feat: initial open marketplace with llm-security, config-audit, ultraplan-local

plugins/config-audit/tests/scanners/claude-md-linter.test.mjs

@@ -0,0 +1,110 @@
+import { describe, it, beforeEach } from 'node:test';
+import assert from 'node:assert/strict';
+import { resolve } from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { resetCounter } from '../../scanners/lib/output.mjs';
+import { discoverConfigFiles } from '../../scanners/lib/file-discovery.mjs';
+import { scan } from '../../scanners/claude-md-linter.mjs';
+
+const __dirname = fileURLToPath(new URL('.', import.meta.url));
+const FIXTURES = resolve(__dirname, '../fixtures');
+
+describe('CML scanner — healthy project', () => {
+  let result;
+  beforeEach(async () => {
+    resetCounter();
+    const discovery = await discoverConfigFiles(resolve(FIXTURES, 'healthy-project'));
+    result = await scan(resolve(FIXTURES, 'healthy-project'), discovery);
+  });
+
+  it('returns status ok', () => {
+    assert.strictEqual(result.status, 'ok');
+  });
+
+  it('scans at least 1 file', () => {
+    assert.ok(result.files_scanned >= 1);
+  });
+
+  it('has scanner prefix CML', () => {
+    assert.strictEqual(result.scanner, 'CML');
+  });
+
+  it('has all severity count keys', () => {
+    for (const key of ['critical', 'high', 'medium', 'low', 'info']) {
+      assert.ok(key in result.counts, `Missing count key: ${key}`);
+    }
+  });
+
+  it('finds no critical or high issues in healthy project', () => {
+    const serious = result.findings.filter(f => f.severity === 'critical' || f.severity === 'high');
+    assert.strictEqual(serious.length, 0, `Found serious issues: ${serious.map(f => f.title).join(', ')}`);
+  });
+
+  it('all finding IDs match CA-CML-NNN pattern', () => {
+    for (const f of result.findings) {
+      assert.match(f.id, /^CA-CML-\d{3}$/);
+    }
+  });
+});
+
+describe('CML scanner — broken project', () => {
+  let result;
+  beforeEach(async () => {
+    resetCounter();
+    const discovery = await discoverConfigFiles(resolve(FIXTURES, 'broken-project'));
+    result = await scan(resolve(FIXTURES, 'broken-project'), discovery);
+  });
+
+  it('detects long CLAUDE.md (>200 lines)', () => {
+    const found = result.findings.some(f => f.title.includes('exceeds'));
+    assert.ok(found, 'Should detect oversized CLAUDE.md');
+  });
+
+  it('detects missing headings', () => {
+    const found = result.findings.some(f => f.title.includes('no markdown headings'));
+    assert.ok(found, 'Should detect lack of headings');
+  });
+
+  it('detects TODO markers', () => {
+    const found = result.findings.some(f => f.title.includes('TODO'));
+    assert.ok(found, 'Should detect TODO markers');
+  });
+
+  it('detects repeated content', () => {
+    const found = result.findings.some(f => f.title.includes('Repeated content'));
+    assert.ok(found, 'Should detect repeated lines');
+  });
+});
+
+describe('CML scanner — empty project', () => {
+  let result;
+  beforeEach(async () => {
+    resetCounter();
+    const discovery = await discoverConfigFiles(resolve(FIXTURES, 'empty-project'));
+    result = await scan(resolve(FIXTURES, 'empty-project'), discovery);
+  });
+
+  it('detects missing CLAUDE.md', () => {
+    const found = result.findings.some(f => f.title.includes('No CLAUDE.md'));
+    assert.ok(found, 'Should report missing CLAUDE.md');
+  });
+
+  it('returns high severity for missing CLAUDE.md', () => {
+    const f = result.findings.find(f => f.title.includes('No CLAUDE.md'));
+    assert.strictEqual(f?.severity, 'high');
+  });
+});
+
+describe('CML scanner — minimal project', () => {
+  let result;
+  beforeEach(async () => {
+    resetCounter();
+    const discovery = await discoverConfigFiles(resolve(FIXTURES, 'minimal-project'));
+    result = await scan(resolve(FIXTURES, 'minimal-project'), discovery);
+  });
+
+  it('detects nearly empty CLAUDE.md', () => {
+    const found = result.findings.some(f => f.title.includes('nearly empty'));
+    assert.ok(found, 'Should detect nearly empty CLAUDE.md');
+  });
+});