innocode 1.0.0 → 1.0.229

package/test/permission-task.test.ts

@@ -1,319 +0,0 @@
-import { describe, test, expect } from "bun:test"
-import { PermissionNext } from "../src/permission/next"
-import { Config } from "../src/config/config"
-import { Instance } from "../src/project/instance"
-import { tmpdir } from "./fixture/fixture"
-
-describe("PermissionNext.evaluate for permission.task", () => {
-  const createRuleset = (rules: Record<string, "allow" | "deny" | "ask">): PermissionNext.Ruleset =>
-    Object.entries(rules).map(([pattern, action]) => ({
-      permission: "task",
-      pattern,
-      action,
-    }))
-
-  test("returns ask when no match (default)", () => {
-    expect(PermissionNext.evaluate("task", "code-reviewer", []).action).toBe("ask")
-  })
-
-  test("returns deny for explicit deny", () => {
-    const ruleset = createRuleset({ "code-reviewer": "deny" })
-    expect(PermissionNext.evaluate("task", "code-reviewer", ruleset).action).toBe("deny")
-  })
-
-  test("returns allow for explicit allow", () => {
-    const ruleset = createRuleset({ "code-reviewer": "allow" })
-    expect(PermissionNext.evaluate("task", "code-reviewer", ruleset).action).toBe("allow")
-  })
-
-  test("returns ask for explicit ask", () => {
-    const ruleset = createRuleset({ "code-reviewer": "ask" })
-    expect(PermissionNext.evaluate("task", "code-reviewer", ruleset).action).toBe("ask")
-  })
-
-  test("matches wildcard patterns with deny", () => {
-    const ruleset = createRuleset({ "orchestrator-*": "deny" })
-    expect(PermissionNext.evaluate("task", "orchestrator-fast", ruleset).action).toBe("deny")
-    expect(PermissionNext.evaluate("task", "orchestrator-slow", ruleset).action).toBe("deny")
-    expect(PermissionNext.evaluate("task", "general", ruleset).action).toBe("ask")
-  })
-
-  test("matches wildcard patterns with allow", () => {
-    const ruleset = createRuleset({ "orchestrator-*": "allow" })
-    expect(PermissionNext.evaluate("task", "orchestrator-fast", ruleset).action).toBe("allow")
-    expect(PermissionNext.evaluate("task", "orchestrator-slow", ruleset).action).toBe("allow")
-  })
-
-  test("matches wildcard patterns with ask", () => {
-    const ruleset = createRuleset({ "orchestrator-*": "ask" })
-    expect(PermissionNext.evaluate("task", "orchestrator-fast", ruleset).action).toBe("ask")
-    const globalRuleset = createRuleset({ "*": "ask" })
-    expect(PermissionNext.evaluate("task", "code-reviewer", globalRuleset).action).toBe("ask")
-  })
-
-  test("later rules take precedence (last match wins)", () => {
-    const ruleset = createRuleset({
-      "orchestrator-*": "deny",
-      "orchestrator-fast": "allow",
-    })
-    expect(PermissionNext.evaluate("task", "orchestrator-fast", ruleset).action).toBe("allow")
-    expect(PermissionNext.evaluate("task", "orchestrator-slow", ruleset).action).toBe("deny")
-  })
-
-  test("matches global wildcard", () => {
-    expect(PermissionNext.evaluate("task", "any-agent", createRuleset({ "*": "allow" })).action).toBe("allow")
-    expect(PermissionNext.evaluate("task", "any-agent", createRuleset({ "*": "deny" })).action).toBe("deny")
-    expect(PermissionNext.evaluate("task", "any-agent", createRuleset({ "*": "ask" })).action).toBe("ask")
-  })
-})
-
-describe("PermissionNext.disabled for task tool", () => {
-  // Note: The `disabled` function checks if a TOOL should be completely removed from the tool list.
-  // It only disables a tool when there's a rule with `pattern: "*"` and `action: "deny"`.
-  // It does NOT evaluate complex subagent patterns - those are handled at runtime by `evaluate`.
