vellum 0.2.2 → 0.2.8

package/src/__tests__/oauth2-gateway-transport.test.ts

@@ -0,0 +1,298 @@
+import { describe, test, expect, mock, beforeEach } from 'bun:test';
+
+// ---------------------------------------------------------------------------
+// Mocks — must be set up before importing the module under test
+// ---------------------------------------------------------------------------
+
+let mockPublicBaseUrl = '';
+
+mock.module('../config/loader.js', () => ({
+  loadConfig: () => ({
+    ingress: { publicBaseUrl: mockPublicBaseUrl },
+  }),
+  getConfig: () => ({
+    ingress: { publicBaseUrl: mockPublicBaseUrl },
+  }),
+  loadRawConfig: () => ({}),
+  saveConfig: () => {},
+  invalidateConfigCache: () => {},
+}));
+
+mock.module('../util/logger.js', () => ({
+  getLogger: () => ({
+    info: () => {},
+    warn: () => {},
+    error: () => {},
+    debug: () => {},
+    trace: () => {},
+    fatal: () => {},
+    child: () => ({
+      info: () => {},
+      warn: () => {},
+      error: () => {},
+      debug: () => {},
+    }),
+  }),
+}));
+
+// Track registerPendingCallback calls
+let pendingCallbacks: Map<string, { resolve: (code: string) => void; reject: (error: Error) => void }> = new Map();
+
+mock.module('../security/oauth-callback-registry.js', () => ({
+  registerPendingCallback: (state: string, resolve: (code: string) => void, reject: (error: Error) => void) => {
+    pendingCallbacks.set(state, { resolve, reject });
+  },
+  consumeCallback: () => true,
+  consumeCallbackError: () => true,
+  clearAllCallbacks: () => { pendingCallbacks.clear(); },
+}));
+
+let mockOAuthCallbackUrl = '';
+
+mock.module('../inbound/public-ingress-urls.js', () => ({
+  getOAuthCallbackUrl: () => mockOAuthCallbackUrl,
+  getPublicBaseUrl: () => 'https://gw.example.com',
+}));
+
+// Mock fetch for token exchange
+let mockTokenResponse: { ok: boolean; status: number; body: Record<string, unknown> } = {
+  ok: true,
+  status: 200,
+  body: {
+    access_token: 'test-access-token',
+    refresh_token: 'test-refresh-token',
+    expires_in: 3600,
+    scope: 'read write',
+    token_type: 'Bearer',
+  },
+};
+
+const originalFetch = globalThis.fetch;
+globalThis.fetch = (async (input: RequestInfo | URL, init?: RequestInit) => {
+  const url = typeof input === 'string' ? input : input instanceof URL ? input.toString() : input.url;
+  if (url.includes('token')) {
+    if (!mockTokenResponse.ok) {
+      return new Response(JSON.stringify({ error: 'invalid_grant' }), {
+        status: mockTokenResponse.status,
+        headers: { 'Content-Type': 'application/json' },
+      });
+    }
+    return new Response(JSON.stringify(mockTokenResponse.body), {
+      status: mockTokenResponse.status,
+      headers: { 'Content-Type': 'application/json' },
+    });
+  }
+  return originalFetch(input, init);
+}) as typeof fetch;
+
+// ---------------------------------------------------------------------------
+// Import module under test AFTER mocks are in place
+// ---------------------------------------------------------------------------
+
+import { startOAuth2Flow, type OAuth2Config } from '../security/oauth2.js';
+
+const BASE_OAUTH_CONFIG: OAuth2Config = {
+  authUrl: 'https://provider.example.com/authorize',
+  tokenUrl: 'https://provider.example.com/token',
+  scopes: ['read', 'write'],
+  clientId: 'test-client-id',
+};
+
+beforeEach(() => {
+  mockPublicBaseUrl = '';
+  mockOAuthCallbackUrl = 'https://gw.example.com/webhooks/oauth/callback';
+  pendingCallbacks.clear();
+  mockTokenResponse = {
+    ok: true,
+    status: 200,
+    body: {
+      access_token: 'test-access-token',
+      refresh_token: 'test-refresh-token',
+      expires_in: 3600,
+      scope: 'read write',
+      token_type: 'Bearer',
+    },
