523 lines
20 KiB
JavaScript
523 lines
20 KiB
JavaScript
import test from 'node:test';
|
|
import assert from 'node:assert/strict';
|
|
import fs from 'node:fs';
|
|
import os from 'node:os';
|
|
import path from 'node:path';
|
|
|
|
import {
|
|
createDecisionRecordArtifact,
|
|
createDecisionRecordFileName,
|
|
createFileDecisionStore,
|
|
validateDecisionRecordArtifact,
|
|
__testables as decisionArtifactTestables,
|
|
} from '../src/storage/index.mjs';
|
|
import { planDecisionExecution } from '../src/core/decision-runner.mjs';
|
|
|
|
const packageRoot = path.resolve(import.meta.dirname, '..');
|
|
const repoRoot = path.resolve(packageRoot, '..', '..');
|
|
|
|
const capabilityDescriptor = {
|
|
capabilities: {
|
|
enforcement: {
|
|
force_checkpoint: { supported: true, level: 'partial' },
|
|
escalate: { supported: true, level: 'full' }
|
|
},
|
|
notification_path: {
|
|
queue_items: { supported: true, level: 'full' },
|
|
spool_handoff: { supported: true, level: 'full' },
|
|
sender_binding: { supported: true, level: 'full' },
|
|
direct_send: { supported: false, level: 'none' },
|
|
truth_model: {
|
|
delivery_states: ['prepared', 'queued', 'dispatched', 'pending_external_send', 'acked', 'blocked'],
|
|
ack_requires_proven_send: true,
|
|
pending_external_send_supported: true
|
|
}
|
|
}
|
|
}
|
|
};
|
|
|
|
function createPlannedDecision() {
|
|
return planDecisionExecution({
|
|
decision: {
|
|
decision: 'force_checkpoint',
|
|
policy_id: 'no-silence.missed-checkpoint',
|
|
severity: 'high',
|
|
reason: 'checkpoint overdue',
|
|
required_actions: [
|
|
{ action: 'notify_operator', target: 'operator_channel', mandatory: true },
|
|
{ action: 'emit_event', target: 'event_stream', mandatory: true }
|
|
],
|
|
operator_notice: {
|
|
required: true,
|
|
channel: 'telegram',
|
|
urgency: 'high',
|
|
message: 'Required update.',
|
|
deadline: '2026-01-01T00:00:00.000Z'
|
|
}
|
|
},
|
|
capabilityDescriptor,
|
|
});
|
|
}
|
|
|
|
function createArtifact(overrides = {}) {
|
|
const planned = createPlannedDecision();
|
|
return createDecisionRecordArtifact({
|
|
decision: overrides.decision ?? planned.decision,
|
|
receipt: overrides.receipt ?? planned.receipt,
|
|
recordedAt: overrides.recordedAt ?? '2026-05-08T04:00:00.000Z',
|
|
source: overrides.source ?? {
|
|
event_id: 'evt_watchdog_001',
|
|
task_id: 'task-reporting-governance',
|
|
correlation_id: 'corr-001',
|
|
},
|
|
});
|
|
}
|
|
|
|
test('decision artifact validates minimal package-owned contract', () => {
|
|
const artifact = createArtifact();
|
|
|
|
assert.equal(artifact.kind, 'DecisionRecordArtifact');
|
|
assert.equal(artifact.apiVersion, 'reporting-governance/v1alpha1');
|
|
assert.equal(artifact.metadata.policy_id, 'no-silence.missed-checkpoint');
|
|
assert.equal(artifact.spec.receipt.delivery_state, 'pending_external_send');
|
|
assert.equal(validateDecisionRecordArtifact(artifact), artifact);
|
|
});
|
|
|
|
test('decision artifact validator rejects malformed top-level or nested fields', () => {
|
|
assert.throws(() => validateDecisionRecordArtifact(null), /decision record artifact must be an object/);
|
|
|
|
const artifact = createArtifact({ source: { task_id: 'task-reporting-governance' } });
|
|
|
|
const wrongKind = structuredClone(artifact);
|
|
wrongKind.kind = 'NotDecisionRecordArtifact';
|
|
assert.throws(() => validateDecisionRecordArtifact(wrongKind), /kind must be DecisionRecordArtifact/);
|
|
|
|
const missingReceipt = structuredClone(artifact);
|
|
delete missingReceipt.spec.receipt;
|
|