-  const createRuleset = (rules: Record<string, "allow" | "deny" | "ask">): PermissionNext.Ruleset =>
-    Object.entries(rules).map(([pattern, action]) => ({
-      permission: "task",
-      pattern,
-      action,
-    }))
-
-  test("task tool is disabled when global deny pattern exists (even with specific allows)", () => {
-    // When "*": "deny" exists, the task tool is disabled because the disabled() function
-    // only checks for wildcard deny patterns - it doesn't consider that specific subagents might be allowed
-    const ruleset = createRuleset({
-      "orchestrator-*": "allow",
-      "*": "deny",
-    })
-    const disabled = PermissionNext.disabled(["task", "bash", "read"], ruleset)
-    // The task tool IS disabled because there's a pattern: "*" with action: "deny"
-    expect(disabled.has("task")).toBe(true)
-  })
-
-  test("task tool is disabled when global deny pattern exists (even with ask overrides)", () => {
-    const ruleset = createRuleset({
-      "orchestrator-*": "ask",
-      "*": "deny",
-    })
-    const disabled = PermissionNext.disabled(["task"], ruleset)
-    // The task tool IS disabled because there's a pattern: "*" with action: "deny"
-    expect(disabled.has("task")).toBe(true)
-  })
-
-  test("task tool is disabled when global deny pattern exists", () => {
-    const ruleset = createRuleset({ "*": "deny" })
-    const disabled = PermissionNext.disabled(["task"], ruleset)
-    expect(disabled.has("task")).toBe(true)
-  })
-
-  test("task tool is NOT disabled when only specific patterns are denied (no wildcard)", () => {
-    // The disabled() function only disables tools when pattern: "*" && action: "deny"
-    // Specific subagent denies don't disable the task tool - those are handled at runtime
-    const ruleset = createRuleset({
-      "orchestrator-*": "deny",
-      general: "deny",
-    })
-    const disabled = PermissionNext.disabled(["task"], ruleset)
-    // The task tool is NOT disabled because no rule has pattern: "*" with action: "deny"
-    expect(disabled.has("task")).toBe(false)
-  })
-
-  test("task tool is enabled when no task rules exist (default ask)", () => {
-    const disabled = PermissionNext.disabled(["task"], [])
-    expect(disabled.has("task")).toBe(false)
-  })
-
-  test("task tool is NOT disabled when last wildcard pattern is allow", () => {
-    // Last matching rule wins - if wildcard allow comes after wildcard deny, tool is enabled
-    const ruleset = createRuleset({
-      "*": "deny",
-      "orchestrator-coder": "allow",
-    })
-    const disabled = PermissionNext.disabled(["task"], ruleset)
-    // The disabled() function uses findLast and checks if the last matching rule
-    // has pattern: "*" and action: "deny". In this case, the last rule matching
-    // "task" permission has pattern "orchestrator-coder", not "*", so not disabled
-    expect(disabled.has("task")).toBe(false)
-  })
-})
-
-// Integration tests that load permissions from real config files
-describe("permission.task with real config files", () => {
-  test("loads task permissions from opencode.json config", async () => {
-    await using tmp = await tmpdir({
-      git: true,
-      config: {
-        permission: {
-          task: {
-            "*": "allow",
-            "code-reviewer": "deny",
-          },
-        },
-      },
-    })
-    await Instance.provide({
-      directory: tmp.path,
-      fn: async () => {
-        const config = await Config.get()
-        const ruleset = PermissionNext.fromConfig(config.permission ?? {})
-        // general and orchestrator-fast should be allowed, code-reviewer denied
-        expect(PermissionNext.evaluate("task", "general", ruleset).action).toBe("allow")