+  };
+});
+
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+
+describe('OAuth2 gateway transport', () => {
+  describe('auto-detection', () => {
+    test('selects gateway transport when ingress.publicBaseUrl is configured', async () => {
+      mockPublicBaseUrl = 'https://gw.example.com';
+
+      let capturedAuthUrl = '';
+      const flowPromise = startOAuth2Flow(BASE_OAUTH_CONFIG, {
+        openUrl: (url) => { capturedAuthUrl = url; },
+      });
+
+      // Give the flow a tick to register the callback and open the browser
+      await new Promise((r) => setTimeout(r, 10));
+
+      // The auth URL should contain the gateway redirect_uri, not a loopback one
+      expect(capturedAuthUrl).toContain('redirect_uri=');
+      expect(capturedAuthUrl).not.toContain('127.0.0.1');
+      expect(capturedAuthUrl).toContain(encodeURIComponent('https://gw.example.com'));
+
+      // Resolve the pending callback to complete the flow
+      const entries = Array.from(pendingCallbacks.entries());
+      expect(entries.length).toBe(1);
+      const [, { resolve }] = entries[0];
+      resolve('auth-code-from-gateway');
+
+      const result = await flowPromise;
+      expect(result.tokens.accessToken).toBe('test-access-token');
+    });
+
+    test('selects loopback transport when ingress.publicBaseUrl is empty', async () => {
+      mockPublicBaseUrl = '';
+
+      let capturedAuthUrl = '';
+      const flowPromise = startOAuth2Flow(BASE_OAUTH_CONFIG, {
+        openUrl: (url) => { capturedAuthUrl = url; },
+      });
+
+      // Give the flow a tick
+      await new Promise((r) => setTimeout(r, 10));
+
+      // The auth URL should contain a loopback redirect_uri
+      expect(capturedAuthUrl).toContain('redirect_uri=');
+      expect(capturedAuthUrl).toContain('127.0.0.1');
+
+      // Extract the redirect_uri to send the callback
+      const authUrlParsed = new URL(capturedAuthUrl);
+      const redirectUri = authUrlParsed.searchParams.get('redirect_uri')!;
+      const stateParam = authUrlParsed.searchParams.get('state')!;
+
+      // Simulate the OAuth provider callback to the loopback server
+      const callbackUrl = `${redirectUri}?code=loopback-code&state=${stateParam}`;
+      await fetch(callbackUrl);
+
+      const result = await flowPromise;
+      expect(result.tokens.accessToken).toBe('test-access-token');
+    });
+  });
+
+  describe('explicit transport', () => {
+    test('uses gateway transport when explicitly specified', async () => {
+      // Even with no publicBaseUrl, explicit gateway should work
+      mockPublicBaseUrl = 'https://gw.example.com';
+
+      let capturedAuthUrl = '';
+      const flowPromise = startOAuth2Flow(
+        BASE_OAUTH_CONFIG,
+        { openUrl: (url) => { capturedAuthUrl = url; } },
+        { callbackTransport: 'gateway' },
+      );
+
+      await new Promise((r) => setTimeout(r, 10));
+
+      expect(capturedAuthUrl).toContain(encodeURIComponent('https://gw.example.com'));
+
+      const entries = Array.from(pendingCallbacks.entries());
+      expect(entries.length).toBe(1);
+      entries[0][1].resolve('explicit-gateway-code');
+
+      const result = await flowPromise;
+      expect(result.tokens.accessToken).toBe('test-access-token');
+    });
+
+    test('uses loopback transport when explicitly specified', async () => {
+      // Even with publicBaseUrl configured, explicit loopback should work
+      mockPublicBaseUrl = 'https://gw.example.com';
+
+      let capturedAuthUrl = '';
+      const flowPromise = startOAuth2Flow(
+        BASE_OAUTH_CONFIG,
+        { openUrl: (url) => { capturedAuthUrl = url; } },
+        { callbackTransport: 'loopback' },
+      );
+
+      await new Promise((r) => setTimeout(r, 10));
+
+      expect(capturedAuthUrl).toContain('127.0.0.1');
