From 942334f97d86aaa4b243b4540ae088e59add5b76 Mon Sep 17 00:00:00 2001 From: Peter Steinberger Date: Thu, 14 May 2026 22:44:30 +0100 Subject: [PATCH] test(release): update plugin prerelease assertions --- .../npm-install-security-scan.release.test.ts | 4 +++- src/plugins/uninstall.test.ts | 20 +++++++++++++++++-- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/src/plugins/npm-install-security-scan.release.test.ts b/src/plugins/npm-install-security-scan.release.test.ts index 433c1d6690e..ae834dfe7c4 100644 --- a/src/plugins/npm-install-security-scan.release.test.ts +++ b/src/plugins/npm-install-security-scan.release.test.ts @@ -26,9 +26,11 @@ const REQUIRED_REVIEWED_PUBLISHABLE_CRITICAL_FINDINGS = new Set([ "@openclaw/acpx:dangerous-exec:src/codex-auth-bridge.ts", "@openclaw/acpx:dangerous-exec:src/runtime-internals/mcp-proxy.mjs", "@openclaw/codex:dangerous-exec:src/app-server/transport-stdio.ts", + "@openclaw/codex:dangerous-exec:src/node-cli-sessions.ts", "@openclaw/google-meet:dangerous-exec:src/node-host.ts", "@openclaw/google-meet:dangerous-exec:src/realtime.ts", "@openclaw/matrix:dangerous-exec:src/matrix/deps.ts", + "@openclaw/slack:dynamic-code-execution:dist/outbound-payload.test-harness-.js", "@openclaw/voice-call:dangerous-exec:src/tunnel.ts", "@openclaw/voice-call:dangerous-exec:src/webhook/tailscale.ts", ]); @@ -89,7 +91,7 @@ function isScannerWalkedPackedPath(packedPath: string): boolean { } function normalizePackedFindingPath(packedPath: string): string { - for (const prefix of ["client", "runtime-entry", "service"]) { + for (const prefix of ["client", "outbound-payload.test-harness", "runtime-entry", "service"]) { if (packedPath.startsWith(`dist/${prefix}-`) && packedPath.endsWith(".js")) { return `dist/${prefix}-.js`; } diff --git a/src/plugins/uninstall.test.ts b/src/plugins/uninstall.test.ts index dee84a4fc8e..454d987ebd1 100644 --- a/src/plugins/uninstall.test.ts +++ b/src/plugins/uninstall.test.ts @@ -1125,7 +1125,7 @@ describe("uninstallPlugin", () => { path.join(runtimePeerDir, "package.json"), `${JSON.stringify({ name: "runtime-peer", version: "1.0.0" }, null, 2)}\n`, ); - runCommandWithTimeoutMock.mockImplementation(async (argv: string[]) => { + runCommandWithTimeoutMock.mockImplementation(async (argv: string[], options?: unknown) => { if (argv[1] === "uninstall") { expect(argv).toContain("--legacy-peer-deps"); await fs.rm(removedPluginDir, { recursive: true, force: true }); @@ -1146,6 +1146,22 @@ describe("uninstallPlugin", () => { termination: "exit", }; } + if (argv[1] === "install" && argv.includes("--package-lock-only")) { + const cwd = (options as { cwd?: string } | undefined)?.cwd; + expect(cwd).toBeTruthy(); + await fs.writeFile( + path.join(cwd as string, "package-lock.json"), + `${JSON.stringify({ lockfileVersion: 3, packages: { "": {} } }, null, 2)}\n`, + ); + return { + code: 0, + stdout: "", + stderr: "", + signal: null, + killed: false, + termination: "exit", + }; + } if (argv[1] === "install") { expect(argv).toContain("--legacy-peer-deps"); expect(argv).toContain("--omit=peer"); @@ -1183,7 +1199,7 @@ describe("uninstallPlugin", () => { expect(rootManifest.dependencies?.["removed-plugin"]).toBeUndefined(); expect(rootManifest.dependencies?.["runtime-peer"]).toBeUndefined(); expect(rootManifest.openclaw?.managedPeerDependencies ?? []).not.toContain("runtime-peer"); - expect(runCommandWithTimeoutMock).toHaveBeenCalledTimes(2); + expect(runCommandWithTimeoutMock).toHaveBeenCalledTimes(3); }); it("runs npm cleanup when the managed package directory is already absent", async () => {