mirror of
https://github.com/openclaw/openclaw.git
synced 2026-07-15 11:56:01 +00:00
chore(tooling): typecheck root test/** with a dedicated tsgo lane (#104475)
* chore(types): add declaration files for scripts/lib and scripts/e2e modules
* chore(types): add declaration files for top-level script modules (a-m)
* chore(types): add declaration files for top-level script modules (n-z)
* test: use a non-secret-shaped gateway token fixture
* test: type ci workflow guard helpers for the root test lane
* chore(tooling): typecheck root test/** with a dedicated tsgo lane
- test/tsconfig/tsconfig.test.root.json: root-test program (strict unused checks,
fixtures excluded; two Docker E2E clients that import built dist/** stay out,
same rationale as the scripts/e2e exclusion in tsconfig.scripts.json)
- tsgo:test:root wired into tsgo:test, check:test-types, scripts/check.mjs, and
the ci.yml test-types shard, mirroring the tsgo:scripts lane (#104348)
- changed-lane routing: test/**/*.ts (excluding fixtures) and the lane tsconfig
now trigger 'typecheck test root' in check:changed; previously test/ paths ran
lint only, so harness type errors surfaced first in CI (#104287 envDir case)
- burn down all 1071 latent type errors in the program: precise param/local
types across test/scripts, test/vitest, test/e2e, and transitive scripts/e2e
program members; 205 sibling .d.mts declaration files for imported .mjs
modules (committed separately); zero any, zero ts-expect-error
- resolve the pre-existing testing star-export ambiguity in
scripts/e2e/parallels/common.ts with an explicit re-export
Closes #104388
* chore(types): correct declaration fidelity per structured review
- re-derive 51 .d.mts files from implementation data flow instead of
initializers: fix a wrong never return (runTestProjectsDelegation returns
the child), add encoding-sensitive exec/spawn overloads (plain-gh), restore
the full release profile union, make parsed paths string | null, add missing
parseArgs fields via help/non-help unions, add a missing sibling declaration
(budget-number-args), drop 15 unused lint directives
- precise install-record/tuple typing removes the type-aware oxlint
regressions the first declarations caused in scripts/e2e implementations
- route .mts declaration edits under test/ to the testRoot lane and reference
the test-root project from tsconfig.projects.json so tsgo:all covers it
(closes both review findings against the lane wiring)
* chore(scripts): keep telegram runner dist typing structural for the boundary guard
* chore(types): declare runtime pack and gateway readiness exports added on main
* test: pin the importTargetPlan form of the plugin-contract plan import
The guard expectation still referenced the raw await import( form that
7ae5996bb3 (#103975) replaced with the importTargetPlan fallback helper;
the assertion fails on current main.
This commit is contained in:
committed by
GitHub
parent
e681646834
commit
fe261b0f59
21
scripts/github/barnacle-auto-response.d.mts
Normal file
21
scripts/github/barnacle-auto-response.d.mts
Normal file
@@ -0,0 +1,21 @@
|
||||
export const managedLabelSpecs: Record<string, { color: string; description: string }>;
|
||||
export const candidateLabels: {
|
||||
blankTemplate: string;
|
||||
lowSignalDocs: string;
|
||||
docsDiscoverability: string;
|
||||
testOnlyNoBug: string;
|
||||
refactorOnly: string;
|
||||
needsPrContext: string;
|
||||
dirtyCandidate: string;
|
||||
riskyInfra: string;
|
||||
externalPluginCandidate: string;
|
||||
};
|
||||
export function classifyPullRequestCandidateLabels(
|
||||
pullRequest: Record<string, unknown>,
|
||||
files: Array<{ filename: string; status: string }>,
