hai/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-05-14 08:28:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

ci: require npm audit signature checks

Browse Source 
Require npm registry signature verification wherever workflow npm audit checks run.

- add npm audit signatures to CI Security Scan and maintenance security audit jobs
- teach the workflow security validator to reject npm audit without signature verification
- keep the repair and Copilot prompt tests portable across Windows path/case and CRLF frontmatter behavior

Validation:
- node tests/run-all.js (2376 passed, 0 failed)
- CI current-head matrix green on #1846
This commit is contained in:
Affaan Mustafa
2026-05-12 23:48:56 -04:00
committed by GitHub
parent 766f4ee1d8
commit 797f283036
6 changed files with 44 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
tests/scripts/repair.test.js
View File

@@ -64,6 +64,16 @@ function runNode(scriptPath, args = [], options = {}) {
}
}
function normalizeComparablePath(filePath) {
const normalized = path.normalize(filePath);
return process.platform === 'win32' ? normalized.toLowerCase() : normalized;
}
function pathListIncludes(paths, expectedPath) {
const normalizedExpected = normalizeComparablePath(expectedPath);
return paths.some(filePath => normalizeComparablePath(filePath) === normalizedExpected);
}
function test(name, fn) {
try {
fn();
@@ -117,7 +127,7 @@ function runTests() {
const parsed = JSON.parse(repairResult.stdout);
assert.strictEqual(parsed.results[0].status, 'repaired');
assert.ok(parsed.results[0].repairedPaths.includes(managedPath));
assert.ok(pathListIncludes(parsed.results[0].repairedPaths, managedPath));
assert.strictEqual(fs.readFileSync(managedPath, 'utf8'), expectedContent);
assert.ok(fs.existsSync(statePath));
} finally {