test(cli): foundation for CLI-contract unit-test campaign#68
Merged
Mikola Lysenko (mikolalysenko) merged 3 commits intoMay 20, 2026
Conversation
Mikola Lysenko (mikolalysenko)
force-pushed
the
tests/cli-contract-foundation
branch
from
0bd4f50 to
6cb84b8
Compare
Add unit-test coverage for every subcommand, flag, default, alias, and
helper in the socket-patch CLI, plus a new CLI_CONTRACT.md that documents
the surface as semver-significant.
Before this change the CLI crate had zero unit tests under src/ —
only network-dependent tests/e2e_*.rs suites gated on --ignored. A flag
rename, a default change, or a JSON key drift could land green and break
every shipped wrapper (npm @socketsecurity/socket-patch, pypi
socket-patch, cargo, prebuilt binaries).
## What's covered
Library surface (new src/lib.rs):
- Cli, Commands, looks_like_uuid, parse_with_uuid_fallback extracted
from main.rs so integration tests can verify the parser without
spawning the binary.
- main.rs becomes a thin wrapper that delegates to the lib.
- Cargo.toml gains [lib] alongside [[bin]].
Core helper extraction:
- socket_patch_core::manifest::operations::resolve_manifest_path
replaces the 5-line absolute-vs-relative join block previously
copy-pasted into apply/rollback/list/remove/repair (5 callers).
CLI_CONTRACT.md (new):
- Documents every subcommand, flag, default value, visible alias
(download, gc), hidden alias (--no-apply), JSON output shape, and
exit code as semver-significant.
- Pins the divergent defaults: --download-mode=diff for apply/get/scan
and --download-mode=file for repair, --batch-size=100 for scan.
- Spells out the bump policy and how to invoke scripts/version-sync.sh.
Helper unit tests (#[cfg(test)] mod tests in each file):
- src/lib.rs — looks_like_uuid (valid/invalid shapes, case-insensitive),
parse_with_uuid_fallback (success, fallback, fallback-fails preserves
original error, no double-rewrite).
- src/output.rs — format_severity, color, confirm (skip_prompt and
is_json short-circuits; interactive path intentionally not tested).
- src/ecosystem_dispatch.rs — partition_purls (filter, dedup, unknown
ecosystem dropped).
- commands/apply.rs — verify_status_str (all 4 VerifyStatus variants),
result_to_json (top-level + filesVerified key sets).
- commands/rollback.rs — find_patches_to_rollback (None=all, PURL match,
UUID match, no-match=empty).
- commands/get.rs — detect_identifier_type (UUID/CVE/GHSA/PURL/None,
case-insensitive for CVE+GHSA), select_patches (paid auto, free
single auto, free multi+is_json -> Err(1)).
Clap parser snapshot tests (new tests/cli_parse_*.rs):
- One file per command: apply, get, list, main, remove, repair,
rollback, scan, setup.
- Every flag (long + short) has at least one parser assertion.
- Every #[arg(default_value)] is asserted on the no-flag parse.
- The download visible alias on get is exercised.
- The gc visible alias on repair is exercised.
- The hidden --no-apply alias on get --save-only is exercised.
- --ecosystems CSV splitting is verified on apply/rollback/scan.
- The bare-UUID rewrite is exercised end-to-end via Cli::try_parse_from.
- Failure paths assert clap::error::ErrorKind variants.
Async run() integration tests:
- tests/cli_parse_list.rs covers missing manifest -> 1, empty -> 0,
populated -> 0, absolute-path override, and a subprocess JSON-shape
assertion against the compiled binary.
- tests/cli_parse_remove.rs covers missing-manifest -> 1.
- tests/cli_parse_setup.rs covers no-package-json -> 0 with the
JSON status:"no_files" shape pinned via subprocess.
## Verification
cargo build --workspace --all-features
cargo clippy --workspace --all-features -- -D warnings
cargo test --workspace --all-features
All clean. 79 new lib tests + 156 new integration tests added on top of
the existing 415 unit tests; cumulative 650 tests pass.
## Why squashed
Originally landed as a foundation PR (#68) plus 10 sibling test PRs
(#69-#78), one per command/file, dispatched in parallel. Squashing the
sibling PRs back into #68 so the contract + tests land as one
self-contained unit — reviewers see the full picture, and a future
revert touches one commit instead of eleven.
Assisted-by: Claude Code:claude-opus-4-7
Mikola Lysenko (mikolalysenko)
force-pushed
the
tests/cli-contract-foundation
branch
from
6cb84b8 to
ef0deac
Compare
This was referenced May 20, 2026
… step
The CI workflow's unit-test job ran on ubuntu-latest + windows-latest;
extend the matrix with macos-latest so the new CLI parser tests are
exercised on every platform the binary ships for. socket-patch ships
prebuilt binaries for x86_64-apple-darwin and aarch64-apple-darwin (see
release.yml), so silent macOS-specific regressions in path handling,
TTY detection, or terminal escapes are real risks today.
