backend-manager 5.9.5 → 5.9.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (246) hide show
  1. package/package.json +8 -1
  2. package/src/manager/events/cron/runner.js +0 -1
  3. package/src/manager/libraries/email/data/disposable-domains.json +21 -0
  4. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/metadata.json +14 -0
  5. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.html +486 -0
  6. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.md +41 -0
  7. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/newsletter.mjml +97 -0
  8. package/{test/email/fixtures/clean.json → src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/structure.json} +16 -4
  9. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-11T03-28-07/summary.md +1 -0
  10. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/metadata.json +14 -0
  11. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.html +486 -0
  12. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.md +41 -0
  13. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/newsletter.mjml +97 -0
  14. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/structure.json +42 -0
  15. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-00-28/summary.md +1 -0
  16. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/metadata.json +14 -0
  17. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.html +486 -0
  18. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.md +41 -0
  19. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/newsletter.mjml +97 -0
  20. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/structure.json +42 -0
  21. package/src/test/fixtures/firebase-project/.temp/newsletter/run-2026-06-18T01-01-34/summary.md +1 -0
  22. package/src/test/fixtures/firebase-project/.temp/test-mode.json +6 -0
  23. package/src/test/fixtures/firebase-project/database-debug.log +12 -0
  24. package/src/test/fixtures/firebase-project/firestore-debug.log +132 -0
  25. package/src/test/fixtures/firebase-project/pubsub-debug.log +17 -0
  26. package/.codeclimate.yml +0 -32
  27. package/.nvmrc +0 -1
  28. package/CHANGELOG.md +0 -1440
  29. package/PROGRESS.md +0 -93
  30. package/TODO-2.md +0 -121
  31. package/TODO-CHARGEBLAST.md +0 -32
  32. package/TODO-WEBHOOK-KEY-LEGACY-REMOVAL.md +0 -15
  33. package/TODO-WEBHOOK-KEY-UPGRADE.md +0 -138
  34. package/TODO-email-auth.md +0 -14
  35. package/TODO.md +0 -187
  36. package/plans/mcp2.md +0 -247
  37. package/plans/suspended-subscription-dead-zone.md +0 -97
  38. package/scripts/test-helper-providers.js +0 -162
  39. package/scripts/update-disposable-domains.js +0 -44
  40. package/templates/_.env +0 -42
  41. package/templates/_.gitignore +0 -60
  42. package/templates/backend-manager-config.json +0 -249
  43. package/templates/database.rules.json +0 -83
  44. package/templates/firebase.json +0 -66
  45. package/templates/firestore.indexes.json +0 -4
  46. package/templates/firestore.rules +0 -112
  47. package/templates/public/404.html +0 -26
  48. package/templates/public/index.html +0 -24
  49. package/templates/remoteconfig.template.json +0 -1
  50. package/templates/storage-lifecycle-config-1-day.json +0 -9
  51. package/templates/storage-lifecycle-config-30-days.json +0 -9
  52. package/templates/storage.rules +0 -8
  53. package/test/_init/accounts-validation.js +0 -58
  54. package/test/_legacy/ai/index.js +0 -231
  55. package/test/_legacy/ai/test.jpg +0 -0
  56. package/test/_legacy/ai/test.pdf +0 -0
  57. package/test/_legacy/index.js +0 -31
  58. package/test/_legacy/payment-resolver/chargebee/orders/refunded.json +0 -0
  59. package/test/_legacy/payment-resolver/chargebee/orders/unpaid.json +0 -98
  60. package/test/_legacy/payment-resolver/chargebee/subscriptions/active.json +0 -578
  61. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-in-trial.json +0 -38
  62. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-skipped-to-active.json +0 -135
  63. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active-to-cancelled.json +0 -42
  64. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-active.json +0 -44
  65. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-cancelled.json +0 -39
  66. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-refund.json +0 -143
  67. package/test/_legacy/payment-resolver/chargebee/subscriptions/trial-to-suspended.json +0 -48
  68. package/test/_legacy/payment-resolver/coinbase/orders/regular.json +0 -204
  69. package/test/_legacy/payment-resolver/coinbase/subscriptions/cancelled.json +0 -204
  70. package/test/_legacy/payment-resolver/coinbase/subscriptions/paid-2.json +0 -125
  71. package/test/_legacy/payment-resolver/index.js +0 -1558
  72. package/test/_legacy/payment-resolver/paypal/orders/refunded.json +0 -0
  73. package/test/_legacy/payment-resolver/paypal/orders/regular.json +0 -120
  74. package/test/_legacy/payment-resolver/paypal/subscriptions/active-refund-previous-stmnt.json +0 -323
  75. package/test/_legacy/payment-resolver/paypal/subscriptions/active.json +0 -192
  76. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-in-trial.json +0 -125
  77. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-not-complete.json +0 -76
  78. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue-2.json +0 -114
  79. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-payment-overdue.json +0 -114
  80. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active-to-cancelled.json +0 -111
