@soleri/cli 9.4.0 → 9.5.0

package/src/__tests__/flock-guard.test.ts

@@ -0,0 +1,225 @@
+import { describe, it, expect, afterEach } from 'vitest';
+import { execSync } from 'node:child_process';
+import { mkdirSync, rmSync, existsSync, readFileSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { createHash } from 'node:crypto';
+import { tmpdir } from 'node:os';
+
+const SCRIPTS_DIR = join(__dirname, '..', 'hook-packs', 'flock-guard', 'scripts');
+const PRE_SCRIPT = join(SCRIPTS_DIR, 'flock-guard-pre.sh');
+const POST_SCRIPT = join(SCRIPTS_DIR, 'flock-guard-post.sh');
+
+// The scripts use `git rev-parse --show-toplevel` which resolves to the repo root.
+// Compute the same hash the scripts will produce.
+const PROJECT_ROOT = execSync('git rev-parse --show-toplevel', {
+  cwd: join(__dirname, '..'),
+  encoding: 'utf-8',
+}).trim();
+const PROJECT_HASH = execSync(`printf '%s' '${PROJECT_ROOT}' | shasum | cut -c1-8`, {
+  encoding: 'utf-8',
+}).trim();
+// Scripts use ${TMPDIR:-${TEMP:-/tmp}} — match that resolution for the test environment
+const LOCK_DIR = `${process.env.TMPDIR || process.env.TEMP || tmpdir()}/soleri-guard-${PROJECT_HASH}.lock`;
+
+function makePayload(command: string): string {
+  return JSON.stringify({ tool_name: 'Bash', tool_input: { command } });
+}
+
+function runPre(
+  command: string,
+  env?: Record<string, string>,
+): { stdout: string; exitCode: number } {
+  try {
+    const stdout = execSync(
+      `printf '%s' '${escapeShell(makePayload(command))}' | sh '${PRE_SCRIPT}'`,
+      {
+        encoding: 'utf-8',
+        stdio: 'pipe',
+        cwd: PROJECT_ROOT,
+        env: { ...process.env, ...env },
+      },
+    );
+    return { stdout, exitCode: 0 };
+  } catch (err: any) {
+    return { stdout: err.stdout ?? '', exitCode: err.status ?? 1 };
+  }
+}
+
+function runPost(
+  command: string,
+  env?: Record<string, string>,
+): { stdout: string; exitCode: number } {
+  try {
+    const stdout = execSync(
+      `printf '%s' '${escapeShell(makePayload(command))}' | sh '${POST_SCRIPT}'`,
+      {
+        encoding: 'utf-8',
+        stdio: 'pipe',
+        cwd: PROJECT_ROOT,
+        env: { ...process.env, ...env },
+      },
+    );
+    return { stdout, exitCode: 0 };
+  } catch (err: any) {
+    return { stdout: err.stdout ?? '', exitCode: err.status ?? 1 };
+  }
+}
+
+function escapeShell(s: string): string {
+  // Escape single quotes for use inside single-quoted shell string
+  return s.replace(/'/g, "'\\''");
+}
+
+function cleanLock(): void {
+  if (existsSync(LOCK_DIR)) {
+    rmSync(LOCK_DIR, { recursive: true, force: true });
+  }
+}
+
+describe('flock-guard hook pack', () => {
+  afterEach(() => {
+    cleanLock();
+  });
+
+  // 1. Pre: allows non-lockfile commands
+  it('pre: allows non-lockfile commands (exit 0, no output)', () => {
+    const { stdout, exitCode } = runPre('echo hello');
+    expect(exitCode).toBe(0);
+    expect(stdout.trim()).toBe('');
+    expect(existsSync(LOCK_DIR)).toBe(false);
+  });
+
+  // 2. Pre: acquires lock on npm install
+  it('pre: acquires lock on npm install', () => {
+    const sessionId = `test-acquire-${Date.now()}`;
+    const { exitCode } = runPre('npm install', { CLAUDE_SESSION_ID: sessionId });
+    expect(exitCode).toBe(0);
+    expect(existsSync(LOCK_DIR)).toBe(true);
+  });
+
+  // 3. Pre: lock dir contains valid JSON with agentId and timestamp
+  it('pre: lock dir contains valid JSON with agentId and timestamp', () => {
+    const sessionId = `test-json-${Date.now()}`;
+    runPre('npm install', { CLAUDE_SESSION_ID: sessionId });
+
+    const lockJson = JSON.parse(readFileSync(join(LOCK_DIR, 'lock.json'), 'utf-8'));
+    expect(lockJson).toHaveProperty('agentId', sessionId);
+    expect(lockJson).toHaveProperty('timestamp');
+    expect(typeof lockJson.timestamp).toBe('number');
+    expect(lockJson.timestamp).toBeGreaterThan(0);
+  });
+
+  // 4. Post: releases lock after npm install
+  it('post: releases lock after npm install', () => {
+    const sessionId = `test-release-${Date.now()}`;
+    runPre('npm install', { CLAUDE_SESSION_ID: sessionId });
+    expect(existsSync(LOCK_DIR)).toBe(true);
+
+    const { exitCode } = runPost('npm install', { CLAUDE_SESSION_ID: sessionId });
+    expect(exitCode).toBe(0);
+    expect(existsSync(LOCK_DIR)).toBe(false);
