostics } from '../../server/services/diagnostics.js';
-
-const diagnostics = collectDiagnostics({
-  now: new Date('2026-05-10T00:00:00.000Z'),
-  env: {
-    NODE_ENV: 'test',
-    SERVER_PORT: '3001',
-    GITHUB_TOKEN: 'ghp_super_secret_value',
-    NPM_TOKEN: 'npm_super_secret_value',
-    TELEGRAM_BOT_TOKEN: 'telegram_super_secret_value',
-  },
-  uptime: 42,
-  memoryUsage: () => ({
-    rss: 10,
-    heapTotal: 20,
-    heapUsed: 5,
-    external: 1,
-    arrayBuffers: 0,
-  }),
-  versions: {
-    node: '22.0.0',
-    v8: '12.0.0',
-  },
-  platform: 'linux',
-  arch: 'x64',
-  installMode: 'git',
-  serverVersion: '1.38.0',
-  wsClientCount: 3,
-});
-
-const raw = JSON.stringify(diagnostics);
-for (const secret of ['ghp_super_secret_value', 'npm_super_secret_value', 'telegram_super_secret_value']) {
-  if (raw.includes(secret)) {
-    throw new Error(`diagnostics leaked secret value: ${secret}`);
-  }
-}
-
-if (diagnostics.status !== 'ok') {
-  throw new Error(`expected ok diagnostics status, got ${diagnostics.status}`);
-}
-
-if (diagnostics.timestamp !== '2026-05-10T00:00:00.000Z') {
-  throw new Error(`unexpected diagnostics timestamp ${diagnostics.timestamp}`);
-}
-
-if (diagnostics.version !== '1.38.0' || diagnostics.installMode !== 'git') {
-  throw new Error('diagnostics did not include injected version/install mode');
-}
-
-if (diagnostics.websocket.clients !== 3) {
-  throw new Error(`expected 3 websocket clients, got ${diagnostics.websocket.clients}`);
-}
-
-if (diagnostics.environment.GITHUB_TOKEN !== '[redacted]') {
-  throw new Error('GITHUB_TOKEN was not redacted');
-}
-
-if (diagnostics.environment.NODE_ENV !== 'test') {
-  throw new Error('safe environment value was not preserved');
-}
-
-console.log('v1.38 diagnostics smoke passed');
+#!/usr/bin/env node
+import { collectDiagnostics } from '../../server/services/diagnostics.js';
+
+const diagnostics = collectDiagnostics({
+  now: new Date('2026-05-10T00:00:00.000Z'),
+  env: {
+    NODE_ENV: 'test',
+    SERVER_PORT: '3001',
+    GITHUB_TOKEN: 'ghp_super_secret_value',
+    NPM_TOKEN: 'npm_super_secret_value',
+    TELEGRAM_BOT_TOKEN: 'telegram_super_secret_value',
+  },
+  uptime: 42,
+  memoryUsage: () => ({
+    rss: 10,
+    heapTotal: 20,
+    heapUsed: 5,
+    external: 1,
+    arrayBuffers: 0,
+  }),
+  versions: {
+    node: '22.0.0',
+    v8: '12.0.0',
+  },
+  platform: 'linux',
+  arch: 'x64',
+  installMode: 'git',
+  serverVersion: '1.38.0',
+  wsClientCount: 3,
+});
+
+const raw = JSON.stringify(diagnostics);
+for (const secret of ['ghp_super_secret_value', 'npm_super_secret_value', 'telegram_super_secret_value']) {
+  if (raw.includes(secret)) {
+    throw new Error(`diagnostics leaked secret value: ${secret}`);
+  }
+}
+
+if (diagnostics.status !== 'ok') {
+  throw new Error(`expected ok diagnostics status, got ${diagnostics.status}`);
+}
+
+if (diagnostics.timestamp !== '2026-05-10T00:00:00.000Z') {
+  throw new Error(`unexpected diagnostics timestamp ${diagnostics.timestamp}`);
+}
+
+if (diagnostics.version !== '1.38.0' || diagnostics.installMode !== 'git') {
+  throw new Error('diagnostics did not include injected version/install mode');
+}
+
+if (diagnostics.websocket.clients !== 3) {
+  throw new Error(`expected 3 websocket clients, got ${diagnostics.websocket.clients}`);
+}
+
+if (diagnostics.environment.GITHUB_TOKEN !== '[redacted]') {
+  throw new Error('GITHUB_TOKEN was not redacted');
+}
+
+if (diagnostics.environment.NODE_ENV !== 'test') {
+  throw new Error('safe environment value was not preserved');
+}
+
+console.log('v1.38 diagnostics smoke passed');

package/scripts/smoke/v138-issue-planner.mjs

@@ -1,33 +1,33 @@
-#!/usr/bin/env node
-import { buildPayload } from '../github/create-v1.38-issues.mjs';
-
-const payload = buildPayload();
-
-if (payload.version !== '1.38') {
-  throw new Error(`expected version 1.38, got ${payload.version}`);
-}
-
-if (!Array.isArray(payload.issues) || payload.issues.length !== 7) {