assert.throws(() => validateDecisionRecordArtifact(missingReceipt), /spec\.receipt must be an object record/);
|
|
|
|
const blankDeliveryState = structuredClone(artifact);
|
|
blankDeliveryState.spec.receipt.delivery_state = ' ';
|
|
assert.throws(() => validateDecisionRecordArtifact(blankDeliveryState), /spec\.receipt\.delivery_state must be a non-empty string/);
|
|
});
|
|
|
|
test('decision artifact validator enforces metadata and spec consistency', () => {
|
|
const artifact = createArtifact({
|
|
source: {
|
|
event_id: 'evt_watchdog_001',
|
|
task_id: 'task-reporting-governance',
|
|
correlation_id: 'corr-001',
|
|
},
|
|
});
|
|
|
|
const mismatchedPolicy = structuredClone(artifact);
|
|
mismatchedPolicy.metadata.policy_id = 'different-policy';
|
|
assert.throws(() => validateDecisionRecordArtifact(mismatchedPolicy), /policy_id mismatch between metadata and spec\.decision/);
|
|
|
|
const mismatchedDecision = structuredClone(artifact);
|
|
mismatchedDecision.metadata.decision = 'rewrite';
|
|
assert.throws(() => validateDecisionRecordArtifact(mismatchedDecision), /decision mismatch between metadata and spec\.decision/);
|
|
|
|
const mismatchedTask = structuredClone(artifact);
|
|
mismatchedTask.metadata.task_id = 'other-task';
|
|
assert.throws(() => validateDecisionRecordArtifact(mismatchedTask), /task_id mismatch between metadata and spec\.source/);
|
|
|
|
const mismatchedCorrelation = structuredClone(artifact);
|
|
mismatchedCorrelation.metadata.correlation_id = 'corr-other';
|
|
assert.throws(() => validateDecisionRecordArtifact(mismatchedCorrelation), /correlation_id mismatch between metadata and spec\.source/);
|
|
});
|
|
|
|
test('decision artifact validator rejects non-canonical recorded_at timestamp', () => {
|
|
const artifact = createArtifact({ source: { task_id: 'task-reporting-governance' } });
|
|
|
|
artifact.metadata.recorded_at = '2026-05-08T12:00:00+08:00';
|
|
assert.throws(() => validateDecisionRecordArtifact(artifact), /recorded_at must be a canonical ISO-8601 UTC timestamp with millisecond precision/);
|
|
});
|
|
|
|
test('decision artifact validator rejects invalid or mismatched event source linkage', () => {
|
|
const artifact = createArtifact();
|
|
|
|
const missingSourceEvent = structuredClone(artifact);
|
|
missingSourceEvent.spec.source.event_id = null;
|
|
assert.throws(() => validateDecisionRecordArtifact(missingSourceEvent), /event_id must be present in both metadata and spec\.source/);
|
|
|
|
const mismatchedSourceEvent = structuredClone(artifact);
|
|
mismatchedSourceEvent.spec.source.event_id = 'evt_watchdog_002';
|
|
assert.throws(() => validateDecisionRecordArtifact(mismatchedSourceEvent), /event_id mismatch between metadata and spec\.source/);
|
|
|
|
const malformedSourceEvent = structuredClone(artifact);
|
|
malformedSourceEvent.spec.source.event_id = ' ';
|
|
assert.throws(() => validateDecisionRecordArtifact(malformedSourceEvent), /spec\.source\.event_id must be a non-empty string/);
|
|
});
|
|
|
|
test('decision artifact validator accepts stable path-like event refs used by runtime artifacts', () => {
|
|
const artifact = createArtifact({
|
|
source: {
|
|
event_id: 'state/long-task-watchdog-events/2026-05-07T142633Z-reporting-governance-plugin-watchdog-watchdog-fired.json',
|
|
task_id: 'task-reporting-governance',
|
|
correlation_id: 'corr-001',
|
|
},
|
|
});
|
|
|
|
assert.equal(validateDecisionRecordArtifact(artifact), artifact);
|
|
assert.equal(artifact.metadata.event_id, 'state/long-task-watchdog-events/2026-05-07T142633Z-reporting-governance-plugin-watchdog-watchdog-fired.json');
|
|
});
|
|
|
|
