vellum 0.2.13 → 0.2.14

package/src/__tests__/twitter-cli-routing.test.ts

@@ -0,0 +1,252 @@
+import { describe, test, expect, mock, beforeEach } from 'bun:test';
+
+// --- Mocks (must be declared before importing the module under test) ---
+
+let mockStrategy: string | undefined = undefined;
+let mockOauthAvailable = false;
+let mockOauthPostResult: { tweetId: string; text: string; url?: string } | null = null;
+let mockOauthPostError: Error | null = null;
+let mockBrowserPostResult: { tweetId: string; text: string; url: string } | null = null;
+let mockBrowserPostError: Error | null = null;
+
+// Mock the config loader to return a controllable strategy
+mock.module('../config/loader.js', () => ({
+  loadRawConfig: () => {
+    if (mockStrategy !== undefined) {
+      return { twitterOperationStrategy: mockStrategy };
+    }
+    return {};
+  },
+  loadConfig: () => ({}),
+  saveConfig: () => {},
+  saveRawConfig: () => {},
+  getConfig: () => ({}),
+  invalidateConfigCache: () => {},
+  getNestedValue: () => undefined,
+  setNestedValue: () => {},
+  API_KEY_PROVIDERS: [],
+}));
+
+// Mock the OAuth client
+mock.module('../twitter/oauth-client.js', () => ({
+  oauthIsAvailable: () => mockOauthAvailable,
+  oauthSupportsOperation: (op: string) => op === 'post' || op === 'reply',
+  oauthPostTweet: async (_text: string, _opts?: { inReplyToTweetId?: string }) => {
+    if (mockOauthPostError) throw mockOauthPostError;
+    if (mockOauthPostResult) return mockOauthPostResult;
+    throw new Error('OAuth mock not configured');
+  },
+  UnsupportedOAuthOperationError: class UnsupportedOAuthOperationError extends Error {
+    public readonly suggestFallback = true;
+    public readonly fallbackPath = 'browser' as const;
+    public readonly operation: string;
+    constructor(operation: string) {
+      super(`The "${operation}" operation is not available via the OAuth API.`);
+      this.name = 'UnsupportedOAuthOperationError';
+      this.operation = operation;
+    }
+  },
+}));
+
+// Create a SessionExpiredError class that matches the real one
+class MockSessionExpiredError extends Error {
+  constructor(reason: string) {
+    super(reason);
+    this.name = 'SessionExpiredError';
+  }
+}
+
+// Mock the browser client
+mock.module('../twitter/client.js', () => ({
+  postTweet: async (_text: string, _opts?: { inReplyToTweetId?: string }) => {
+    if (mockBrowserPostError) throw mockBrowserPostError;
+    if (mockBrowserPostResult) return mockBrowserPostResult;
+    throw new Error('Browser mock not configured');
+  },
+  SessionExpiredError: MockSessionExpiredError,
+}));
+
+// Mock the logger to silence output
+mock.module('../util/logger.js', () => ({
+  getLogger: () => ({
+    info: () => {},
+    warn: () => {},
+    error: () => {},
+    debug: () => {},
+    trace: () => {},
+    fatal: () => {},
+    child: () => ({
+      info: () => {},
+      warn: () => {},
+      error: () => {},
+      debug: () => {},
+    }),
+  }),
+}));
+
+import { routedPostTweet } from '../twitter/router.js';
+
+beforeEach(() => {
+  mockStrategy = undefined;
+  mockOauthAvailable = false;
+  mockOauthPostResult = null;
+  mockOauthPostError = null;
+  mockBrowserPostResult = null;
+  mockBrowserPostError = null;
+});
+
+describe('Twitter strategy router', () => {
+  describe('auto strategy', () => {
+    test('uses OAuth when available and supported', async () => {
+      mockOauthAvailable = true;
+      mockOauthPostResult = { tweetId: '111', text: 'hello', url: 'https://x.com/u/status/111' };
+
+      const { result, pathUsed } = await routedPostTweet('hello');
+
+      expect(pathUsed).toBe('oauth');
+      expect(result.tweetId).toBe('111');
+      expect(result.text).toBe('hello');
+      expect(result.url).toBe('https://x.com/u/status/111');
+    });
+
+    test('falls back to browser when OAuth is unavailable', async () => {
+      mockOauthAvailable = false;