-  throw new Error(`expected 7 child issues, got ${payload.issues?.length}`);
-}
-
-if (!payload.epic || !payload.epic.title.includes('v1.38')) {
-  throw new Error('missing v1.38 epic payload');
-}
-
-const expectedKeys = ['remote', 'api', 'telegram', 'taskmaster', 'plugins', 'desktop', 'observability'];
-for (const key of expectedKeys) {
-  const issue = payload.issues.find(item => item.key === key);
-  if (!issue) {
-    throw new Error(`missing issue key ${key}`);
-  }
-  if (!issue.title || !issue.body.includes('## Acceptance Criteria')) {
-    throw new Error(`issue ${key} is missing title or acceptance criteria`);
-  }
-}
-
-if (!payload.trackingReplacements || payload.trackingReplacements.length !== 8) {
-  throw new Error('expected replacement plan for 7 issues plus epic');
-}
-
-console.log('v1.38 issue planner smoke passed');
+#!/usr/bin/env node
+import { buildPayload } from '../github/create-v1.38-issues.mjs';
+
+const payload = buildPayload();
+
+if (payload.version !== '1.38') {
+  throw new Error(`expected version 1.38, got ${payload.version}`);
+}
+
+if (!Array.isArray(payload.issues) || payload.issues.length !== 7) {
+  throw new Error(`expected 7 child issues, got ${payload.issues?.length}`);
+}
+
+if (!payload.epic || !payload.epic.title.includes('v1.38')) {
+  throw new Error('missing v1.38 epic payload');
+}
+
+const expectedKeys = ['remote', 'api', 'telegram', 'taskmaster', 'plugins', 'desktop', 'observability'];
+for (const key of expectedKeys) {
+  const issue = payload.issues.find(item => item.key === key);
+  if (!issue) {
+    throw new Error(`missing issue key ${key}`);
+  }
+  if (!issue.title || !issue.body.includes('## Acceptance Criteria')) {
+    throw new Error(`issue ${key} is missing title or acceptance criteria`);
+  }
+}
+
+if (!payload.trackingReplacements || payload.trackingReplacements.length !== 8) {
+  throw new Error('expected replacement plan for 7 issues plus epic');
+}
+
+console.log('v1.38 issue planner smoke passed');

package/scripts/smoke/v143-remote-control.mjs

@@ -1,76 +1,76 @@
-#!/usr/bin/env node
-
-import assert from 'node:assert/strict';
-import fs from 'node:fs';
-import path from 'node:path';
-
-const root = process.cwd();
-
-function read(relativePath) {
-  return fs.readFileSync(path.join(root, relativePath), 'utf8');
-}
-
-const telegram = read('server/services/telegram/control-center.js');
-assert.match(telegram, /\/approvals/, 'Telegram control should expose an approvals command.');
-assert.match(telegram, /showApprovalQueue/, 'Telegram menu should render pending approval decisions.');
-assert.match(telegram, /approval_decide/, 'Telegram callbacks should allow approval decisions.');
-assert.match(telegram, /showControlRoom/, 'Telegram menu should expose the multi-project control room.');
-assert.match(telegram, /showWebhookMenu/, 'Telegram menu should expose webhook status.');
-
-const workflowRoutes = read('server/modules/orchestration/workflows/workflow.routes.ts');
-assert.match(workflowRoutes, /\/workflows\/approvals/, 'Orchestration should expose a global approval queue.');
-assert.match(workflowRoutes, /resolvePermissionApproval/, 'Global approval route should resolve permission approvals.');
-assert.match(workflowRoutes, /dispatchWebhookEvent/, 'Workflow routes should dispatch webhook events for remote automation.');
-
-const approvalQueue = read('server/modules/orchestration/workflows/approval-queue.ts');
-assert.match(approvalQueue, /listPendingApprovals/, 'Approval queue should list pending approvals across runs.');
-assert.match(approvalQueue, /resolvePermissionApproval/, 'Approval queue should resolve approval requests centrally.');
-assert.match(approvalQueue, /source: 'ui' \| 'telegram' \| 'api'/, 'Approval queue should preserve the decision source.');
-
-const webhooks = read('server/services/webhooks.js');
-assert.match(webhooks, /PIXCODE_WEBHOOK_EVENT_TYPES/, 'Webhook service should declare supported event taxonomy.');
