zubo 0.1.0

package/tests/helpers/mock-llm.ts

@@ -0,0 +1,34 @@
+import type { LlmProvider, LlmRequest, LlmResponse, LlmContentBlock } from "../../src/llm/provider";
+
+export function textResponse(text: string): LlmResponse {
+  return {
+    content: [{ type: "text", text }],
+    stopReason: "end_turn",
+    usage: { inputTokens: 100, outputTokens: 50 },
+  };
+}
+
+export function toolCallResponse(toolName: string, toolId: string, input: Record<string, unknown>): LlmResponse {
+  return {
+    content: [
+      { type: "tool_use", id: toolId, name: toolName, input },
+    ],
+    stopReason: "tool_use",
+    usage: { inputTokens: 100, outputTokens: 50 },
+  };
+}
+
+export function createMockLlm(responses: LlmResponse[]): LlmProvider {
+  let callIndex = 0;
+  return {
+    providerName: "mock",
+    model: "mock-model",
+    contextWindow: 100_000,
+    async chat(request: LlmRequest): Promise<LlmResponse> {
+      if (callIndex >= responses.length) {
+        return textResponse("(no more mock responses)");
+      }
+      return responses[callIndex++];
+    },
+  };
+}

package/tests/helpers/test-db.ts

@@ -0,0 +1,74 @@
+import { Database } from "bun:sqlite";
+import { readFileSync, readdirSync } from "fs";
+import { join } from "path";
+
+/**
+ * Split SQL text into individual statements, respecting BEGIN...END blocks
+ * (e.g. CREATE TRIGGER statements that contain semicolons inside them).
+ */
+function splitSql(sql: string): string[] {
+  const statements: string[] = [];
+  let current = "";
+  let inBlock = false;
+
+  for (const line of sql.split("\n")) {
+    const trimmed = line.trim().toUpperCase();
+
+    // Detect BEGIN (start of trigger/block body)
+    if (trimmed === "BEGIN" || trimmed.endsWith(" BEGIN")) {
+      inBlock = true;
+    }
+
+    current += line + "\n";
+
+    // Detect END that closes the block — only the standalone "END" or "END;"
+    if (inBlock && (trimmed === "END" || trimmed === "END;")) {
+      inBlock = false;
+      statements.push(current.trim().replace(/;$/, ""));
+      current = "";
+      continue;
+    }
+
+    // Outside a block, split on semicolons at end of line
+    if (!inBlock && trimmed.endsWith(";")) {
+      const stmt = current.trim().replace(/;$/, "");
+      if (stmt) statements.push(stmt);
+      current = "";
+    }
+  }
+
+  // Leftover
+  const leftover = current.trim().replace(/;$/, "");
+  if (leftover) statements.push(leftover);
+
+  return statements;
+}
+
+export function createTestDb(): Database {
+  const db = new Database(":memory:");
+
+  // Run all migrations
+  const migrationsDir = join(import.meta.dir, "../../migrations");
+  try {
+    const files = readdirSync(migrationsDir)
+      .filter(f => f.endsWith(".sql"))
+      .sort();
+
+    for (const file of files) {
+      const sql = readFileSync(join(migrationsDir, file), "utf-8");
+      const statements = splitSql(sql);
+      for (const stmt of statements) {
+        try {
+          db.run(stmt);
+        } catch (e: any) {
+          // Ignore "duplicate column" errors from ALTER TABLE
+          if (!e.message?.includes("duplicate column")) {
+            // Still try to continue with other statements
+          }
+        }
+      }
+    }
+  } catch {}
+
+  return db;
+}

