mirror of
https://github.com/affaan-m/everything-claude-code.git
synced 2026-04-01 22:53:27 +08:00
6cc85ef2ed
* fix(ci): resolve cross-platform test failures - Sanity check script (check-codex-global-state.sh) now falls back to grep -E when ripgrep is not available, fixing the codex-hooks sync test on all CI platforms. Patterns converted to POSIX ERE for portability. - Unicode safety test accepts both / and \ path separators so the executable-file assertion passes on Windows. - Gacha test sets PYTHONUTF8=1 so Python uses UTF-8 stdout encoding on Windows instead of cp1252, preventing UnicodeEncodeError on box-drawing characters. - Quoted-hook-path test skipped on Windows where NTFS disallows double-quote characters in filenames. * feat: port remotion-video-creation skill (29 rules), restore missing files New skill: - remotion-video-creation: 29 domain-specific Remotion rules covering 3D/Three.js, animations, audio, captions, charts, compositions, fonts, GIFs, Lottie, measuring, sequencing, tailwind, text animations, timing, transitions, trimming, and video embedding. Ported from personal skills. Restored: - autonomous-agent-harness/SKILL.md (was in commit but missing from worktree) - lead-intelligence/ (full directory restored from branch commit) Updated: - manifests/install-modules.json: added remotion-video-creation to media-generation - README.md + AGENTS.md: synced counts to 139 skills Catalog validates: 30 agents, 60 commands, 139 skills. * fix(security): pin MCP server versions, add dependabot, pin github-script SHA Critical: - Pin all npx -y MCP server packages to specific versions in .mcp.json to prevent supply chain attacks via version hijacking: - @modelcontextprotocol/server-github@2025.4.8 - @modelcontextprotocol/server-memory@2026.1.26 - @modelcontextprotocol/server-sequential-thinking@2025.12.18 - @playwright/mcp@0.0.69 (was 0.0.68) Medium: - Add .github/dependabot.yml for weekly npm + github-actions updates with grouped minor/patch PRs - Pin actions/github-script to SHA (was @v7 tag, now pinned to commit) * feat: add social-graph-ranker skill — weighted network proximity scoring New skill: social-graph-ranker - Weighted social graph traversal with exponential decay across hops - Bridge Score: B(m) = Σ w(t) · λ^(d(m,t)-1) ranks mutuals by target proximity - Extended Score incorporates 2nd-order network (mutual-of-mutual connections) - Final ranking includes engagement bonus for responsive connections - Runs in parallel with lead-intelligence skill for combined warm+cold outreach - Supports X API + LinkedIn CSV for graph harvesting - Outputs tiered action list: warm intros, direct outreach, network gap analysis Added to business-content install module. Catalog validates: 30/60/140. * fix(security): npm audit fix — resolve all dependency vulnerabilities Applied npm audit fix --force to resolve: - minimatch ReDoS (3 vulnerabilities, HIGH) - smol-toml DoS (MODERATE) - brace-expansion memory exhaustion (MODERATE) - markdownlint-cli upgraded from 0.47.0 to 0.48.0 npm audit now reports 0 vulnerabilities. * fix: resolve markdown lint and yarn lockfile sync - MD047: ensure single trailing newline on all remotion rule files - MD012: remove consecutive blank lines in lottie, measuring-dom-nodes, trimming - MD034: wrap bare URLs in angle brackets (tailwind, transcribe-captions) - yarn.lock: regenerated to sync with npm audit changes in package.json * fix: replace unicode arrows in lead-intelligence (CI unicode safety check)
168 lines
5.1 KiB
JavaScript
168 lines
5.1 KiB
JavaScript
/**
|
|
* Tests for Codex shell helpers.
|
|
*/
|
|
|
|
const assert = require('assert');
|
|
const fs = require('fs');
|
|
const os = require('os');
|
|
const path = require('path');
|
|
const { spawnSync } = require('child_process');
|
|
|
|
const repoRoot = path.join(__dirname, '..', '..');
|
|
const installScript = path.join(repoRoot, 'scripts', 'codex', 'install-global-git-hooks.sh');
|
|
const syncScript = path.join(repoRoot, 'scripts', 'sync-ecc-to-codex.sh');
|
|
|
|
function test(name, fn) {
|
|
try {
|
|
fn();
|
|
console.log(` ✓ ${name}`);
|
|
return true;
|
|
} catch (error) {
|
|
console.log(` ✗ ${name}`);
|
|
console.log(` Error: ${error.message}`);
|
|
return false;
|
|
}
|
|
}
|
|
|
|
function createTempDir(prefix) {
|
|
return fs.mkdtempSync(path.join(os.tmpdir(), prefix));
|
|
}
|
|
|
|
function cleanup(dirPath) {
|
|
fs.rmSync(dirPath, { recursive: true, force: true });
|
|
}
|
|
|
|
function runBash(scriptPath, args = [], env = {}, cwd = repoRoot) {
|
|
return spawnSync('bash', [scriptPath, ...args], {
|
|
cwd,
|
|
env: {
|
|
...process.env,
|
|
...env,
|
|
},
|
|
encoding: 'utf8',
|
|
stdio: ['pipe', 'pipe', 'pipe'],
|
|
});
|
|
}
|
|
|
|
function makeHermeticCodexEnv(homeDir, codexDir, extraEnv = {}) {
|
|
const agentsHome = path.join(homeDir, '.agents');
|
|
const hooksDir = path.join(codexDir, 'git-hooks');
|
|
return {
|
|
HOME: homeDir,
|
|
USERPROFILE: homeDir,
|
|
XDG_CONFIG_HOME: path.join(homeDir, '.config'),
|
|
GIT_CONFIG_GLOBAL: path.join(homeDir, '.gitconfig'),
|
|
CODEX_HOME: codexDir,
|
|
AGENTS_HOME: agentsHome,
|
|
ECC_GLOBAL_HOOKS_DIR: hooksDir,
|
|
CLAUDE_PACKAGE_MANAGER: 'npm',
|
|
CLAUDE_CODE_PACKAGE_MANAGER: 'npm',
|
|
LANG: 'C.UTF-8',
|
|
LC_ALL: 'C.UTF-8',
|
|
...extraEnv,
|
|
};
|
|
}
|
|
|
|
let passed = 0;
|
|
let failed = 0;
|
|
|
|
// Windows NTFS does not allow double-quote characters in file paths,
|
|
// so the quoted-path shell-injection test is only meaningful on Unix.
