@shohojdhara/atomix 0.5.0 → 0.5.1

package/scripts/cli/__tests__/migrate.test.js

@@ -1,74 +0,0 @@
-/**
- * Migrate Command Unit Tests
- * Tests ensureSourceIsDirectory behavior and migrate error paths
- */
-
-import { describe, it, expect, beforeEach, afterEach, vi } from 'vitest';
-import { mkdtemp, rm, writeFile } from 'fs/promises';
-import { join } from 'path';
-import { tmpdir } from 'os';
-import { migrateAction } from '../commands/migrate.js';
-import { AtomixCLIError, ErrorCategory } from '../utils/error.js';
-
-describe('Migrate Command', () => {
-  let tempDir;
-  let originalCwd;
-
-  beforeEach(async () => {
-    tempDir = await mkdtemp(join(tmpdir(), 'atomix-migrate-test-'));
-    originalCwd = process.cwd();
-    process.chdir(tempDir);
-  });
-
-  afterEach(async () => {
-    process.chdir(originalCwd);
-    await rm(tempDir, { recursive: true, force: true });
-    vi.restoreAllMocks();
-  });
-
-  describe('ensureSourceIsDirectory (via migrateAction)', () => {
-    it('should throw INVALID_PATH when source does not exist', async () => {
-      await expect(
-        migrateAction('tailwind', './nonexistent-dir-xyz-123')
-      ).rejects.toThrow(AtomixCLIError);
-
-      try {
-        await migrateAction('tailwind', './nonexistent-dir-xyz-123');
-      } catch (err) {
-        expect(err.code).toBe(ErrorCategory.INVALID_PATH);
-        expect(err.message).toContain('Source not found');
-      }
-    });
-
-    it('should throw INVALID_PATH when source is a file not a directory', async () => {
-      const filePath = join(tempDir, 'package.json');
-      await writeFile(filePath, '{}');
-      const relativeFile = 'package.json';
-
-      await expect(
-        migrateAction('tailwind', relativeFile)
-      ).rejects.toThrow(AtomixCLIError);
-
-      try {
-        await migrateAction('tailwind', relativeFile);
-      } catch (err) {
-        expect(err.code).toBe(ErrorCategory.INVALID_PATH);
-        expect(err.message).toContain('not a directory');
-      }
-    });
-
-    it('should throw when migration type is unsupported', async () => {
-      let threw = false;
-      try {
-        await migrateAction('unknown-framework', '.');
-      } catch (err) {
-        threw = true;
-        if (err instanceof AtomixCLIError) {
-          expect(err.code).toBe(ErrorCategory.VALIDATION);
-          expect(err.message).toContain('Unsupported migration type');
-        }
-      }
-      expect(threw).toBe(true);
-    });
-  });
-});