package/tests/integration/chat-flow.test.ts

@@ -0,0 +1,48 @@
+import { describe, it, expect } from "bun:test";
+import { createMockLlm, textResponse, toolCallResponse } from "../helpers/mock-llm";
+
+describe("Integration: Chat Flow", () => {
+  it("should handle a full conversation with tool use", async () => {
+    const llm = createMockLlm([
+      toolCallResponse("datetime", "t1", {}),
+      textResponse("The current time is 2025-01-01T12:00:00Z"),
+    ]);
+
+    // Simulate the conversation
+    const response1 = await llm.chat({ system: "You are Zubo", messages: [{ role: "user", content: "What time is it?" }] });
+    expect(response1.stopReason).toBe("tool_use");
+    expect(response1.content[0].name).toBe("datetime");
+
+    // After tool execution
+    const response2 = await llm.chat({
+      system: "You are Zubo",
+      messages: [
+        { role: "user", content: "What time is it?" },
+        { role: "assistant", content: response1.content },
+        { role: "user", content: [{ type: "tool_result", tool_use_id: "t1", content: "2025-01-01T12:00:00Z" }] },
+      ],
+    });
+    expect(response2.stopReason).toBe("end_turn");
+    expect(response2.content[0].text).toContain("current time");
+  });
+
+  it("should handle multi-turn conversation", async () => {
+    const llm = createMockLlm([
+      textResponse("Hello! I'm Zubo."),
+      textResponse("My name is Zubo, and I'm your AI agent."),
+    ]);
+
+    const r1 = await llm.chat({ system: "You are Zubo", messages: [{ role: "user", content: "Hi" }] });
+    expect(r1.content[0].text).toContain("Zubo");
+
+    const r2 = await llm.chat({
+      system: "You are Zubo",
+      messages: [
+        { role: "user", content: "Hi" },
+        { role: "assistant", content: r1.content },
+        { role: "user", content: "What's your name?" },
+      ],
+    });
+    expect(r2.content[0].text).toContain("Zubo");
+  });
+});

package/tests/integrations.test.ts

@@ -0,0 +1,97 @@
+import { describe, it, expect } from "bun:test";
+import { safeApiError, safeExceptionError } from "../src/tools/builtin-integrations/api-helpers";
+
+describe("Integration Helpers", () => {
+  describe("safeApiError", () => {
+    it("should return status code without leaking response body", async () => {
+      const mockResponse = new Response("secret-token-leaked-here", {
+        status: 401,
+        statusText: "Unauthorized",
+      });
+      const result = await safeApiError(mockResponse, "TestService");
+      const parsed = JSON.parse(result);
+      expect(parsed.error).toContain("TestService");
+      expect(parsed.error).toContain("401");
+      expect(parsed.error).not.toContain("secret-token");
+    });
+
+    it("should handle non-text responses gracefully", async () => {
+      const mockResponse = new Response(null, { status: 500, statusText: "Internal Server Error" });
+      const result = await safeApiError(mockResponse, "API");
+      const parsed = JSON.parse(result);
+      expect(parsed.error).toContain("500");
+    });
+  });
+
+  describe("safeExceptionError", () => {
+    it("should not expose raw error messages", () => {
+      const result = safeExceptionError(
+        new Error("Connection refused to https://api.example.com?token=abc123"),
+        "GitHub"
+      );
+      const parsed = JSON.parse(result);
+      expect(parsed.error).toContain("GitHub");
+      expect(parsed.error).not.toContain("abc123");
+      expect(parsed.error).toContain("Check logs");
+    });
+  });
+});
+
+describe("Integration Installer", () => {
+  it("should have SERVICE_SECRETS for all builtin integrations", async () => {
+    const { listAvailableIntegrations } = await import(
+      "../src/tools/integration-installer"
+    );
+    const integrations = listAvailableIntegrations();
+
+    // Each integration should have a secret_name
+    for (const integration of integrations) {
+      expect(integration.secret_name).toBeTruthy();
+      expect(typeof integration.secret_name).toBe("string");
+      expect(integration.skills.length).toBeGreaterThan(0);
+    }
+  });
+});
+
+describe("Jira SSRF Validation", () => {
+  it("should block localhost URLs", async () => {
+    // Mock the Zubo global to simulate Jira config
+    (globalThis as any).Zubo = {
+      getSecret: (name: string) => {
+        if (name === "jira_token") return "fake-token";
+        if (name === "jira_email") return "test@example.com";
+        if (name === "jira_url") return "http://localhost:8080";
+        return undefined;
+      },
+    };
+
+    const handler = (await import("../src/tools/builtin-integrations/jira/jira_issues/handler")).default;
+    const result = await handler({ action: "list" });
+    const parsed = JSON.parse(result);
+    expect(parsed.error).toBeTruthy();
+    // Should reject non-HTTPS or localhost
+    expect(
+      parsed.error.includes("HTTPS") || parsed.error.includes("internal")
+    ).toBe(true);
+
+    delete (globalThis as any).Zubo;
+  });
+
+  it("should block private IP ranges", async () => {
+    (globalThis as any).Zubo = {
+      getSecret: (name: string) => {
+        if (name === "jira_token") return "fake-token";
+        if (name === "jira_email") return "test@example.com";
+        if (name === "jira_url") return "https://192.168.1.1";
+        return undefined;
+      },
+    };
+
+    const handler = (await import("../src/tools/builtin-integrations/jira/jira_issues/handler")).default;
+    const result = await handler({ action: "list" });
+    const parsed = JSON.parse(result);
+    expect(parsed.error).toContain("internal");
+
+    delete (globalThis as any).Zubo;
+  });
+});