-        expect(PermissionNext.evaluate("task", "orchestrator-fast", ruleset).action).toBe("allow")
-        expect(PermissionNext.evaluate("task", "code-reviewer", ruleset).action).toBe("deny")
-      },
-    })
-  })
-
-  test("loads task permissions with wildcard patterns from config", async () => {
-    await using tmp = await tmpdir({
-      git: true,
-      config: {
-        permission: {
-          task: {
-            "*": "ask",
-            "orchestrator-*": "deny",
-          },
-        },
-      },
-    })
-    await Instance.provide({
-      directory: tmp.path,
-      fn: async () => {
-        const config = await Config.get()
-        const ruleset = PermissionNext.fromConfig(config.permission ?? {})
-        // general and code-reviewer should be ask, orchestrator-* denied
-        expect(PermissionNext.evaluate("task", "general", ruleset).action).toBe("ask")
-        expect(PermissionNext.evaluate("task", "code-reviewer", ruleset).action).toBe("ask")
-        expect(PermissionNext.evaluate("task", "orchestrator-fast", ruleset).action).toBe("deny")
-      },
-    })
-  })
-
-  test("evaluate respects task permission from config", async () => {
-    await using tmp = await tmpdir({
-      git: true,
-      config: {
-        permission: {
-          task: {
-            general: "allow",
-            "code-reviewer": "deny",
-          },
-        },
-      },
-    })
-    await Instance.provide({
-      directory: tmp.path,
-      fn: async () => {
-        const config = await Config.get()
-        const ruleset = PermissionNext.fromConfig(config.permission ?? {})
-        expect(PermissionNext.evaluate("task", "general", ruleset).action).toBe("allow")
-        expect(PermissionNext.evaluate("task", "code-reviewer", ruleset).action).toBe("deny")
-        // Unspecified agents default to "ask"
-        expect(PermissionNext.evaluate("task", "unknown-agent", ruleset).action).toBe("ask")
-      },
-    })
-  })
-
-  test("mixed permission config with task and other tools", async () => {
-    await using tmp = await tmpdir({
-      git: true,
-      config: {
-        permission: {
-          bash: "allow",
-          edit: "ask",
-          task: {
-            "*": "deny",
-            general: "allow",
-          },
-        },
-      },
-    })
-    await Instance.provide({
-      directory: tmp.path,
-      fn: async () => {
-        const config = await Config.get()
-        const ruleset = PermissionNext.fromConfig(config.permission ?? {})
-
-        // Verify task permissions
-        expect(PermissionNext.evaluate("task", "general", ruleset).action).toBe("allow")
-        expect(PermissionNext.evaluate("task", "code-reviewer", ruleset).action).toBe("deny")
-
-        // Verify other tool permissions
-        expect(PermissionNext.evaluate("bash", "*", ruleset).action).toBe("allow")
-        expect(PermissionNext.evaluate("edit", "*", ruleset).action).toBe("ask")
-
-        // Verify disabled tools
-        const disabled = PermissionNext.disabled(["bash", "edit", "task"], ruleset)
-        expect(disabled.has("bash")).toBe(false)
-        expect(disabled.has("edit")).toBe(false)
-        // task is NOT disabled because disabled() uses findLast, and the last rule
-        // matching "task" permission is {pattern: "general", action: "allow"}, not pattern: "*"
-        expect(disabled.has("task")).toBe(false)
-      },
-    })
-  })
-
-  test("task tool disabled when global deny comes last in config", async () => {
-    await using tmp = await tmpdir({
-      git: true,
-      config: {
-        permission: {
-          task: {
-            general: "allow",
-            "code-reviewer": "allow",
-            "*": "deny",
-          },
-        },
-      },
-    })
-    await Instance.provide({
-      directory: tmp.path,