|
||||
): string[];
|
||||
export function runBarnacleAutoResponse(params: {
|
||||
github: Record<string, unknown>;
|
||||
context: Record<string, unknown>;
|
||||
core?: Pick<Console, "info">;
|
||||
}): Promise<void>;
|
||||
105
scripts/github/dependency-guard.d.mts
Normal file
105
scripts/github/dependency-guard.d.mts
Normal file
@@ -0,0 +1,105 @@
|
||||
export const GITHUB_API_REQUEST_TIMEOUT_MS: number;
|
||||
export const GITHUB_ERROR_BODY_MAX_BYTES: number;
|
||||
export const GITHUB_RESPONSE_BODY_MAX_BYTES: number;
|
||||
export const dependencyChangedLabel: "dependencies-changed";
|
||||
|
||||
type Comment = {
|
||||
body?: string;
|
||||
created_at?: string;
|
||||
html_url?: string;
|
||||
user?: { login?: string };
|
||||
};
|
||||
|
||||
type PullRequest = {
|
||||
head?: { ref?: string; repo?: { full_name?: string }; sha?: string };
|
||||
maintainer_can_modify?: boolean;
|
||||
user?: { login?: string };
|
||||
};
|
||||
|
||||
type ActorCandidate = { login: string; source: string };
|
||||
|
||||
export function isDependencyFile(filename: string): boolean;
|
||||
export function isDependencyManifest(filename: string): boolean;
|
||||
export function isPackageLockfile(filename: string): boolean;
|
||||
export function dependencyFieldChanges(
|
||||
baseManifest: Record<string, unknown>,
|
||||
headManifest: Record<string, unknown>,
|
||||
): string[];
|
||||
export function shouldAutoscrubDependencyLockfiles(options: {
|
||||
dependencyFiles?: string[];
|
||||
lockfileChanges: unknown[];
|
||||
dependencyManifestChanges?: unknown[];
|
||||
}): boolean;
|
||||
export function canAutoscrubPullRequest(options: {
|
||||
owner: string;
|
||||
repo: string;
|
||||
pullRequest: PullRequest;
|
||||
}): boolean;
|
||||
export function sanitizeDisplayValue(value: unknown): string;
|
||||
export function markdownCode(value: unknown): string;
|
||||
export function readBoundedGitHubJson(
|
||||
response: Response,
|
||||
maxBytes?: number,
|
||||
options?: { signal?: AbortSignal },
|
||||
): Promise<unknown>;
|
||||
export function findDependencyOverrideCommand(options: {
|
||||
comments: Comment[];
|
||||
expectedSha: string;
|
||||
isSecurityMember: (login: string) => boolean;
|
||||
newerThan?: string;
|
||||
}): { login: string; reason: string | null; sha: string; url?: string } | null;
|
||||
export function findDependencyOverrideCommandAsync(options: {
|
||||
comments: Comment[];
|
||||
expectedSha: string;
|
||||
isSecurityMember: (login: string) => Promise<boolean>;
|
||||
newerThan: string;
|
||||
}): Promise<{ login: string; reason: string | null; sha: string; url?: string } | null>;
|
||||
export function dependencyGuardCommentHeadSha(comment: Comment): string | null;
|
||||
export function dependencyOverrideExpectedSha(
|
||||
existingGuardComment: Comment | null,
|
||||
currentHeadSha: string,
|
||||
): string | null;
|
||||
export function isDependencyGuardAuthorizedForHead(
|
||||
comment: Comment,
|
||||
currentHeadSha: string,
|
||||
): boolean;
|
||||
export function isDependencyGuardTrustedForHead(comment: Comment, currentHeadSha: string): boolean;
|
||||
export function securityApproverSet(value: unknown): Set<string>;
|
||||
export function dependencyGuardCommentAuthors(value?: unknown): Set<string>;
|
||||
export function isDependencyGuardMarkerComment(
|
||||
comment: Comment,
|
||||
marker: string,
|
||||
trustedAuthors: Set<string>,
|
||||
): boolean;
|
||||
export function renderAuthorizedDependencyComment(override: Record<string, unknown>): string;
|
||||
export function renderTrustedDependencyComment(options: {
|
||||
actor: { login: string; reason: string };