+      mockBrowserPostResult = { tweetId: '222', text: 'hello', url: 'https://x.com/u/status/222' };
+
+      const { result, pathUsed } = await routedPostTweet('hello');
+
+      expect(pathUsed).toBe('browser');
+      expect(result.tweetId).toBe('222');
+    });
+
+    test('falls back to browser when OAuth fails', async () => {
+      mockOauthAvailable = true;
+      mockOauthPostError = new Error('OAuth token expired');
+      mockBrowserPostResult = { tweetId: '333', text: 'hello', url: 'https://x.com/u/status/333' };
+
+      const { result, pathUsed } = await routedPostTweet('hello');
+
+      expect(pathUsed).toBe('browser');
+      expect(result.tweetId).toBe('333');
+    });
+
+    test('constructs URL from tweetId when OAuth result has no url', async () => {
+      mockOauthAvailable = true;
+      mockOauthPostResult = { tweetId: '444', text: 'no url' };
+
+      const { result, pathUsed } = await routedPostTweet('no url');
+
+      expect(pathUsed).toBe('oauth');
+      expect(result.url).toBe('https://x.com/i/status/444');
+    });
+
+    test('throws combined error when both OAuth and browser fail with SessionExpiredError', async () => {
+      mockOauthAvailable = true;
+      mockOauthPostError = new Error('OAuth failed');
+      mockBrowserPostError = new MockSessionExpiredError('Browser session expired');
+
+      try {
+        await routedPostTweet('will fail');
+        expect(true).toBe(false); // should not reach
+      } catch (err) {
+        const e = err as Error & { pathUsed: string; oauthError?: string };
+        expect(e).toBeInstanceOf(MockSessionExpiredError);
+        expect(e.message).toBe('Browser session expired');
+        expect(e.pathUsed).toBe('auto');
+        expect(e.oauthError).toBe('OAuth failed');
+      }
+    });
+  });
+
+  describe('explicit oauth strategy', () => {
+    test('fails with helpful error when OAuth is not configured', async () => {
+      mockStrategy = 'oauth';
+      mockOauthAvailable = false;
+
+      try {
+        await routedPostTweet('hello');
+        expect(true).toBe(false); // should not reach
+      } catch (err) {
+        const e = err as Error & { pathUsed: string; suggestAlternative: string };
+        expect(e.message).toContain('OAuth is not configured');
+        expect(e.message).toContain('vellum x strategy set browser');
+        expect(e.pathUsed).toBe('oauth');
+        expect(e.suggestAlternative).toBe('browser');
+      }
+    });
+
+    test('uses OAuth when available', async () => {
+      mockStrategy = 'oauth';
+      mockOauthAvailable = true;
+      mockOauthPostResult = { tweetId: '555', text: 'oauth post' };
+
+      const { result, pathUsed } = await routedPostTweet('oauth post');
+
+      expect(pathUsed).toBe('oauth');
+      expect(result.tweetId).toBe('555');
+    });
+  });
+
+  describe('explicit browser strategy', () => {
+    test('uses browser directly, ignoring OAuth availability', async () => {
+      mockStrategy = 'browser';
+      mockOauthAvailable = true; // available but should be ignored
+      mockBrowserPostResult = { tweetId: '666', text: 'browser post', url: 'https://x.com/u/status/666' };
+
+      const { result, pathUsed } = await routedPostTweet('browser post');
+
+      expect(pathUsed).toBe('browser');
+      expect(result.tweetId).toBe('666');
+    });
+
+    test('preserves SessionExpiredError type with router metadata', async () => {
+      mockStrategy = 'browser';
+      mockBrowserPostError = new MockSessionExpiredError('Session expired');
+
+      try {
+        await routedPostTweet('will fail');
+        expect(true).toBe(false); // should not reach
+      } catch (err) {
+        const e = err as Error & { pathUsed: string; suggestAlternative: string };
+        expect(e).toBeInstanceOf(MockSessionExpiredError);
+        expect(e.message).toBe('Session expired');
+        expect(e.pathUsed).toBe('browser');
+        expect(e.suggestAlternative).toBe('oauth');
+      }
