akm-cli 0.6.1 → 0.7.0

package/dist/tests/bench/no-os-tmpdir-invariant.test.js

@@ -0,0 +1,43 @@
+/**
+ * Invariant: no bench source under `tests/bench/*.ts` may reference
+ * `os.tmpdir`. All bench tmp dirs MUST go through `benchTmpRoot()` /
+ * `benchMkdtemp()` from `./tmp`, which redirects to
+ * `${AKM_CACHE_DIR}/bench/` (#276).
+ *
+ * Allowlist: `tests/bench/tmp.ts` and this test file. The helper is
+ * permitted to mention `os.tmpdir` in its docstrings/comments because it
+ * documents what it replaces; this test file mentions the symbol in its
+ * grep target.
+ */
+import { describe, expect, test } from "bun:test";
+import fs from "node:fs";
+import path from "node:path";
+const ALLOWLIST = new Set(["tmp.ts", "no-os-tmpdir-invariant.test.ts"]);
+const benchDir = path.resolve(import.meta.dir);
+describe("bench source invariant: no os.tmpdir (#276)", () => {
+    test("no bench *.ts file (outside the allowlist) references os.tmpdir", () => {
+        const offenders = [];
+        for (const entry of fs.readdirSync(benchDir, { withFileTypes: true })) {
+            if (!entry.isFile())
+                continue;
+            if (!entry.name.endsWith(".ts"))
+                continue;
+            if (ALLOWLIST.has(entry.name))
+                continue;
+            const full = path.join(benchDir, entry.name);
+            const lines = fs.readFileSync(full, "utf8").split("\n");
+            for (let i = 0; i < lines.length; i += 1) {
+                const line = lines[i] ?? "";
+                if (/os\.tmpdir/.test(line) || /\btmpdir\s*\(/.test(line)) {
+                    offenders.push({ file: entry.name, line: i + 1, text: line.trim() });
+                }
+            }
+        }
+        if (offenders.length > 0) {
+            const detail = offenders.map((o) => `  ${o.file}:${o.line}  ${o.text}`).join("\n");
+            throw new Error(`Found ${offenders.length} disallowed os.tmpdir reference(s) under tests/bench/.\n` +
+                `Use benchTmpRoot()/benchMkdtemp() from ./tmp instead (#276):\n${detail}`);
+        }
+        expect(offenders).toEqual([]);
+    });
+});

package/dist/tests/bench/opencode-config.js

@@ -0,0 +1,194 @@
+/**
+ * opencode-config.ts — config-driven opencode provider materialisation.
+ *
+ * Loads the operator's bench provider file (committed fixture or
+ * gitignored `.local.json` overlay), validates it for safety (no hard-coded
+ * credentials, no extra top-level keys), and writes a minimal
+ * `opencode.json` into the per-run isolated `OPENCODE_CONFIG` directory.
+ *
+ * Design: `tests/bench/BENCH.md` §"Config-driven opencode provider".
+ */
+import fs from "node:fs";
+import path from "node:path";
+/**
+ * Error class for bench provider-config problems.
+ *
+ * `isUsageError: true`  → the caller should exit 2 (USAGE).
+ * `isUsageError: false` → the caller should exit 78 (CONFIG).
+ */
+export class BenchConfigError extends Error {
+    code = "BENCH_CONFIG";
+    isUsageError;
+    constructor(message, isUsageError) {
+        super(message);
+        this.name = "BenchConfigError";
+        this.isUsageError = isUsageError;
+    }
+}
+/**
+ * Top-level keys that belong in a full opencode user-config but are FORBIDDEN
+ * in the bench provider file. The bench file is intentionally minimal — it
+ * only specifies provider entries. Any of these keys in the file means the
+ * operator has pasted a full opencode config into the bench slot, which could
+ * contain credentials, plugins, or permission overrides that the bench MUST
+ * NOT inherit.
+ */
+const FORBIDDEN_TOPLEVEL_KEYS = new Set([
+    "plugin",
+    "mcp",
+    "permission",
+    "disabled_providers",
+    "small_model",
+    "snapshot",
+]);
+/**
+ * Regex that an `apiKey` string value MUST match when present. The only
+ * allowed form is an env-ref placeholder: `{env:VAR_NAME}`.