package/scripts/cli/__tests__/security.test.js

@@ -1,206 +0,0 @@
-/**
- * Security-focused tests for Atomix CLI
- * Tests path traversal prevention, input sanitization, and security features
- */
-
-import { describe, it, expect, beforeEach, afterEach, vi } from 'vitest';
-import { 
-  sanitizeInput, 
-  validateSecurePath, 
-  validateComponentNameSecure,
-  SecurityError,
-  RateLimiter
-} from '../utils/security.js';
-import { filesystem } from '../internal/filesystem.js';
-
-// Mock filesystem operations to avoid actual file I/O
-vi.mock('../internal/filesystem.js', () => ({
-  filesystem: {
-    writeFile: vi.fn(),
-    exists: vi.fn()
-  }
-}));
-
-describe('Security Utilities', () => {
-  describe('sanitizeInput', () => {
-    it('should sanitize filename inputs', () => {
-      const malicious = '../../etc/passwd';
-      const sanitized = sanitizeInput(malicious, 'filename');
-      expect(sanitized).not.toContain('..');
-      expect(sanitized).not.toContain('/');
-    });
-
-    it('should sanitize component names', () => {
-      const malicious = 'Button<script>alert(1)</script>';
-      const sanitized = sanitizeInput(malicious, 'componentName');
-      expect(sanitized).toMatch(/^[A-Z][a-zA-Z0-9]*$/);
-      expect(sanitized).not.toContain('<');
-      expect(sanitized).not.toContain('>');
-    });
-
-    it('should sanitize AI prompts', () => {
-      const malicious = 'Create a component that executes <script>malicious()</script>';
-      const sanitized = sanitizeInput(malicious, 'prompt');
-      expect(sanitized).not.toContain('<script>');
-      expect(sanitized).not.toContain('</script>');
-    });
-
-    it('should handle empty inputs', () => {
-      expect(() => sanitizeInput('', 'filename')).toThrow();
-    });
-  });
-
-  describe('validateSecurePath', () => {
-    it('should prevent path traversal attacks', () => {
-      const result = validateSecurePath('../../etc/passwd', '/safe/dir');
-      expect(result.isValid).toBe(false);
-      expect(result.error).toContain('Path traversal');
-    });
-
-    it('should prevent access to system directories', () => {
-      const result = validateSecurePath('/etc/passwd', '/safe/dir');
-      expect(result.isValid).toBe(false);
-      expect(result.error).toMatch(/Path traversal|system directories/);
-    });
-
-    it('should allow valid relative paths', () => {
-      const result = validateSecurePath('./src/components', process.cwd());
-      expect(result.isValid).toBe(true);
-    });
-
-    it('should allow valid absolute paths within project', () => {
-      const result = validateSecurePath(process.cwd() + '/src/components', process.cwd());
-      expect(result.isValid).toBe(true);
-    });
-  });
-
-  describe('validateComponentNameSecure', () => {
-    it('should reject malicious or reserved component names', () => {
-      const maliciousNames = [
-        'eval',
-        'script',
-        'javascript',
-        'onload',
-        'onerror',
-        'Button<script>'
-      ];
-
-      maliciousNames.forEach(name => {
-        const result = validateComponentNameSecure(name);
-        expect(result.isValid).toBe(false);
-        expect(result.error).toBeTruthy();
-      });
-    });
-
-    it('should accept valid component names', () => {
-      const validNames = [
-        'Button',
-        'CardHeader',
-        'ModalDialog',
-        'AccordionItem'
-      ];
-
-      validNames.forEach(name => {
-        const result = validateComponentNameSecure(name);
-        expect(result.isValid).toBe(true);
-      });
-    });
-
-    it('should reject reserved words', () => {
-      const reservedNames = ['Component', 'React', 'Fragment', 'Window'];
-      reservedNames.forEach(name => {
-        const result = validateComponentNameSecure(name);
-        expect(result.isValid).toBe(false);
-      });
-    });
-  });
-
-  describe('RateLimiter', () => {
-    let rateLimiter;
-
-    beforeEach(() => {
-      rateLimiter = new RateLimiter(2, 1000); // 2 requests per second
-    });
-
-    it('should enforce rate limits', () => {
-      expect(rateLimiter.checkLimit('user1')).toBe(true);
-      expect(rateLimiter.checkLimit('user1')).toBe(true);
-      expect(rateLimiter.checkLimit('user1')).toBe(false); // Third request should be blocked
-    });
-
-    it('should track different users separately', () => {
-      expect(rateLimiter.checkLimit('user1')).toBe(true);
-      expect(rateLimiter.checkLimit('user2')).toBe(true);
-      expect(rateLimiter.checkLimit('user1')).toBe(true);
-      expect(rateLimiter.checkLimit('user2')).toBe(true);
-      expect(rateLimiter.checkLimit('user1')).toBe(false);
-      expect(rateLimiter.checkLimit('user2')).toBe(false);
-    });
-
-    it('should reset after time window', async () => {
-      expect(rateLimiter.checkLimit('user1')).toBe(true);
-      expect(rateLimiter.checkLimit('user1')).toBe(true);
-      expect(rateLimiter.checkLimit('user1')).toBe(false);
-
-      await new Promise(resolve => setTimeout(resolve, 1100)); // Wait longer than time window
-      
-      expect(rateLimiter.checkLimit('user1')).toBe(true); // Should work again
-    });
-  });
-
-  describe('Filesystem Security', () => {
-    it('should reject path traversal via validateSecurePath', () => {
-      const result = validateSecurePath('../../etc/passwd', process.cwd());
-      expect(result.isValid).toBe(false);
-      expect(result.error).toBeTruthy();
-    });
-  });
-});
-
-describe('Path Traversal Prevention', () => {
-  const testCases = [
-    { input: '../../etc/passwd', expected: false },
-    { input: '/etc/passwd', expected: false },
-    { input: '..\\Windows\\System32', expected: false },
-    { input: 'normal/path', expected: true },
-    { input: './src/components', expected: true },
-    { input: 'src/components/Button', expected: true },
-    { input: '../' + process.cwd() + '/src', expected: false }, // Relative traversal
-    { input: process.cwd() + '/../../etc', expected: false }, // Absolute traversal
-  ];
-
-  testCases.forEach(({ input, expected }) => {
-    it(`should ${expected ? 'allow' : 'block'} path: ${input}`, () => {
-      const result = validateSecurePath(input, process.cwd());
-      expect(result.isValid).toBe(expected);
-      
-      if (!expected) {
-        expect(result.error).toBeDefined();
-      }
-    });
-  });
-});
-
-describe('Input Sanitization Edge Cases', () => {
-  const edgeCases = [
-    { input: null, type: 'filename', shouldThrow: true },
-    { input: undefined, type: 'filename', shouldThrow: true },
-    { input: '', type: 'filename', shouldThrow: true },
-    { input: '   ', type: 'filename', shouldThrow: true },
-    { input: 'normal', type: 'filename', expected: 'normal' },
-    { input: 'file\x00name', type: 'filename', expected: 'filename' },
-    { input: 'file\nname', type: 'filename', expected: 'filename' },
-    { input: 'file<script>', type: 'filename', expected: 'filescript' },
-  ];
-
-  edgeCases.forEach(({ input, type, expected, shouldThrow }) => {
-    it(`should handle ${JSON.stringify(input)} for ${type}`, () => {
-      if (shouldThrow) {
-        expect(() => sanitizeInput(input, type)).toThrow();
-      } else {
-        const result = sanitizeInput(input, type);
-        expect(result).toBe(expected);
-      }
-    });
-  });
-});