+
+      const authUrlParsed = new URL(capturedAuthUrl);
+      const redirectUri = authUrlParsed.searchParams.get('redirect_uri')!;
+      const stateParam = authUrlParsed.searchParams.get('state')!;
+
+      await fetch(`${redirectUri}?code=loopback-code&state=${stateParam}`);
+
+      const result = await flowPromise;
+      expect(result.tokens.accessToken).toBe('test-access-token');
+    });
+  });
+
+  describe('gateway transport flow', () => {
+    test('success: register callback, consume with code, exchange for tokens', async () => {
+      mockPublicBaseUrl = 'https://gw.example.com';
+
+      const flowPromise = startOAuth2Flow(
+        BASE_OAUTH_CONFIG,
+        { openUrl: () => {} },
+        { callbackTransport: 'gateway' },
+      );
+
+      await new Promise((r) => setTimeout(r, 10));
+
+      // A callback should be registered
+      const entries = Array.from(pendingCallbacks.entries());
+      expect(entries.length).toBe(1);
+
+      // Simulate gateway delivering the authorization code
+      const [state, { resolve }] = entries[0];
+      expect(typeof state).toBe('string');
+      expect(state.length).toBeGreaterThan(0);
+
+      resolve('gateway-auth-code');
+
+      const result = await flowPromise;
+      expect(result.tokens.accessToken).toBe('test-access-token');
+      expect(result.tokens.refreshToken).toBe('test-refresh-token');
+      expect(result.tokens.expiresIn).toBe(3600);
+      expect(result.grantedScopes).toEqual(['read', 'write']);
+    });
+
+    test('error: register callback, consume with error, rejects', async () => {
+      mockPublicBaseUrl = 'https://gw.example.com';
+
+      const flowPromise = startOAuth2Flow(
+        BASE_OAUTH_CONFIG,
+        { openUrl: () => {} },
+        { callbackTransport: 'gateway' },
+      );
+
+      await new Promise((r) => setTimeout(r, 10));
+
+      const entries = Array.from(pendingCallbacks.entries());
+      expect(entries.length).toBe(1);
+
+      // Simulate the gateway delivering an error (e.g. user denied access)
+      const [, { reject }] = entries[0];
+      reject(new Error('OAuth2 authorization denied: access_denied'));
+
+      await expect(flowPromise).rejects.toThrow('OAuth2 authorization denied: access_denied');
+    });
+
+    test('token exchange failure propagates error', async () => {
+      mockPublicBaseUrl = 'https://gw.example.com';
+      mockTokenResponse = { ok: false, status: 400, body: { error: 'invalid_grant' } };
+
+      const flowPromise = startOAuth2Flow(
+        BASE_OAUTH_CONFIG,
+        { openUrl: () => {} },
+        { callbackTransport: 'gateway' },
+      );
+
+      await new Promise((r) => setTimeout(r, 10));
+
+      const entries = Array.from(pendingCallbacks.entries());
+      entries[0][1].resolve('code-that-fails-exchange');
+
+      await expect(flowPromise).rejects.toThrow('OAuth2 token exchange failed');
+    });
+  });
+});

package/src/__tests__/provider-commit-message-generator.test.ts

@@ -0,0 +1,342 @@
+import { describe, test, expect, beforeEach, mock } from 'bun:test';
+import type { CommitContext } from '../workspace/commit-message-provider.js';
+import type { Provider, ProviderResponse } from '../providers/types.js';
+import type { AssistantConfig } from '../config/types.js';
+import { DEFAULT_CONFIG } from '../config/defaults.js';
+
+// ---------------------------------------------------------------------------
+// Deep-clone a base config so each test can tweak fields independently
+// ---------------------------------------------------------------------------
+function cloneConfig(): AssistantConfig {
+  const cfg = structuredClone(DEFAULT_CONFIG);
+  cfg.provider = 'anthropic';
+  cfg.apiKeys = { anthropic: 'sk-test-key' } as Record<string, string>;