  81. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-active.json +0 -132
  82. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-cancelled.json +0 -107
  83. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-expired.json +0 -91
  84. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-refund.json +0 -147
  85. package/test/_legacy/payment-resolver/paypal/subscriptions/trial-to-suspended.json +0 -120
  86. package/test/_legacy/payment-resolver/stripe/orders/refunded.json +0 -0
  87. package/test/_legacy/payment-resolver/stripe/orders/regular.json +0 -91
  88. package/test/_legacy/payment-resolver/stripe/subscriptions/active.json +0 -421
  89. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-in-trial.json +0 -349
  90. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active-failed-authorization.json +0 -430
  91. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-active.json +0 -319
  92. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-cancelled.json +0 -319
  93. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-refund.json +0 -414
  94. package/test/_legacy/payment-resolver/stripe/subscriptions/trial-to-suspended.json +0 -319
  95. package/test/_legacy/payment-resolver/stripe/subscriptions/unsure.json +0 -339
  96. package/test/_legacy/test-new +0 -1178
  97. package/test/_legacy/test.md +0 -89
  98. package/test/_legacy/usage.js +0 -175
  99. package/test/_legacy/user.js +0 -31
  100. package/test/ai/tools-live.js +0 -170
  101. package/test/boot/emulator-boots.js +0 -37
  102. package/test/content/blog-generate.js +0 -160
  103. package/test/email/campaign-send.js +0 -45
  104. package/test/email/consent-lifecycle.js +0 -257
  105. package/test/email/feedback-and-plain-send.js +0 -52
  106. package/test/email/fixtures/editorial.json +0 -30
  107. package/test/email/fixtures/field-report.json +0 -53
  108. package/test/email/marketing-lifecycle.js +0 -132
  109. package/test/email/newsletter-generate.js +0 -819
  110. package/test/email/newsletter-templates.js +0 -491
  111. package/test/email/templates.js +0 -207
  112. package/test/email/transactional-send.js +0 -34
  113. package/test/email/transactional.js +0 -560
  114. package/test/email/validation.js +0 -710
  115. package/test/events/auth-delete-race.js +0 -201
  116. package/test/events/payments/journey-payments-cancel-endpoint.js +0 -100
  117. package/test/events/payments/journey-payments-cancel.js +0 -182
  118. package/test/events/payments/journey-payments-discount.js +0 -89
  119. package/test/events/payments/journey-payments-failure.js +0 -146
  120. package/test/events/payments/journey-payments-legacy-product.js +0 -149
  121. package/test/events/payments/journey-payments-one-time-failure.js +0 -111
  122. package/test/events/payments/journey-payments-one-time.js +0 -136
  123. package/test/events/payments/journey-payments-plan-change.js +0 -144
  124. package/test/events/payments/journey-payments-refund-webhook.js +0 -180
  125. package/test/events/payments/journey-payments-suspend.js +0 -181
  126. package/test/events/payments/journey-payments-trial-cancel.js +0 -130
  127. package/test/events/payments/journey-payments-trial.js +0 -171
  128. package/test/events/payments/journey-payments-uid-resolution.js +0 -132
  129. package/test/events/payments/journey-payments-upgrade.js +0 -135
  130. package/test/fixtures/chargebee/invoice-one-time.json +0 -27
  131. package/test/fixtures/chargebee/subscription-active.json +0 -44
  132. package/test/fixtures/chargebee/subscription-cancelled.json +0 -42
  133. package/test/fixtures/chargebee/subscription-in-trial.json +0 -41
  134. package/test/fixtures/chargebee/subscription-legacy-plan.json +0 -41
  135. package/test/fixtures/chargebee/subscription-non-renewing.json +0 -41
  136. package/test/fixtures/chargebee/subscription-paused.json +0 -42
  137. package/test/fixtures/chargebee/webhook-payment-failed.json +0 -51
  138. package/test/fixtures/chargebee/webhook-subscription-created.json +0 -47
  139. package/test/fixtures/paypal/order-approved.json +0 -62
  140. package/test/fixtures/paypal/order-completed.json +0 -110
  141. package/test/fixtures/paypal/subscription-active.json +0 -76
  142. package/test/fixtures/paypal/subscription-cancelled.json +0 -50
  143. package/test/fixtures/paypal/subscription-suspended.json +0 -65
  144. package/test/fixtures/stripe/checkout-session-completed.json +0 -130
  145. package/test/fixtures/stripe/invoice-payment-failed.json +0 -148
  146. package/test/fixtures/stripe/invoice-subscription-payment-failed.json +0 -28
  147. package/test/fixtures/stripe/subscription-active.json +0 -161
  148. package/test/fixtures/stripe/subscription-canceled.json +0 -161
  149. package/test/fixtures/stripe/subscription-trialing.json +0 -161
  150. package/test/functions/admin/database-read.js +0 -134
  151. package/test/functions/admin/database-write.js +0 -159
  152. package/test/functions/admin/edit-post.js +0 -366
  153. package/test/functions/admin/firestore-query.js +0 -207
  154. package/test/functions/admin/firestore-read.js +0 -129
  155. package/test/functions/admin/firestore-write.js +0 -105
  156. package/test/functions/admin/get-stats.js +0 -115
  157. package/test/functions/admin/send-email.js +0 -119
  158. package/test/functions/admin/send-notification.js +0 -208
  159. package/test/functions/admin/write-repo-content.js +0 -223
  160. package/test/functions/general/add-marketing-contact.js +0 -335
