feat(config-audit): flag additionalDirectories > 2 (v5 M6) [skip-docs]

- Add 'additionalDirectories' to KNOWN_KEYS - Emit low severity finding when length > 2 - New fixtures: additional-dirs-many (3 entries) + additional-dirs-ok (2) 569 → 572 tests, all green.
2026-05-01 06:50:24 +02:00 · 2026-05-01 06:50:24 +02:00 · 9330124f5c
commit 9330124f5c
parent 58d6b5b9ea
4 changed files with 73 additions and 0 deletions
--- a/plugins/config-audit/tests/fixtures/additional-dirs-many/.claude/settings.json
+++ b/plugins/config-audit/tests/fixtures/additional-dirs-many/.claude/settings.json
@ -0,0 +1,8 @@
+{
+  "$schema": "https://json.schemastore.org/claude-code-settings.json",
+  "additionalDirectories": [
+    "~/work/repo-a",
+    "~/work/repo-b",
+    "~/work/repo-c"
+  ]
+}
--- a/plugins/config-audit/tests/fixtures/additional-dirs-ok/.claude/settings.json
+++ b/plugins/config-audit/tests/fixtures/additional-dirs-ok/.claude/settings.json
@ -0,0 +1,7 @@
+{
+  "$schema": "https://json.schemastore.org/claude-code-settings.json",
+  "additionalDirectories": [
+    "~/work/repo-a",
+    "~/work/repo-b"
+  ]
+}
--- a/plugins/config-audit/tests/scanners/settings-validator.test.mjs
+++ b/plugins/config-audit/tests/scanners/settings-validator.test.mjs
@ -76,6 +76,39 @@ describe('SET scanner — broken project', () => {
  });
 });

+describe('SET scanner — additionalDirectories (v5 M6)', () => {
+  it('does NOT flag additionalDirectories as unknown key', async () => {
+    resetCounter();
+    const path = resolve(FIXTURES, 'additional-dirs-ok');
+    const discovery = await discoverConfigFiles(path);
+    const result = await scan(path, discovery);
+    const unknown = result.findings.find(f =>
+      f.title === 'Unknown settings key' && /additionalDirectories/.test(f.evidence || ''));
+    assert.equal(unknown, undefined,
+      'additionalDirectories should be in KNOWN_KEYS');
+  });
+
+  it('does NOT flag 2 entries as too many', async () => {
+    resetCounter();
+    const path = resolve(FIXTURES, 'additional-dirs-ok');
+    const discovery = await discoverConfigFiles(path);
+    const result = await scan(path, discovery);
+    const f = result.findings.find(x => /additionalDirectories/i.test(x.title || ''));
+    assert.equal(f, undefined,
+      `expected no additionalDirectories threshold finding for 2 entries, got: ${f?.title}`);
+  });
+
+  it('flags > 2 entries as low finding', async () => {
+    resetCounter();
+    const path = resolve(FIXTURES, 'additional-dirs-many');
+    const discovery = await discoverConfigFiles(path);
+    const result = await scan(path, discovery);
+    const f = result.findings.find(x => /additionalDirectories/i.test(x.title || ''));
+    assert.ok(f, `expected additionalDirectories threshold finding; got: ${result.findings.map(x => x.title).join(' | ')}`);
+    assert.equal(f.severity, 'low', `expected low severity, got ${f.severity}`);
+  });
+});
+
 describe('SET scanner — empty project', () => {
  let result;
  beforeEach(async () => {