+ */
+const ENV_REF_RE = /^\{env:[A-Z_][A-Z0-9_]*\}$/;
+/** Heuristic to detect literal API credentials accidentally pasted into the file. */
+const CREDENTIAL_RE = /^sk-[A-Za-z0-9_-]{20,}$/;
+/**
+ * Recursively scan `node` for credential heuristic violations and literal
+ * `apiKey` values that are not env-refs. Throws `BenchConfigError` on the
+ * first violation found.
+ *
+ * @param node   The value to scan (any JSON value).
+ * @param jspath JSON-path-like string for error messages, e.g. `providers.myProvider.apiKey`.
+ */
+function scanForCredentials(node, jspath) {
+    if (typeof node === "string") {
+        // Heuristic: reject anything that looks like an OpenAI/Anthropic-style key.
+        if (CREDENTIAL_RE.test(node)) {
+            throw new BenchConfigError(`bench provider file: credential heuristic triggered at "${jspath}" — literal API key detected; use {env:VAR_NAME} instead`, false);
+        }
+        return;
+    }
+    if (Array.isArray(node)) {
+        for (let i = 0; i < node.length; i++) {
+            scanForCredentials(node[i], `${jspath}[${i}]`);
+        }
+        return;
+    }
+    if (node !== null && typeof node === "object") {
+        for (const [key, value] of Object.entries(node)) {
+            const childPath = `${jspath}.${key}`;
+            // apiKey must be an env-ref if present as a string.
+            if (key === "apiKey" && typeof value === "string") {
+                if (!ENV_REF_RE.test(value)) {
+                    throw new BenchConfigError(`bench provider file: "${childPath}" must be an env-ref (e.g. {env:MY_API_KEY}), not a literal value`, false);
+                }
+                // An env-ref is fine — don't recurse further into it.
+                continue;
+            }
+            scanForCredentials(value, childPath);
+        }
+    }
+}
+/**
+ * Load and validate a bench opencode providers JSON file.
+ *
+ * Throws:
+ * - `BenchConfigError(isUsageError: true)` if the file does not exist.
+ * - `BenchConfigError(isUsageError: false)` if JSON parse fails or the file
+ *   fails validation (bad schema version, forbidden top-level keys, detected
+ *   credentials).
+ */
+export function loadOpencodeProviders(absPath) {
+    // ── File existence ────────────────────────────────────────────────────────
+    let raw;
+    try {
+        raw = fs.readFileSync(absPath, "utf8");
+    }
+    catch (err) {
+        const isEnoent = err.code === "ENOENT";
+        if (isEnoent) {
+            throw new BenchConfigError(`bench provider file not found: ${absPath}`, true);
+        }
+        throw new BenchConfigError(`bench provider file: could not read "${absPath}": ${err instanceof Error ? err.message : String(err)}`, false);
+    }
+    // ── JSON parse ────────────────────────────────────────────────────────────
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch (err) {
+        throw new BenchConfigError(`bench provider file: JSON parse error in "${absPath}": ${err instanceof Error ? err.message : String(err)}`, false);
+    }
+    if (parsed === null || typeof parsed !== "object" || Array.isArray(parsed)) {
+        throw new BenchConfigError(`bench provider file: root must be a JSON object (got ${Array.isArray(parsed) ? "array" : typeof parsed})`, false);
+    }
+    const obj = parsed;
+    // ── Forbidden top-level keys ──────────────────────────────────────────────
+    for (const key of Object.keys(obj)) {
+        if (FORBIDDEN_TOPLEVEL_KEYS.has(key)) {
+            throw new BenchConfigError(`bench provider file: forbidden top-level key "${key}" — the bench provider file must contain only "schemaVersion", "defaultModel", and "providers"`, false);
+        }
+    }
+    // ── schemaVersion ─────────────────────────────────────────────────────────
+    if (obj.schemaVersion !== 1) {
+        throw new BenchConfigError(`bench provider file: unsupported schemaVersion ${JSON.stringify(obj.schemaVersion)}; expected 1`, false);
+    }
+    // ── providers ─────────────────────────────────────────────────────────────
+    if (obj.providers === null || typeof obj.providers !== "object" || Array.isArray(obj.providers)) {
+        throw new BenchConfigError(`bench provider file: "providers" must be an object`, false);
+    }
+    const providers = obj.providers;
+    // ── Credential scan ───────────────────────────────────────────────────────
+    scanForCredentials(providers, "providers");
+    return {
+        source: absPath,
+        providers,
+        ...(typeof obj.defaultModel === "string" ? { defaultModel: obj.defaultModel } : {}),
+    };
+}
+/**
+ * Given a model ID (e.g. `"don/mlx-community/qwen3.6-35b-a3b"`), split on
+ * the first `/` to get the provider key and look it up in `loaded.providers`.