  161. package/test/functions/general/fetch-post.js +0 -54
  162. package/test/functions/general/generate-uuid.js +0 -114
  163. package/test/functions/test/authenticate.js +0 -64
  164. package/test/functions/user/create-custom-token.js +0 -73
  165. package/test/functions/user/delete.js +0 -135
  166. package/test/functions/user/get-active-sessions.js +0 -111
  167. package/test/functions/user/get-subscription-info.js +0 -99
  168. package/test/functions/user/regenerate-api-keys.js +0 -156
  169. package/test/functions/user/resolve.js +0 -52
  170. package/test/functions/user/sign-out-all-sessions.js +0 -94
  171. package/test/functions/user/sign-up.js +0 -252
  172. package/test/functions/user/submit-feedback.js +0 -104
  173. package/test/functions/user/validate-settings.js +0 -82
  174. package/test/helpers/ai-request-payload.js +0 -300
  175. package/test/helpers/ai-test-provider.js +0 -202
  176. package/test/helpers/ai-tools-format.js +0 -383
  177. package/test/helpers/content/blog-auto-publisher.js +0 -484
  178. package/test/helpers/content/feed-parser.js +0 -528
  179. package/test/helpers/content/ghostii-blocks.js +0 -134
  180. package/test/helpers/content/ghostii-feed-integration.js +0 -404
  181. package/test/helpers/content/ghostii-write-article.js +0 -243
  182. package/test/helpers/environment.js +0 -230
  183. package/test/helpers/infer-contact.js +0 -113
  184. package/test/helpers/merge-line-files.js +0 -271
  185. package/test/helpers/payment/chargebee/parse-webhook.js +0 -413
  186. package/test/helpers/payment/chargebee/to-unified-one-time.js +0 -147
  187. package/test/helpers/payment/chargebee/to-unified-subscription.js +0 -648
  188. package/test/helpers/payment/paypal/parse-webhook.js +0 -539
  189. package/test/helpers/payment/paypal/to-unified-one-time.js +0 -382
  190. package/test/helpers/payment/paypal/to-unified-subscription.js +0 -820
  191. package/test/helpers/payment/stripe/parse-webhook.js +0 -447
  192. package/test/helpers/payment/stripe/to-unified-one-time.js +0 -306
  193. package/test/helpers/payment/stripe/to-unified-subscription.js +0 -708
  194. package/test/helpers/sanitize.js +0 -222
  195. package/test/helpers/slugify.js +0 -394
  196. package/test/helpers/storage.js +0 -194
  197. package/test/helpers/user.js +0 -755
  198. package/test/helpers/webhook-forward.js +0 -418
  199. package/test/mcp/discovery.js +0 -53
  200. package/test/mcp/oauth.js +0 -161
  201. package/test/mcp/protocol.js +0 -268
  202. package/test/mcp/roles.js +0 -188
  203. package/test/mcp/utils.js +0 -245
  204. package/test/routes/admin/create-post.js +0 -364
  205. package/test/routes/admin/database.js +0 -131
  206. package/test/routes/admin/deduplicate-image-alts.js +0 -190
  207. package/test/routes/admin/email.js +0 -114
  208. package/test/routes/admin/firestore-query.js +0 -204
  209. package/test/routes/admin/firestore.js +0 -127
  210. package/test/routes/admin/infer-contact.js +0 -218
  211. package/test/routes/admin/notification.js +0 -198
  212. package/test/routes/admin/post-resize-image.js +0 -184
  213. package/test/routes/admin/post.js +0 -368
  214. package/test/routes/admin/repo-content.js +0 -223
  215. package/test/routes/admin/stats.js +0 -112
  216. package/test/routes/content/post.js +0 -54
  217. package/test/routes/general/uuid.js +0 -115
  218. package/test/routes/marketing/campaign.js +0 -125
  219. package/test/routes/marketing/contact.js +0 -370
  220. package/test/routes/marketing/email-preferences.js +0 -292
  221. package/test/routes/marketing/push-send.js +0 -32
  222. package/test/routes/marketing/webhook-forward.js +0 -61
  223. package/test/routes/marketing/webhook.js +0 -639
  224. package/test/routes/payments/cancel.js +0 -163
  225. package/test/routes/payments/discount.js +0 -80
  226. package/test/routes/payments/dispute-alert.js +0 -320
  227. package/test/routes/payments/intent.js +0 -336
  228. package/test/routes/payments/portal.js +0 -92
  229. package/test/routes/payments/refund.js +0 -179
  230. package/test/routes/payments/trial-eligibility.js +0 -71
  231. package/test/routes/payments/webhook.js +0 -107
  232. package/test/routes/test/authenticate.js +0 -59
  233. package/test/routes/test/schema.js +0 -554
  234. package/test/routes/test/usage.js +0 -342
  235. package/test/routes/user/api-keys.js +0 -156
  236. package/test/routes/user/delete.js +0 -136
  237. package/test/routes/user/feedback.js +0 -104
  238. package/test/routes/user/sessions.js +0 -199
  239. package/test/routes/user/settings-validate.js +0 -82
  240. package/test/routes/user/signup.js +0 -542
  241. package/test/routes/user/subscription.js +0 -99
  242. package/test/routes/user/token.js +0 -73
  243. package/test/routes/user/user.js +0 -157
  244. package/test/rules/notifications.js +0 -410
  245. package/test/rules/payments-carts.js +0 -371
  246. package/test/rules/user.js +0 -396
@@ -1,710 +0,0 @@
1
- /**
2
- * Test: Email validation library (libraries/email/validation.js)
3
- * Unit tests for format, local part, disposable domain, corporate domain, typo domain, DNS, and mailbox checks
4
- *
5
- * Format, local part, disposable, corporate, and typo tests always run (free, sync, offline-safe).
6
- * DNS negative tests require TEST_EXTENDED_MODE (live DNS resolution).
7
- * Mailbox verification tests require TEST_EXTENDED_MODE + NEVERBOUNCE_API_KEY or ZEROBOUNCE_API_KEY.