-assert.match(webhooks, /run\.completed/, 'Webhook taxonomy should include run.completed.');
-assert.match(webhooks, /approval\.needed/, 'Webhook taxonomy should include approval.needed.');
-assert.match(webhooks, /deliverWebhookEvent/, 'Webhook service should deliver signed outbound events.');
-
-const webhookRoutes = read('server/routes/webhooks.js');
-assert.match(webhookRoutes, /router\.get\('\/'/, 'Webhook routes should list configured webhooks.');
-assert.match(webhookRoutes, /router\.post\('\/test'/, 'Webhook routes should support test delivery.');
-
-const remote = read('server/routes/remote.js');
-assert.match(remote, /\/control-room/, 'Remote API should expose the control room snapshot.');
-assert.match(remote, /\/console-layout/, 'Remote API should expose mobile console layout metadata.');
-
-const controlRoom = read('server/services/control-room.js');
-assert.match(controlRoom, /buildControlRoomSnapshot/, 'Control room should build a multi-project snapshot.');
-assert.match(controlRoom, /maxProjects = 4/, 'Control room should cap the live overview at four projects.');
-assert.match(controlRoom, /mobileFirst/, 'Control room should include mobile-first console metadata.');
-
-const publicApi = read('server/routes/public-api.js');
-assert.match(publicApi, /\/sdk\/typescript/, 'Public API should expose a TypeScript SDK starter.');
-assert.match(publicApi, /\/cookbook/, 'Public API should expose a curl cookbook.');
-
-const manifest = read('server/services/public-api-manifest.js');
-assert.match(manifest, /buildTypeScriptSdkStarter/, 'Public API manifest should generate typed TypeScript SDK examples.');
-assert.match(manifest, /webhooks/, 'Public API manifest should document webhook endpoints.');
-
-const appTypes = read('src/types/app.ts');
-assert.match(appTypes, /'remote'/, 'Frontend tabs should include the remote console.');
-
-const mainContent = read('src/components/main-content/view/MainContent.tsx');
-assert.match(mainContent, /RemoteConsole/, 'Main content should render the remote console tab.');
-
-const tabSwitcher = read('src/components/main-content/view/subcomponents/MainContentTabSwitcher.tsx');
-assert.match(tabSwitcher, /tabs\.remote/, 'Tab switcher should expose the remote console tab.');
-
-const remoteConsole = read('src/components/remote-console/RemoteConsole.tsx');
-assert.match(remoteConsole, /control-room/, 'Remote console should load control-room snapshots.');
-assert.match(remoteConsole, /approval queue/i, 'Remote console should show the approval queue.');
-assert.match(remoteConsole, /webhook/i, 'Remote console should show webhook health.');
-
-const docs = read('docs/self-hosted-agent-control-room.md');
-assert.match(docs, /Remote Control/, 'Docs should explain remote control workflows.');
-assert.match(docs, /Webhook/, 'Docs should explain webhook automation.');
-assert.match(docs, /Telegram/, 'Docs should explain Telegram control.');
-
-console.log('v1.43 remote control smoke passed');
+#!/usr/bin/env node
+
+import assert from 'node:assert/strict';
+import fs from 'node:fs';
+import path from 'node:path';
+
+const root = process.cwd();
+
+function read(relativePath) {
+  return fs.readFileSync(path.join(root, relativePath), 'utf8');
+}
+
+const telegram = read('server/services/telegram/control-center.js');
+assert.match(telegram, /\/approvals/, 'Telegram control should expose an approvals command.');
+assert.match(telegram, /showApprovalQueue/, 'Telegram menu should render pending approval decisions.');
+assert.match(telegram, /approval_decide/, 'Telegram callbacks should allow approval decisions.');
+assert.match(telegram, /showControlRoom/, 'Telegram menu should expose the multi-project control room.');
+assert.match(telegram, /showWebhookMenu/, 'Telegram menu should expose webhook status.');
+
+const workflowRoutes = read('server/modules/orchestration/workflows/workflow.routes.ts');
