open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions

test(humanizer): replace title-string assertions with ID-based checks

Browse source 
Wave 2 / Step 4 of v5.1.0 plain-language UX humanizer rollout. Re-anchors
34 title-string assertions across 4 test files so they survive Wave 3's
title/description/recommendation rewriting at the CLI layer.

Anchoring strategy per scanner:
- GAP findings: scanner + category + recommendation substring (humanizer
  preserves stable identifiers like CLAUDE.md, .mcp.json, hook in rec).
  Hardcoded CA-GAP-NNN IDs for positive checks.
- HKV findings: scanner + evidence regex (evidence preserved verbatim).
- SET findings: scanner + evidence regex (evidence preserved verbatim).
- PLH findings: scanner + hardcoded CA-PLH-NNN IDs (no evidence on most
  PLH findings, so ID is the only stable anchor for specific cases;
  negative checks use scanner + title-substring spanning raw + humanized).

Per docs/v5.1.0-test-audit.md classification: only (b) WILL BREAK
assertions modified. (a) shape-only assertions (error-message formatting,
pure existence checks) untouched. tests/lib/output.test.mjs and
tests/lib/diff-engine.test.mjs and tests/scanners/fix-engine.test.mjs
unchanged (synthetic test inputs, not scanner output).

Test count unchanged: 689/689 pass. IDs harvested via deterministic
runtime dump per fixture (resetCounter + scan).
This commit is contained in:
Kjell Tore Guttormsen 2026-05-01 17:22:55 +02:00
commit dff278f02a
4 changed files with 73 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

22
plugins/config-audit/tests/scanners/hook-validator.test.mjs
View file

@ -46,27 +46,32 @@ describe('HKV scanner — broken project', () => {
});
it('detects unknown hook event', () => {
const found = result.findings.some(f => f.title === 'Unknown hook event');
// CA-HKV-001 in broken-project, evidence='InvalidEvent'.
const found = result.findings.some(f => f.scanner === 'HKV' && /InvalidEvent/.test(f.evidence || ''));
assert.ok(found, 'Should detect InvalidEvent');
});
it('detects object matcher (should be string)', () => {
const found = result.findings.some(f => f.title.includes('Matcher must be a string'));
// CA-HKV-002 in broken-project, evidence contains the object matcher snippet.
const found = result.findings.some(f => f.scanner === 'HKV' && f.id === 'CA-HKV-002');
assert.ok(found, 'Should detect nested object matcher');
});
it('detects invalid handler type', () => {
const found = result.findings.some(f => f.title === 'Invalid hook handler type');
// CA-HKV-003 in broken-project, evidence='type: "invalid_type"'.
const found = result.findings.some(f => f.scanner === 'HKV' && /invalid_type/.test(f.evidence || ''));
assert.ok(found, 'Should detect invalid_type');
});
it('detects timeout below minimum', () => {
const found = result.findings.some(f => f.title.includes('timeout'));
// CA-HKV-004 in broken-project, evidence='timeout: 500'.
const found = result.findings.some(f => f.scanner === 'HKV' && /timeout:\s*500/.test(f.evidence || ''));
assert.ok(found, 'Should detect timeout of 500ms');
});
it('marks unknown event as high severity', () => {
const f = result.findings.find(f => f.title === 'Unknown hook event');
// CA-HKV-001 in broken-project = unknown-event finding (evidence='InvalidEvent').
const f = result.findings.find(x => x.scanner === 'HKV' && /InvalidEvent/.test(x.evidence || ''));
assert.strictEqual(f?.severity, 'high');
});
});
@ -77,7 +82,8 @@ describe('HKV scanner — verbose hook output (v5 M5)', () => {
const path = resolve(FIXTURES, 'hooks-verbose');
const discovery = await discoverConfigFiles(path);
const result = await scan(path, discovery);
const f = result.findings.find(x => /verbose hook output/i.test(x.title || ''));
// Verbose-hook finding in hooks-verbose; evidence carries the line-count metric.
const f = result.findings.find(x => x.scanner === 'HKV' && /console_log_or_stdout_lines=/.test(x.evidence || ''));
assert.ok(f, `expected verbose-hook finding; got: ${result.findings.map(x => x.title).join(' | ')}`);
assert.equal(f.severity, 'low', `expected low, got ${f.severity}`);
assert.match(f.evidence || '', /console_log_or_stdout_lines=6\d/);
@ -88,8 +94,8 @@ describe('HKV scanner — verbose hook output (v5 M5)', () => {
const path = resolve(FIXTURES, 'hooks-quiet');
const discovery = await discoverConfigFiles(path);
const result = await scan(path, discovery);
const f = result.findings.find(x => /verbose hook output/i.test(x.title || ''));
assert.equal(f, undefined, `expected no verbose-hook finding; got: ${f?.title}`);
const f = result.findings.find(x => x.scanner === 'HKV' && /console_log_or_stdout_lines=/.test(x.evidence || ''));
assert.equal(f, undefined, `expected no verbose-hook finding; got id=${f?.id}`);
});
});