package/scripts/cli/__tests__/test-setup.js

@@ -1,135 +0,0 @@
-/**
- * Test Setup for CLI Tests
- */
-
-import { vi } from 'vitest';
-
-// Mock external dependencies
-vi.mock('ora', () => ({
-  default: vi.fn(() => ({
-    start: vi.fn(() => ({
-      succeed: vi.fn(),
-      fail: vi.fn(),
-      stop: vi.fn(),
-      text: ''
-    }))
-  }))
-}));
-
-vi.mock('inquirer', () => ({
-  prompt: vi.fn()
-}));
-
-vi.mock('chalk', () => ({
-  default: {
-    green: vi.fn((text) => text),
-    red: vi.fn((text) => text),
-    yellow: vi.fn((text) => text),
-    cyan: vi.fn((text) => text),
-    gray: vi.fn((text) => text),
-    blue: vi.fn((text) => text),
-    bold: {
-      green: vi.fn((text) => text),
-      red: vi.fn((text) => text),
-      yellow: vi.fn((text) => text),
-      cyan: vi.fn((text) => text),
-      blue: vi.fn((text) => text)
-    }
-  }
-}));
-
-vi.mock('boxen', () => ({
-  default: vi.fn((text) => text)
-}));
-
-vi.mock('chokidar', () => ({
-  default: vi.fn(() => ({
-    on: vi.fn(),
-    close: vi.fn()
-  }))
-}));
-
-// Mock file system operations
-vi.mock('fs/promises', async () => {
-  const actual = await vi.importActual('fs/promises');
-  return {
-    ...actual,
-    writeFile: vi.fn(actual.writeFile),
-    readFile: vi.fn(actual.readFile),
-    mkdir: vi.fn(actual.mkdir),
-    access: vi.fn(actual.access),
-    stat: vi.fn(actual.stat),
-    rm: vi.fn(actual.rm)
-  };
-});
-
-// Mock process.cwd for consistent test environment
-const originalCwd = process.cwd;
-
-beforeEach(() => {
-  // Reset all mocks before each test
-  vi.clearAllMocks();
-});
-
-afterEach(() => {
-  // Restore original process.cwd
-  process.cwd = originalCwd;
-});
-
-// Global test utilities
-global.createMockTempDir = () => '/tmp/atomix-test-' + Math.random().toString(36).substr(2, 9);
-
-global.mockComponentStructure = (componentName, content = '') => ({
-  [`${componentName}.tsx`]: content || `
-import React, { forwardRef } from 'react';
-
-export const ${componentName} = forwardRef<HTMLDivElement, ${componentName}Props>(
-  ({ children, className = '', ...props }, ref) => {
-    return (
-      <div ref={ref} className={className} {...props}>
-        {children}
-      </div>
-    );
-  }
-);
-
-interface ${componentName}Props {
-  children?: React.ReactNode;
-  className?: string;
-}
-  `,
-  'index.ts': `export { ${componentName} } from './${componentName}';`,
-  [`${componentName}.stories.tsx`]: `
-import type { Meta, StoryObj } from '@storybook/react';
-import { ${componentName} } from './${componentName}';
-
-const meta: Meta<typeof ${componentName}> = {
-  title: 'Components/${componentName}',
-  component: ${componentName},
-  parameters: {
-    layout: 'centered',
-  },
-  tags: ['autodocs'],
-};
-
-export default meta;
-type Story = StoryObj<typeof meta>;
-
-export const Default: Story = {
-  args: {
-    children: 'Test ${componentName}',
-  },
-};
-  `,
-  [`${componentName}.test.tsx`]: `
-import { render, screen } from '@testing-library/react';
-import { ${componentName} } from './${componentName}';
-
-describe('${componentName}', () => {
-  it('renders correctly', () => {
-    render(<${componentName}>Test</${componentName}>);
-    expect(screen.getByText('Test')).toBeInTheDocument();
-  });
-});
-  `
-});