+    });
+
+    test('re-throws non-session errors without wrapping', async () => {
+      mockStrategy = 'browser';
+      mockBrowserPostError = new Error('Network failure');
+
+      try {
+        await routedPostTweet('will fail');
+        expect(true).toBe(false); // should not reach
+      } catch (err) {
+        expect((err as Error).message).toBe('Network failure');
+      }
+    });
+  });
+
+  describe('reply routing', () => {
+    test('auto strategy routes reply through OAuth when available', async () => {
+      mockOauthAvailable = true;
+      mockOauthPostResult = { tweetId: '777', text: 'reply text', url: 'https://x.com/u/status/777' };
+
+      const { result, pathUsed } = await routedPostTweet('reply text', { inReplyToTweetId: '100' });
+
+      expect(pathUsed).toBe('oauth');
+      expect(result.tweetId).toBe('777');
+    });
+
+    test('browser strategy routes reply through browser', async () => {
+      mockStrategy = 'browser';
+      mockBrowserPostResult = { tweetId: '888', text: 'reply text', url: 'https://x.com/u/status/888' };
+
+      const { result, pathUsed } = await routedPostTweet('reply text', { inReplyToTweetId: '200' });
+
+      expect(pathUsed).toBe('browser');
+      expect(result.tweetId).toBe('888');
+    });
+  });
+});

package/src/__tests__/twitter-oauth-client.test.ts

@@ -0,0 +1,209 @@
+import { describe, test, expect, mock, beforeEach, afterEach } from 'bun:test';
+
+// --- Mocks (must be declared before importing the module under test) ---
+
+let secureKeyStore: Record<string, string> = {};
+
+mock.module('../security/secure-keys.js', () => ({
+  getSecureKey: (account: string) => secureKeyStore[account] ?? undefined,
+  setSecureKey: (account: string, value: string) => {
+    secureKeyStore[account] = value;
+    return true;
+  },
+  deleteSecureKey: () => true,
+  listSecureKeys: () => Object.keys(secureKeyStore),
+  getBackendType: () => 'encrypted',
+  isDowngradedFromKeychain: () => false,
+  _resetBackend: () => {},
+  _setBackend: () => {},
+}));
+
+// withValidToken: call the callback directly with a fake token.
+mock.module('../security/token-manager.js', () => ({
+  withValidToken: async (_service: string, cb: (token: string) => Promise<unknown>) =>
+    cb('fake-oauth-token'),
+  TokenExpiredError: class TokenExpiredError extends Error {
+    constructor(public readonly service: string, message?: string) {
+      super(message ?? `Token expired for "${service}".`);
+      this.name = 'TokenExpiredError';
+    }
+  },
+}));
+
+mock.module('../util/logger.js', () => ({
+  getLogger: () => ({
+    info: () => {},
+    warn: () => {},
+    error: () => {},
+    debug: () => {},
+    trace: () => {},
+    fatal: () => {},
+    child: () => ({
+      info: () => {},
+      warn: () => {},
+      error: () => {},
+      debug: () => {},
+    }),
+  }),
+}));
+
+import {
+  oauthPostTweet,
+  oauthIsAvailable,
+  oauthSupportsOperation,
+  UnsupportedOAuthOperationError,
+} from '../twitter/oauth-client.js';
+
+// --- Global fetch mock ---
+
+const originalFetch = globalThis.fetch;
+let _fetchMock: ReturnType<typeof mock> | null = null;
+
+beforeEach(() => {
+  secureKeyStore = {};
+  _fetchMock = null;
+});
+
+afterEach(() => {
+  globalThis.fetch = originalFetch;
+});
+
+function mockFetch(response: { ok: boolean; status: number; json?: unknown; text?: string }) {
+  const fn = mock(() =>
+    Promise.resolve({
+      ok: response.ok,
+      status: response.status,
+      json: () => Promise.resolve(response.json),
+      text: () => Promise.resolve(response.text ?? ''),
+    }),
+  );
+  globalThis.fetch = fn as unknown as typeof fetch;
+  _fetchMock = fn;
+  return fn;
+}
+
+describe('Twitter OAuth client', () => {
+  describe('oauthPostTweet', () => {
+    test('successfully posts and returns tweet ID', async () => {
+      const fn = mockFetch({
+        ok: true,
+        status: 200,
+        json: { data: { id: '12345', text: 'Hello world' } },