8
- */
9
- const { validate, isDisposable, isCorporate, DEFAULT_CHECKS, ALL_CHECKS } = require('../../src/manager/libraries/email/validation.js');
10
-
11
- const HAS_MAILBOX_API_KEY = !!(process.env.NEVERBOUNCE_API_KEY || process.env.ZEROBOUNCE_API_KEY);
12
-
13
- module.exports = {
14
- description: 'Email validation',
15
- type: 'group',
16
- tests: [
17
- // --- Format checks ---
18
-
19
- {
20
- name: 'format-valid-email-passes',
21
- timeout: 5000,
22
-
23
- async run({ assert }) {
24
- const result = await validate('rachel.greene@gmail.com');
25
-
26
- assert.equal(result.valid, true, 'Valid email should pass');
27
- assert.propertyEquals(result, 'checks.format.valid', true, 'Format check should pass');
28
- },
29
- },
30
-
31
- {
32
- name: 'format-no-at-sign-fails',
33
- timeout: 5000,
34
-
35
- async run({ assert }) {
36
- const result = await validate('not-a-valid-email');
37
-
38
- assert.equal(result.valid, false, 'Missing @ should fail');
39
- assert.propertyEquals(result, 'checks.format.valid', false, 'Format check should fail');
40
- },
41
- },
42
-
43
- {
44
- name: 'format-no-domain-fails',
45
- timeout: 5000,
46
-
47
- async run({ assert }) {
48
- const result = await validate('user@');
49
-
50
- assert.equal(result.valid, false, 'Missing domain should fail');
51
- assert.propertyEquals(result, 'checks.format.valid', false, 'Format check should fail');
52
- },
53
- },
54
-
55
- {
56
- name: 'format-empty-string-fails',
57
- timeout: 5000,
58
-
59
- async run({ assert }) {
60
- const result = await validate('');
61
-
62
- assert.equal(result.valid, false, 'Empty string should fail');
63
- assert.propertyEquals(result, 'checks.format.valid', false, 'Format check should fail');
64
- },
65
- },
66
-
67
- {
68
- name: 'format-spaces-fails',
69
- timeout: 5000,
70
-
71
- async run({ assert }) {
72
- const result = await validate('user name@gmail.com');
73
-
74
- assert.equal(result.valid, false, 'Spaces should fail');
75
- assert.propertyEquals(result, 'checks.format.valid', false, 'Format check should fail');
76
- },
77
- },
78
-
79
- // --- Local part checks ---
80
-
81
- {
82
- name: 'localpart-test-blocked',
83
- timeout: 5000,
84
-
85
- async run({ assert }) {
86
- const result = await validate('test@gmail.com');
87
-
88
- assert.equal(result.valid, false, '"test" local part should be blocked');
89
- assert.propertyEquals(result, 'checks.localPart.blocked', true, 'Should be flagged as blocked');
90
- assert.propertyEquals(result, 'checks.localPart.localPart', 'test', 'Should include the local part');
91
- },
92
- },
93
-
94
- {
95
- name: 'localpart-noreply-blocked',
96
- timeout: 5000,
97
-
98
- async run({ assert }) {
99
- const result = await validate('noreply@company.com');
100
-
101
- assert.equal(result.valid, false, '"noreply" local part should be blocked');
102
- assert.propertyEquals(result, 'checks.localPart.blocked', true, 'Should be flagged as blocked');
103
- },
104
- },
105
-
106
- {
107
- name: 'localpart-admin-allowed',
108
- timeout: 5000,
109
-
110
- async run({ assert }) {
111
- const result = await validate('admin@company.com');
112
-
113
- assert.equal(result.valid, true, '"admin" local part should be allowed (team/role address)');
114
- assert.propertyEquals(result, 'checks.localPart.valid', true, 'localPart check should pass');
115
- },
116
- },
117
-
118
- {
119
- name: 'localpart-all-numeric-allowed',
120
- timeout: 5000,
121
-
122
- async run({ assert }) {
123
- // All-numeric local parts are legitimate (QQ emails like 1549482839@qq.com,
124
- // student IDs) — the ^\d+$ pattern was removed in v5.5.6 after NeverBounce
125
- // confirmed real users were being blocked.
126
- const result = await validate('123456@gmail.com');
127
-
128
- assert.equal(result.valid, true, 'All-numeric local part should be allowed');
129
- assert.propertyEquals(result, 'checks.localPart.valid', true, 'localPart check should pass');
130
- },
131
- },
132
-
133
- {
134
- name: 'localpart-repeating-chars-blocked',
135
- timeout: 5000,
136
-
137
- async run({ assert }) {
138
- const result = await validate('aaaa@gmail.com');
139
-
140
- assert.equal(result.valid, false, 'Repeating chars should be blocked');
141
- assert.propertyEquals(result, 'checks.localPart.blocked', true, 'Should be flagged as blocked');
142
- },
143
- },
144
-
145
- {
146
- name: 'localpart-keyboard-walk-blocked',
147
- timeout: 5000,
148
-
149
- async run({ assert }) {
150
- const result = await validate('asdf@gmail.com');
151
-
152
- assert.equal(result.valid, false, 'Keyboard walk should be blocked');
153
- assert.propertyEquals(result, 'checks.localPart.blocked', true, 'Should be flagged as blocked');
154
- },
155
- },
156
-
157
- {
158
- name: 'localpart-test-prefix-blocked',
159
- timeout: 5000,
160
-
161
- async run({ assert }) {
162
- const result = await validate('test.user@gmail.com');
163
-
164
- assert.equal(result.valid, false, '"test." prefix should be blocked');
165
- assert.propertyEquals(result, 'checks.localPart.blocked', true, 'Should be flagged as blocked');
166
- },
167
- },
168
-
169
- {
170
- name: 'localpart-letter-plus-numbers-allowed',
171
- timeout: 5000,
172
-
173
- async run({ assert }) {
174
- // Short letter + numbers local parts are legitimate (real Gmail users like
175
- // mi1925973, hk9526802) — the ^[a-z]{1,2}\d+$ pattern was removed in v5.5.6
176
- // after NeverBounce confirmed real users were being blocked.