+assert.match(workflowRoutes, /\/workflows\/approvals/, 'Orchestration should expose a global approval queue.');
+assert.match(workflowRoutes, /resolvePermissionApproval/, 'Global approval route should resolve permission approvals.');
+assert.match(workflowRoutes, /dispatchWebhookEvent/, 'Workflow routes should dispatch webhook events for remote automation.');
+
+const approvalQueue = read('server/modules/orchestration/workflows/approval-queue.ts');
+assert.match(approvalQueue, /listPendingApprovals/, 'Approval queue should list pending approvals across runs.');
+assert.match(approvalQueue, /resolvePermissionApproval/, 'Approval queue should resolve approval requests centrally.');
+assert.match(approvalQueue, /source: 'ui' \| 'telegram' \| 'api'/, 'Approval queue should preserve the decision source.');
+
+const webhooks = read('server/services/webhooks.js');
+assert.match(webhooks, /PIXCODE_WEBHOOK_EVENT_TYPES/, 'Webhook service should declare supported event taxonomy.');
+assert.match(webhooks, /run\.completed/, 'Webhook taxonomy should include run.completed.');
+assert.match(webhooks, /approval\.needed/, 'Webhook taxonomy should include approval.needed.');
+assert.match(webhooks, /deliverWebhookEvent/, 'Webhook service should deliver signed outbound events.');
+
+const webhookRoutes = read('server/routes/webhooks.js');
+assert.match(webhookRoutes, /router\.get\('\/'/, 'Webhook routes should list configured webhooks.');
+assert.match(webhookRoutes, /router\.post\('\/test'/, 'Webhook routes should support test delivery.');
+
+const remote = read('server/routes/remote.js');
+assert.match(remote, /\/control-room/, 'Remote API should expose the control room snapshot.');
+assert.match(remote, /\/console-layout/, 'Remote API should expose mobile console layout metadata.');
+
+const controlRoom = read('server/services/control-room.js');
+assert.match(controlRoom, /buildControlRoomSnapshot/, 'Control room should build a multi-project snapshot.');
+assert.match(controlRoom, /maxProjects = 4/, 'Control room should cap the live overview at four projects.');
+assert.match(controlRoom, /mobileFirst/, 'Control room should include mobile-first console metadata.');
+
+const publicApi = read('server/routes/public-api.js');
+assert.match(publicApi, /\/sdk\/typescript/, 'Public API should expose a TypeScript SDK starter.');
+assert.match(publicApi, /\/cookbook/, 'Public API should expose a curl cookbook.');
+
+const manifest = read('server/services/public-api-manifest.js');
+assert.match(manifest, /buildTypeScriptSdkStarter/, 'Public API manifest should generate typed TypeScript SDK examples.');
+assert.match(manifest, /webhooks/, 'Public API manifest should document webhook endpoints.');
+
+const appTypes = read('src/types/app.ts');
+assert.match(appTypes, /'remote'/, 'Frontend tabs should include the remote console.');
+
+const mainContent = read('src/components/main-content/view/MainContent.tsx');
+assert.match(mainContent, /RemoteConsole/, 'Main content should render the remote console tab.');
+
+const tabSwitcher = read('src/components/main-content/view/subcomponents/MainContentTabSwitcher.tsx');
+assert.match(tabSwitcher, /tabs\.remote/, 'Tab switcher should expose the remote console tab.');
+
+const remoteConsole = read('src/components/remote-console/RemoteConsole.tsx');
+assert.match(remoteConsole, /control-room/, 'Remote console should load control-room snapshots.');
+assert.match(remoteConsole, /approval queue/i, 'Remote console should show the approval queue.');
+assert.match(remoteConsole, /webhook/i, 'Remote console should show webhook health.');
+
+const docs = read('docs/self-hosted-agent-control-room.md');
+assert.match(docs, /Remote Control/, 'Docs should explain remote control workflows.');
+assert.match(docs, /Webhook/, 'Docs should explain webhook automation.');
+assert.match(docs, /Telegram/, 'Docs should explain Telegram control.');
+
+console.log('v1.43 remote control smoke passed');

package/scripts/smoke/v144-production-loop.mjs