+ *
+ * Throws `BenchConfigError` if the provider key is not found.
+ */
+export function selectProviderForModel(loaded, modelId) {
+    const slashIdx = modelId.indexOf("/");
+    const providerKey = slashIdx === -1 ? modelId : modelId.slice(0, slashIdx);
+    if (!(providerKey in loaded.providers)) {
+        throw new BenchConfigError(`bench provider file: model ID "${modelId}" maps to provider key "${providerKey}", which is not present in ${loaded.source}; available: ${Object.keys(loaded.providers).join(", ") || "(none)"}`, false);
+    }
+    return { providerKey, entry: loaded.providers[providerKey] };
+}
+/**
+ * Write a minimal `opencode.json` into `opencodeConfigDir` for the given
+ * provider selection. The file contains exactly two top-level keys:
+ * `$schema` and `provider`.
+ *
+ * Written with mode `0o600` so the file is not world-readable (it may
+ * contain env-ref placeholders that hint at secret variable names).
+ */
+export function materializeOpencodeConfig(opencodeConfigDir, selected, 
+/** Full model id (e.g. "don/mlx-community/qwen3.6-35b-a3b") written as the
+ *  top-level `model` key so opencode uses it without a --model flag. */
+modelId) {
+    const config = {
+        $schema: "https://opencode.ai/config.json",
+        model: modelId,
+        provider: {
+            [selected.providerKey]: selected.entry,
+        },
+        // Explicitly allow all tools so opencode run (non-interactive) doesn't
+        // silently skip bash/file operations due to missing permission config.
+        permission: {
+            bash: "allow",
+            edit: "allow",
+            write: "allow",
+            read: "allow",
+            webfetch: "allow",
+        },
+        // Disable operator plugins during bench runs. Plugins like akm-opencode
+        // run their own session lifecycle hooks (warmIndexInBackground, akm setup
+        // prompts, AKM_STASH_DIR overrides in shell.env) that interfere with the
+        // bench's isolated fixture stash and cause stash mismatch failures.
+        plugin: [],
+    };
+    const outPath = path.join(opencodeConfigDir, "opencode.json");
+    fs.writeFileSync(outPath, JSON.stringify(config, null, 2), { mode: 0o600 });
+}

package/dist/tests/bench/opencode-config.test.js

@@ -0,0 +1,370 @@
+/**
+ * Tests for the bench opencode-config module.
+ *
+ * Covers all cases described in the design spec:
+ *   - loads canonical fixture without error
+ *   - rejects literal apiKey (not env-ref)
+ *   - accepts {env:VAR} apiKey form
+ *   - rejects sk-XXXX credential heuristic anywhere in tree
+ *   - rejects top-level plugin / mcp / permission keys
+ *   - rejects unknown schemaVersion
+ *   - isUsageError: true when file missing
+ *   - selectProviderForModel picks correct provider
+ *   - selectProviderForModel throws on unknown provider prefix
+ *   - materializeOpencodeConfig writes exactly $schema + provider keys, mode 0o600
+ */
+import { afterAll, beforeAll, describe, expect, test } from "bun:test";
+import fs from "node:fs";
+import path from "node:path";
+import { BenchConfigError, loadOpencodeProviders, materializeOpencodeConfig, selectProviderForModel, } from "./opencode-config";
+import { benchMkdtemp } from "./tmp";
+/** Absolute path to the committed fixture. */
+const FIXTURE_PATH = path.resolve(__dirname, "..", "fixtures", "bench", "opencode-providers.json");
+/** Write a temp JSON file and return its path. */
+function writeTmp(dir, name, content) {
+    const p = path.join(dir, name);
+    fs.writeFileSync(p, JSON.stringify(content));
+    return p;
+}
+describe("loadOpencodeProviders", () => {
+    let tmp;
+    beforeAll(() => {
+        tmp = benchMkdtemp("bench-opencode-config-test-");
+    });
+    afterAll(() => {
+        fs.rmSync(tmp, { recursive: true, force: true });
+    });
+    // ── Canonical fixture ─────────────────────────────────────────────────────
+    test("loads the canonical committed fixture without error", () => {
+        expect(() => loadOpencodeProviders(FIXTURE_PATH)).not.toThrow();
+        const loaded = loadOpencodeProviders(FIXTURE_PATH);
+        expect(loaded.source).toBe(FIXTURE_PATH);
+        expect(loaded.providers).toBeDefined();
+        expect(typeof loaded.providers).toBe("object");
+        expect(loaded.defaultModel).toBe("local/qwen/qwen3.5-9b");
+        expect("local" in loaded.providers).toBe(true);
+    });