+      });
+
+      const result = await oauthPostTweet('Hello world');
+
+      expect(result.tweetId).toBe('12345');
+      expect(result.text).toBe('Hello world');
+
+      // Verify the request was made correctly
+      expect(fn).toHaveBeenCalledTimes(1);
+      const [url, opts] = fn.mock.calls[0] as unknown as [string, RequestInit];
+      expect(url).toBe('https://api.x.com/2/tweets');
+      expect(opts.method).toBe('POST');
+      expect((opts.headers as Record<string, string>)['Authorization']).toBe('Bearer fake-oauth-token');
+      expect((opts.headers as Record<string, string>)['Content-Type']).toBe('application/json');
+
+      const body = JSON.parse(opts.body as string);
+      expect(body.text).toBe('Hello world');
+      expect(body.reply).toBeUndefined();
+    });
+
+    test('with reply returns correct result', async () => {
+      const fn = mockFetch({
+        ok: true,
+        status: 200,
+        json: { data: { id: '67890', text: 'My reply' } },
+      });
+
+      const result = await oauthPostTweet('My reply', { inReplyToTweetId: '11111' });
+
+      expect(result.tweetId).toBe('67890');
+      expect(result.text).toBe('My reply');
+
+      const [, opts] = fn.mock.calls[0] as unknown as [string, RequestInit];
+      const body = JSON.parse(opts.body as string);
+      expect(body.text).toBe('My reply');
+      expect(body.reply).toEqual({ in_reply_to_tweet_id: '11111' });
+    });
+
+    test('throws on API error', async () => {
+      mockFetch({
+        ok: false,
+        status: 429,
+        text: 'Rate limit exceeded',
+      });
+
+      await expect(oauthPostTweet('will fail')).rejects.toThrow(
+        /Twitter API error \(429\)/,
+      );
+    });
+
+    test('attaches status to thrown error for token manager retry', async () => {
+      mockFetch({
+        ok: false,
+        status: 401,
+        text: 'Unauthorized',
+      });
+
+      try {
+        await oauthPostTweet('will fail');
+        expect(true).toBe(false); // should not reach
+      } catch (err) {
+        expect((err as Error & { status: number }).status).toBe(401);
+      }
+    });
+  });
+
+  describe('oauthIsAvailable', () => {
+    test('returns true when access token exists', () => {
+      secureKeyStore['credential:integration:twitter:access_token'] = 'some-token';
+      expect(oauthIsAvailable()).toBe(true);
+    });
+
+    test('returns false when no access token', () => {
+      expect(oauthIsAvailable()).toBe(false);
+    });
+  });
+
+  describe('oauthSupportsOperation', () => {
+    test('returns true for post', () => {
+      expect(oauthSupportsOperation('post')).toBe(true);
+    });
+
+    test('returns true for reply', () => {
+      expect(oauthSupportsOperation('reply')).toBe(true);
+    });
+
+    test('returns false for unsupported operations', () => {
+      const unsupported = [
+        'timeline',
+        'search',
+        'bookmarks',
+        'home',
+        'notifications',
+        'likes',
+        'followers',
+        'following',
+        'media',
+        'tweet',
+      ];
+      for (const op of unsupported) {
+        expect(oauthSupportsOperation(op)).toBe(false);
+      }
+    });
+  });
+
+  describe('UnsupportedOAuthOperationError', () => {
+    test('has correct properties', () => {
+      const err = new UnsupportedOAuthOperationError('search');
+      expect(err.name).toBe('UnsupportedOAuthOperationError');
+      expect(err.operation).toBe('search');
+      expect(err.suggestFallback).toBe(true);
+      expect(err.fallbackPath).toBe('browser');
+      expect(err.message).toContain('search');
+      expect(err.message).toContain('not available via the OAuth API');
+      expect(err).toBeInstanceOf(Error);
+    });
+  });
+});

package/src/__tests__/workspace-policy.test.ts

@@ -0,0 +1,213 @@
+import { describe, test, expect, beforeAll, afterAll } from 'bun:test';