-      fn: async () => {
-        const config = await Config.get()
-        const ruleset = PermissionNext.fromConfig(config.permission ?? {})
-
-        // Last matching rule wins - "*" deny is last, so all agents are denied
-        expect(PermissionNext.evaluate("task", "general", ruleset).action).toBe("deny")
-        expect(PermissionNext.evaluate("task", "code-reviewer", ruleset).action).toBe("deny")
-        expect(PermissionNext.evaluate("task", "unknown", ruleset).action).toBe("deny")
-
-        // Since "*": "deny" is the last rule, disabled() finds it with findLast
-        // and sees pattern: "*" with action: "deny", so task is disabled
-        const disabled = PermissionNext.disabled(["task"], ruleset)
-        expect(disabled.has("task")).toBe(true)
-      },
-    })
-  })
-
-  test("task tool NOT disabled when specific allow comes last in config", async () => {
-    await using tmp = await tmpdir({
-      git: true,
-      config: {
-        permission: {
-          task: {
-            "*": "deny",
-            general: "allow",
-          },
-        },
-      },
-    })
-    await Instance.provide({
-      directory: tmp.path,
-      fn: async () => {
-        const config = await Config.get()
-        const ruleset = PermissionNext.fromConfig(config.permission ?? {})
-
-        // Evaluate uses findLast - "general" allow comes after "*" deny
-        expect(PermissionNext.evaluate("task", "general", ruleset).action).toBe("allow")
-        // Other agents still denied by the earlier "*" deny
-        expect(PermissionNext.evaluate("task", "code-reviewer", ruleset).action).toBe("deny")
-
-        // disabled() uses findLast and checks if the last rule has pattern: "*" with action: "deny"
-        // In this case, the last rule is {pattern: "general", action: "allow"}, not pattern: "*"
-        // So the task tool is NOT disabled (even though most subagents are denied)
-        const disabled = PermissionNext.disabled(["task"], ruleset)
-        expect(disabled.has("task")).toBe(false)
-      },
-    })
-  })
-})

package/test/plugin/auth-override.test.ts

@@ -1,44 +0,0 @@
-import { describe, expect, test } from "bun:test"
-import path from "path"
-import fs from "fs/promises"
-import { tmpdir } from "../fixture/fixture"
-import { Instance } from "../../src/project/instance"
-import { ProviderAuth } from "../../src/provider/auth"
-
-describe("plugin.auth-override", () => {
-  test("user plugin overrides built-in github-copilot auth", async () => {
-    await using tmp = await tmpdir({
-      init: async (dir) => {
-        const pluginDir = path.join(dir, ".opencode", "plugin")
-        await fs.mkdir(pluginDir, { recursive: true })
-
-        await Bun.write(
-          path.join(pluginDir, "custom-copilot-auth.ts"),
-          [
-            "export default async () => ({",
-            "  auth: {",
-            '    provider: "github-copilot",',
-            "    methods: [",
-            '      { type: "api", label: "Test Override Auth" },',
-            "    ],",
-            "    loader: async () => ({ access: 'test-token' }),",
-            "  },",
-            "})",
-            "",
-          ].join("\n"),
-        )
-      },
-    })
-
-    await Instance.provide({
-      directory: tmp.path,
-      fn: async () => {
-        const methods = await ProviderAuth.methods()
-        const copilot = methods["github-copilot"]
-        expect(copilot).toBeDefined()
-        expect(copilot.length).toBe(1)
-        expect(copilot[0].label).toBe("Test Override Auth")
-      },
-    })
-  }, 30000) // Increased timeout for plugin installation
-})

package/test/plugin/codex.test.ts

@@ -1,123 +0,0 @@
-import { describe, expect, test } from "bun:test"
-import {
-  parseJwtClaims,