package/tests/memory/engine.test.ts

@@ -0,0 +1,114 @@
+import { describe, test, expect, beforeEach } from "bun:test";
+import { Database } from "bun:sqlite";
+import { pruneOldChunks, getMemoryStats } from "../../src/memory/engine";
+
+function createTestDb(): Database {
+  const db = new Database(":memory:");
+
+  // Run the memory migration schema
+  db.run(`
+    CREATE TABLE IF NOT EXISTS memory_chunks (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      source_file TEXT NOT NULL,
+      chunk_index INTEGER NOT NULL,
+      content TEXT NOT NULL,
+      embedding BLOB,
+      created_at TEXT NOT NULL DEFAULT (datetime('now')),
+      UNIQUE(source_file, chunk_index)
+    )
+  `);
+
+  return db;
+}
+
+function insertChunks(db: Database, count: number): void {
+  const stmt = db.prepare(
+    "INSERT INTO memory_chunks (source_file, chunk_index, content) VALUES (?, ?, ?)"
+  );
+  for (let i = 0; i < count; i++) {
+    stmt.run(`file-${i}.md`, 0, `Chunk content number ${i}`);
+  }
+}
+
+describe("pruneOldChunks", () => {
+  let db: Database;
+
+  beforeEach(() => {
+    db = createTestDb();
+  });
+
+  test("does nothing when chunk count is under the limit", () => {
+    insertChunks(db, 5);
+    const pruned = pruneOldChunks(db, 10);
+    expect(pruned).toBe(0);
+
+    const row = db.query("SELECT COUNT(*) as c FROM memory_chunks").get() as { c: number };
+    expect(row.c).toBe(5);
+  });
+
+  test("removes excess chunks when over the limit", () => {
+    insertChunks(db, 15);
+    const pruned = pruneOldChunks(db, 10);
+    expect(pruned).toBe(5);
+
+    const row = db.query("SELECT COUNT(*) as c FROM memory_chunks").get() as { c: number };
+    expect(row.c).toBe(10);
+  });
+
+  test("removes the oldest chunks (lowest IDs)", () => {
+    insertChunks(db, 5);
+    const pruned = pruneOldChunks(db, 3);
+    expect(pruned).toBe(2);
+
+    // The first 2 chunks (lowest IDs) should be gone
+    const remaining = db.query("SELECT id FROM memory_chunks ORDER BY id").all() as { id: number }[];
+    expect(remaining).toHaveLength(3);
+    // IDs 1 and 2 should have been pruned, leaving 3, 4, 5
+    expect(remaining[0].id).toBe(3);
+    expect(remaining[1].id).toBe(4);
+    expect(remaining[2].id).toBe(5);
+  });
+
+  test("does nothing when count equals the limit", () => {
+    insertChunks(db, 10);
+    const pruned = pruneOldChunks(db, 10);
+    expect(pruned).toBe(0);
+  });
+
+  test("handles empty table gracefully", () => {
+    const pruned = pruneOldChunks(db, 10);
+    expect(pruned).toBe(0);
+  });
+});
+
+describe("getMemoryStats", () => {
+  let db: Database;
+
+  beforeEach(() => {
+    db = createTestDb();
+  });
+
+  test("returns zero for an empty table", () => {
+    const stats = getMemoryStats(db);
+    expect(stats.totalChunks).toBe(0);
+  });
+
+  test("returns correct count after inserting chunks", () => {
+    insertChunks(db, 7);
+    const stats = getMemoryStats(db);
+    expect(stats.totalChunks).toBe(7);
+  });
+
+  test("returns correct count after pruning", () => {
+    insertChunks(db, 20);
+    pruneOldChunks(db, 12);
+    const stats = getMemoryStats(db);
+    expect(stats.totalChunks).toBe(12);
+  });
+
+  test("returns zero when the table does not exist", () => {
+    const emptyDb = new Database(":memory:");
+    const stats = getMemoryStats(emptyDb);
+    expect(stats.totalChunks).toBe(0);
+  });
+});

