unbound-cli 1.6.3 → 1.6.5

package/test/setup-report.test.js

@@ -0,0 +1,102 @@
+const { test } = require('node:test');
+const assert = require('node:assert/strict');
+
+// reportSetupFailure must be BEST-EFFORT: it posts {serial_number, step,
+// exit_code} to /api/v1/setup/failed/, but a POST failure (offline/429/4xx)
+// must never reject — so a caller can `await` it inline in an error path without
+// masking the real error or changing the exit code.
+
+function freshReport() {
+  for (const m of ['../src/setup-report', '../src/api', '../src/config']) {
+    delete require.cache[require.resolve(m)];
+  }
+  const api = require('../src/api');
+  const config = require('../src/config');
+  const report = require('../src/setup-report');
+  return { api, config, report };
+}
+
+test('reportSetupFailure: posts the contract payload to /api/v1/setup/failed/', async () => {
+  const { api, config, report } = freshReport();
+  let captured = null;
+  api.post = async (path, opts) => { captured = { path, opts }; return { ok: true }; };
+  config.getApiKey = () => 'stored-key';
+
+  const ok = await report.reportSetupFailure({ step: 'cursor', exitCode: 2, backendUrl: 'https://b.acme' });
+
+  assert.equal(ok, true);
+  assert.equal(captured.path, '/api/v1/setup/failed/');
+  assert.equal(captured.opts.apiKey, 'stored-key');
+  assert.equal(captured.opts.baseUrl, 'https://b.acme');
+  const body = captured.opts.body;
+  assert.equal(typeof body.serial_number, 'string');
+  assert.ok(body.serial_number.length > 0 && body.serial_number.length <= 255);
+  assert.equal(body.step, 'cursor');
+  assert.equal(body.exit_code, 2);
+  // install_mode/managed are forced server-side — the CLI must NOT send them.
+  assert.equal('install_mode' in body, false);
+  assert.equal('managed' in body, false);
+});
+
+test('reportSetupFailure: bounds the POST with a 3s timeout (never blocks on default 30s)', async () => {
+  const { api, config, report } = freshReport();
+  let captured = null;
+  api.post = async (path, opts) => { captured = opts; return { ok: true }; };
+  config.getApiKey = () => 'k';
+
+  await report.reportSetupFailure({ step: 'cursor', exitCode: 1 });
+  assert.equal(captured.timeoutMs, 3000, 'failure report must pass a tight 3s timeout');
+});
+
+test('reportSetupFailure: swallows a POST rejection and returns false (best-effort)', async () => {
+  const { api, config, report } = freshReport();
+  api.post = async () => { throw new Error('ECONNREFUSED / offline'); };
+  config.getApiKey = () => 'k';
+
+  let result;
+  await assert.doesNotReject(async () => { result = await report.reportSetupFailure({ step: 'codex', exitCode: 1 }); });
+  assert.equal(result, false);
+});
+
+test('reportSetupFailure: a 429 (rate-limited) is swallowed too', async () => {
+  const { api, config, report } = freshReport();
+  api.post = async () => { const e = new Error('Too many requests'); e.statusCode = 429; throw e; };
+  config.getApiKey = () => 'k';
+
+  const result = await report.reportSetupFailure({ step: 'cursor', exitCode: 1 });
+  assert.equal(result, false);
+});
+
+test('reportSetupFailure: no API key → skips quietly (false), no POST attempted', async () => {
+  const { api, config, report } = freshReport();
+  let called = false;
+  api.post = async () => { called = true; return {}; };
+  config.getApiKey = () => null;
+
+  const result = await report.reportSetupFailure({ step: 'cursor', exitCode: 1 });
+  assert.equal(result, false);
+  assert.equal(called, false, 'no POST without a key');
+});
+
+test('normalizeStep: clamps to 64 chars and defaults empties to "unknown"', () => {
+  const { report } = freshReport();
+  assert.equal(report._normalizeStep(''), 'unknown');
+  assert.equal(report._normalizeStep(null), 'unknown');
+  assert.equal(report._normalizeStep('cursor'), 'cursor');
+  assert.equal(report._normalizeStep('x'.repeat(100)).length, 64);
+});
+
+test('normalizeExitCode: integers pass through, non-integers fall back to 1', () => {
+  const { report } = freshReport();
+  assert.equal(report._normalizeExitCode(2), 2);
+  assert.equal(report._normalizeExitCode(-1), -1);
+  assert.equal(report._normalizeExitCode('nope'), 1);
+  assert.equal(report._normalizeExitCode(undefined), 1);
+});
+
+test('deviceIdentifier: returns a non-empty string within the 255-char limit', () => {
+  const { report } = freshReport();
+  const id = report.deviceIdentifier();
+  assert.equal(typeof id, 'string');
+  assert.ok(id.length > 0 && id.length <= 255);
+});