|
||||
headSha: string;
|
||||
}): string;
|
||||
export function renderAutoscrubbedDependencyComment(options: {
|
||||
baseBranch: string;
|
||||
lockfileChanges: string[];
|
||||
commitSha: string;
|
||||
}): string;
|
||||
export function isAutoscrubbedDependencyComment(comment: Comment): boolean;
|
||||
export function renderClearedDependencyGuardComment(options: { headSha: string }): string;
|
||||
export function renderBlockedDependencyComment(options: Record<string, unknown>): string;
|
||||
export function dependencyGuardTrustedActorCandidates(options: {
|
||||
pullRequest: PullRequest;
|
||||
event: Record<string, unknown>;
|
||||
currentHeadSha: string;
|
||||
}): ActorCandidate[];
|
||||
export function findTrustedDependencyGuardActor(options: {
|
||||
candidates: ActorCandidate[];
|
||||
isDependencyApprover: (login: string) => Promise<string | null>;
|
||||
}): Promise<{ login: string; reason: string } | null>;
|
||||
export function githubApi(
|
||||
token: string,
|
||||
options?: {
|
||||
fetchImpl?: typeof fetch;
|
||||
responseMaxBodyBytes?: number;
|
||||
timeoutMs?: number;
|
||||
},
|
||||
): { request(path: string, options?: Record<string, unknown>): Promise<unknown> };
|
||||
export function createAutoscrubCommit(...args: unknown[]): Promise<unknown>;
|
||||
export function readBoundedGitHubErrorText(...args: unknown[]): Promise<string>;
|
||||
40
scripts/github/real-behavior-proof-policy.d.mts
Normal file
40
scripts/github/real-behavior-proof-policy.d.mts
Normal file
@@ -0,0 +1,40 @@
|
||||
export const PROOF_OVERRIDE_LABEL: "proof: override";
|
||||
export const PROOF_SUFFICIENT_LABEL: "proof: sufficient";
|
||||
export const NEEDS_PR_CONTEXT_LABEL: "triage: needs-pr-context";
|
||||
export const DEFAULT_GITHUB_API_TIMEOUT_MS: 30000;
|
||||
|
||||
type PullRequest = Record<string, unknown>;
|
||||
type Comment = Record<string, unknown>;
|
||||
type Evaluation = {
|
||||
status: string;
|
||||
reason: string;
|
||||
applies: boolean;
|
||||
passed: boolean;
|
||||
missingSections: string[];
|
||||
};
|
||||
|
||||
export function readBoundedGitHubApiJson(
|
||||
response: Response,
|
||||
label: string,
|
||||
maxBytes?: number,
|
||||
options?: { timeoutMs?: number },
|
||||
): Promise<unknown>;
|
||||
export function isMaintainerTeamMember(params?: {
|
||||
token?: string;
|
||||
org?: string;
|
||||
login?: string;
|
||||
teamSlug?: string;
|
||||
fetch?: typeof globalThis.fetch;
|
||||
timeoutMs?: number;
|
||||
}): Promise<boolean>;
|
||||
export function hasAuthoredPullRequestSection(heading: string, body?: string): boolean;
|
||||
export function hasClawSweeperExactHeadProof(params?: {
|
||||
pullRequest?: PullRequest;
|
||||
comments?: Comment[];
|
||||
}): boolean;
|
||||
export function evaluateClawSweeperExactHeadProof(params?: {
|
||||
pullRequest?: PullRequest;
|
||||
comments?: Comment[];
|
||||
}): Evaluation;
|
||||
export function evaluatePullRequestContext(params?: { pullRequest?: PullRequest }): Evaluation;
|
||||
export function labelsForPullRequestContext(evaluation: Evaluation): string[];
|
||||
76
scripts/github/security-sensitive-guard.d.mts
Normal file
76
scripts/github/security-sensitive-guard.d.mts
Normal file
@@ -0,0 +1,76 @@
|
||||
export const GITHUB_API_REQUEST_TIMEOUT_MS: number;
|
||||
export const GITHUB_ERROR_BODY_MAX_BYTES: number;
|
||||
export const GITHUB_RESPONSE_BODY_MAX_BYTES: number;
|
||||
export const allowSecuritySensitiveCommand: string;
|
||||
export const securitySensitiveGuardMarker: string;
|
||||
type Comment = { body?: string; created_at?: string; html_url?: string; user?: { login?: string } };
|
||||