test('decision artifact validator enforces receipt status enum and required fields for pending failed and partial states', () => {
|
|
const pendingArtifact = createArtifact();
|
|
pendingArtifact.spec.receipt.status = 'planned';
|
|
pendingArtifact.spec.receipt.delivery_state = 'pending_external_send';
|
|
assert.equal(validateDecisionRecordArtifact(pendingArtifact), pendingArtifact);
|
|
|
|
const failedArtifact = createArtifact({
|
|
receipt: {
|
|
policy_id: 'no-silence.missed-checkpoint',
|
|
decision: 'force_checkpoint',
|
|
status: 'failed',
|
|
delivery_state: 'failed',
|
|
enforcement_intent: [],
|
|
blocked_actions: [],
|
|
operator_notice_required: true,
|
|
notes: ['sender failed'],
|
|
failure_reason: 'sender_exit_nonzero'
|
|
}
|
|
});
|
|
assert.equal(validateDecisionRecordArtifact(failedArtifact), failedArtifact);
|
|
|
|
const failedMissingReason = structuredClone(failedArtifact);
|
|
delete failedMissingReason.spec.receipt.failure_reason;
|
|
assert.throws(() => validateDecisionRecordArtifact(failedMissingReason), /failure_reason is required when status=failed/);
|
|
|
|
const partialArtifact = createArtifact({
|
|
receipt: {
|
|
policy_id: 'no-silence.missed-checkpoint',
|
|
decision: 'force_checkpoint',
|
|
status: 'degraded',
|
|
delivery_state: 'partial',
|
|
enforcement_intent: [{ action: 'emit_event', mandatory: true }],
|
|
blocked_actions: [{ action: 'notify_operator', mandatory: true, reason: 'binding unavailable' }],
|
|
operator_notice_required: true,
|
|
notes: ['event emitted but notice not sent']
|
|
}
|
|
});
|
|
assert.equal(validateDecisionRecordArtifact(partialArtifact), partialArtifact);
|
|
|
|
const partialMissingBlocked = structuredClone(partialArtifact);
|
|
partialMissingBlocked.spec.receipt.blocked_actions = [];
|
|
assert.throws(() => validateDecisionRecordArtifact(partialMissingBlocked), /blocked_actions must be non-empty when delivery_state=partial/);
|
|
|
|
const partialMissingIntent = structuredClone(partialArtifact);
|
|
partialMissingIntent.spec.receipt.enforcement_intent = [];
|
|
assert.throws(() => validateDecisionRecordArtifact(partialMissingIntent), /enforcement_intent must be non-empty when delivery_state=partial/);
|
|
});
|
|
|
|
test('decision artifact validator rejects unsupported receipt state combinations', () => {
|
|
const artifact = createArtifact();
|
|
|
|
artifact.spec.receipt.status = 'acked';
|
|
artifact.spec.receipt.delivery_state = 'pending_external_send';
|
|
assert.throws(() => validateDecisionRecordArtifact(artifact), /status=acked is incompatible with delivery_state=pending_external_send/);
|
|
|
|
const badStatus = createArtifact();
|
|
badStatus.spec.receipt.status = 'mystery';
|
|
assert.throws(() => validateDecisionRecordArtifact(badStatus), /spec\.receipt\.status must be one of/);
|
|
});
|
|
|
|
test('decision artifact filename is stable and readable', () => {
|
|
const artifact = createArtifact({ source: { task_id: 'task-reporting-governance' } });
|
|
|
|
const fileName = createDecisionRecordFileName(artifact);
|
|
assert.match(fileName, /^2026-05-08T04-00-00-000Z-no-silence\.missed-checkpoint-force_checkpoint-dec_[a-f0-9-]+\.json$/);
|
|
});
|
|
|
|
test('decision artifact filename sanitizes unsafe policy and decision segments', () => {
|
|
const artifact = {
|
|
kind: 'DecisionRecordArtifact',
|
|
apiVersion: 'reporting-governance/v1alpha1',
|
|
metadata: {
|
|
record_id: 'dec_test',
|
|
recorded_at: '2026-05-08T04:00:00.000Z',
|
|
policy_id: '../policy with spaces?',
|
|
decision: 'force checkpoint!',
|
|
correlation_id: null,
|
|
task_id: null,