177
- const result = await validate('a123@gmail.com');
178
-
179
- assert.equal(result.valid, true, 'Single letter + numbers should be allowed');
180
- assert.propertyEquals(result, 'checks.localPart.valid', true, 'localPart check should pass');
181
- },
182
- },
183
-
184
- {
185
- name: 'localpart-plus-suffix-stripped-before-check',
186
- timeout: 5000,
187
-
188
- async run({ assert }) {
189
- // "test+something" → strips to "test" → blocked
190
- const result = await validate('test+newsletter@gmail.com');
191
-
192
- assert.equal(result.valid, false, '"test+suffix" should still be blocked (strips +suffix first)');
193
- assert.propertyEquals(result, 'checks.localPart.blocked', true, 'Should be blocked after stripping suffix');
194
- },
195
- },
196
-
197
- {
198
- name: 'localpart-bem-suffix-allowed-on-real-names',
199
- timeout: 5000,
200
-
201
- async run({ assert }) {
202
- // "rachel.greene+bem" → strips to "rachel.greene" → allowed
203
- const result = await validate('rachel.greene+bem@gmail.com');
204
-
205
- assert.equal(result.valid, true, 'Real name with +bem suffix should pass');
206
- assert.propertyEquals(result, 'checks.localPart.valid', true, 'Local part check should pass');
207
- },
208
- },
209
-
210
- {
211
- name: 'localpart-real-name-passes',
212
- timeout: 5000,
213
-
214
- async run({ assert }) {
215
- const result = await validate('john.smith@company.com');
216
-
217
- assert.equal(result.valid, true, 'Real name should pass');
218
- assert.propertyEquals(result, 'checks.localPart.valid', true, 'Local part check should pass');
219
- },
220
- },
221
-
222
- {
223
- name: 'localpart-single-real-name-passes',
224
- timeout: 5000,
225
-
226
- async run({ assert }) {
227
- const result = await validate('rachel@company.com');
228
-
229
- assert.equal(result.valid, true, 'Single real name should pass');
230
- assert.propertyEquals(result, 'checks.localPart.valid', true, 'Local part check should pass');
231
- },
232
- },
233
-
234
- // --- Disposable domain checks ---
235
-
236
- {
237
- name: 'disposable-mailinator-blocked',
238
- timeout: 5000,
239
-
240
- async run({ assert }) {
241
- const result = await validate('rachel.greene@mailinator.com');
242
-
243
- assert.equal(result.valid, false, 'Mailinator should be invalid');
244
- assert.propertyEquals(result, 'checks.disposable.blocked', true, 'Should be flagged as blocked');
245
- assert.propertyEquals(result, 'checks.disposable.domain', 'mailinator.com', 'Should include blocked domain');
246
- },
247
- },
248
-
249
- {
250
- name: 'disposable-guerrillamail-blocked',
251
- timeout: 5000,
252
-
253
- async run({ assert }) {
254
- const result = await validate('rachel.greene@guerrillamail.com');
255
-
256
- assert.equal(result.valid, false, 'GuerrillaMail should be invalid');
257
- assert.propertyEquals(result, 'checks.disposable.blocked', true, 'Should be flagged as blocked');
258
- },
259
- },
260
-
261
- {
262
- name: 'disposable-tempmail-blocked',
263
- timeout: 5000,
264
-
265
- async run({ assert }) {
266
- const result = await validate('rachel.greene@temp-mail.org');
267
-
268
- assert.equal(result.valid, false, 'temp-mail.org should be invalid');
269
- assert.propertyEquals(result, 'checks.disposable.blocked', true, 'Should be flagged as blocked');
270
- },
271
- },
272
-
273
- {
274
- name: 'valid-gmail-passes-disposable',
275
- timeout: 5000,
276
-
277
- async run({ assert }) {
278
- const result = await validate('rachel.greene@gmail.com');
279
-
280
- assert.equal(result.valid, true, 'Gmail should be valid');
281
- assert.propertyEquals(result, 'checks.disposable.valid', true, 'Should pass disposable check');
282
- assert.propertyEquals(result, 'checks.disposable.blocked', false, 'Should not be blocked');
283
- },
284
- },
285
-
286
- {
287
- name: 'valid-custom-domain-passes',
288
- timeout: 5000,
289
-
290
- async run({ assert }) {
291
- const result = await validate('ian@somiibo.com');
292
-
293
- assert.equal(result.valid, true, 'Custom domain should be valid');
294
- assert.propertyEquals(result, 'checks.disposable.valid', true, 'Should pass disposable check');
295
- },
296
- },
297
-
298
- // --- Corporate / social-media domain checks ---
299
-
300
- {
301
- name: 'corporate-meta-blocked',
302
- timeout: 5000,
303
-
304
- async run({ assert }) {
305
- const result = await validate('ian@meta.com');
306
-
307
- assert.equal(result.valid, false, 'meta.com should be blocked');
308
- assert.propertyEquals(result, 'checks.corporate.blocked', true, 'Should be flagged as blocked');
309
- assert.propertyEquals(result, 'checks.corporate.domain', 'meta.com', 'Should include blocked domain');
310
- assert.propertyEquals(result, 'checks.corporate.reason', 'Corporate/social-media domain', 'Should have human-readable reason');
311
- },
312
- },
313
-
314
- {
315
- name: 'corporate-instagram-blocked',
316
- timeout: 5000,
317
-
318
- async run({ assert }) {
319
- const result = await validate('rachel.greene@instagram.com');
320
-
321
- assert.equal(result.valid, false, 'instagram.com should be blocked');
322
- assert.propertyEquals(result, 'checks.corporate.blocked', true, 'Should be flagged as blocked');
323
- },
324
- },
325
-
326
- {
327
