@pzy560117/opentest 0.1.0

package/scripts/prepublish-check.js

@@ -0,0 +1,58 @@
+#!/usr/bin/env node
+
+import { readFileSync, readdirSync, statSync } from 'fs';
+import { extname, join } from 'path';
+
+const SECRET_PATTERNS = [
+  { pattern: /(?:api[_-]?key|apikey)\s*[:=]\s*['"][A-Za-z0-9_-]{20,}['"]/i, name: 'API key' },
+  { pattern: /(?:secret|token|password|passwd|pwd)\s*[:=]\s*['"][^\s'"]{8,}['"]/i, name: 'Secret/token' },
+  { pattern: /-----BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY-----/, name: 'Private key' },
+  { pattern: /ghp_[A-Za-z0-9]{36}/, name: 'GitHub token' },
+  { pattern: /sk-[A-Za-z0-9]{20,}/, name: 'OpenAI key' },
+  { pattern: /xoxb-[0-9]+-[A-Za-z0-9]+/, name: 'Slack token' },
+  { pattern: /AKIA[0-9A-Z]{16}/, name: 'AWS access key' },
+];
+
+const SKIP_DIRS = new Set(['node_modules', '.git']);
+const TEXT_EXTENSIONS = new Set(['.js', '.json', '.md', '.txt', '.yml', '.yaml', '.toml', '.sh']);
+
+function* walkFiles(dir) {
+  for (const entry of readdirSync(dir)) {
+    const full = join(dir, entry);
+    const fileStat = statSync(full);
+    if (fileStat.isDirectory()) {
+      if (!SKIP_DIRS.has(entry)) {
+        yield* walkFiles(full);
+      }
+    } else if (fileStat.isFile()) {
+      yield full;
+    }
+  }
+}
+
+let found = 0;
+
+for (const filePath of walkFiles('.')) {
+  if (!TEXT_EXTENSIONS.has(extname(filePath))) continue;
+
+  let content;
+  try {
+    content = readFileSync(filePath, 'utf8');
+  } catch {
+    continue;
+  }
+
+  for (const { pattern, name } of SECRET_PATTERNS) {
+    if (pattern.test(content)) {
+      console.error(`[SECURITY] Possible ${name} found in ${filePath}`);
+      found += 1;
+    }
+  }
+}
+
+if (found > 0) {
+  console.error(`\n[SECURITY] ${found} potential secret(s) detected. Aborting publish.`);
+  process.exit(1);
+}
+
+console.log('[SECURITY] No secrets detected. Safe to publish.');

package/scripts/smoke-test.js

@@ -0,0 +1,64 @@
+#!/usr/bin/env node
+
+import { readFileSync } from 'fs';
+import { access } from 'fs/promises';
+import path from 'path';
+import { spawnSync } from 'child_process';
+
+const manifest = JSON.parse(readFileSync('assets/manifest.json', 'utf8'));
+let failures = 0;
+
+async function exists(filePath) {
+  try {
+    await access(filePath);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+for (const skillPath of manifest.skills) {
+  const fullPath = path.join('assets', 'skills', skillPath);
+  if (!(await exists(fullPath))) {
+    console.error(`[MISSING] ${fullPath}`);
+    failures += 1;
+  }
+}
+
+for (const skillName of [
+  'opentest',
+  'opentest-plan',
+  'opentest-author',
+  'opentest-run',
+  'opentest-accept',
+  'opentest-verify',
+  'opentest-heal',
+  'opentest-archive',
+]) {
+  const skillFile = path.join('assets', 'skills', skillName, 'SKILL.md');
+  const content = readFileSync(skillFile, 'utf8');
+  if (!/^name:\s+/m.test(content) || !/^description:\s+/m.test(content)) {
+    console.error(`[FRONTMATTER] Missing name or description in ${skillFile}`);
+    failures += 1;
+  }
+}
+
+for (const script of [
+  'assets/skills/opentest/scripts/opentest-state.sh',
+  'assets/skills/opentest/scripts/opentest-detect.sh',
+  'assets/skills/opentest/scripts/opentest-guard.sh',
+]) {
+  const result = spawnSync('bash', ['-n', script], { encoding: 'utf8' });
+  if (result.status !== 0) {
+    console.error(`[BASH] ${script}`);
+    console.error(result.stderr || result.stdout);
+    failures += 1;
+  }
+}
+
+if (failures > 0) {
+  console.error(`[SMOKE] ${failures} failure(s)`);
+  process.exit(1);
+}
+
+console.log('[SMOKE] OpenTest package checks passed.');