+import { mkdtempSync, mkdirSync, symlinkSync, rmSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+
+import { isPathWithinWorkspaceRoot, isWorkspaceScopedInvocation } from '../permissions/workspace-policy.js';
+
+// ---------------------------------------------------------------------------
+// Temp directory scaffold for symlink / path-containment tests
+// ---------------------------------------------------------------------------
+
+let testDir: string;
+let workspaceRoot: string;
+let outsideDir: string;
+let symlinkInside: string;
+let symlinkToOutside: string;
+
+beforeAll(() => {
+  testDir = mkdtempSync(join(tmpdir(), 'ws-policy-test-'));
+  workspaceRoot = join(testDir, 'workspace');
+  outsideDir = join(testDir, 'outside');
+  mkdirSync(workspaceRoot, { recursive: true });
+  mkdirSync(join(workspaceRoot, 'src'), { recursive: true });
+  mkdirSync(outsideDir, { recursive: true });
+
+  // Symlink inside workspace pointing to another directory inside workspace
+  symlinkInside = join(workspaceRoot, 'link-to-src');
+  symlinkSync(join(workspaceRoot, 'src'), symlinkInside);
+
+  // Symlink inside workspace pointing outside the workspace
+  symlinkToOutside = join(workspaceRoot, 'link-to-outside');
+  symlinkSync(outsideDir, symlinkToOutside);
+});
+
+afterAll(() => {
+  rmSync(testDir, { recursive: true, force: true });
+});
+
+// ---------------------------------------------------------------------------
+// isPathWithinWorkspaceRoot
+// ---------------------------------------------------------------------------
+
+describe('isPathWithinWorkspaceRoot', () => {
+  test('returns true for a file directly inside the workspace', () => {
+    expect(isPathWithinWorkspaceRoot(join(workspaceRoot, 'file.txt'), workspaceRoot)).toBe(true);
+  });
+
+  test('returns true for a file in a subdirectory', () => {
+    expect(isPathWithinWorkspaceRoot(join(workspaceRoot, 'src', 'index.ts'), workspaceRoot)).toBe(true);
+  });
+
+  test('returns true for the workspace root itself', () => {
+    expect(isPathWithinWorkspaceRoot(workspaceRoot, workspaceRoot)).toBe(true);
+  });
+
+  test('returns false for a path outside the workspace', () => {
+    expect(isPathWithinWorkspaceRoot(outsideDir, workspaceRoot)).toBe(false);
+  });
+
+  test('returns false for parent traversal escaping the workspace', () => {
+    const escapedPath = join(workspaceRoot, '..', 'outside', 'secret.txt');
+    expect(isPathWithinWorkspaceRoot(escapedPath, workspaceRoot)).toBe(false);
+  });
+
+  test('returns true for a symlink that resolves inside the workspace', () => {
+    expect(isPathWithinWorkspaceRoot(symlinkInside, workspaceRoot)).toBe(true);
+  });
+
+  test('returns false for a symlink that resolves outside the workspace', () => {
+    expect(isPathWithinWorkspaceRoot(symlinkToOutside, workspaceRoot)).toBe(false);
+  });
+
+  test('returns false for empty filePath', () => {
+    expect(isPathWithinWorkspaceRoot('', workspaceRoot)).toBe(false);
+  });
+
+  test('returns false for empty workspaceRoot', () => {
+    expect(isPathWithinWorkspaceRoot('/some/file', '')).toBe(false);
+  });
+
+  test('returns false for both empty', () => {
+    expect(isPathWithinWorkspaceRoot('', '')).toBe(false);
+  });
+
+  test('handles non-existent file paths gracefully (new file write)', () => {
+    const newFile = join(workspaceRoot, 'new-dir', 'new-file.ts');
+    expect(isPathWithinWorkspaceRoot(newFile, workspaceRoot)).toBe(true);
+  });
+
+  test('rejects path that is a prefix but not a child directory', () => {
+    // e.g. /tmp/workspace-extra should NOT match /tmp/workspace
+    const sibling = `${workspaceRoot}-extra`;
+    mkdirSync(sibling, { recursive: true });
+    expect(isPathWithinWorkspaceRoot(join(sibling, 'file.txt'), workspaceRoot)).toBe(false);
+    rmSync(sibling, { recursive: true, force: true });
+  });
+});
+
+// ---------------------------------------------------------------------------
+// isWorkspaceScopedInvocation
