vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-20 09:31:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

test: Remove duplicate and theatrical tests (#2016)

Browse source 
Remove 3 duplicate tests from security-edge-cases.test.ts that were
already covered in security.test.ts:

- validateIdentifier: "reject 65-char identifier" (duplicate of
  security.test.ts "should reject overly long identifiers")
- validateScriptContent: "accept wget|sh" (duplicate of
  security.test.ts "should accept scripts with wget|bash")
- validatePrompt: "accept prompts at exactly the max length" (duplicate
  of security.test.ts "should accept prompts at the size limit")

The edge-cases file retains unique tests: 64-char boundary check,
single char identifiers, mkfs with multiple filesystems, extra-whitespace
pipe detection, etc.

Co-authored-by: spawn-qa-bot <qa@openrouter.ai>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: L <6723574+louisgv@users.noreply.github.com>
This commit is contained in:
A 2026-02-28 01:11:48 -08:00 committed by GitHub
parent c1e605c884
commit ee83e46d9b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 0 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

17
packages/cli/src/__tests__/security-edge-cases.test.ts
View file

@ -14,11 +14,6 @@ describe("Security Edge Cases", () => {
expect(() => validateIdentifier(id, "Test")).not.toThrow();
});
it("should reject identifier at 65 characters", () => {
const id = "a".repeat(65);
expect(() => validateIdentifier(id, "Test")).toThrow("too long");
});
it("should accept single character identifiers", () => {
expect(() => validateIdentifier("a", "Test")).not.toThrow();
expect(() => validateIdentifier("1", "Test")).not.toThrow();
@ -139,13 +134,6 @@ echo "safe"
expect(() => validateScriptContent(script)).toThrow("destructive filesystem operation");
});
it("should accept wget|sh (used by spawn scripts)", () => {
const script = `#!/bin/bash
wget -q https://example.com/install.sh | sh
`;
expect(() => validateScriptContent(script)).not.toThrow();
});
it("should accept scripts with curl used safely", () => {
const safe = `#!/bin/bash
curl -fsSL https://example.com/file.tar.gz -o /tmp/file.tar.gz
@ -195,11 +183,6 @@ dd if=/dev/urandom of=/tmp/random.bin bs=1M count=1
expect(() => validatePrompt("Count lines | wc -l")).not.toThrow();
});
it("should accept prompts at exactly the max length", () => {
const maxPrompt = "x".repeat(10 * 1024);
expect(() => validatePrompt(maxPrompt)).not.toThrow();
});
it("should reject prompts one byte over the max length", () => {
const overPrompt = "x".repeat(10 * 1024 + 1);
expect(() => validatePrompt(overPrompt)).toThrow("too long");