+  });
+
+  // 5. Pre: blocks when lock held by another agent
+  it('pre: blocks when lock held by another agent', () => {
+    // Manually create lock with a different agentId
+    mkdirSync(LOCK_DIR, { recursive: true });
+    const now = Math.floor(Date.now() / 1000);
+    writeFileSync(
+      join(LOCK_DIR, 'lock.json'),
+      JSON.stringify({ agentId: 'other-agent-999', timestamp: now, command: 'npm install' }),
+    );
+
+    const mySession = `test-blocked-${Date.now()}`;
+    const { stdout, exitCode } = runPre('npm install', { CLAUDE_SESSION_ID: mySession });
+
+    // Script exits 0 but outputs JSON with continue: false
+    expect(exitCode).toBe(0);
+    const output = JSON.parse(stdout.trim());
+    expect(output.continue).toBe(false);
+    expect(output.stopReason).toContain('BLOCKED');
+    expect(output.stopReason).toContain('other-agent-999');
+  });
+
+  // 6. Pre: cleans stale lock (timestamp older than 30s)
+  it('pre: cleans stale lock and acquires', () => {
+    mkdirSync(LOCK_DIR, { recursive: true });
+    const staleTime = Math.floor(Date.now() / 1000) - 60; // 60s ago
+    writeFileSync(
+      join(LOCK_DIR, 'lock.json'),
+      JSON.stringify({ agentId: 'stale-agent', timestamp: staleTime, command: 'npm install' }),
+    );
+
+    const mySession = `test-stale-${Date.now()}`;
+    const { stdout, exitCode } = runPre('npm install', { CLAUDE_SESSION_ID: mySession });
+    expect(exitCode).toBe(0);
+    // Should not contain "continue: false" — lock was stale and cleaned
+    if (stdout.trim()) {
+      const output = JSON.parse(stdout.trim());
+      expect(output.continue).not.toBe(false);
+    }
+    // Lock should now be held by our session
+    expect(existsSync(LOCK_DIR)).toBe(true);
+    const lockJson = JSON.parse(readFileSync(join(LOCK_DIR, 'lock.json'), 'utf-8'));
+    expect(lockJson.agentId).toBe(mySession);
+  });
+
+  // 7. Pre: allows same agent reentry
+  it('pre: allows same agent reentry', () => {
+    const sessionId = `test-reentry-${Date.now()}`;
+    const env = { CLAUDE_SESSION_ID: sessionId };
+
+    // First acquisition
+    const first = runPre('npm install', env);
+    expect(first.exitCode).toBe(0);
+    expect(existsSync(LOCK_DIR)).toBe(true);
+
+    // Second acquisition with same session — should succeed (reentry)
+    const second = runPre('npm install', env);
+    expect(second.exitCode).toBe(0);
+    // No "continue: false" in output
+    if (second.stdout.trim()) {
+      const output = JSON.parse(second.stdout.trim());
+      expect(output.continue).not.toBe(false);
+    }
+  });
+
+  // 8. Post: only releases own lock (does not release lock held by other agent)
+  it('post: only releases own lock — does not remove lock held by another agent', () => {
+    // Create lock with a different agent
+    mkdirSync(LOCK_DIR, { recursive: true });
+    const now = Math.floor(Date.now() / 1000);
+    writeFileSync(
+      join(LOCK_DIR, 'lock.json'),
+      JSON.stringify({ agentId: 'other-agent-777', timestamp: now, command: 'npm install' }),
+    );
+
+    const mySession = `test-norelease-${Date.now()}`;
+    const { exitCode } = runPost('npm install', { CLAUDE_SESSION_ID: mySession });
+    expect(exitCode).toBe(0);
+    // Lock dir should still exist — we don't own it
+    expect(existsSync(LOCK_DIR)).toBe(true);
+    const lockJson = JSON.parse(readFileSync(join(LOCK_DIR, 'lock.json'), 'utf-8'));
+    expect(lockJson.agentId).toBe('other-agent-777');
+  });
+
+  // 9. Pre: detects other lockfile commands (yarn, pnpm, cargo, pip)
+  it('pre: detects yarn, pnpm install, cargo build, pip install', () => {
+    const commands = ['yarn', 'yarn install', 'pnpm install', 'cargo build', 'pip install'];
+    for (const cmd of commands) {
+      cleanLock();
+      const sessionId = `test-detect-${Date.now()}`;
+      const { exitCode } = runPre(cmd, { CLAUDE_SESSION_ID: sessionId });
+      expect(exitCode).toBe(0);
+      expect(existsSync(LOCK_DIR)).toBe(true);
+      cleanLock();
+    }
+  });
+
+  // 10. Post: ignores non-lockfile commands
+  it('post: ignores non-lockfile commands (no crash, no lock interaction)', () => {
+    const { exitCode, stdout } = runPost('echo hello');
+    expect(exitCode).toBe(0);
+    expect(stdout.trim()).toBe('');
+  });
+});