Three changes:
- Add `macos-latest` to the test matrix.
- Add `fail-fast: false` so a failure on one OS doesn't mask failures
on the others.
- Add an explicit `cargo build --workspace --all-features` step
before `cargo test`. `cargo test` already builds, but a dedicated
build step gives a cleaner red signal when a build-only failure
happens (e.g. a feature-gated compile error) without the noise of
test-discovery output.
- New `test-release` job: `cargo test --workspace --all-features
--release` on ubuntu-latest. Catches optimization-level regressions
that debug mode hides (e.g. release-mode-only inlining changes that
affect assertion behavior). One OS keeps total CI time reasonable
while still locking in release-mode correctness.
Assisted-by: Claude Code:claude-opus-4-7
…indows `read_archive_to_map` rejects entries whose path is absolute or contains a `..` component, but the check used `Path::is_absolute()` alone. On Windows that function requires a drive letter or UNC prefix, so a tar entry like `/etc/passwd` is NOT considered absolute and would slip through the guard — when later joined to the target directory, Windows would treat it as relative to the current drive's root. Add an explicit check for a leading `/` or `\` byte alongside `Path::is_absolute()` so the guard rejects POSIX-style absolute paths on every platform. The new test_read_archive_rejects_backslash_absolute_paths case locks the symmetric backslash form in. This was uncovered when the CI matrix was extended to actually run on Windows. The existing test_read_archive_rejects_absolute_paths failed on windows-latest because it constructed the archive with a POSIX-style path that the platform-specific `is_absolute()` did not catch. Assisted-by: Claude Code:claude-opus-4-7
Wenxin Jiang (Wenxin-Jiang)
approved these changes
May 20, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Foundation PR for a comprehensive unit-test campaign on the
socket-patchCLI. Stacked on #67 (so it can land alongside the per-package/diff pathways work). No behavior change to the binary. Follow-up PRs will be stacked on this branch and add the actual per-command tests in parallel.Three changes:
Expose the clap parser as a library so integration tests can verify the public CLI contract without spawning the binary:
crates/socket-patch-cli/src/lib.rshostingCli,Commands,looks_like_uuid, andparse_with_uuid_fallback(extracted frommain.rs).Cargo.tomlgains[lib]entry alongside the existing[[bin]].main.rsis now a thin wrapper that delegates to the lib.De-duplicate
manifest-pathresolution. The same 5-line absolute-vs-relative join block was copy-pasted acrossapply/rollback/list/remove/repair. New helpersocket_patch_core::manifest::operations::resolve_manifest_pathreplaces all 5 copies. 3 unit tests cover the relative/absolute/dotted cases.New
crates/socket-patch-cli/CLI_CONTRACT.mddocumenting every subcommand, flag, default value, alias, JSON-output shape, and exit code as semver-significant surface. Spells out the bump policy (rename a flag → MAJOR; add an optional flag → MINOR; …) and how to invokescripts/version-sync.shafterward. A 4-line comment block abovepub enum Commandspoints readers at it.Why now
The CLI crate currently has zero unit tests under
src/— only network-dependenttests/e2e_*.rssuites gated behind--ignored. A flag rename, a default change, or a JSON key drift could land green and silently break every shipped wrapper (npm@socketsecurity/socket-patch, pypisocket-patch, cargo, prebuilt binaries). This PR lays the groundwork; the follow-up PRs will lock in every flag and helper.What lands later (stacked on this branch)
10 parallel test PRs:
tests/cli-parse-main—looks_like_uuid+parse_with_uuid_fallback(the bare-UUID fallback no test guards today)tests/cli-parse-output—format_severity,color,confirmtests/cli-parse-ecosystem-dispatch—partition_purlstests/cli-parse-apply— everyApplyArgsflag +verify_status_str+result_to_jsontests/cli-parse-rollback— everyRollbackArgsflag +find_patches_to_rollbacktests/cli-parse-get— everyGetArgsflag,downloadvisible alias, hidden--no-applyalias,detect_identifier_type,select_patchestests/cli-parse-scan— everyScanArgsflag,--batch-sizedefault = 100tests/cli-parse-list— everyListArgsflag + asyncruntests (missing/empty/populated manifest)tests/cli-parse-repair— everyRepairArgsflag,gcvisible alias, pin--download-modedefault =file(the divergent one)tests/cli-parse-remove-setup— bothRemoveArgs/SetupArgsflags + async error-path JSON shape testsEach will be a sibling PR targeting
tests/cli-contract-foundation.Test plan
cargo build --workspace --all-features— cleancargo clippy --workspace --all-features -- -D warnings— cleancargo test --workspace --all-features --lib— 415 unit tests pass (was 412; +3 fromresolve_manifest_pathtests)cargo test --workspace --all-features --no-run— all 8 e2e test binaries still compilesocket-patch download --help,socket-patch gc --help,socket-patch get --no-apply <id> --help, bare-UUIDsocket-patch <uuid>all behave identically to pre-refactorAssisted-by: Claude Code:claude-opus-4-7