|
|
event_id: 'evt_1234',
|
|
},
|
|
spec: {
|
|
decision: {
|
|
policy_id: '../policy with spaces?',
|
|
decision: 'force checkpoint!',
|
|
},
|
|
receipt: {
|
|
policy_id: '../policy with spaces?',
|
|
decision: 'force checkpoint!',
|
|
status: 'planned',
|
|
delivery_state: 'pending_external_send',
|
|
enforcement_intent: [],
|
|
blocked_actions: [],
|
|
operator_notice_required: false,
|
|
notes: [],
|
|
},
|
|
source: {
|
|
event_id: 'evt_1234',
|
|
task_id: null,
|
|
correlation_id: null,
|
|
},
|
|
},
|
|
};
|
|
|
|
const fileName = createDecisionRecordFileName(artifact);
|
|
assert.equal(fileName, '2026-05-08T04-00-00-000Z-policy-with-spaces-force-checkpoint-dec_test.json');
|
|
});
|
|
|
|
test('sanitizeFileSegment collapses malicious or blank segments to safe file names', () => {
|
|
assert.equal(decisionArtifactTestables.sanitizeFileSegment('../../etc/passwd', 'fallback'), 'etc-passwd');
|
|
assert.equal(decisionArtifactTestables.sanitizeFileSegment(' ', 'fallback'), 'fallback');
|
|
assert.equal(decisionArtifactTestables.sanitizeFileSegment('policy:force/checkpoint', 'fallback'), 'policy-force-checkpoint');
|
|
});
|
|
|
|
test('file decision store writes and reloads a validated decision artifact inside repo root', async (t) => {
|
|
const sandbox = fs.mkdtempSync(path.join(os.tmpdir(), 'reporting-governance-decision-store-'));
|
|
t.after(() => fs.rmSync(sandbox, { recursive: true, force: true }));
|
|
|
|
const fakeRepoRoot = path.join(sandbox, 'repo');
|
|
fs.mkdirSync(fakeRepoRoot, { recursive: true });
|
|
|
|
const planned = createPlannedDecision();
|
|
const store = createFileDecisionStore({
|
|
decisionsDir: path.join(fakeRepoRoot, 'state', 'decisions'),
|
|
repoRootOverride: fakeRepoRoot,
|
|
});
|
|
|
|
const written = store.write({
|
|
decision: planned.decision,
|
|
receipt: planned.receipt,
|
|
recordedAt: '2026-05-08T04:00:00.000Z',
|
|
source: {
|
|
event_id: 'evt_watchdog_001',
|
|
task_id: 'task-reporting-governance',
|
|
correlation_id: 'corr-001',
|
|
},
|
|
});
|
|
|
|
assert.equal(fs.existsSync(written.artifactPath), true);
|
|
assert.match(path.basename(written.artifactPath), /^2026-05-08T04-00-00-000Z-no-silence\.missed-checkpoint-force_checkpoint-dec_[a-f0-9-]+\.json$/);
|
|
|
|
const loaded = store.load(written.artifactPath);
|
|
assert.equal(loaded.artifact.metadata.event_id, 'evt_watchdog_001');
|
|
assert.equal(loaded.artifact.spec.receipt.delivery_state, 'pending_external_send');
|
|
});
|
|
|
|
test('file decision store round-trips failed receipt through write load and consume', async (t) => {
|
|
const sandbox = fs.mkdtempSync(path.join(os.tmpdir(), 'reporting-governance-decision-store-'));
|
|
t.after(() => fs.rmSync(sandbox, { recursive: true, force: true }));
|
|
|
|
const fakeRepoRoot = path.join(sandbox, 'repo');
|
|
fs.mkdirSync(fakeRepoRoot, { recursive: true });
|
|
|
|
const planned = createPlannedDecision();
|
|
const store = createFileDecisionStore({
|
|
decisionsDir: path.join(fakeRepoRoot, 'state', 'decisions'),
|
|
repoRootOverride: fakeRepoRoot,
|
|
});
|
|
|
|
const written = store.write({
|
|
decision: planned.decision,
|
|
receipt: {
|
|
...planned.receipt,
|
|
status: 'failed',
|
|
delivery_state: 'failed',
|
|
notes: [...planned.receipt.notes, 'bridge send failed'],
|
|
failure_reason: 'bridge_send_failed'
|
|
},
|
|
recordedAt: '2026-05-08T04:00:00.000Z',
|
|
source: {
|
|
event_id: 'evt_watchdog_failed_001',
|
|
task_id: 'task-reporting-governance',
|
|
correlation_id: 'corr-failed-001',
|
|
},
|
|
});
|
|
|
|
const consumed = store.consume(written.artifactPath, ({ artifact, artifactPath }) => ({