-  extractAccountIdFromClaims,
-  extractAccountId,
-  type IdTokenClaims,
-} from "../../src/plugin/codex"
-
-function createTestJwt(payload: object): string {
-  const header = Buffer.from(JSON.stringify({ alg: "none" })).toString("base64url")
-  const body = Buffer.from(JSON.stringify(payload)).toString("base64url")
-  return `${header}.${body}.sig`
-}
-
-describe("plugin.codex", () => {
-  describe("parseJwtClaims", () => {
-    test("parses valid JWT with claims", () => {
-      const payload = { email: "test@example.com", chatgpt_account_id: "acc-123" }
-      const jwt = createTestJwt(payload)
-      const claims = parseJwtClaims(jwt)
-      expect(claims).toEqual(payload)
-    })
-
-    test("returns undefined for JWT with less than 3 parts", () => {
-      expect(parseJwtClaims("invalid")).toBeUndefined()
-      expect(parseJwtClaims("only.two")).toBeUndefined()
-    })
-
-    test("returns undefined for invalid base64", () => {
-      expect(parseJwtClaims("a.!!!invalid!!!.b")).toBeUndefined()
-    })
-
-    test("returns undefined for invalid JSON payload", () => {
-      const header = Buffer.from("{}").toString("base64url")
-      const invalidJson = Buffer.from("not json").toString("base64url")
-      expect(parseJwtClaims(`${header}.${invalidJson}.sig`)).toBeUndefined()
-    })
-  })
-
-  describe("extractAccountIdFromClaims", () => {
-    test("extracts chatgpt_account_id from root", () => {
-      const claims: IdTokenClaims = { chatgpt_account_id: "acc-root" }
-      expect(extractAccountIdFromClaims(claims)).toBe("acc-root")
-    })
-
-    test("extracts chatgpt_account_id from nested https://api.openai.com/auth", () => {
-      const claims: IdTokenClaims = {
-        "https://api.openai.com/auth": { chatgpt_account_id: "acc-nested" },
-      }
-      expect(extractAccountIdFromClaims(claims)).toBe("acc-nested")
-    })
-
-    test("prefers root over nested", () => {
-      const claims: IdTokenClaims = {
-        chatgpt_account_id: "acc-root",
-        "https://api.openai.com/auth": { chatgpt_account_id: "acc-nested" },
-      }
-      expect(extractAccountIdFromClaims(claims)).toBe("acc-root")
-    })
-
-    test("extracts from organizations array as fallback", () => {
-      const claims: IdTokenClaims = {
-        organizations: [{ id: "org-123" }, { id: "org-456" }],
-      }
-      expect(extractAccountIdFromClaims(claims)).toBe("org-123")
-    })
-
-    test("returns undefined when no accountId found", () => {
-      const claims: IdTokenClaims = { email: "test@example.com" }
-      expect(extractAccountIdFromClaims(claims)).toBeUndefined()
-    })
-  })
-
-  describe("extractAccountId", () => {
-    test("extracts from id_token first", () => {
-      const idToken = createTestJwt({ chatgpt_account_id: "from-id-token" })
-      const accessToken = createTestJwt({ chatgpt_account_id: "from-access-token" })
-      expect(
-        extractAccountId({
-          id_token: idToken,
-          access_token: accessToken,
-          refresh_token: "rt",
-        }),
-      ).toBe("from-id-token")
-    })
-
-    test("falls back to access_token when id_token has no accountId", () => {
-      const idToken = createTestJwt({ email: "test@example.com" })
-      const accessToken = createTestJwt({
-        "https://api.openai.com/auth": { chatgpt_account_id: "from-access" },
-      })
-      expect(
-        extractAccountId({
-          id_token: idToken,
-          access_token: accessToken,
-          refresh_token: "rt",
-        }),
-      ).toBe("from-access")
-    })
-
-    test("returns undefined when no tokens have accountId", () => {
-      const token = createTestJwt({ email: "test@example.com" })
-      expect(
-        extractAccountId({
-          id_token: token,