+    // ── File not found ────────────────────────────────────────────────────────
+    test("throws BenchConfigError with isUsageError: true when file does not exist", () => {
+        const missing = path.join(tmp, "does-not-exist.json");
+        let err;
+        try {
+            loadOpencodeProviders(missing);
+        }
+        catch (e) {
+            err = e;
+        }
+        expect(err).toBeInstanceOf(BenchConfigError);
+        const bce = err;
+        expect(bce.code).toBe("BENCH_CONFIG");
+        expect(bce.isUsageError).toBe(true);
+        expect(bce.message).toContain("not found");
+    });
+    // ── JSON parse failure ────────────────────────────────────────────────────
+    test("throws BenchConfigError with isUsageError: false on malformed JSON", () => {
+        const p = path.join(tmp, "bad.json");
+        fs.writeFileSync(p, "{ this is not json }");
+        let err;
+        try {
+            loadOpencodeProviders(p);
+        }
+        catch (e) {
+            err = e;
+        }
+        expect(err).toBeInstanceOf(BenchConfigError);
+        expect(err.isUsageError).toBe(false);
+        expect(err.message).toContain("JSON parse error");
+    });
+    // ── schemaVersion ─────────────────────────────────────────────────────────
+    test("rejects unknown schemaVersion", () => {
+        const p = writeTmp(tmp, "bad-version.json", {
+            schemaVersion: 2,
+            providers: {},
+        });
+        expect(() => loadOpencodeProviders(p)).toThrow(BenchConfigError);
+        let err;
+        try {
+            loadOpencodeProviders(p);
+        }
+        catch (e) {
+            if (e instanceof BenchConfigError)
+                err = e;
+        }
+        expect(err?.isUsageError).toBe(false);
+        expect(err?.message).toContain("schemaVersion");
+    });
+    test("rejects schemaVersion: 0", () => {
+        const p = writeTmp(tmp, "version-0.json", { schemaVersion: 0, providers: {} });
+        expect(() => loadOpencodeProviders(p)).toThrow(BenchConfigError);
+    });
+    // ── Forbidden top-level keys ──────────────────────────────────────────────
+    test("rejects top-level 'plugin' key", () => {
+        const p = writeTmp(tmp, "has-plugin.json", {
+            schemaVersion: 1,
+            providers: {},
+            plugin: [],
+        });
+        let err;
+        try {
+            loadOpencodeProviders(p);
+        }
+        catch (e) {
+            if (e instanceof BenchConfigError)
+                err = e;
+        }
+        expect(err).toBeDefined();
+        expect(err?.isUsageError).toBe(false);
+        expect(err?.message).toContain("plugin");
+    });
+    test("rejects top-level 'mcp' key", () => {
+        const p = writeTmp(tmp, "has-mcp.json", {
+            schemaVersion: 1,
+            providers: {},
+            mcp: {},
+        });
+        expect(() => loadOpencodeProviders(p)).toThrow(BenchConfigError);
+    });
+    test("rejects top-level 'permission' key", () => {
+        const p = writeTmp(tmp, "has-permission.json", {
+            schemaVersion: 1,
+            providers: {},
+            permission: {},
+        });
+        expect(() => loadOpencodeProviders(p)).toThrow(BenchConfigError);
+    });
+    test("rejects top-level 'disabled_providers' key", () => {
+        const p = writeTmp(tmp, "has-disabled.json", {
+            schemaVersion: 1,
+            providers: {},
+            disabled_providers: [],
+        });
+        expect(() => loadOpencodeProviders(p)).toThrow(BenchConfigError);
+    });
+    test("rejects top-level 'small_model' key", () => {
+        const p = writeTmp(tmp, "has-small-model.json", {
+            schemaVersion: 1,
+            providers: {},
+            small_model: "anthropic/claude-haiku-4-5",
+        });
+        expect(() => loadOpencodeProviders(p)).toThrow(BenchConfigError);
+    });
+    test("rejects top-level 'snapshot' key", () => {
+        const p = writeTmp(tmp, "has-snapshot.json", {
+            schemaVersion: 1,
+            providers: {},
+            snapshot: true,
+        });
+        expect(() => loadOpencodeProviders(p)).toThrow(BenchConfigError);
+    });
+    // ── apiKey validation ─────────────────────────────────────────────────────
+    test("rejects literal apiKey string (not an env-ref)", () => {
+        const p = writeTmp(tmp, "literal-apikey.json", {
+            schemaVersion: 1,