|
|
artifactPath,
|
|
receiptStatus: artifact.spec.receipt.status,
|
|
deliveryState: artifact.spec.receipt.delivery_state,
|
|
failureReason: artifact.spec.receipt.failure_reason,
|
|
eventId: artifact.spec.source.event_id,
|
|
}));
|
|
|
|
assert.equal(consumed.receiptStatus, 'failed');
|
|
assert.equal(consumed.deliveryState, 'failed');
|
|
assert.equal(consumed.failureReason, 'bridge_send_failed');
|
|
assert.equal(consumed.eventId, 'evt_watchdog_failed_001');
|
|
assert.equal(consumed.artifactPath, written.artifactPath);
|
|
});
|
|
|
|
test('file decision store round-trips partial receipt with source linkage through write load and consume', async (t) => {
|
|
const sandbox = fs.mkdtempSync(path.join(os.tmpdir(), 'reporting-governance-decision-store-'));
|
|
t.after(() => fs.rmSync(sandbox, { recursive: true, force: true }));
|
|
|
|
const fakeRepoRoot = path.join(sandbox, 'repo');
|
|
fs.mkdirSync(fakeRepoRoot, { recursive: true });
|
|
|
|
const planned = createPlannedDecision();
|
|
const store = createFileDecisionStore({
|
|
decisionsDir: path.join(fakeRepoRoot, 'state', 'decisions'),
|
|
repoRootOverride: fakeRepoRoot,
|
|
});
|
|
|
|
const partialReceipt = {
|
|
...planned.receipt,
|
|
status: 'degraded',
|
|
delivery_state: 'partial',
|
|
enforcement_intent: [{ action: 'emit_event', mandatory: true }],
|
|
blocked_actions: [{ action: 'notify_operator', mandatory: true, reason: 'sender binding unavailable' }],
|
|
notes: [...planned.receipt.notes, 'event emitted but operator notice still blocked']
|
|
};
|
|
|
|
const written = store.write({
|
|
decision: planned.decision,
|
|
receipt: partialReceipt,
|
|
recordedAt: '2026-05-08T04:00:00.000Z',
|
|
source: {
|
|
event_id: 'state/operator-notify-bridge-receipts/notify_abc-partial.json',
|
|
task_id: 'task-reporting-governance',
|
|
correlation_id: 'corr-partial-001',
|
|
},
|
|
});
|
|
|
|
const consumed = store.consume(written.artifactPath, ({ artifact }) => ({
|
|
taskId: artifact.spec.source.task_id,
|
|
correlationId: artifact.spec.source.correlation_id,
|
|
eventId: artifact.spec.source.event_id,
|
|
receiptStatus: artifact.spec.receipt.status,
|
|
deliveryState: artifact.spec.receipt.delivery_state,
|
|
blockedActions: artifact.spec.receipt.blocked_actions,
|
|
enforcementIntent: artifact.spec.receipt.enforcement_intent,
|
|
}));
|
|
|
|
assert.equal(consumed.taskId, 'task-reporting-governance');
|
|
assert.equal(consumed.correlationId, 'corr-partial-001');
|
|
assert.equal(consumed.eventId, 'state/operator-notify-bridge-receipts/notify_abc-partial.json');
|
|
assert.equal(consumed.receiptStatus, 'degraded');
|
|
assert.equal(consumed.deliveryState, 'partial');
|
|
assert.equal(consumed.blockedActions.length, 1);
|
|
assert.equal(consumed.enforcementIntent.length, 1);
|
|
});
|
|
|
|
test('file decision store load rejects corrupted or malformed artifacts', async (t) => {
|
|
const sandbox = fs.mkdtempSync(path.join(os.tmpdir(), 'reporting-governance-decision-store-'));
|
|
t.after(() => fs.rmSync(sandbox, { recursive: true, force: true }));
|
|
|
|
const fakeRepoRoot = path.join(sandbox, 'repo');
|
|
const decisionsDir = path.join(fakeRepoRoot, 'state', 'decisions');
|
|
fs.mkdirSync(decisionsDir, { recursive: true });
|
|
|
|
const store = createFileDecisionStore({
|
|
decisionsDir,
|
|
repoRootOverride: fakeRepoRoot,
|
|
});
|
|
|
|
const malformedJsonPath = path.join(decisionsDir, 'broken.json');
|
|
fs.writeFileSync(malformedJsonPath, '{not-json\n', 'utf8');
|
|
assert.throws(() => store.load(malformedJsonPath));
|