- name: 'corporate-soundcloud-blocked',
328
- timeout: 5000,
329
-
330
- async run({ assert }) {
331
- const result = await validate('user@soundcloud.com');
332
-
333
- assert.equal(result.valid, false, 'soundcloud.com should be blocked');
334
- assert.propertyEquals(result, 'checks.corporate.blocked', true, 'Should be flagged as blocked');
335
- },
336
- },
337
-
338
- {
339
- name: 'corporate-gmail-allowed',
340
- timeout: 5000,
341
-
342
- async run({ assert }) {
343
- const result = await validate('rachel.greene@gmail.com');
344
-
345
- assert.equal(result.valid, true, 'gmail.com should NOT be flagged as corporate');
346
- assert.propertyEquals(result, 'checks.corporate.valid', true, 'Corporate check should pass');
347
- assert.propertyEquals(result, 'checks.corporate.blocked', false, 'Should not be blocked');
348
- },
349
- },
350
-
351
- {
352
- name: 'corporate-runs-before-localpart',
353
- timeout: 5000,
354
-
355
- async run({ assert }) {
356
- // "test@meta.com" would be blocked by BOTH corporate and localPart;
357
- // corporate runs first, so we should see corporate (not localPart) in the result.
358
- const result = await validate('test@meta.com');
359
-
360
- assert.equal(result.valid, false, 'Should be blocked');
361
- assert.propertyEquals(result, 'checks.corporate.blocked', true, 'Corporate should be the failure reason');
362
- assert.equal(result.checks.localPart, undefined, 'localPart should not run after corporate fails');
363
- },
364
- },
365
-
366
- {
367
- name: 'corporate-can-be-skipped-via-checks-option',
368
- timeout: 5000,
369
-
370
- async run({ assert }) {
371
- // Allow a caller to bypass the corporate check (e.g., during signup, where Meta employees are real users)
372
- const result = await validate('ian@meta.com', { checks: ['format', 'disposable', 'localPart'] });
373
-
374
- assert.equal(result.valid, true, 'Without corporate check, meta.com should pass');
375
- assert.equal(result.checks.corporate, undefined, 'corporate should not run');
376
- },
377
- },
378
-
379
- // --- Typo domain checks ---
380
-
381
- {
382
- name: 'typo-gamil-blocked',
383
- timeout: 5000,
384
-
385
- async run({ assert }) {
386
- const result = await validate('rachel.greene@gamil.com');
387
-
388
- assert.equal(result.valid, false, 'gamil.com should be blocked as a typo of gmail.com');
389
- assert.propertyEquals(result, 'checks.typo.valid', false, 'Typo check should fail');
390
- assert.propertyEquals(result, 'checks.typo.matchedPrefix', 'gamil.', 'Should report the matched prefix');
391
- assert.propertyEquals(result, 'checks.typo.reason', 'Likely misspelled domain', 'Should have human-readable reason');
392
- },
393
- },
394
-
395
- {
396
- name: 'typo-gmail-con-blocked',
397
- timeout: 5000,
398
-
399
- async run({ assert }) {
400
- const result = await validate('rachel.greene@gmail.con');
401
-
402
- assert.equal(result.valid, false, 'gmail.con should be blocked as a typo TLD');
403
- assert.propertyEquals(result, 'checks.typo.valid', false, 'Typo check should fail');
404
- },
405
- },
406
-
407
- {
408
- name: 'typo-correct-domains-pass',
409
- timeout: 5000,
410
-
411
- async run({ assert }) {
412
- const gmail = await validate('rachel.greene@gmail.com');
413
- const hotmail = await validate('rachel.greene@hotmail.com');
414
-
415
- assert.equal(gmail.valid, true, 'gmail.com should pass');
416
- assert.propertyEquals(gmail, 'checks.typo.valid', true, 'Typo check should pass for gmail.com');
417
- assert.equal(hotmail.valid, true, 'hotmail.com should pass');
418
- assert.propertyEquals(hotmail, 'checks.typo.valid', true, 'Typo check should pass for hotmail.com');
419
- },
420
- },
421
-
422
- // --- isCorporate helper ---
423
-
424
- {
425
- name: 'isCorporate-social-domain-detected',
426
- timeout: 5000,
427
-
428
- async run({ assert }) {
429
- assert.equal(isCorporate('user@meta.com'), true, 'meta.com should be corporate');
430
- assert.equal(isCorporate('user@instagram.com'), true, 'instagram.com should be corporate');
431
- assert.equal(isCorporate('user@soundcloud.com'), true, 'soundcloud.com should be corporate');
432
- assert.equal(isCorporate('user@tiktok.com'), true, 'tiktok.com should be corporate');
433
- assert.equal(isCorporate('user@linkedin.com'), true, 'linkedin.com should be corporate');
434
- },
435
- },
436
-
437
- {
438
- name: 'isCorporate-legitimate-domain-passes',
439
- timeout: 5000,
440
-
441
- async run({ assert }) {
442
- assert.equal(isCorporate('user@gmail.com'), false, 'gmail.com should not be corporate');
443
- assert.equal(isCorporate('user@somiibo.com'), false, 'Custom domain should not be corporate');
444
- assert.equal(isCorporate('user@mailinator.com'), false, 'Disposable is a separate category');
445
- },
446
- },
447
-
448
- {
449
- name: 'isCorporate-accepts-domain-only',
450
- timeout: 5000,
451
-
452
- async run({ assert }) {
453
- assert.equal(isCorporate('meta.com'), true, 'Should work with bare domain');
454
- assert.equal(isCorporate('gmail.com'), false, 'Should work with bare domain');
455
- },
456
- },
457
-
458
- {
459
- name: 'isCorporate-handles-edge-cases',
460
- timeout: 5000,
461
-
462
- async run({ assert }) {
463