package/src/__tests__/graduation.test.ts

@@ -0,0 +1,199 @@
+import { describe, it, expect, beforeEach, afterEach, vi } from 'vitest';
+import { mkdirSync, rmSync, writeFileSync, readFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { tmpdir } from 'node:os';
+
+// Mock getPack before importing graduation
+const mockGetPack = vi.fn();
+vi.mock('../hook-packs/registry.js', () => ({
+  getPack: (...args: unknown[]) => mockGetPack(...args),
+}));
+
+import { promotePack, demotePack } from '../hook-packs/graduation.js';
+
+describe('graduation — promote/demote action levels', () => {
+  let tempDir: string;
+
+  function createPackDir(actionLevel?: string): string {
+    const packDir = join(tempDir, 'test-pack');
+    mkdirSync(packDir, { recursive: true });
+    const manifest: Record<string, unknown> = {
+      name: 'test-pack',
+      description: 'A test hook pack',
+      hooks: ['PreToolUse'],
+      version: '1.0.0',
+    };
+    if (actionLevel !== undefined) {
+      manifest.actionLevel = actionLevel;
+    }
+    writeFileSync(join(packDir, 'manifest.json'), JSON.stringify(manifest, null, 2) + '\n');
+    return packDir;
+  }
+
+  function readManifest(packDir: string): Record<string, unknown> {
+    return JSON.parse(readFileSync(join(packDir, 'manifest.json'), 'utf-8'));
+  }
+
+  beforeEach(() => {
+    tempDir = join(tmpdir(), `graduation-test-${Date.now()}`);
+    mkdirSync(tempDir, { recursive: true });
+    mockGetPack.mockReset();
+  });
+
+  afterEach(() => {
+    rmSync(tempDir, { recursive: true, force: true });
+  });
+
+  describe('promotePack', () => {
+    it('should promote remind → warn', () => {
+      const packDir = createPackDir('remind');
+      mockGetPack.mockReturnValue({
+        manifest: JSON.parse(readFileSync(join(packDir, 'manifest.json'), 'utf-8')),
+        dir: packDir,
+      });
+
+      const result = promotePack('test-pack');
+
+      expect(result.previousLevel).toBe('remind');
+      expect(result.newLevel).toBe('warn');
+      expect(readManifest(packDir).actionLevel).toBe('warn');
+    });
+
+    it('should promote warn → block', () => {
+      const packDir = createPackDir('warn');
+      mockGetPack.mockReturnValue({
+        manifest: JSON.parse(readFileSync(join(packDir, 'manifest.json'), 'utf-8')),
+        dir: packDir,
+      });
+
+      const result = promotePack('test-pack');
+
+      expect(result.previousLevel).toBe('warn');
+      expect(result.newLevel).toBe('block');
+      expect(readManifest(packDir).actionLevel).toBe('block');
+    });
+
+    it('should throw at maximum level (block)', () => {
+      const packDir = createPackDir('block');
+      mockGetPack.mockReturnValue({
+        manifest: JSON.parse(readFileSync(join(packDir, 'manifest.json'), 'utf-8')),
+        dir: packDir,
+      });
+
+      expect(() => promotePack('test-pack')).toThrow('already at maximum level: block');
+    });
+
+    it('should default to remind when actionLevel is missing', () => {
+      const packDir = createPackDir();
+      mockGetPack.mockReturnValue({
+        manifest: JSON.parse(readFileSync(join(packDir, 'manifest.json'), 'utf-8')),
+        dir: packDir,
+      });
+
+      const result = promotePack('test-pack');
+
+      expect(result.previousLevel).toBe('remind');
+      expect(result.newLevel).toBe('warn');
+    });
+
+    it('should throw for unknown pack', () => {
+      mockGetPack.mockReturnValue(null);
+