+  cfg.workspaceGit.commitMessageLLM = {
+    ...cfg.workspaceGit.commitMessageLLM,
+    enabled: true,
+    useConfiguredProvider: true,
+    providerFastModelOverrides: {},
+    timeoutMs: 5000,
+    maxTokens: 120,
+    temperature: 0.2,
+    maxFilesInPrompt: 30,
+    maxDiffBytes: 12000,
+    minRemainingTurnBudgetMs: 1000,
+    breaker: {
+      openAfterFailures: 3,
+      backoffBaseMs: 2000,
+      backoffMaxMs: 60000,
+    },
+  };
+  return cfg;
+}
+
+let currentConfig = cloneConfig();
+
+// ---------------------------------------------------------------------------
+// Mock: config/loader
+// ---------------------------------------------------------------------------
+mock.module('../config/loader.js', () => ({
+  getConfig: () => currentConfig,
+  loadConfig: () => currentConfig,
+  invalidateConfigCache: () => {},
+  saveConfig: () => {},
+  loadRawConfig: () => ({}),
+  saveRawConfig: () => {},
+  getNestedValue: () => undefined,
+  setNestedValue: () => {},
+}));
+
+// ---------------------------------------------------------------------------
+// Mock: providers/registry
+// ---------------------------------------------------------------------------
+const mockSendMessage = mock<Provider['sendMessage']>();
+const mockProvider: Provider = {
+  name: 'mock-provider',
+  sendMessage: mockSendMessage,
+};
+let getProviderShouldThrow = false;
+
+mock.module('../providers/registry.js', () => ({
+  getProvider: (_name: string) => {
+    if (getProviderShouldThrow) {
+      throw new Error('Provider not initialized');
+    }
+    return mockProvider;
+  },
+  registerProvider: () => {},
+  listProviders: () => ['mock-provider'],
+  initializeProviders: () => {},
+}));
+
+// ---------------------------------------------------------------------------
+// Mock: logger (noop)
+// ---------------------------------------------------------------------------
+mock.module('../util/logger.js', () => ({
+  getLogger: () =>
+    new Proxy({} as Record<string, unknown>, {
+      get: () => () => {},
+    }),
+}));
+
+// ---------------------------------------------------------------------------
+// Import the module under test AFTER mocks are set up
+// ---------------------------------------------------------------------------
+import {
+  _resetCommitMessageGenerator,
+  getCommitMessageGenerator,
+} from '../workspace/provider-commit-message-generator.js';
+
+// ---------------------------------------------------------------------------
+// Shared context
+// ---------------------------------------------------------------------------
+const baseContext: CommitContext = {
+  workspaceDir: '/tmp/test',
+  trigger: 'turn' as const,
+  sessionId: 'sess_test',
+  turnNumber: 1,
+  changedFiles: ['file.txt'],
+  timestampMs: Date.now(),
+};
+
+function makeSuccessResponse(text: string): ProviderResponse {
+  return {
+    content: [{ type: 'text', text }],
+    model: 'mock-model',
+    usage: { inputTokens: 10, outputTokens: 5 },
+    stopReason: 'end_turn',
+  };
+}
+
+describe('ProviderCommitMessageGenerator', () => {
+  beforeEach(() => {
+    _resetCommitMessageGenerator();
+    currentConfig = cloneConfig();
+    mockSendMessage.mockReset();
+    getProviderShouldThrow = false;
+  });
+
+  // 1. disabled
+  test('disabled → returns deterministic, reason "disabled"', async () => {
+    currentConfig.workspaceGit.commitMessageLLM.enabled = false;
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('deterministic');
+    expect(result.reason).toBe('disabled');
+  });
+
+  // 2. useConfiguredProvider false
+  test('useConfiguredProvider false → returns deterministic, reason "disabled"', async () => {
+    currentConfig.workspaceGit.commitMessageLLM.useConfiguredProvider = false;