- assert.equal(isCorporate(''), false, 'Empty string should return false');
464
- assert.equal(isCorporate(null), false, 'Null should return false');
465
- assert.equal(isCorporate(undefined), false, 'Undefined should return false');
466
- },
467
- },
468
-
469
- {
470
- name: 'isCorporate-case-insensitive',
471
- timeout: 5000,
472
-
473
- async run({ assert }) {
474
- assert.equal(isCorporate('user@META.COM'), true, 'Should be case-insensitive');
475
- assert.equal(isCorporate('USER@Instagram.Com'), true, 'Should be case-insensitive');
476
- },
477
- },
478
-
479
- // --- isDisposable helper ---
480
-
481
- {
482
- name: 'isDisposable-vendor-domain-detected',
483
- timeout: 5000,
484
-
485
- async run({ assert }) {
486
- assert.equal(isDisposable('user@mailinator.com'), true, 'mailinator.com should be disposable');
487
- assert.equal(isDisposable('user@guerrillamail.com'), true, 'guerrillamail.com should be disposable');
488
- },
489
- },
490
-
491
- {
492
- name: 'isDisposable-custom-domain-detected',
493
- timeout: 5000,
494
-
495
- async run({ assert }) {
496
- assert.equal(isDisposable('user@sharebot.net'), true, 'Custom list domain should be disposable');
497
- assert.equal(isDisposable('user@pickmemail.com'), true, 'Custom list domain should be disposable');
498
- },
499
- },
500
-
501
- {
502
- name: 'isDisposable-legitimate-domain-passes',
503
- timeout: 5000,
504
-
505
- async run({ assert }) {
506
- assert.equal(isDisposable('user@gmail.com'), false, 'gmail.com should not be disposable');
507
- assert.equal(isDisposable('user@somiibo.com'), false, 'Custom domain should not be disposable');
508
- },
509
- },
510
-
511
- {
512
- name: 'isDisposable-accepts-domain-only',
513
- timeout: 5000,
514
-
515
- async run({ assert }) {
516
- assert.equal(isDisposable('mailinator.com'), true, 'Should work with bare domain');
517
- assert.equal(isDisposable('gmail.com'), false, 'Should work with bare domain');
518
- },
519
- },
520
-
521
- {
522
- name: 'isDisposable-handles-edge-cases',
523
- timeout: 5000,
524
-
525
- async run({ assert }) {
526
- assert.equal(isDisposable(''), false, 'Empty string should return false');
527
- assert.equal(isDisposable(null), false, 'Null should return false');
528
- assert.equal(isDisposable(undefined), false, 'Undefined should return false');
529
- },
530
- },
531
-
532
- // --- Selective checks ---
533
-
534
- {
535
- name: 'checks-format-only',
536
- timeout: 5000,
537
-
538
- async run({ assert }) {
539
- // "test@gmail.com" normally blocked by localPart, but only running format
540
- const result = await validate('test@gmail.com', { checks: ['format'] });
541
-
542
- assert.equal(result.valid, true, 'Should pass with only format check');
543
- assert.propertyEquals(result, 'checks.format.valid', true, 'Format should pass');
544
- assert.equal(result.checks.localPart, undefined, 'localPart should not run');
545
- assert.equal(result.checks.disposable, undefined, 'disposable should not run');
546
- },
547
- },
548
-
549
- {
550
- name: 'checks-format-and-disposable-skips-localpart',
551
- timeout: 5000,
552
-
553
- async run({ assert }) {
554
- // "test@gmail.com" would be blocked by localPart, but we only run format + disposable
555
- const result = await validate('test@gmail.com', { checks: ['format', 'disposable'] });
556
-
557
- assert.equal(result.valid, true, 'Should pass without localPart check');
558
- assert.propertyEquals(result, 'checks.format.valid', true, 'Format should pass');
559
- assert.propertyEquals(result, 'checks.disposable.blocked', false, 'Disposable should pass');
560
- assert.equal(result.checks.localPart, undefined, 'localPart should not run');
561
- },
562
- },
563
-
564
- {
565
- name: 'checks-format-and-disposable-still-blocks-disposable',
566
- timeout: 5000,
567
-
568
- async run({ assert }) {
569
- const result = await validate('rachel.greene@mailinator.com', { checks: ['format', 'disposable'] });
570
-
571
- assert.equal(result.valid, false, 'Disposable should still fail');
572
- assert.propertyEquals(result, 'checks.disposable.blocked', true, 'Should be blocked');
573
- },
574
- },
575
-
576
- {
577
- name: 'checks-default-matches-expected',
578
- timeout: 5000,
579
-
580
- async run({ assert }) {
581
- assert.deepEqual(DEFAULT_CHECKS, ['format', 'disposable', 'corporate', 'localPart', 'typo'], 'DEFAULT_CHECKS should be all free sync checks (no dns/mailbox)');
582
- assert.deepEqual(ALL_CHECKS, ['format', 'disposable', 'corporate', 'localPart', 'typo', 'dns', 'mailbox'], 'ALL_CHECKS should add dns + mailbox');
583
- },
584
- },
585
-
586
- // --- DNS check behavior ---
587
-
588
- {
589
- name: 'dns-not-in-default-checks',
590
- timeout: 5000,
591
-
592
- async run({ assert }) {
593
- const result = await validate('rachel.greene@gmail.com');
594
-
595
- assert.equal(result.valid, true, 'Should be valid');
596
- assert.equal(result.checks.dns, undefined, 'DNS should not run with default checks (async/slow — opt-in)');
597
- },
598
- },
599
-
600
- {
601
- name: 'dns-valid-domain-passes',
602
- timeout: 15000,
603
-
604
- async run({ assert }) {
605
- // Offline-safe: on network errors the dns check is skipped (valid stays true);
606
- // only definitive no-MX/NXDOMAIN answers block.