+      expect(() => promotePack('nonexistent')).toThrow('Unknown hook pack: "nonexistent"');
+    });
+  });
+
+  describe('demotePack', () => {
+    it('should demote block → warn', () => {
+      const packDir = createPackDir('block');
+      mockGetPack.mockReturnValue({
+        manifest: JSON.parse(readFileSync(join(packDir, 'manifest.json'), 'utf-8')),
+        dir: packDir,
+      });
+
+      const result = demotePack('test-pack');
+
+      expect(result.previousLevel).toBe('block');
+      expect(result.newLevel).toBe('warn');
+      expect(readManifest(packDir).actionLevel).toBe('warn');
+    });
+
+    it('should demote warn → remind', () => {
+      const packDir = createPackDir('warn');
+      mockGetPack.mockReturnValue({
+        manifest: JSON.parse(readFileSync(join(packDir, 'manifest.json'), 'utf-8')),
+        dir: packDir,
+      });
+
+      const result = demotePack('test-pack');
+
+      expect(result.previousLevel).toBe('warn');
+      expect(result.newLevel).toBe('remind');
+      expect(readManifest(packDir).actionLevel).toBe('remind');
+    });
+
+    it('should throw at minimum level (remind)', () => {
+      const packDir = createPackDir('remind');
+      mockGetPack.mockReturnValue({
+        manifest: JSON.parse(readFileSync(join(packDir, 'manifest.json'), 'utf-8')),
+        dir: packDir,
+      });
+
+      expect(() => demotePack('test-pack')).toThrow('already at minimum level: remind');
+    });
+
+    it('should throw for unknown pack', () => {
+      mockGetPack.mockReturnValue(null);
+
+      expect(() => demotePack('nonexistent')).toThrow('Unknown hook pack: "nonexistent"');
+    });
+  });
+
+  describe('manifest persistence', () => {
+    it('should write updated manifest to disk', () => {
+      const packDir = createPackDir('remind');
+      mockGetPack.mockReturnValue({
+        manifest: JSON.parse(readFileSync(join(packDir, 'manifest.json'), 'utf-8')),
+        dir: packDir,
+      });
+
+      promotePack('test-pack');
+
+      const manifest = readManifest(packDir);
+      expect(manifest.actionLevel).toBe('warn');
+      expect(manifest.name).toBe('test-pack');
+      expect(manifest.description).toBe('A test hook pack');
+      expect(manifest.version).toBe('1.0.0');
+    });
+
+    it('should preserve all manifest fields after promotion', () => {
+      const packDir = createPackDir('remind');
+      const originalManifest = readManifest(packDir);
+      mockGetPack.mockReturnValue({
+        manifest: JSON.parse(readFileSync(join(packDir, 'manifest.json'), 'utf-8')),
+        dir: packDir,
+      });
+
+      promotePack('test-pack');
+
+      const updatedManifest = readManifest(packDir);
+      expect(updatedManifest.name).toBe(originalManifest.name);
+      expect(updatedManifest.description).toBe(originalManifest.description);
+      expect(updatedManifest.hooks).toEqual(originalManifest.hooks);
+      expect(updatedManifest.version).toBe(originalManifest.version);
+      expect(updatedManifest.actionLevel).toBe('warn');
+    });
+
+    it('should return the manifest path in the result', () => {
+      const packDir = createPackDir('remind');
+      mockGetPack.mockReturnValue({
+        manifest: JSON.parse(readFileSync(join(packDir, 'manifest.json'), 'utf-8')),
+        dir: packDir,
+      });
+
+      const result = promotePack('test-pack');
+
+      expect(result.manifestPath).toBe(join(packDir, 'manifest.json'));
+    });
+  });
+});