+// ---------------------------------------------------------------------------
+
+describe('isWorkspaceScopedInvocation', () => {
+  // ── Path-scoped tools ──────────────────────────────────────────────
+
+  describe('file_read / file_write / file_edit', () => {
+    test('returns true when file_path is inside workspace', () => {
+      expect(
+        isWorkspaceScopedInvocation('file_read', { file_path: join(workspaceRoot, 'foo.txt') }, workspaceRoot),
+      ).toBe(true);
+    });
+
+    test('returns true when path (alternate key) is inside workspace', () => {
+      expect(
+        isWorkspaceScopedInvocation('file_write', { path: join(workspaceRoot, 'bar.ts') }, workspaceRoot),
+      ).toBe(true);
+    });
+
+    test('returns false when file_path is outside workspace', () => {
+      expect(
+        isWorkspaceScopedInvocation('file_edit', { file_path: '/etc/passwd' }, workspaceRoot),
+      ).toBe(false);
+    });
+
+    test('returns false when file_path is missing', () => {
+      expect(
+        isWorkspaceScopedInvocation('file_read', {}, workspaceRoot),
+      ).toBe(false);
+    });
+
+    test('returns false when file_path is not a string', () => {
+      expect(
+        isWorkspaceScopedInvocation('file_write', { file_path: 123 }, workspaceRoot),
+      ).toBe(false);
+    });
+
+    test('resolves relative path inside workspace against workspaceRoot', () => {
+      expect(
+        isWorkspaceScopedInvocation('file_read', { path: 'src/index.ts' }, workspaceRoot),
+      ).toBe(true);
+    });
+
+    test('resolves relative path with ../ that escapes workspace as outside', () => {
+      expect(
+        isWorkspaceScopedInvocation('file_read', { file_path: '../outside/secret.txt' }, workspaceRoot),
+      ).toBe(false);
+    });
+
+    test('absolute path inside workspace still works', () => {
+      expect(
+        isWorkspaceScopedInvocation('file_edit', { file_path: join(workspaceRoot, 'src', 'main.ts') }, workspaceRoot),
+      ).toBe(true);
+    });
+  });
+
+  // ── Bash ───────────────────────────────────────────────────────────
+
+  describe('bash', () => {
+    test('returns true (sandbox handles isolation)', () => {
+      expect(
+        isWorkspaceScopedInvocation('bash', { command: 'ls -la' }, workspaceRoot),
+      ).toBe(true);
+    });
+  });
+
+  // ── Network tools ──────────────────────────────────────────────────
+
+  describe('network tools', () => {
+    const networkTools = [
+      'web_search', 'web_fetch', 'browser_navigate', 'browser_click',
+      'browser_type', 'browser_scroll', 'browser_screenshot',
+      'browser_close', 'network_request',
+    ];
+
+    for (const tool of networkTools) {
+      test(`${tool} is NOT workspace-scoped`, () => {
+        expect(isWorkspaceScopedInvocation(tool, {}, workspaceRoot)).toBe(false);
+      });
+    }
+  });
+
+  // ── Host tools ─────────────────────────────────────────────────────
+
+  describe('host tools', () => {
+    const hostTools = ['host_file_read', 'host_file_write', 'host_file_edit', 'host_bash'];
+
+    for (const tool of hostTools) {
+      test(`${tool} is NOT workspace-scoped`, () => {
+        expect(isWorkspaceScopedInvocation(tool, {}, workspaceRoot)).toBe(false);
+      });
+    }
+  });
+
+  // ── Always-scoped safe tools ───────────────────────────────────────
+
+  describe('always-scoped tools', () => {
+    const safeTools = ['skill_load', 'view_image', 'memory_search', 'ui_update', 'ui_dismiss'];
+
+    for (const tool of safeTools) {
+      test(`${tool} is workspace-scoped`, () => {
+        expect(isWorkspaceScopedInvocation(tool, {}, workspaceRoot)).toBe(true);
+      });
+    }
+  });
+
+  // ── Unknown tools ──────────────────────────────────────────────────
+
+  describe('unknown tools', () => {
+    test('defaults to NOT workspace-scoped', () => {
+      expect(isWorkspaceScopedInvocation('mystery_tool', {}, workspaceRoot)).toBe(false);
+    });
+  });
+});