@@ -1,47 +1,47 @@
-#!/usr/bin/env node
-
-import assert from 'node:assert/strict';
-import fs from 'node:fs';
-import path from 'node:path';
-
-const root = process.cwd();
-
-function read(relativePath) {
-  return fs.readFileSync(path.join(root, relativePath), 'utf8');
-}
-
-const service = read('server/services/production-agent-loop.js');
-assert.match(service, /createIssueToPrRun/, 'Production loop should create GitHub issue-to-PR runs.');
-assert.match(service, /parseCiRepairSignals/, 'Production loop should parse CI repair signals.');
-assert.match(service, /createReviewQueueItem/, 'Production loop should create code review queue items.');
-assert.match(service, /scheduleBackgroundAgentJob/, 'Production loop should schedule background agent jobs.');
-assert.match(service, /createWorkspaceCheckpoint/, 'Production loop should create workspace checkpoints.');
-assert.match(service, /DESKTOP_RELEASE_ASSET_TYPES/, 'Production loop should define required desktop release assets.');
-
-const routes = read('server/routes/production-agent-loop.js');
-assert.match(routes, /\/github\/issue-to-pr/, 'Production loop routes should expose issue-to-PR kickoff.');
-assert.match(routes, /\/ci\/repair-plan/, 'Production loop routes should expose CI repair planning.');
-assert.match(routes, /\/review-queue/, 'Production loop routes should expose review queue APIs.');
-assert.match(routes, /\/scheduler\/jobs/, 'Production loop routes should expose background scheduler jobs.');
-assert.match(routes, /\/snapshots/, 'Production loop routes should expose workspace snapshots.');
-assert.match(routes, /\/desktop-release\/assets-policy/, 'Production loop routes should expose desktop asset policy.');
-
-const server = read('server/index.js');
-assert.match(server, /productionAgentLoopRoutes/, 'Server should import production loop routes.');
-assert.match(server, /\/api\/production-agent-loop/, 'Server should mount production loop routes.');
-
-const diffAnchors = read('src/utils/diffAnchors.ts');
-assert.match(diffAnchors, /firstChangedLine/, 'Frontend should compute first changed diff line.');
-assert.match(diffAnchors, /buildDiffLineHref/, 'Frontend should build editor line anchors for changed files.');
-
-const changesRail = read('src/components/main-content/view/subcomponents/ChangedFilesActivityRail.tsx');
-assert.match(changesRail, /firstChangedLine/, 'Changed files rail should compute changed-line anchors.');
-assert.match(changesRail, /lineHint/, 'Changed files rail should show changed-line hints.');
-
-const docs = read('docs/production-agent-loop.md');
-assert.match(docs, /Issue-to-PR/, 'Docs should explain issue-to-PR flow.');
-assert.match(docs, /CI-aware repair/, 'Docs should explain CI-aware repair.');
-assert.match(docs, /checkpoint/i, 'Docs should explain workspace checkpoints.');
-assert.match(docs, /desktop asset/i, 'Docs should explain desktop asset requirements.');
-
-console.log('v1.44 production loop smoke passed');
+#!/usr/bin/env node
+
+import assert from 'node:assert/strict';
+import fs from 'node:fs';
+import path from 'node:path';
+
+const root = process.cwd();
+
+function read(relativePath) {
+  return fs.readFileSync(path.join(root, relativePath), 'utf8');
+}
+
+const service = read('server/services/production-agent-loop.js');
+assert.match(service, /createIssueToPrRun/, 'Production loop should create GitHub issue-to-PR runs.');
+assert.match(service, /parseCiRepairSignals/, 'Production loop should parse CI repair signals.');
+assert.match(service, /createReviewQueueItem/, 'Production loop should create code review queue items.');
+assert.match(service, /scheduleBackgroundAgentJob/, 'Production loop should schedule background agent jobs.');
+assert.match(service, /createWorkspaceCheckpoint/, 'Production loop should create workspace checkpoints.');
+assert.match(service, /DESKTOP_RELEASE_ASSET_TYPES/, 'Production loop should define required desktop release assets.');
+