package/src/__tests__/hook-packs.test.ts

@@ -23,15 +23,18 @@ describe('hook-packs', () => {
   });
 
   describe('registry', () => {
-    it('should list all 6 built-in packs', () => {
+    it('should list all 9 built-in packs', () => {
       const packs = listPacks();
-      expect(packs.length).toBe(6);
+      expect(packs.length).toBe(9);
       const names = packs.map((p) => p.name).sort();
       expect(names).toEqual([
         'a11y',
         'clean-commits',
         'css-discipline',
+        'flock-guard',
         'full',
+        'marketing-research',
+        'safety',
         'typescript-safety',
         'yolo-safety',
       ]);
@@ -49,7 +52,7 @@ describe('hook-packs', () => {
       expect(getPack('nonexistent')).toBeNull();
     });
 
-    it('should return full pack with composedFrom including yolo-safety', () => {
+    it('should return full pack with composedFrom including safety and yolo-safety', () => {
       const pack = getPack('full');
       expect(pack).not.toBeNull();
       expect(pack!.manifest.composedFrom).toEqual([
@@ -57,6 +60,7 @@ describe('hook-packs', () => {
         'a11y',
         'css-discipline',
         'clean-commits',
+        'safety',
         'yolo-safety',
       ]);
       expect(pack!.manifest.hooks).toHaveLength(8);
@@ -64,19 +68,29 @@ describe('hook-packs', () => {
 
     it('should return empty installed packs when none installed', () => {
       const installed = getInstalledPacks();
-      expect(installed.filter((p) => p !== 'yolo-safety')).toEqual([]);
+      expect(installed.filter((p) => p !== 'yolo-safety' && p !== 'safety')).toEqual([]);
     });
 
-    it('should get yolo-safety pack with scripts and lifecycleHooks', () => {
-      const pack = getPack('yolo-safety');
+    it('should get safety pack with scripts and lifecycleHooks', () => {
+      const pack = getPack('safety');
       expect(pack).not.toBeNull();
-      expect(pack!.manifest.name).toBe('yolo-safety');
+      expect(pack!.manifest.name).toBe('safety');
       expect(pack!.manifest.hooks).toEqual([]);
       expect(pack!.manifest.scripts).toHaveLength(1);
       expect(pack!.manifest.scripts![0].name).toBe('anti-deletion');
       expect(pack!.manifest.lifecycleHooks).toHaveLength(1);
       expect(pack!.manifest.lifecycleHooks![0].event).toBe('PreToolUse');
     });
+
+    it('should get yolo-safety pack as composed from safety', () => {
+      const pack = getPack('yolo-safety');
+      expect(pack).not.toBeNull();
+      expect(pack!.manifest.name).toBe('yolo-safety');
+      expect(pack!.manifest.hooks).toEqual([]);
+      expect(pack!.manifest.composedFrom).toEqual(['safety']);
+      expect(pack!.manifest.scripts).toBeUndefined();
+      expect(pack!.manifest.lifecycleHooks).toBeUndefined();
+    });
   });
 
   describe('installer', () => {
@@ -150,8 +164,8 @@ describe('hook-packs', () => {
       expect(() => removePack('nonexistent')).toThrow('Unknown hook pack: "nonexistent"');
     });
 