+            providers: {
+                myProvider: {
+                    apiKey: "not-an-env-ref",
+                },
+            },
+        });
+        let err;
+        try {
+            loadOpencodeProviders(p);
+        }
+        catch (e) {
+            if (e instanceof BenchConfigError)
+                err = e;
+        }
+        expect(err).toBeDefined();
+        expect(err?.isUsageError).toBe(false);
+        expect(err?.message).toContain("apiKey");
+        expect(err?.message).toContain("env-ref");
+    });
+    test("accepts {env:VAR} form for apiKey", () => {
+        const p = writeTmp(tmp, "env-ref-apikey.json", {
+            schemaVersion: 1,
+            providers: {
+                myProvider: {
+                    npm: "@ai-sdk/openai-compatible",
+                    apiKey: "{env:MY_API_KEY}",
+                    options: { baseURL: "http://localhost:1234/v1" },
+                },
+            },
+        });
+        expect(() => loadOpencodeProviders(p)).not.toThrow();
+        const loaded = loadOpencodeProviders(p);
+        expect("myProvider" in loaded.providers).toBe(true);
+    });
+    test("accepts {env:UNDERSCORE_KEY_123} env-ref form", () => {
+        const p = writeTmp(tmp, "env-ref-underscore.json", {
+            schemaVersion: 1,
+            providers: {
+                p: { apiKey: "{env:MY_KEY_123}" },
+            },
+        });
+        expect(() => loadOpencodeProviders(p)).not.toThrow();
+    });
+    test("rejects apiKey starting with lowercase (not a valid env-ref)", () => {
+        const p = writeTmp(tmp, "bad-env-ref.json", {
+            schemaVersion: 1,
+            providers: {
+                p: { apiKey: "{env:my_lowercase_key}" },
+            },
+        });
+        expect(() => loadOpencodeProviders(p)).toThrow(BenchConfigError);
+    });
+    // ── Credential heuristic ──────────────────────────────────────────────────
+    test("rejects sk-XXXX credential anywhere in the providers tree", () => {
+        const p = writeTmp(tmp, "has-sk-key.json", {
+            schemaVersion: 1,
+            providers: {
+                openai: {
+                    npm: "@ai-sdk/openai",
+                    secret: "sk-abcdefghijklmnopqrstuvwxyz0123456789",
+                },
+            },
+        });
+        let err;
+        try {
+            loadOpencodeProviders(p);
+        }
+        catch (e) {
+            if (e instanceof BenchConfigError)
+                err = e;
+        }
+        expect(err).toBeDefined();
+        expect(err?.isUsageError).toBe(false);
+        expect(err?.message).toContain("credential heuristic");
+    });
+    test("rejects sk-XXXX credential in a nested object", () => {
+        const p = writeTmp(tmp, "nested-sk-key.json", {
+            schemaVersion: 1,
+            providers: {
+                p: {
+                    options: {
+                        headers: {
+                            Authorization: "sk-proj-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+                        },
+                    },
+                },
+            },
+        });
+        expect(() => loadOpencodeProviders(p)).toThrow(BenchConfigError);
+    });
+    // ── Valid minimal file ────────────────────────────────────────────────────
+    test("accepts a valid minimal file with no defaultModel", () => {
+        const p = writeTmp(tmp, "minimal.json", {
+            schemaVersion: 1,
+            providers: {
+                local: {
+                    npm: "@ai-sdk/openai-compatible",
+                    options: { baseURL: "http://localhost:1234/v1" },
+                },
+            },
+        });
+        const loaded = loadOpencodeProviders(p);
+        expect(loaded.defaultModel).toBeUndefined();
+        expect("local" in loaded.providers).toBe(true);
+    });
+});
+describe("selectProviderForModel", () => {
+    const loaded = {
+        source: "/fake/path.json",
+        providers: {
+            don: { npm: "@ai-sdk/openai-compatible", name: "Don LM Studio" },
+            ollama: { npm: "@ai-sdk/openai-compatible", name: "Ollama" },
+        },
+        defaultModel: "don/mlx-community/qwen3.6-35b-a3b",
+    };
+    test("splits on first slash and returns the correct provider entry", () => {
+        const result = selectProviderForModel(loaded, "don/mlx-community/qwen3.6-35b-a3b");
+        expect(result.providerKey).toBe("don");