package/tests/memory-engine.test.ts

@@ -0,0 +1,57 @@
+import { describe, it, expect } from "bun:test";
+import { createTestDb } from "./helpers/test-db";
+
+describe("Memory Engine", () => {
+  it("should create memory_chunks table in test DB", () => {
+    const db = createTestDb();
+    const result = db.query("SELECT name FROM sqlite_master WHERE type='table' AND name='memory_chunks'").get() as any;
+    expect(result).toBeTruthy();
+    expect(result.name).toBe("memory_chunks");
+    db.close();
+  });
+
+  it("should insert and retrieve memory chunks", () => {
+    const db = createTestDb();
+    db.prepare("INSERT INTO memory_chunks (source_file, chunk_index, content) VALUES (?, ?, ?)").run("test.md", 0, "Hello world");
+
+    const chunks = db.query("SELECT * FROM memory_chunks WHERE source_file = 'test.md'").all() as any[];
+    expect(chunks.length).toBe(1);
+    expect(chunks[0].content).toBe("Hello world");
+    expect(chunks[0].chunk_index).toBe(0);
+    db.close();
+  });
+
+  it("should support FTS search via triggers", () => {
+    const db = createTestDb();
+    // Inserting into memory_chunks should auto-populate memory_fts via triggers
+    db.prepare("INSERT INTO memory_chunks (source_file, chunk_index, content) VALUES (?, ?, ?)").run("a.md", 0, "TypeScript is great");
+    db.prepare("INSERT INTO memory_chunks (source_file, chunk_index, content) VALUES (?, ?, ?)").run("b.md", 0, "Python is cool");
+
+    const results = db.query("SELECT * FROM memory_fts WHERE memory_fts MATCH 'TypeScript'").all() as any[];
+    expect(results.length).toBe(1);
+    db.close();
+  });
+
+  it("should handle dedup on re-index", () => {
+    const db = createTestDb();
+    db.prepare("INSERT INTO memory_chunks (source_file, chunk_index, content) VALUES (?, ?, ?)").run("test.md", 0, "original");
+
+    // Update same chunk (UNIQUE constraint on source_file, chunk_index)
+    db.prepare("UPDATE memory_chunks SET content = ? WHERE source_file = ? AND chunk_index = ?").run("updated", "test.md", 0);
+
+    const chunks = db.query("SELECT * FROM memory_chunks WHERE source_file = 'test.md'").all() as any[];
+    expect(chunks.length).toBe(1);
+    expect(chunks[0].content).toBe("updated");
+    db.close();
+  });
+
+  it("should enforce unique constraint on source_file + chunk_index", () => {
+    const db = createTestDb();
+    db.prepare("INSERT INTO memory_chunks (source_file, chunk_index, content) VALUES (?, ?, ?)").run("test.md", 0, "first");
+
+    expect(() => {
+      db.prepare("INSERT INTO memory_chunks (source_file, chunk_index, content) VALUES (?, ?, ?)").run("test.md", 0, "duplicate");
+    }).toThrow();
+    db.close();
+  });
+});

package/tests/permissions.test.ts

@@ -0,0 +1,21 @@
+import { describe, it, expect } from "bun:test";
+import { getToolPermission } from "../src/tools/permissions";
+
+describe("getToolPermission", () => {
+  it("returns 'auto' for safe built-in tools", () => {
+    expect(getToolPermission("datetime")).toBe("auto");
+    expect(getToolPermission("memory_write")).toBe("auto");
+    expect(getToolPermission("memory_search")).toBe("auto");
+    expect(getToolPermission("cron_list")).toBe("auto");
+  });
+
+  it("returns 'confirm' for dangerous tools", () => {
+    expect(getToolPermission("shell")).toBe("confirm");
+    expect(getToolPermission("file_write")).toBe("confirm");
+  });
+
+  it("returns 'auto' for unknown tools (user-installed skills)", () => {
+    expect(getToolPermission("my_custom_skill")).toBe("auto");
+    expect(getToolPermission("weather")).toBe("auto");
+  });
+});