-    it('should install yolo-safety pack with scripts and lifecycle hooks', () => {
-      const result = installPack('yolo-safety');
+    it('should install safety pack with scripts and lifecycle hooks', () => {
+      const result = installPack('safety');
       expect(result.installed).toEqual([]);
       expect(result.scripts).toHaveLength(1);
       expect(result.scripts[0]).toBe('hooks/anti-deletion.sh');
@@ -163,12 +177,12 @@ describe('hook-packs', () => {
       expect(settings.hooks).toBeDefined();
       expect(settings.hooks.PreToolUse).toHaveLength(1);
       expect(settings.hooks.PreToolUse[0].command).toBe('sh ~/.claude/hooks/anti-deletion.sh');
-      expect(settings.hooks.PreToolUse[0]._soleriPack).toBe('yolo-safety');
+      expect(settings.hooks.PreToolUse[0]._soleriPack).toBe('safety');
     });
 
-    it('should remove yolo-safety pack including scripts and lifecycle hooks', () => {
-      installPack('yolo-safety');
-      const result = removePack('yolo-safety');
+    it('should remove safety pack including scripts and lifecycle hooks', () => {
+      installPack('safety');
+      const result = removePack('safety');
       expect(result.scripts).toHaveLength(1);
       expect(result.lifecycleHooks).toHaveLength(1);
       const claudeDir = join(tempHome, '.claude');
@@ -177,14 +191,24 @@ describe('hook-packs', () => {
       expect(settings.hooks.PreToolUse).toBeUndefined();
     });
 
-    it('should be idempotent for yolo-safety lifecycle hooks', () => {
-      installPack('yolo-safety');
-      const result2 = installPack('yolo-safety');
+    it('should be idempotent for safety lifecycle hooks', () => {
+      installPack('safety');
+      const result2 = installPack('safety');
       expect(result2.lifecycleHooks).toEqual([]);
       const claudeDir = join(tempHome, '.claude');
       const settings = JSON.parse(readFileSync(join(claudeDir, 'settings.json'), 'utf-8'));
       expect(settings.hooks.PreToolUse).toHaveLength(1);
     });
+
+    it('should install yolo-safety via composition from safety', () => {
+      const result = installPack('yolo-safety');
+      // yolo-safety composes from safety — script and lifecycle come from safety
+      expect(result.scripts).toHaveLength(1);
+      expect(result.scripts[0]).toBe('hooks/anti-deletion.sh');
+      expect(result.lifecycleHooks).toHaveLength(1);
+      const claudeDir = join(tempHome, '.claude');
+      expect(existsSync(join(claudeDir, 'hooks', 'anti-deletion.sh'))).toBe(true);
+    });
   });
 
   describe('isPackInstalled', () => {
@@ -207,9 +231,9 @@ describe('hook-packs', () => {
       expect(isPackInstalled('nonexistent')).toBe(false);
     });
 
-    it('should detect yolo-safety as installed when script is present', () => {
-      installPack('yolo-safety');
-      expect(isPackInstalled('yolo-safety')).toBe(true);
+    it('should detect safety as installed when script is present', () => {
+      installPack('safety');
+      expect(isPackInstalled('safety')).toBe(true);
     });
   });
 
@@ -231,6 +255,7 @@ describe('hook-packs', () => {
       expect(installed).toContain('a11y');
       expect(installed).toContain('css-discipline');
       expect(installed).toContain('clean-commits');
+      expect(installed).toContain('safety');
       expect(installed).toContain('yolo-safety');
     });
   });