607
- const result = await validate('rachel.greene@gmail.com', { checks: ['format', 'dns'] });
608
-
609
- assert.equal(result.valid, true, 'gmail.com should pass the DNS check');
610
- assert.hasProperty(result, 'checks.dns', 'Should have dns check result');
611
- },
612
- },
613
-
614
- {
615
- name: 'dns-nonexistent-domain-fails',
616
- timeout: 15000,
617
- skip: !process.env.TEST_EXTENDED_MODE
618
- ? 'TEST_EXTENDED_MODE not set (requires live DNS resolution)'
619
- : false,
620
-
621
- async run({ assert }) {
622
- const result = await validate('rachel.greene@thisdomaindoesnotexist99887766.com', { checks: ['format', 'dns'] });
623
-
624
- assert.equal(result.valid, false, 'Nonexistent domain should fail the DNS check');
625
- assert.propertyEquals(result, 'checks.dns.valid', false, 'DNS check should fail');
626
- },
627
- },
628
-
629
- // --- Mailbox verification behavior ---
630
-
631
- {
632
- name: 'mailbox-not-in-default-checks',
633
- timeout: 5000,
634
-
635
- async run({ assert }) {
636
- const result = await validate('rachel.greene@gmail.com');
637
-
638
- assert.equal(result.valid, true, 'Should be valid');
639
- assert.equal(result.checks.mailbox, undefined, 'Mailbox should not run with default checks');
640
- },
641
- },
642
-
643
- {
644
- name: 'mailbox-skipped-without-api-key',
645
- timeout: 5000,
646
-
647
- async run({ assert }) {
648
- const originalNB = process.env.NEVERBOUNCE_API_KEY;
649
- const originalZB = process.env.ZEROBOUNCE_API_KEY;
650
- delete process.env.NEVERBOUNCE_API_KEY;
651
- delete process.env.ZEROBOUNCE_API_KEY;
652
-
653
- try {
654
- const result = await validate('rachel.greene@gmail.com', { checks: ALL_CHECKS });
655
-
656
- assert.equal(result.valid, true, 'Should still be valid');
657
- assert.hasProperty(result, 'checks.mailbox', 'Should have mailbox check');
658
- assert.propertyEquals(result, 'checks.mailbox.skipped', true, 'Should be marked as skipped');
659
- } finally {
660
- if (originalNB) {
661
- process.env.NEVERBOUNCE_API_KEY = originalNB;
662
- }
663
- if (originalZB) {
664
- process.env.ZEROBOUNCE_API_KEY = originalZB;
665
- }
666
- }
667
- },
668
- },
669
-
670
- // --- Mailbox verification API checks (require TEST_EXTENDED_MODE + mailbox API key) ---
671
-
672
- {
673
- name: 'mailbox-valid-email-passes',
674
- timeout: 15000,
675
- skip: !process.env.TEST_EXTENDED_MODE || !HAS_MAILBOX_API_KEY
676
- ? 'TEST_EXTENDED_MODE or mailbox API key not set'
677
- : false,
678
-
679
- async run({ assert, skip }) {
680
- const result = await validate('disposable@gmail.com', { checks: ALL_CHECKS });
681
-
682
- if (result.checks.mailbox?.error?.includes('out of credits')) {
683
- skip('Mailbox verification out of credits');
684
- }
685
-
686
- assert.hasProperty(result, 'checks.mailbox', 'Should have mailbox check');
687
- assert.hasProperty(result, 'checks.mailbox.status', 'Should have status');
688
- },
689
- },
690
-
691
- {
692
- name: 'mailbox-fake-domain-fails',
693
- timeout: 15000,
694
- skip: !process.env.TEST_EXTENDED_MODE || !HAS_MAILBOX_API_KEY
695
- ? 'TEST_EXTENDED_MODE or mailbox API key not set'
696
- : false,
697
-
698
- async run({ assert, skip }) {
699
- const result = await validate('rachel.greene@thisfakedomain99999.com', { checks: ALL_CHECKS });
700
-
701
- if (result.checks.mailbox?.error?.includes('out of credits')) {
702
- skip('Mailbox verification out of credits');
703
- }
704
-
705
- assert.hasProperty(result, 'checks.mailbox.status', 'Should have status');
706
- assert.notEqual(result.checks.mailbox.status, 'valid', 'Fake domain should not be valid');
707
- },
708
- },
709
- ],
710
- };