-          access_token: token,
-          refresh_token: "rt",
-        }),
-      ).toBeUndefined()
-    })
-
-    test("handles missing id_token", () => {
-      const accessToken = createTestJwt({ chatgpt_account_id: "acc-123" })
-      expect(
-        extractAccountId({
-          id_token: "",
-          access_token: accessToken,
-          refresh_token: "rt",
-        }),
-      ).toBe("acc-123")
-    })
-  })
-})

package/test/preload.ts

@@ -1,63 +0,0 @@
-// IMPORTANT: Set env vars BEFORE any imports from src/ directory
-// xdg-basedir reads env vars at import time, so we must set these first
-import os from "os"
-import path from "path"
-import fs from "fs/promises"
-import fsSync from "fs"
-import { afterAll } from "bun:test"
-
-const dir = path.join(os.tmpdir(), "opencode-test-data-" + process.pid)
-await fs.mkdir(dir, { recursive: true })
-afterAll(() => {
-  fsSync.rmSync(dir, { recursive: true, force: true })
-})
-// Set test home directory to isolate tests from user's actual home directory
-// This prevents tests from picking up real user configs/skills from ~/.claude/skills
-const testHome = path.join(dir, "home")
-await fs.mkdir(testHome, { recursive: true })
-process.env["OPENCODE_TEST_HOME"] = testHome
-
-// Set test managed config directory to isolate tests from system managed settings
-const testManagedConfigDir = path.join(dir, "managed")
-process.env["OPENCODE_TEST_MANAGED_CONFIG_DIR"] = testManagedConfigDir
-
-process.env["XDG_DATA_HOME"] = path.join(dir, "share")
-process.env["XDG_CACHE_HOME"] = path.join(dir, "cache")
-process.env["XDG_CONFIG_HOME"] = path.join(dir, "config")
-process.env["XDG_STATE_HOME"] = path.join(dir, "state")
-process.env["OPENCODE_MODELS_PATH"] = path.join(import.meta.dir, "tool", "fixtures", "models-api.json")
-
-// Write the cache version file to prevent global/index.ts from clearing the cache
-const cacheDir = path.join(dir, "cache", "opencode")
-await fs.mkdir(cacheDir, { recursive: true })
-await fs.writeFile(path.join(cacheDir, "version"), "14")
-
-// Clear provider env vars to ensure clean test state
-delete process.env["ANTHROPIC_API_KEY"]
-delete process.env["OPENAI_API_KEY"]
-delete process.env["GOOGLE_API_KEY"]
-delete process.env["GOOGLE_GENERATIVE_AI_API_KEY"]
-delete process.env["AZURE_OPENAI_API_KEY"]
-delete process.env["AWS_ACCESS_KEY_ID"]
-delete process.env["AWS_PROFILE"]
-delete process.env["AWS_REGION"]
-delete process.env["AWS_BEARER_TOKEN_BEDROCK"]
-delete process.env["OPENROUTER_API_KEY"]
-delete process.env["GROQ_API_KEY"]
-delete process.env["MISTRAL_API_KEY"]
-delete process.env["PERPLEXITY_API_KEY"]
-delete process.env["TOGETHER_API_KEY"]
-delete process.env["XAI_API_KEY"]
-delete process.env["DEEPSEEK_API_KEY"]
-delete process.env["FIREWORKS_API_KEY"]
-delete process.env["CEREBRAS_API_KEY"]
-delete process.env["SAMBANOVA_API_KEY"]
-
-// Now safe to import from src/
-const { Log } = await import("../src/util/log")
-
-Log.init({
-  print: false,
-  dev: true,
-  level: "DEBUG",
-})

package/test/project/project.test.ts

@@ -1,120 +0,0 @@
-import { describe, expect, test } from "bun:test"
-import { Project } from "../../src/project/project"
-import { Log } from "../../src/util/log"
-import { Storage } from "../../src/storage/storage"
-import { $ } from "bun"
-import path from "path"
-import { tmpdir } from "../fixture/fixture"
-
-Log.init({ print: false })
-
-describe("Project.fromDirectory", () => {
-  test("should handle git repository with no commits", async () => {
-    await using tmp = await tmpdir()
-    await $`git init`.cwd(tmp.path).quiet()
-
-    const { project } = await Project.fromDirectory(tmp.path)
-
-    expect(project).toBeDefined()
-    expect(project.id).toBe("global")
-    expect(project.vcs).toBe("git")
