feat: initial open marketplace with llm-security, config-audit, ultraplan-local

2026-04-06 18:47:49 +02:00 · 2026-04-06 18:47:49 +02:00 · f93d6abdae
commit f93d6abdae
380 changed files with 65935 additions and 0 deletions
--- a/plugins/config-audit/tests/scanners/self-audit.test.mjs
+++ b/plugins/config-audit/tests/scanners/self-audit.test.mjs
@ -0,0 +1,90 @@
+import { describe, it } from 'node:test';
+import assert from 'node:assert/strict';
+import { runSelfAudit, formatSelfAudit } from '../../scanners/self-audit.mjs';
+
+// ========================================
+// runSelfAudit
+// ========================================
+describe('runSelfAudit', () => {
+  it('runs without crash', async () => {
+    const result = await runSelfAudit();
+    assert.ok(result);
+    assert.ok(typeof result.configGrade === 'string');
+    assert.ok(typeof result.pluginGrade === 'string');
+  });
+
+  it('returns combined results (scanners + plugin health)', async () => {
+    const result = await runSelfAudit();
+    assert.ok(result.configEnvelope);
+    assert.ok(result.pluginHealthResult);
+    assert.ok(Array.isArray(result.allFindings));
+  });
+
+  it('has valid exit code', async () => {
+    const result = await runSelfAudit();
+    assert.ok([0, 1, 2].includes(result.exitCode));
+  });
+
+  it('includes verdict', async () => {
+    const result = await runSelfAudit();
+    assert.ok(['PASS', 'WARN', 'FAIL'].includes(result.verdict));
+  });
+
+  it('has numeric scores', async () => {
+    const result = await runSelfAudit();
+    assert.ok(typeof result.configScore === 'number');
+    assert.ok(typeof result.pluginScore === 'number');
+    assert.ok(result.configScore >= 0 && result.configScore <= 100);
+    assert.ok(result.pluginScore >= 0 && result.pluginScore <= 100);
+  });
+
+  it('points to correct plugin directory', async () => {
+    const result = await runSelfAudit();
+    assert.ok(result.pluginDir.includes('config-audit'));
+  });
+});
+
+// ========================================
+// fixture filtering delegation
+// ========================================
+describe('runSelfAudit — fixture filtering', () => {
+  it('does not include fixture findings in allFindings', async () => {
+    const result = await runSelfAudit();
+    for (const f of result.allFindings) {
+      const p = f.file || f.path || f.location || '';
+      assert.ok(
+        !p.includes('/tests/fixtures/'),
+        `allFindings should not contain fixture paths: ${p}`
+      );
+    }
+  });
+
+  it('configEnvelope has fixture_findings from orchestrator', async () => {
+    const result = await runSelfAudit();
+    // The orchestrator filters fixtures and attaches them to the envelope
+    if (result.configEnvelope.fixture_findings) {
+      assert.ok(Array.isArray(result.configEnvelope.fixture_findings));
+      assert.ok(result.configEnvelope.fixture_findings.length > 0);
+    }
+  });
+});
+
+// ========================================
+// formatSelfAudit
+// ========================================
+describe('formatSelfAudit', () => {
+  it('produces terminal output with Self-Audit header', async () => {
+    const result = await runSelfAudit();
+    const output = formatSelfAudit(result);
+    assert.ok(output.includes('Self-Audit'));
+    assert.ok(output.includes('Plugin health:'));
+    assert.ok(output.includes('Config quality:'));
+  });
+
+  it('includes verdict', async () => {
+    const result = await runSelfAudit();
+    const output = formatSelfAudit(result);
+    assert.ok(output.includes('Self-audit:'));
+    assert.ok(output.includes('PASS') || output.includes('WARN') || output.includes('FAIL'));
+  });
+});