package/test/telemetry.test.js

@@ -0,0 +1,114 @@
+const { test } = require('node:test');
+const assert = require('node:assert/strict');
+
+// Sentry observability is opt-out and DSN-gated. These tests prove it stays
+// fully disabled (no init, no network, no throw) when there's no DSN or when
+// the user opts out, and that beforeSend scrubs secrets before anything leaves
+// the machine. All without any real network or a real Sentry client.
+
+function freshTelemetry() {
+  delete require.cache[require.resolve('../src/telemetry')];
+  return require('../src/telemetry');
+}
+
+function withEnv(vars, fn) {
+  const saved = {};
+  for (const k of Object.keys(vars)) {
+    saved[k] = process.env[k];
+    if (vars[k] === undefined) delete process.env[k];
+    else process.env[k] = vars[k];
+  }
+  try {
+    return fn();
+  } finally {
+    for (const k of Object.keys(vars)) {
+      if (saved[k] === undefined) delete process.env[k];
+      else process.env[k] = saved[k];
+    }
+  }
+}
+
+test('telemetry: disabled (no init, no throw) when UNBOUND_CLI_SENTRY_DSN is unset', () => {
+  withEnv({ UNBOUND_CLI_SENTRY_DSN: undefined, UNBOUND_TELEMETRY: undefined }, () => {
+    const t = freshTelemetry();
+    assert.equal(t.isEnabled(), false);
+    // init/captureError/flush must be no-ops that never throw or hit the network.
+    assert.doesNotThrow(() => t.init({ flow: 'onboard', runId: 'r1' }));
+    assert.doesNotThrow(() => t.captureError(new Error('boom')));
+    return t.flush(); // resolves, no-op
+  });
+});
+
+test('telemetry: opt-out via UNBOUND_TELEMETRY disables even with a DSN present', () => {
+  for (const optOut of ['0', 'false', 'no', 'FALSE', 'No']) {
+    withEnv({ UNBOUND_CLI_SENTRY_DSN: 'https://abc@example.invalid/1', UNBOUND_TELEMETRY: optOut }, () => {
+      const t = freshTelemetry();
+      assert.equal(t.isEnabled(), false, `opt-out value "${optOut}" should disable`);
+      assert.doesNotThrow(() => t.init());
+      assert.doesNotThrow(() => t.captureError(new Error('x')));
+    });
+  }
+});
+
+test('telemetry: enabled only when DSN set and not opted out', () => {
+  withEnv({ UNBOUND_CLI_SENTRY_DSN: 'https://abc@example.invalid/1', UNBOUND_TELEMETRY: undefined }, () => {
+    const t = freshTelemetry();
+    assert.equal(t.isEnabled(), true);
+  });
+  withEnv({ UNBOUND_CLI_SENTRY_DSN: 'https://abc@example.invalid/1', UNBOUND_TELEMETRY: '1' }, () => {
+    const t = freshTelemetry();
+    assert.equal(t.isEnabled(), true, 'UNBOUND_TELEMETRY=1 is not an opt-out');
+  });
+});
+
+test('telemetry: wrapAction returns the action result and never inits when disabled', async () => {
+  await withEnv({ UNBOUND_CLI_SENTRY_DSN: undefined }, async () => {
+    const t = freshTelemetry();
+    const wrapped = t.wrapAction('setup', async (a, b) => a + b);
+    const result = await wrapped(2, 3);
+    assert.equal(result, 5);
+  });
+});
+
+test('telemetry: wrapAction captures then rethrows the original error', async () => {
+  await withEnv({ UNBOUND_CLI_SENTRY_DSN: undefined }, async () => {
+    const t = freshTelemetry();
+    const original = new Error('real failure');
+    const wrapped = t.wrapAction('onboard', async () => { throw original; });
+    await assert.rejects(() => wrapped(), (err) => err === original);
+  });
+});
+
+test('beforeSend: scrubs known secret values, home paths, and username', () => {
+  const t = freshTelemetry();
+  t.rememberSecret('sk-supersecretkey123');
+  const home = require('os').homedir();
+  const username = require('os').userInfo().username;
+
+  const event = {
+    server_name: 'my-laptop',
+    user: { username, id: '1' },
+    message: `failed with key sk-supersecretkey123 at ${home}/.unbound/config.json`,
+    exception: { values: [{ value: `token ub_abcdefgh12345 leaked for user ${username}` }] },
+  };
+  const out = t._beforeSend(event);
+
+  assert.ok(out, 'event is not dropped');
+  assert.equal(out.server_name, undefined, 'server_name removed');
+  assert.equal(out.user.username, undefined, 'username field removed');
+  assert.ok(!out.message.includes('sk-supersecretkey123'), out.message);
+  assert.ok(!out.message.includes(home), out.message);
+  assert.ok(out.message.includes('~/.unbound'), out.message);
+  assert.ok(!out.exception.values[0].value.includes('ub_abcdefgh12345'), out.exception.values[0].value);
+});
+
+test('beforeSend: never throws — returns null instead of crashing the flow', () => {
+  const t = freshTelemetry();
+  // A frozen object can't be mutated; beforeSend must catch and drop, not throw.
+  const frozen = Object.freeze({ message: 'x', user: Object.freeze({ username: 'a' }) });
+  assert.doesNotThrow(() => {
+    const r = t._beforeSend(frozen);
+    // Either scrubbed or dropped (null) — both acceptable; the point is no throw.
+    assert.ok(r === null || typeof r === 'object');
+  });
+});