|
|
if (os.platform() === 'win32') {
|
|
console.log(' - install-global-git-hooks.sh quoted paths (skipped on Windows)');
|
|
} else if (
|
|
test('install-global-git-hooks.sh handles quoted hook paths without shell injection', () => {
|
|
const homeDir = createTempDir('codex-hooks-home-');
|
|
const weirdHooksDir = path.join(homeDir, 'git-hooks "quoted"');
|
|
|
|
try {
|
|
const result = runBash(installScript, [], {
|
|
HOME: homeDir,
|
|
ECC_GLOBAL_HOOKS_DIR: weirdHooksDir,
|
|
});
|
|
|
|
assert.strictEqual(result.status, 0, result.stderr || result.stdout);
|
|
assert.ok(fs.existsSync(path.join(weirdHooksDir, 'pre-commit')));
|
|
assert.ok(fs.existsSync(path.join(weirdHooksDir, 'pre-push')));
|
|
} finally {
|
|
cleanup(homeDir);
|
|
}
|
|
})
|
|
)
|
|
passed++;
|
|
else failed++;
|
|
|
|
if (
|
|
test('sync preserves baseline config and accepts the legacy context7 MCP section', () => {
|
|
const homeDir = createTempDir('codex-sync-home-');
|
|
const codexDir = path.join(homeDir, '.codex');
|
|
const configPath = path.join(codexDir, 'config.toml');
|
|
const agentsPath = path.join(codexDir, 'AGENTS.md');
|
|
const config = [
|
|
'approval_policy = "on-request"',
|
|
'sandbox_mode = "workspace-write"',
|
|
'web_search = "live"',
|
|
'persistent_instructions = ""',
|
|
'',
|
|
'[features]',
|
|
'multi_agent = true',
|
|
'',
|
|
'[profiles.strict]',
|
|
'approval_policy = "on-request"',
|
|
'sandbox_mode = "read-only"',
|
|
'web_search = "cached"',
|
|
'',
|
|
'[profiles.yolo]',
|
|
'approval_policy = "never"',
|
|
'sandbox_mode = "workspace-write"',
|
|
'web_search = "live"',
|
|
'',
|
|
'[mcp_servers.context7]',
|
|
'command = "npx"',
|
|
'args = ["-y", "@upstash/context7-mcp"]',
|
|
'',
|
|
'[mcp_servers.github]',
|
|
'command = "npx"',
|
|
'args = ["-y", "@modelcontextprotocol/server-github"]',
|
|
'',
|
|
'[mcp_servers.memory]',
|
|
'command = "npx"',
|
|
'args = ["-y", "@modelcontextprotocol/server-memory"]',
|
|
'',
|
|
'[mcp_servers.sequential-thinking]',
|
|
'command = "npx"',
|
|
'args = ["-y", "@modelcontextprotocol/server-sequential-thinking"]',
|
|
'',
|
|
].join('\n');
|
|
|
|
try {
|
|
fs.mkdirSync(codexDir, { recursive: true });
|
|
fs.writeFileSync(configPath, config);
|
|
|
|
const syncResult = runBash(syncScript, ['--update-mcp'], makeHermeticCodexEnv(homeDir, codexDir));
|
|
assert.strictEqual(syncResult.status, 0, `${syncResult.stdout}\n${syncResult.stderr}`);
|
|
|
|
const syncedAgents = fs.readFileSync(agentsPath, 'utf8');
|
|
assert.match(syncedAgents, /^# Everything Claude Code \(ECC\) — Agent Instructions/m);
|
|
assert.match(syncedAgents, /^# Codex Supplement \(From ECC \.codex\/AGENTS\.md\)/m);
|
|
|
|
const syncedConfig = fs.readFileSync(configPath, 'utf8');
|
|
assert.match(syncedConfig, /^multi_agent\s*=\s*true$/m);
|
|
assert.match(syncedConfig, /^\[profiles\.strict\]$/m);
|
|
assert.match(syncedConfig, /^\[profiles\.yolo\]$/m);
|
|
assert.match(syncedConfig, /^\[mcp_servers\.github\]$/m);
|
|
assert.match(syncedConfig, /^\[mcp_servers\.memory\]$/m);
|
|
assert.match(syncedConfig, /^\[mcp_servers\.sequential-thinking\]$/m);
|
|
assert.match(syncedConfig, /^\[mcp_servers\.context7\]$/m);
|
|
} finally {
|
|
cleanup(homeDir);
|
|
}
|
|
})
|
|
)
|
|
passed++;
|
|
else failed++;
|
|
|
|
console.log(`\nPassed: ${passed}`);
|
|
console.log(`Failed: ${failed}`);
|
|
process.exit(failed > 0 ? 1 : 0);
|