+const routes = read('server/routes/production-agent-loop.js');
+assert.match(routes, /\/github\/issue-to-pr/, 'Production loop routes should expose issue-to-PR kickoff.');
+assert.match(routes, /\/ci\/repair-plan/, 'Production loop routes should expose CI repair planning.');
+assert.match(routes, /\/review-queue/, 'Production loop routes should expose review queue APIs.');
+assert.match(routes, /\/scheduler\/jobs/, 'Production loop routes should expose background scheduler jobs.');
+assert.match(routes, /\/snapshots/, 'Production loop routes should expose workspace snapshots.');
+assert.match(routes, /\/desktop-release\/assets-policy/, 'Production loop routes should expose desktop asset policy.');
+
+const server = read('server/index.js');
+assert.match(server, /productionAgentLoopRoutes/, 'Server should import production loop routes.');
+assert.match(server, /\/api\/production-agent-loop/, 'Server should mount production loop routes.');
+
+const diffAnchors = read('src/utils/diffAnchors.ts');
+assert.match(diffAnchors, /firstChangedLine/, 'Frontend should compute first changed diff line.');
+assert.match(diffAnchors, /buildDiffLineHref/, 'Frontend should build editor line anchors for changed files.');
+
+const changesRail = read('src/components/main-content/view/subcomponents/ChangedFilesActivityRail.tsx');
+assert.match(changesRail, /firstChangedLine/, 'Changed files rail should compute changed-line anchors.');
+assert.match(changesRail, /lineHint/, 'Changed files rail should show changed-line hints.');
+
+const docs = read('docs/production-agent-loop.md');
+assert.match(docs, /Issue-to-PR/, 'Docs should explain issue-to-PR flow.');
+assert.match(docs, /CI-aware repair/, 'Docs should explain CI-aware repair.');
+assert.match(docs, /checkpoint/i, 'Docs should explain workspace checkpoints.');
+assert.match(docs, /desktop asset/i, 'Docs should explain desktop asset requirements.');
+
+console.log('v1.44 production loop smoke passed');

package/scripts/smoke/v145-platformization.mjs

@@ -1,46 +1,46 @@
-#!/usr/bin/env node
-
-import assert from 'node:assert/strict';
-import fs from 'node:fs';
-import path from 'node:path';
-
-const root = process.cwd();
-
-function read(relativePath) {
-  return fs.readFileSync(path.join(root, relativePath), 'utf8');
-}
-
-const service = read('server/services/platformization.js');
-assert.match(service, /TEAM_ROLES/, 'Platformization should define enterprise RBAC roles.');
-assert.match(service, /createTeamMember/, 'Platformization should create team members.');
-assert.match(service, /sealSecret/, 'Platformization should seal scoped secrets.');
-assert.match(service, /materializeScopedEnv/, 'Platformization should materialize scoped env previews.');
-assert.match(service, /upsertMarketplacePlugin/, 'Platformization should manage plugin marketplace entries.');
-assert.match(service, /createEvaluationSuite/, 'Platformization should create evaluation suites.');
-assert.match(service, /createEvaluationRun/, 'Platformization should create evaluation runs.');
-assert.match(service, /summarizeUsageEvents/, 'Platformization should summarize cost, token, and latency usage.');
-assert.match(service, /createSecurityAuditRun/, 'Platformization should create security audit runs.');
-assert.match(service, /agent_output_leak_detection/, 'Security audit mode should include output leak detection.');
-
-const routes = read('server/routes/platformization.js');
-assert.match(routes, /\/team\/members/, 'Platformization routes should expose team management.');
-assert.match(routes, /\/secrets\/scoped-env/, 'Platformization routes should expose scoped env assembly.');
-assert.match(routes, /\/marketplace\/plugins/, 'Platformization routes should expose marketplace management.');
-assert.match(routes, /\/eval\/runs/, 'Platformization routes should expose evaluation runs.');
-assert.match(routes, /\/usage\/summary/, 'Platformization routes should expose usage dashboards.');