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('deterministic');
+    expect(result.reason).toBe('disabled');
+  });
+
+  // 3. missing API key
+  test('missing API key → returns deterministic, reason "missing_provider_api_key"', async () => {
+    currentConfig.apiKeys = {} as Record<string, string>;
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('deterministic');
+    expect(result.reason).toBe('missing_provider_api_key');
+    expect(mockSendMessage).not.toHaveBeenCalled();
+  });
+
+  // 4. breaker open
+  test('breaker open → returns deterministic, reason "breaker_open"', async () => {
+    // Force the breaker open by simulating enough failures
+    currentConfig.workspaceGit.commitMessageLLM.breaker.openAfterFailures = 1;
+    const gen = getCommitMessageGenerator();
+
+    // Trigger a failure to open the breaker — provider throws
+    mockSendMessage.mockRejectedValueOnce(new Error('provider error'));
+    await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+
+    // Now the breaker should be open
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('deterministic');
+    expect(result.reason).toBe('breaker_open');
+  });
+
+  // 5. insufficient budget
+  test('insufficient budget → returns deterministic, reason "insufficient_budget"', async () => {
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+      deadlineMs: Date.now() - 1000, // already expired
+    });
+    expect(result.source).toBe('deterministic');
+    expect(result.reason).toBe('insufficient_budget');
+  });
+
+  // 6. LLM success
+  test('LLM success → returns LLM message, source "llm", fast model passed', async () => {
+    const commitMsg = 'feat: add new feature';
+    mockSendMessage.mockResolvedValueOnce(makeSuccessResponse(commitMsg));
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('llm');
+    expect(result.message).toBe(commitMsg);
+    expect(result.reason).toBeUndefined();
+
+    // Verify the fast model was passed in the config
+    const callArgs = mockSendMessage.mock.calls[0];
+    const options = callArgs[3] as { config: { model: string } };
+    expect(options.config.model).toBe('claude-haiku-4-5-20251001');
+  });
+
+  // 7. fast-model override
+  test('fast-model override → uses override instead of default', async () => {
+    currentConfig.workspaceGit.commitMessageLLM.providerFastModelOverrides = {
+      anthropic: 'claude-sonnet-4-20250514',
+    };
+    const commitMsg = 'fix: resolve issue';
+    mockSendMessage.mockResolvedValueOnce(makeSuccessResponse(commitMsg));
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('llm');
+    expect(result.message).toBe(commitMsg);
+
+    const callArgs = mockSendMessage.mock.calls[0];
+    const options = callArgs[3] as { config: { model: string } };
+    expect(options.config.model).toBe('claude-sonnet-4-20250514');
+  });
+
+  // 8. LLM timeout
+  test('LLM timeout → returns deterministic, reason "timeout"', async () => {
+    // Set a very short timeout and make sendMessage take too long
+    currentConfig.workspaceGit.commitMessageLLM.timeoutMs = 1;
+    mockSendMessage.mockImplementationOnce(
+      (_msgs, _tools, _sys, options) => {
+        // Wait until the abort signal fires
+        return new Promise<ProviderResponse>((_resolve, reject) => {
+          options?.signal?.addEventListener('abort', () => {
+            reject(new Error('aborted'));
+          });
+        });
+      },
+    );
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('deterministic');
+    expect(result.reason).toBe('timeout');
+  });
+
+  // 9. LLM provider error
+  test('LLM provider error → returns deterministic, reason "provider_error"', async () => {
+    mockSendMessage.mockRejectedValueOnce(new Error('API error'));
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('deterministic');
