- session-manager.js: getSessionById with date-only string exercises the
noIdMatch path for old-format sessions (2026-02-10 → 2026-02-10-session.tmp)
- session-end.js: extract user messages from role-only JSONL format
({"role":"user",...} without type field) exercises line 48 fallback
- session-end.js: nonexistent transcript_path triggers "Transcript not found"
log path (lines 153-155), creates session with blank template
Total: 803 tests, all passing
- evaluate-session.js: verify regex whitespace tolerance around colon
matches "type" : "user" (with spaces), not just compact JSON
- validate-rules.js: empty directory with no .md files yields Validated 0
- validate-skills.js: directory with only files, no subdirectories yields
Validated 0
Total: 800 tests, all passing
- suggest-compact: 'default' session ID fallback when CLAUDE_SESSION_ID empty
- session-aliases: loadAliases backfills missing version and metadata fields
- post-edit-typecheck: valid JSON without tool_input passes through unchanged
Total: 797 tests, all passing
- setup-package-manager.test.js: --global npm writes config and exits 0
- setup-package-manager.test.js: bare PM name sets global preference
- setup-package-manager.test.js: --detect with env var shows source 'environment'
791 tests total, all passing.
- utils.test.js: replaceInFile returns false on read-only file (catch block)
- session-manager.test.js: getAllSessions returns empty when sessions dir missing
- package-manager.test.js: getPackageManager falls through corrupted global config to npm default
788 tests total, all passing.
- getAllSessions search matches only shortId, not title/content
- getSessionPath returns absolute path with correct directory structure
- analysisResults handles zero values for all data fields without crash
Round 53: Adds 3 hook tests — validates evaluate-session.js
falls back to CLAUDE_TRANSCRIPT_PATH env var when stdin JSON
is invalid, post-edit-console-warn.js truncates output to max
5 matches, and post-edit-format.js passes through data when
the target .tsx file doesn't exist.
Round 46: verify getSessionStats recognises C:/ and D:\ as file
paths but not bare C: without slash; verify parseSessionMetadata
only matches lowercase [x] checkboxes (not uppercase [X]).
User messages containing newline characters were being added as-is to
markdown list items in buildSummarySection(), breaking the list format.
Now newlines are replaced with spaces before backtick escaping.
On Unix/macOS, rename(2) atomically replaces the destination file.
The previous code ran unlinkSync before renameSync on all platforms,
creating an unnecessary non-atomic window where a crash could lose
data. Now the delete-before-rename is gated behind process.platform
=== 'win32', where rename cannot overwrite an existing file.
The .cursor copy had diverged from scripts/hooks/suggest-compact.js:
- Fixed interval calculation: count % 25 → (count - threshold) % 25
so suggestions fire relative to the configured threshold
- Added upper bound clamp (<=1000000) to prevent counter corruption
from large values converting to scientific notation strings
- Removed unreliable String(process.ppid) fallback for session ID
The box() helper produced lines that were width+1 characters instead of
the requested width. Adjusted all three formulas (top border, middle
content, bottom border) by -1 each. Added 4 tests verifying box width
accuracy across instincts(), analysisResults(), and nextSteps() output.
Cover createdTime/birthtime fallback in session-manager, readStdinJson
error event settled-flag guard in utils, renameAlias rollback on naming
conflict in session-aliases, and saveAliases backup preservation on
serialization failure. Total: 713 tests.
When --global or --project was followed by another flag (e.g., --global --project),
the flag was treated as a package manager name. Added pmName.startsWith('-') check
to both handlers. Added 20 tests across 4 test files covering argument validation,
ensureDir error propagation, runCommand stderr handling, and saveAliases failure paths.
new Date('YYYY-MM-DD') creates UTC midnight, which in negative UTC offset
timezones (e.g., Hawaii) causes getDate() to return the previous day.
Replaced with new Date(year, month - 1, day) for correct local-time behavior.
Added 15 tests: session-manager datetime verification and edge cases (7),
package-manager getCommandPattern special characters (4), and
validators model/skill-reference validation (4). Tests: 651 → 666.
Cover 30-day month validation (Sep/Nov 31 rejection), getSessionStats
path heuristic with multiline content, combined date+search+pagination
in getAllSessions, ambiguous prefix matching in getSessionById, unclosed
code fence in parseSessionMetadata, empty checklist item behavior,
reserved name case sensitivity (LIST/Help/Set), negative limit in
listAliases, and undefined title in setAlias.
Replace console.log(data) with process.stdout.write(data) in both
pass-through paths to prevent appending a trailing newline that
corrupts the hook output. Add 7 tests covering exact byte fidelity,
malformed JSON, missing file_path, non-existent files, exclusion
patterns in check-console-log, non-git repo handling, and empty stdin.
Validate args parameter in getExecCommand() against SAFE_ARGS_REGEX to
prevent command injection when returned string is passed to a shell.
Escape regex metacharacters in getCommandPattern() generic action branch
to prevent malformed patterns and unintended matching. Clean up stdin
listeners in readStdinJson() timeout path to prevent process hanging.
Replace shell: true with npx.cmd on Windows in post-edit-format.js and
post-edit-typecheck.js to prevent command injection via crafted file paths.
Replace console.log(data) with process.stdout.write(data) in
check-console-log.js to avoid appending extra newlines to pass-through data.
- session-manager: clamp offset/limit to safe non-negative integers to
prevent negative offset counting from end and NaN returning empty results
- session-aliases: add success field to cleanupAliases return value for
API contract consistency with setAlias/deleteAlias/renameAlias
progressBar() in skill-create-output.js could crash with RangeError when
percent > 100 because repeat() received a negative count. Fixed by
clamping filled to [0, width].
New tests:
- progressBar edge cases: 0%, 100%, and >100% confidence
- Empty patterns/instincts arrays
- post-edit-format: null tool_input, missing file_path, prettier failure
- setup-package-manager: --detect output completeness, current marker