+        expect(result.entry).toBe(loaded.providers.don);
+    });
+    test("handles a model with no slash (entire string is the provider key)", () => {
+        const result = selectProviderForModel(loaded, "ollama");
+        expect(result.providerKey).toBe("ollama");
+        expect(result.entry).toBe(loaded.providers.ollama);
+    });
+    test("throws BenchConfigError when provider key is not in loaded.providers", () => {
+        let err;
+        try {
+            selectProviderForModel(loaded, "unknown/some-model");
+        }
+        catch (e) {
+            if (e instanceof BenchConfigError)
+                err = e;
+        }
+        expect(err).toBeDefined();
+        expect(err?.code).toBe("BENCH_CONFIG");
+        expect(err?.isUsageError).toBe(false);
+        expect(err?.message).toContain("unknown");
+        expect(err?.message).toContain("provider key");
+    });
+    test("error message lists available provider keys", () => {
+        let err;
+        try {
+            selectProviderForModel(loaded, "missing/model");
+        }
+        catch (e) {
+            if (e instanceof BenchConfigError)
+                err = e;
+        }
+        expect(err?.message).toContain("don");
+        expect(err?.message).toContain("ollama");
+    });
+});
+describe("materializeOpencodeConfig", () => {
+    let tmp;
+    beforeAll(() => {
+        tmp = benchMkdtemp("bench-materialize-test-");
+    });
+    afterAll(() => {
+        fs.rmSync(tmp, { recursive: true, force: true });
+    });
+    test("writes opencode.json with required bench isolation invariants and provider", () => {
+        const configDir = path.join(tmp, "run-config");
+        fs.mkdirSync(configDir, { recursive: true });
+        const entry = { npm: "@ai-sdk/openai-compatible", name: "Test Provider" };
+        materializeOpencodeConfig(configDir, { providerKey: "test", entry }, "test/my-model");
+        const outPath = path.join(configDir, "opencode.json");
+        expect(fs.existsSync(outPath)).toBe(true);
+        const contents = JSON.parse(fs.readFileSync(outPath, "utf8"));
+        expect(contents.model).toBe("test/my-model");
+        expect(contents.$schema).toBe("https://opencode.ai/config.json");
+        // Bench isolation invariants: plugin:[] prevents operator plugin interference;
+        // permission block ensures opencode run (non-interactive) allows bash/file tools.
+        expect(contents.plugin).toEqual([]);
+        expect(contents.permission?.bash).toBe("allow");
+        // Provider block is written correctly.
+        const provider = contents.provider;
+        expect(Object.keys(provider)).toEqual(["test"]);
+        expect(provider.test).toEqual(entry);
+    });
+    test("does not write mcp into the config", () => {
+        const configDir = path.join(tmp, "run-config-2");
+        fs.mkdirSync(configDir, { recursive: true });
+        materializeOpencodeConfig(configDir, { providerKey: "p", entry: {} }, "p/model");
+        const contents = JSON.parse(fs.readFileSync(path.join(configDir, "opencode.json"), "utf8"));
+        expect(contents.mcp).toBeUndefined();
+    });
+    test("writes the file with mode 0o600 (not world-readable)", () => {
+        const configDir = path.join(tmp, "run-config-3");
+        fs.mkdirSync(configDir, { recursive: true });
+        materializeOpencodeConfig(configDir, { providerKey: "p", entry: {} }, "p/model");
+        const stat = fs.statSync(path.join(configDir, "opencode.json"));
+        // Mode 0o600 means only owner can read/write (no group or other bits).
+        // On Linux/macOS the lower 9 bits are 0o600 = 0o110000000 in binary.
+        const mode = stat.mode & 0o777;
+        expect(mode).toBe(0o600);
+    });
+    test("can be called twice (overwrites an existing opencode.json)", () => {
+        const configDir = path.join(tmp, "run-config-4");
+        fs.mkdirSync(configDir, { recursive: true });
+        materializeOpencodeConfig(configDir, { providerKey: "a", entry: { name: "first" } }, "a/m1");
+        materializeOpencodeConfig(configDir, { providerKey: "b", entry: { name: "second" } }, "b/m2");
+        const contents = JSON.parse(fs.readFileSync(path.join(configDir, "opencode.json"), "utf8"));
+        const provider = contents.provider;
+        expect("b" in provider).toBe(true);
+        expect("a" in provider).toBe(false);
+    });
+});