+    expect(result.reason).toBe('provider_error');
+  });
+
+  // 10. LLM invalid output (empty string)
+  test('LLM invalid output (empty string) → returns deterministic, reason "invalid_output"', async () => {
+    mockSendMessage.mockResolvedValueOnce(makeSuccessResponse(''));
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('deterministic');
+    expect(result.reason).toBe('invalid_output');
+  });
+
+  // 11. LLM subject > 72 chars → truncated to 72, still source "llm"
+  test('LLM subject > 72 chars → truncated to 72, source "llm"', async () => {
+    const longSubject = 'a'.repeat(100);
+    mockSendMessage.mockResolvedValueOnce(makeSuccessResponse(longSubject));
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('llm');
+    expect(result.reason).toBeUndefined();
+    expect(result.message.split('\n')[0].length).toBeLessThanOrEqual(72);
+    expect(result.message).toBe('a'.repeat(72));
+  });
+
+  // 11b. LLM subject > 72 chars with body → subject truncated, body preserved
+  test('LLM subject > 72 chars with body → subject truncated, body preserved', async () => {
+    const longSubject = 'b'.repeat(80);
+    const body = '\n\n- bullet one\n- bullet two';
+    mockSendMessage.mockResolvedValueOnce(makeSuccessResponse(longSubject + body));
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('llm');
+    expect(result.reason).toBeUndefined();
+    expect(result.message.split('\n')[0].length).toBeLessThanOrEqual(72);
+    expect(result.message).toBe('b'.repeat(72) + body);
+  });
+
+  // 12. Keyless provider (Ollama) without fast model → missing_fast_model (skips API key check)
+  test('Ollama without API key or fast model → returns deterministic, reason "missing_fast_model"', async () => {
+    (currentConfig as Record<string, unknown>).provider = 'ollama';
+    currentConfig.apiKeys = {} as Record<string, string>;
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('deterministic');
+    expect(result.reason).toBe('missing_fast_model');
+    expect(result.reason).not.toBe('missing_provider_api_key');
+    expect(mockSendMessage).not.toHaveBeenCalled();
+  });
+
+  // 13. Unknown provider without fast model default → missing_fast_model, no provider call
+  test('Unknown provider without fast model default → returns deterministic, reason "missing_fast_model"', async () => {
+    (currentConfig as Record<string, unknown>).provider = 'exotic-provider';
+    currentConfig.apiKeys = { 'exotic-provider': 'sk-exotic' } as Record<string, string>;
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('deterministic');
+    expect(result.reason).toBe('missing_fast_model');
+    expect(mockSendMessage).not.toHaveBeenCalled();
+  });
+
+  // 14. Fast-model override enables LLM path for provider without built-in default
+  test('fast-model override enables LLM path for provider without built-in default', async () => {
+    (currentConfig as Record<string, unknown>).provider = 'ollama';
+    currentConfig.apiKeys = {} as Record<string, string>; // Ollama is keyless
+    currentConfig.workspaceGit.commitMessageLLM.providerFastModelOverrides = {
+      ollama: 'llama3.2:3b',
+    };
+    const commitMsg = 'fix: local model commit';
+    mockSendMessage.mockResolvedValueOnce(makeSuccessResponse(commitMsg));
+    const gen = getCommitMessageGenerator();
+    const result = await gen.generateCommitMessage(baseContext, {
+      changedFiles: baseContext.changedFiles,
+    });
+    expect(result.source).toBe('llm');
+    expect(result.message).toBe(commitMsg);
+
+    // Verify the override model was passed
+    const callArgs = mockSendMessage.mock.calls[0];
+    const options = callArgs[3] as { config: { model: string } };
+    expect(options.config.model).toBe('llama3.2:3b');
+  });
+});