sapient/oh-my-openagent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test(git-master): cover full git command prefix injection

Browse Source
This commit is contained in:
YeonGyu-Kim
2026-03-11 17:07:43 +09:00
parent 02fec3ddb1
commit a70e7fe742
1 changed files with 34 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/features/opencode-skill-loader/git-master-template-injection.test.ts
View File

@@ -12,6 +12,9 @@ const SAMPLE_TEMPLATE = [
"", "",
"```bash", "```bash",
"git status", "git status",
"git merge-base HEAD main 2>/dev/null || git merge-base HEAD master 2>/dev/null",
"MERGE_BASE=$(git merge-base HEAD main)",
"GIT_SEQUENCE_EDITOR=: git rebase -i --autosquash $MERGE_BASE",
"```", "```",
"", "",
"```", "```",
@@ -67,6 +70,18 @@ describe("#given git_env_prefix config", () => {
}) })
}) })
describe("#when git_env_prefix contains shell metacharacters", () => {
it("#then rejects the malicious value", () => {
expect(() =>
injectGitMasterConfig(SAMPLE_TEMPLATE, {
commit_footer: false,
include_co_authored_by: false,
git_env_prefix: "A=1; rm -rf /",
})
).toThrow('git_env_prefix must be empty or use shell-safe env assignments like "GIT_MASTER=1"')
})
})
describe("#when no config provided", () => { describe("#when no config provided", () => {
it("#then uses default GIT_MASTER=1 prefix", () => { it("#then uses default GIT_MASTER=1 prefix", () => {
const result = injectGitMasterConfig(SAMPLE_TEMPLATE) const result = injectGitMasterConfig(SAMPLE_TEMPLATE)
@@ -91,6 +106,25 @@ describe("#given git_env_prefix with commit footer", () => {
}) })
}) })
describe("#when the template already contains bare git commands in bash blocks", () => {
it("#then prefixes every git invocation in the final output", () => {
const result = injectGitMasterConfig(SAMPLE_TEMPLATE, {
commit_footer: false,
include_co_authored_by: false,
git_env_prefix: "GIT_MASTER=1",
})
expect(result).toContain("GIT_MASTER=1 git status")
expect(result).toContain(
"GIT_MASTER=1 git merge-base HEAD main 2>/dev/null || GIT_MASTER=1 git merge-base HEAD master 2>/dev/null"
)
expect(result).toContain("MERGE_BASE=$(GIT_MASTER=1 git merge-base HEAD main)")
expect(result).toContain(
"GIT_SEQUENCE_EDITOR=: GIT_MASTER=1 git rebase -i --autosquash $MERGE_BASE"
)
})
})
describe("#when env prefix disabled but footer enabled", () => { describe("#when env prefix disabled but footer enabled", () => {
it("#then commit examples have no env prefix", () => { it("#then commit examples have no env prefix", () => {
const result = injectGitMasterConfig(SAMPLE_TEMPLATE, { const result = injectGitMasterConfig(SAMPLE_TEMPLATE, {