|
|
|
const corruptedArtifactPath = path.join(decisionsDir, 'corrupted.json');
|
|
fs.writeFileSync(corruptedArtifactPath, `${JSON.stringify({
|
|
kind: 'DecisionRecordArtifact',
|
|
apiVersion: 'reporting-governance/v1alpha1',
|
|
metadata: {
|
|
recorded_at: '',
|
|
policy_id: 'no-silence.missed-checkpoint',
|
|
decision: 'force_checkpoint',
|
|
event_id: 'evt_watchdog_001',
|
|
},
|
|
spec: {
|
|
decision: {
|
|
policy_id: 'no-silence.missed-checkpoint',
|
|
decision: 'force_checkpoint',
|
|
},
|
|
receipt: {
|
|
policy_id: 'no-silence.missed-checkpoint',
|
|
decision: 'force_checkpoint',
|
|
status: 'planned',
|
|
delivery_state: 'pending_external_send',
|
|
enforcement_intent: [],
|
|
blocked_actions: [],
|
|
operator_notice_required: false,
|
|
notes: [],
|
|
},
|
|
source: {
|
|
event_id: 'evt_watchdog_001',
|
|
task_id: null,
|
|
correlation_id: null,
|
|
},
|
|
},
|
|
}, null, 2)}\n`, 'utf8');
|
|
assert.throws(() => store.load(corruptedArtifactPath), /metadata\.recorded_at must be a non-empty string/);
|
|
});
|
|
|
|
test('file decision store consume rejects non-function consumer', async (t) => {
|
|
const sandbox = fs.mkdtempSync(path.join(os.tmpdir(), 'reporting-governance-decision-store-'));
|
|
t.after(() => fs.rmSync(sandbox, { recursive: true, force: true }));
|
|
|
|
const fakeRepoRoot = path.join(sandbox, 'repo');
|
|
fs.mkdirSync(fakeRepoRoot, { recursive: true });
|
|
|
|
const planned = createPlannedDecision();
|
|
const store = createFileDecisionStore({
|
|
decisionsDir: path.join(fakeRepoRoot, 'state', 'decisions'),
|
|
repoRootOverride: fakeRepoRoot,
|
|
});
|
|
|
|
const written = store.write({
|
|
decision: planned.decision,
|
|
receipt: planned.receipt,
|
|
recordedAt: '2026-05-08T04:00:00.000Z',
|
|
source: { task_id: 'task-reporting-governance' }
|
|
});
|
|
|
|
assert.throws(() => store.consume(written.artifactPath, null), /decision store consumer must be a function/);
|
|
});
|
|
|
|
test('file decision store produces distinct filenames for same decision written twice', async (t) => {
|
|
const sandbox = fs.mkdtempSync(path.join(os.tmpdir(), 'reporting-governance-decision-store-'));
|
|
t.after(() => fs.rmSync(sandbox, { recursive: true, force: true }));
|
|
|
|
const fakeRepoRoot = path.join(sandbox, 'repo');
|
|
fs.mkdirSync(fakeRepoRoot, { recursive: true });
|
|
|
|
const planned = createPlannedDecision();
|
|
const store = createFileDecisionStore({
|
|
decisionsDir: path.join(fakeRepoRoot, 'state', 'decisions'),
|
|
repoRootOverride: fakeRepoRoot,
|
|
});
|
|
|
|
const first = store.write({
|
|
decision: planned.decision,
|
|
receipt: planned.receipt,
|
|
recordedAt: '2026-05-08T04:00:00.000Z',
|
|
source: { task_id: 'task-reporting-governance' }
|
|
});
|
|
const second = store.write({
|
|
decision: planned.decision,
|
|
receipt: planned.receipt,
|
|
recordedAt: '2026-05-08T04:00:00.000Z',
|
|
source: { task_id: 'task-reporting-governance' }
|
|
});
|
|
|
|
assert.notEqual(first.artifact.metadata.record_id, second.artifact.metadata.record_id);
|
|
assert.notEqual(path.basename(first.artifactPath), path.basename(second.artifactPath));
|
|
assert.equal(fs.readdirSync(path.join(fakeRepoRoot, 'state', 'decisions')).filter((name) => name.endsWith('.json')).length, 2);
|
|
});
|
|
|
|
test('file decision store rejects decision directory escaping repo root', () => {
|
|
assert.throws(
|
|
() => createFileDecisionStore({
|
|
decisionsDir: path.resolve(repoRoot, '..', 'escape'),
|
|
repoRootOverride: repoRoot,
|
|
}),
|
|
/decision store decisionsDir must stay within repo root/
|
|
);
|
|
});
|