type ActorCandidate = { login: string; source: string };
|
||||
export function securitySensitiveFileDefinitions(): Array<{ path: string; reason: string }>;
|
||||
export function securitySensitiveFileDefinition(
|
||||
filename: string,
|
||||
): { path: string; reason: string } | undefined;
|
||||
export function isSecuritySensitiveFile(filename: string): boolean;
|
||||
export function sanitizeDisplayValue(value: unknown): string;
|
||||
export function markdownCode(value: unknown): string;
|
||||
export function findSecuritySensitiveOverrideCommand(options: {
|
||||
comments: Comment[];
|
||||
expectedSha: string;
|
||||
isSecurityMember: (login: string) => boolean;
|
||||
newerThan?: string;
|
||||
}): { login: string; reason: string | null; sha: string; url?: string } | null;
|
||||
export function findSecuritySensitiveOverrideCommandAsync(options: {
|
||||
comments: Comment[];
|
||||
expectedSha: string;
|
||||
isSecurityMember: (login: string) => Promise<boolean>;
|
||||
newerThan?: string;
|
||||
}): Promise<{ login: string; reason: string | null; sha: string; url?: string } | null>;
|
||||
export function securitySensitiveGuardCommentHeadSha(comment: Comment): string | null;
|
||||
export function securitySensitiveOverrideExpectedSha(
|
||||
comment: Comment | null,
|
||||
currentHeadSha: string,
|
||||
): string | null;
|
||||
export function isSecuritySensitiveGuardAuthorizedForHead(
|
||||
comment: Comment,
|
||||
currentHeadSha: string,
|
||||
): boolean;
|
||||
export function isSecuritySensitiveGuardTrustedForHead(
|
||||
comment: Comment,
|
||||
currentHeadSha: string,
|
||||
): boolean;
|
||||
export function securityApproverSet(value: unknown): Set<string>;
|
||||
export function securitySensitiveGuardCommentAuthors(value?: unknown): Set<string>;
|
||||
export function isSecuritySensitiveGuardMarkerComment(
|
||||
comment: Comment,
|
||||
trustedAuthors: Set<string>,
|
||||
): boolean;
|
||||
export function collectSecuritySensitiveChanges(
|
||||
files: Array<{ filename: string; previous_filename?: string; status?: string }>,
|
||||
): Array<Record<string, string>>;
|
||||
export function renderSecuritySensitiveAwarenessComment(
|
||||
changes: Array<Record<string, string>>,
|
||||
): string;
|
||||
export function renderAuthorizedSecuritySensitiveComment(override: Record<string, unknown>): string;
|
||||
export function renderTrustedSecuritySensitiveComment(options: Record<string, unknown>): string;
|
||||
export function renderClearedSecuritySensitiveGuardComment(options: { headSha: string }): string;
|
||||
export function renderBlockedSecuritySensitiveComment(options: Record<string, unknown>): string;
|
||||
export function securitySensitiveGuardTrustedActorCandidates(
|
||||
options: Record<string, unknown>,
|
||||
): ActorCandidate[];
|
||||
export function findTrustedSecuritySensitiveGuardActor(options: {
|
||||
candidates: ActorCandidate[];
|
||||
isSecuritySensitiveApprover: (login: string) => Promise<string | null>;
|
||||
}): Promise<{ login: string; reason: string } | null>;
|
||||
export function githubApi(
|
||||
token: string,
|
||||
options?: { fetchImpl?: typeof fetch; responseMaxBodyBytes?: number; timeoutMs?: number },
|
||||
): { request(path: string, options?: Record<string, unknown>): Promise<unknown> };
|
||||
export function readBoundedGitHubErrorText(
|
||||
response: Response,
|
||||
maxBytes?: number,
|
||||
options?: { signal?: AbortSignal },
|
||||
): Promise<string>;
|
||||
export function readBoundedGitHubJson(
|
||||
response: Response,
|
||||
maxBytes?: number,
|
||||
options?: { signal?: AbortSignal },
|
||||
): Promise<unknown>;
|
||||
Reference in New Issue
Block a user