get-shit-done

eliott/get-shit-done

Fork 0

mirror of https://github.com/glittercowboy/get-shit-done synced 2026-04-26 01:35:29 +02:00

Commit Graph

Author	SHA1	Message	Date
Tom Boucher	2703422be8	refactor(tests): standardize to node:assert/strict and t.after() per CONTRIBUTING.md (#1675 ) * refactor(tests): standardize to node:assert/strict and t.after() per CONTRIBUTING.md - Replace require('node:assert') with require('node:assert/strict') across all 73 test files to enforce strict equality (no type coercion) - Replace try/finally cleanup blocks with t.after() hooks in core.test.cjs and hooks-opt-in.test.cjs per the test lifecycle standards - Utility functions in codex-config and security-scan retain try/finally as that is appropriate for per-function resource guards, not lifecycle hooks Closes #1674 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * perf(tests): add --test-concurrency=4 to test runner for parallel file execution Node.js --test-concurrency controls how many test files run as parallel child processes. Set to 4 by default, configurable via TEST_CONCURRENCY env var. Fixes tests at a known level rather than inheriting os.availableParallelism() which varies across CI environments. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(security): allowlist verify.test.cjs in prompt-injection scanner tests/verify.test.cjs uses <human>...</human> as GSD phase task-type XML (meaning "a human should verify this step"), which matches the scanner's fake-message-boundary pattern for LLM APIs. This is a false positive — add it to the allowlist alongside the other test files that legitimately contain injection-adjacent patterns. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-04 14:29:03 -04:00
Tibsfox	ffe5319fe5	fix(install): handle JSONC (comments) in settings.json without data loss When settings.json contains comments (// or /* */), which many CLI tools allow, JSON.parse() fails and readSettings() silently returned {}. This empty object was then written back by writeSettings(), destroying the user's entire configuration. Changes: - Add stripJsonComments() that handles line comments, block comments, trailing commas, and preserves comments inside string values - readSettings() tries standard JSON first (fast path), falls back to JSONC stripping on parse failure - On truly malformed files (even JSONC stripping fails), return null with a warning instead of silently returning {} — prevents data loss - All callers of readSettings() now guard against null return to skip settings modification rather than overwriting with empty object Closes #1461 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-30 13:52:51 -07:00

Author

SHA1

Message

Date

Tom Boucher

2703422be8

refactor(tests): standardize to node:assert/strict and t.after() per CONTRIBUTING.md (#1675 )

* refactor(tests): standardize to node:assert/strict and t.after() per CONTRIBUTING.md

- Replace require('node:assert') with require('node:assert/strict') across
  all 73 test files to enforce strict equality (no type coercion)
- Replace try/finally cleanup blocks with t.after() hooks in core.test.cjs
  and hooks-opt-in.test.cjs per the test lifecycle standards
- Utility functions in codex-config and security-scan retain try/finally
  as that is appropriate for per-function resource guards, not lifecycle hooks

Closes #1674

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* perf(tests): add --test-concurrency=4 to test runner for parallel file execution

Node.js --test-concurrency controls how many test files run as parallel child
processes. Set to 4 by default, configurable via TEST_CONCURRENCY env var.
Fixes tests at a known level rather than inheriting os.availableParallelism()
which varies across CI environments.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix(security): allowlist verify.test.cjs in prompt-injection scanner

tests/verify.test.cjs uses <human>...</human> as GSD phase task-type
XML (meaning "a human should verify this step"), which matches the
scanner's fake-message-boundary pattern for LLM APIs. This is a
false positive — add it to the allowlist alongside the other test files
that legitimately contain injection-adjacent patterns.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-04 14:29:03 -04:00

Tibsfox

ffe5319fe5

fix(install): handle JSONC (comments) in settings.json without data loss

When settings.json contains comments (// or /* */), which many CLI tools
allow, JSON.parse() fails and readSettings() silently returned {}.
This empty object was then written back by writeSettings(), destroying
the user's entire configuration.

Changes:
- Add stripJsonComments() that handles line comments, block comments,
  trailing commas, and preserves comments inside string values
- readSettings() tries standard JSON first (fast path), falls back to
  JSONC stripping on parse failure
- On truly malformed files (even JSONC stripping fails), return null
  with a warning instead of silently returning {} — prevents data loss
- All callers of readSettings() now guard against null return to skip
  settings modification rather than overwriting with empty object

Closes #1461

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-30 13:52:51 -07:00

2 Commits