package/tests/rate-limiter.test.ts

@@ -0,0 +1,70 @@
+import { describe, it, expect, afterEach } from "bun:test";
+import { RateLimiter } from "../src/util/rate-limiter";
+
+describe("RateLimiter", () => {
+  const limiters: RateLimiter[] = [];
+
+  function create(max: number, windowMs: number) {
+    const rl = new RateLimiter(max, windowMs);
+    limiters.push(rl);
+    return rl;
+  }
+
+  afterEach(() => {
+    for (const rl of limiters) rl.destroy();
+    limiters.length = 0;
+  });
+
+  it("should allow requests under the limit", () => {
+    const rl = create(5, 60_000);
+    for (let i = 0; i < 5; i++) {
+      const result = rl.check("user1");
+      expect(result.allowed).toBe(true);
+    }
+  });
+
+  it("should block requests over the limit", () => {
+    const rl = create(3, 60_000);
+    rl.check("user1");
+    rl.check("user1");
+    rl.check("user1");
+    const blocked = rl.check("user1");
+    expect(blocked.allowed).toBe(false);
+    expect(blocked.retryAfterMs).toBeGreaterThan(0);
+  });
+
+  it("should isolate keys independently", () => {
+    const rl = create(2, 60_000);
+    rl.check("user1");
+    rl.check("user1");
+    const blocked = rl.check("user1");
+    expect(blocked.allowed).toBe(false);
+
+    // Different key should still be allowed
+    const other = rl.check("user2");
+    expect(other.allowed).toBe(true);
+  });
+
+  it("should allow requests after the window expires", async () => {
+    // Use a very short window
+    const rl = create(1, 50);
+    rl.check("user1");
+    const blocked = rl.check("user1");
+    expect(blocked.allowed).toBe(false);
+
+    // Wait for window to expire
+    await new Promise((r) => setTimeout(r, 60));
+    const allowed = rl.check("user1");
+    expect(allowed.allowed).toBe(true);
+  });
+
+  it("should report accurate Retry-After values", () => {
+    const rl = create(1, 60_000);
+    rl.check("user1");
+    const blocked = rl.check("user1");
+    expect(blocked.allowed).toBe(false);
+    // retryAfterMs should be roughly 60s (within a reasonable margin)
+    expect(blocked.retryAfterMs).toBeGreaterThan(50_000);
+    expect(blocked.retryAfterMs).toBeLessThanOrEqual(60_000);
+  });
+});

package/tests/registry.test.ts

@@ -0,0 +1,67 @@
+import { describe, it, expect, beforeEach } from "bun:test";
+import {
+  registerTool,
+  getTool,
+  getAllToolDefs,
+  unregisterTool,
+} from "../src/tools/registry";
+
+// Register a test tool before each test
+const testTool = {
+  definition: {
+    name: "test_tool",
+    description: "A tool for testing",
+    input_schema: {
+      type: "object",
+      properties: {
+        input: { type: "string" },
+      },
+      required: ["input"],
+    },
+  },
+  execute: async (input: Record<string, unknown>) => {
+    return `echo: ${input.input}`;
+  },
+};
+
+describe("tool registry", () => {
+  beforeEach(() => {
+    unregisterTool("test_tool");
+  });
+
+  it("registers and retrieves a tool", () => {
+    registerTool(testTool);
+    const tool = getTool("test_tool");
+    expect(tool).toBeDefined();
+    expect(tool!.definition.name).toBe("test_tool");
+  });
+
+  it("returns undefined for unknown tool", () => {
+    expect(getTool("nonexistent")).toBeUndefined();
+  });
+
+  it("unregisters a tool", () => {
+    registerTool(testTool);
+    expect(unregisterTool("test_tool")).toBe(true);
+    expect(getTool("test_tool")).toBeUndefined();
+  });
+
+  it("returns false when unregistering unknown tool", () => {
+    expect(unregisterTool("nonexistent")).toBe(false);
+  });
+
+  it("includes tool in getAllToolDefs", () => {
+    registerTool(testTool);
+    const defs = getAllToolDefs();
+    const found = defs.find((d) => d.name === "test_tool");
+    expect(found).toBeDefined();
+    expect(found!.description).toBe("A tool for testing");
+  });
+
+  it("executes a tool handler", async () => {
+    registerTool(testTool);
+    const tool = getTool("test_tool")!;
+    const result = await tool.execute({ input: "hello" });
+    expect(result).toBe("echo: hello");
+  });
+});

