fix: close final bug-hunt blockers (release verifier archive-mode + test hygiene + sidebar mock)#26
Merged
spearchucker667 merged 1 commit intoJun 18, 2026
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR closes the remaining “final bug-hunt” release blockers by hardening the Phase 2J release-packaging verifier for archive-mode source drops, cleaning up test hygiene to avoid secret-shaped noise, and fixing a Sidebar test mock contract that was generating noisy logs during otherwise passing tests.
Changes:
- Update
verify-release-packaging-hardening.cjsarchive-mode scanning to ignore common locally-generated build/install directories (while keeping git-tracked contaminant checks strict when.gitexists). - Improve verifier CLI test diagnostics and add a new archive-mode regression test case.
- Fix unit-test hygiene: complete
desktopConversationsmock surface and replace secret-shaped test token text; remove stale tracked coverage output and update the session ledger.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| src/hooks/use-chat.test.ts | Replaces secret-shaped bearer token test input with a non-secret placeholder while preserving redaction assertions. |
| src/components/layout/sidebar.test.tsx | Extends the desktopConversations mock surface to match current chat-store call paths and reduce noisy test logs. |
| scripts/verify-release-packaging-hardening.test.ts | Improves assertion output and adds an archive-mode test case for “generated dirs present” scenarios. |
| scripts/verify-release-packaging-hardening.cjs | Makes archive-mode filesystem walk skip common generated directories; tightens owner/repo matching using regex. |
| docs/summary_of_work.md | Updates mandatory session handoff summary, TODO ledger, and validation matrix. |
| cov_output.txt | Deletes a stale tracked coverage output artifact. |
Comment on lines
+233
to
+239
| it("archive mode ignores generated install/build directories after local validation", () => { | ||
| const root = createMinimalValidRepo("venice-relpkg-generated-allow-"); | ||
| try { | ||
| mkdirSync(join(root, "node_modules", "pkg"), { recursive: true }); | ||
| writeFileSync(join(root, "node_modules", "pkg", "index.js"), "module.exports = {};\n"); | ||
| mkdirSync(join(root, "dist", "assets"), { recursive: true }); | ||
| writeFileSync(join(root, "dist", "assets", "app.js"), "console.log('built');\n"); |
Comment on lines
+13
to
15
| pullContext: () => Promise.resolve({ ok: false, context: { injectedText: '', facts: [], summaries: [], tokenEstimate: 0 }, error: 'mock' }), | ||
| }, | ||
| desktopChat: { list: () => Promise.resolve({ ok: false, conversations: [], truncated: false, totalScanned: 0, error: 'mock' }) }, |
spearchucker667
deleted the
codex/fix-identified-blockers-in-audit-report
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
Description
scripts/verify-release-packaging-hardening.cjsto ignore local generated install/build directories in archive-mode filesystem scans by addingARCHIVE_MODE_IGNORED_GENERATED_DIRSandisIgnoredGeneratedArchiveModePath(rel)while preserving strict git-tracked contaminant checks.scripts/verify-release-packaging-hardening.test.tsthat proves archive-mode validation succeeds on a no-.gitsource-drop that containsnode_modules/anddist/build artifacts.desktopConversationsmock insrc/components/layout/sidebar.test.tsxto includesave,delete, andpullContextso shared chat-store paths no longer logdesktopConversations.save is not a function.src/hooks/use-chat.test.ts(sk-...) with a non-secret placeholderredacted-test-tokento avoid secret-scanner bait while keeping redaction assertions intact.cov_output.txtfile and updatedocs/summary_of_work.mdwith the session handoff and validation notes.electron-builder.config.cjsowner/repo using robust regex matching.Testing
npx vitest run scripts/verify-release-packaging-hardening.test.ts src/hooks/use-chat.test.ts src/components/layout/sidebar.test.tsx src/components/research/ResearchWorkspaceView.test.tsx --fileParallelism=falseand it passed (selected tests).npm run lint:eslintandnpm run typecheck, both succeeded.npm run verify:release-packaging-hardeningandnpm run verify:research-workspace, both succeeded (release-packaging reported PASS with updated archive-mode behavior).npm run verify:markdown-linksandgit diff --check, both succeeded.npm test(serial Vitest) but the non-interactive run produced no per-file progress and was terminated (pkill -f "vitest run"); this is recorded in the session ledger and does not block the targeted verifiers that were run and passed.Codex Task