npm - memento-mori-jester - Versions diffs - 0.1.52 → 0.1.53 - Mend

memento-mori-jester 0.1.52 → 0.1.53

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/CHANGELOG.md +5 -0
package/ROADMAP.md +1 -0
package/docs/RELEASE_NOTES_v0.1.53.md +32 -0
package/package.json +1 -1
package/scripts/check-fixtures.mjs +2 -14
package/scripts/check-production-readiness.mjs +8 -0

package/CHANGELOG.md CHANGED Viewed

@@ -4,6 +4,11 @@ All notable changes to Memento Mori Jester are tracked here.
 ## Unreleased
+## 0.1.53
+- Made `npm run fixtures:check` self-contained so it works from the published npm package, where `src/` files are intentionally not shipped.
+- Added a production-readiness guard to prevent the fixture validator from depending on source-only files.
 ## 0.1.52
 - Added `npm run fixtures:check`, a local fixture authoring validator for duplicate IDs, weak metadata, unsafe-looking content, duplicate content, and explicit expected/absent rule intent.

package/ROADMAP.md CHANGED Viewed

@@ -6,6 +6,7 @@ Memento Mori Jester is usable today as a CLI, MCP server, GitHub Action, and git
 ## Recently Shipped
+- Published-package fixture validator fix in v0.1.53 so `npm run fixtures:check` works outside a source checkout.
 - Fixture authoring validator in v0.1.52 for duplicate IDs, missing expected/absent rule intent, weak metadata, unsafe-looking content, and duplicate content.
 - Maintainer triage guide in v0.1.51 for turning useful false-positive reports into redacted fixture coverage.
 - Security policy and GitHub issue templates in v0.1.50 for bug reports, false positives, feature requests, and vulnerability intake.

package/docs/RELEASE_NOTES_v0.1.53.md ADDED Viewed

@@ -0,0 +1,32 @@
+# v0.1.53 Release Notes
+This patch fixes the newly added fixture authoring validator so it works from the published npm package, not only from a source checkout.
+## What Changed
+- Made `scripts/check-fixtures.mjs` self-contained by removing its source-file reads.
+- Added a production-readiness guard that prevents `fixtures:check` from depending on `src/config.ts` or `src/types.ts`.
+## Behavior Notes
+- No CLI, MCP, config, rule, playground, GitHub Action runtime, or release automation behavior changed.
+- Review fixture expectations remain unchanged.
+## Release Validation
+```powershell
+npm.cmd test
+npm.cmd run fixtures:check
+npm.cmd run production:check
+npm.cmd run demo:svg:check
+npm.cmd run pack:dry
+git diff --check
+node .\dist\cli.js doctor --json
+git diff | node .\dist\cli.js diff --fail-on block --subject "v0.1.53 published fixture validator fix"
+```
+Post-publish smoke:
+```powershell
+npm.cmd exec --yes --package memento-mori-jester@latest -- npm run fixtures:check --prefix <published-package-path>
+```

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "memento-mori-jester",
-  "version": "0.1.52",
+  "version": "0.1.53",
   "description": "A local court-jester sidecar for AI coding agents: review plans, commands, diffs, and final claims before they get too pleased with themselves.",
   "type": "module",
   "repository": {

package/scripts/check-fixtures.mjs CHANGED Viewed

@@ -10,20 +10,8 @@ function read(path) {
   return readFileSync(join(root, path), "utf8");
 }
-function readConstStringArray(path, constName) {
-  const source = read(path);
-  const match = source.match(new RegExp(`export const ${constName} = \\[([^\\]]+)\\] as const`));
-  if (!match) {
-    failures.push(`Could not read ${constName} from ${path}.`);
-    return [];
-  }
-  return [...match[1].matchAll(/"([^"]+)"/g)].map((entry) => entry[1]);
-}
-const allowedPresets = new Set(readConstStringArray("src/config.ts", "configPresetNames"));
-const allowedKinds = new Set(readConstStringArray("src/types.ts", "reviewKinds"));
+const allowedPresets = new Set(["default", "node", "python", "web", "api", "infra", "ai", "security"]);
+const allowedKinds = new Set(["plan", "command", "diff", "final"]);
 const allowedVerdicts = new Set(["pass", "caution", "block"]);
 const unsafeContentPatterns = [
   { name: "private key block", pattern: /-----BEGIN [A-Z ]*PRIVATE KEY-----/ },

package/scripts/check-production-readiness.mjs CHANGED Viewed

@@ -26,6 +26,13 @@ function requireText(path, pattern, description) {
   }
 }
+function forbidText(path, pattern, description) {
+  const content = read(path);
+  if (pattern.test(content)) {
+    failures.push(`${path} should not include ${description}.`);
+  }
+}
 function requirePackageFile(packageJson, value) {
   if (!Array.isArray(packageJson.files) || !packageJson.files.includes(value)) {
     failures.push(`package.json files should include ${value}.`);
@@ -107,6 +114,7 @@ requireText("examples/fixtures/README.md", /Adding A Fixture From A Report/, "fi
 requireText("examples/fixtures/README.md", /fixtures:check/, "fixture authoring check guidance");
 requireText("scripts/check-fixtures.mjs", /duplicated/, "duplicate fixture id check");
 requireText("scripts/check-fixtures.mjs", /unsafeContentPatterns/, "unsafe fixture content checks");
+forbidText("scripts/check-fixtures.mjs", /src\/config\.ts|src\/types\.ts/, "source-only fixture validator dependencies");
 requireText("package.json", /"fixtures:check": "node scripts\/check-fixtures\.mjs"/, "fixture authoring check script");
 requireText("package.json", /npm run fixtures:check/, "fixture authoring check in npm test");
 requireText("SECURITY.md", /doctor --json/, "doctor JSON redaction guidance");