-    expect(project.worktree).toBe(tmp.path)
-
-    const opencodeFile = path.join(tmp.path, ".git", "opencode")
-    const fileExists = await Bun.file(opencodeFile).exists()
-    expect(fileExists).toBe(false)
-  })
-
-  test("should handle git repository with commits", async () => {
-    await using tmp = await tmpdir({ git: true })
-
-    const { project } = await Project.fromDirectory(tmp.path)
-
-    expect(project).toBeDefined()
-    expect(project.id).not.toBe("global")
-    expect(project.vcs).toBe("git")
-    expect(project.worktree).toBe(tmp.path)
-
-    const opencodeFile = path.join(tmp.path, ".git", "opencode")
-    const fileExists = await Bun.file(opencodeFile).exists()
-    expect(fileExists).toBe(true)
-  })
-})
-
-describe("Project.fromDirectory with worktrees", () => {
-  test("should set worktree to root when called from root", async () => {
-    await using tmp = await tmpdir({ git: true })
-
-    const { project, sandbox } = await Project.fromDirectory(tmp.path)
-
-    expect(project.worktree).toBe(tmp.path)
-    expect(sandbox).toBe(tmp.path)
-    expect(project.sandboxes).not.toContain(tmp.path)
-  })
-
-  test("should set worktree to root when called from a worktree", async () => {
-    await using tmp = await tmpdir({ git: true })
-
-    const worktreePath = path.join(tmp.path, "..", "worktree-test")
-    await $`git worktree add ${worktreePath} -b test-branch`.cwd(tmp.path).quiet()
-
-    const { project, sandbox } = await Project.fromDirectory(worktreePath)
-
-    expect(project.worktree).toBe(tmp.path)
-    expect(sandbox).toBe(worktreePath)
-    expect(project.sandboxes).toContain(worktreePath)
-    expect(project.sandboxes).not.toContain(tmp.path)
-
-    await $`git worktree remove ${worktreePath}`.cwd(tmp.path).quiet()
-  })
-
-  test("should accumulate multiple worktrees in sandboxes", async () => {
-    await using tmp = await tmpdir({ git: true })
-
-    const worktree1 = path.join(tmp.path, "..", "worktree-1")
-    const worktree2 = path.join(tmp.path, "..", "worktree-2")
-    await $`git worktree add ${worktree1} -b branch-1`.cwd(tmp.path).quiet()
-    await $`git worktree add ${worktree2} -b branch-2`.cwd(tmp.path).quiet()
-
-    await Project.fromDirectory(worktree1)
-    const { project } = await Project.fromDirectory(worktree2)
-
-    expect(project.worktree).toBe(tmp.path)
-    expect(project.sandboxes).toContain(worktree1)
-    expect(project.sandboxes).toContain(worktree2)
-    expect(project.sandboxes).not.toContain(tmp.path)
-
-    await $`git worktree remove ${worktree1}`.cwd(tmp.path).quiet()
-    await $`git worktree remove ${worktree2}`.cwd(tmp.path).quiet()
-  })
-})
-
-describe("Project.discover", () => {
-  test("should discover favicon.png in root", async () => {
-    await using tmp = await tmpdir({ git: true })
-    const { project } = await Project.fromDirectory(tmp.path)
-
-    const pngData = Buffer.from([0x89, 0x50, 0x4e, 0x47, 0x0d, 0x0a, 0x1a, 0x0a])
-    await Bun.write(path.join(tmp.path, "favicon.png"), pngData)
-
-    await Project.discover(project)
-
-    const updated = await Storage.read<Project.Info>(["project", project.id])
-    expect(updated.icon).toBeDefined()
-    expect(updated.icon?.url).toStartWith("data:")
-    expect(updated.icon?.url).toContain("base64")
-    expect(updated.icon?.color).toBeUndefined()
-  })
-
-  test("should not discover non-image files", async () => {
-    await using tmp = await tmpdir({ git: true })
-    const { project } = await Project.fromDirectory(tmp.path)
-
-    await Bun.write(path.join(tmp.path, "favicon.txt"), "not an image")
-
-    await Project.discover(project)
-
-    const updated = await Storage.read<Project.Info>(["project", project.id])
-    expect(updated.icon).toBeUndefined()
-  })
-})