-assert.match(routes, /\/security\/audit-runs/, 'Platformization routes should expose security audit mode.');
-assert.match(routes, /\/audit-log/, 'Platformization routes should expose audit logs.');
-
-const server = read('server/index.js');
-assert.match(server, /platformizationRoutes/, 'Server should import platformization routes.');
-assert.match(server, /\/api\/platformization/, 'Server should mount platformization routes.');
-
-const docs = read('docs/platformization.md');
-assert.match(docs, /RBAC/i, 'Docs should explain RBAC/team mode.');
-assert.match(docs, /Secret Vault/i, 'Docs should explain the secret vault.');
-assert.match(docs, /MCP\/plugin Marketplace/i, 'Docs should explain marketplace management.');
-assert.match(docs, /Evaluation Harness/i, 'Docs should explain evaluations.');
-assert.match(docs, /Cost, Token, and Latency/i, 'Docs should explain usage dashboards.');
-assert.match(docs, /Security\/audit Mode/i, 'Docs should explain security audit mode.');
-
-console.log('v1.45 platformization smoke passed');
+#!/usr/bin/env node
+
+import assert from 'node:assert/strict';
+import fs from 'node:fs';
+import path from 'node:path';
+
+const root = process.cwd();
+
+function read(relativePath) {
+  return fs.readFileSync(path.join(root, relativePath), 'utf8');
+}
+
+const service = read('server/services/platformization.js');
+assert.match(service, /TEAM_ROLES/, 'Platformization should define enterprise RBAC roles.');
+assert.match(service, /createTeamMember/, 'Platformization should create team members.');
+assert.match(service, /sealSecret/, 'Platformization should seal scoped secrets.');
+assert.match(service, /materializeScopedEnv/, 'Platformization should materialize scoped env previews.');
+assert.match(service, /upsertMarketplacePlugin/, 'Platformization should manage plugin marketplace entries.');
+assert.match(service, /createEvaluationSuite/, 'Platformization should create evaluation suites.');
+assert.match(service, /createEvaluationRun/, 'Platformization should create evaluation runs.');
+assert.match(service, /summarizeUsageEvents/, 'Platformization should summarize cost, token, and latency usage.');
+assert.match(service, /createSecurityAuditRun/, 'Platformization should create security audit runs.');
+assert.match(service, /agent_output_leak_detection/, 'Security audit mode should include output leak detection.');
+
+const routes = read('server/routes/platformization.js');
+assert.match(routes, /\/team\/members/, 'Platformization routes should expose team management.');
+assert.match(routes, /\/secrets\/scoped-env/, 'Platformization routes should expose scoped env assembly.');
+assert.match(routes, /\/marketplace\/plugins/, 'Platformization routes should expose marketplace management.');
+assert.match(routes, /\/eval\/runs/, 'Platformization routes should expose evaluation runs.');
+assert.match(routes, /\/usage\/summary/, 'Platformization routes should expose usage dashboards.');
+assert.match(routes, /\/security\/audit-runs/, 'Platformization routes should expose security audit mode.');
+assert.match(routes, /\/audit-log/, 'Platformization routes should expose audit logs.');
+
+const server = read('server/index.js');
+assert.match(server, /platformizationRoutes/, 'Server should import platformization routes.');
+assert.match(server, /\/api\/platformization/, 'Server should mount platformization routes.');
+
+const docs = read('docs/platformization.md');
+assert.match(docs, /RBAC/i, 'Docs should explain RBAC/team mode.');
+assert.match(docs, /Secret Vault/i, 'Docs should explain the secret vault.');
+assert.match(docs, /MCP\/plugin Marketplace/i, 'Docs should explain marketplace management.');
+assert.match(docs, /Evaluation Harness/i, 'Docs should explain evaluations.');
+assert.match(docs, /Cost, Token, and Latency/i, 'Docs should explain usage dashboards.');
+assert.match(docs, /Security\/audit Mode/i, 'Docs should explain security audit mode.');
+
+console.log('v1.45 platformization smoke passed');