package/tests/router.test.ts

@@ -0,0 +1,36 @@
+import { describe, it, expect } from "bun:test";
+import { createMockLlm, textResponse } from "./helpers/mock-llm";
+import { createTestDb } from "./helpers/test-db";
+
+describe("Router", () => {
+  it("should create a router without errors", async () => {
+    const { createRouter } = await import("../src/channels/router");
+    const llm = createMockLlm([textResponse("hello")]);
+    const db = createTestDb();
+    const router = createRouter(llm, db);
+    expect(router).toBeDefined();
+    expect(router.handleMessage).toBeDefined();
+    expect(router.sendProactive).toBeDefined();
+    expect(router.addAdapter).toBeDefined();
+    db.close();
+  });
+
+  it("should support adding adapters", async () => {
+    const { createRouter } = await import("../src/channels/router");
+    const llm = createMockLlm([textResponse("test")]);
+    const db = createTestDb();
+    const router = createRouter(llm, db);
+
+    const mockAdapter = {
+      channelName: "test",
+      start() {},
+      stop() {},
+      async sendMessage() {},
+    };
+
+    router.addAdapter(mockAdapter);
+    // Should not throw
+    expect(true).toBe(true);
+    db.close();
+  });
+});

package/tests/session.test.ts

@@ -0,0 +1,58 @@
+import { describe, it, expect, beforeEach, afterEach } from "bun:test";
+import { mkdirSync, rmSync, existsSync } from "fs";
+import { join } from "path";
+
+const TEST_SESSION_DIR = join(import.meta.dir, ".test-sessions");
+
+describe("Session", () => {
+  beforeEach(() => {
+    mkdirSync(TEST_SESSION_DIR, { recursive: true });
+  });
+
+  afterEach(() => {
+    if (existsSync(TEST_SESSION_DIR)) {
+      rmSync(TEST_SESSION_DIR, { recursive: true });
+    }
+  });
+
+  it("should create session file on first append", async () => {
+    const { writeFileSync, readFileSync } = await import("fs");
+    const sessionPath = join(TEST_SESSION_DIR, "test-session.jsonl");
+
+    const msg = { role: "user", content: [{ type: "text", text: "hello" }], timestamp: new Date().toISOString() };
+    writeFileSync(sessionPath, JSON.stringify(msg) + "\n");
+
+    expect(existsSync(sessionPath)).toBe(true);
+    const content = readFileSync(sessionPath, "utf-8").trim();
+    const parsed = JSON.parse(content);
+    expect(parsed.role).toBe("user");
+  });
+
+  it("should append multiple messages", async () => {
+    const { writeFileSync, readFileSync } = await import("fs");
+    const sessionPath = join(TEST_SESSION_DIR, "multi.jsonl");
+
+    const msgs = [
+      { role: "user", content: [{ type: "text", text: "hi" }] },
+      { role: "assistant", content: [{ type: "text", text: "hello" }] },
+    ];
+
+    let content = "";
+    for (const msg of msgs) {
+      content += JSON.stringify(msg) + "\n";
+    }
+    writeFileSync(sessionPath, content);
+
+    const lines = readFileSync(sessionPath, "utf-8").trim().split("\n");
+    expect(lines.length).toBe(2);
+    expect(JSON.parse(lines[0]).role).toBe("user");
+    expect(JSON.parse(lines[1]).role).toBe("assistant");
+  });
+
+  it("should reject path traversal in session IDs", () => {
+    const dangerous = "../../../etc/passwd";
+    const safe = dangerous.replace(/[^a-zA-Z0-9_:-]/g, "_");
+    expect(safe).not.toContain("..");
+    expect(safe).not.toContain("/");
+  });
+});