feat: add test infrastructure with bun:test#6
Merged
Conversation
betegon
force-pushed
the
feat/test-infrastructure
branch
4 times, most recently
from
ac2603f to
46c1d8e
Compare
- Add test configuration (bunfig.toml, preload.ts for isolation) - Add test utilities (tmpdir, mockProcess, runCli helpers) - Add unit tests for DSN parsing and detection - Add integration tests for config management - Add E2E tests for auth, issue, project commands - Update commands to throw errors for proper exit codes - Add SENTRY_CLI_CONFIG_DIR env var support for test isolation - Add test step to CI workflow with secrets - Add test scripts to package.json (bun test, bun test:e2e) Test coverage: - 74 tests across 6 files - Unit: DSN parsing, DSN detection - Integration: config read/write, token management - E2E: auth login/logout/status, org list, project list, issue list/get
betegon
force-pushed
the
feat/test-infrastructure
branch
from
46c1d8e to
95b4b65
Compare
BYK
added a commit
that referenced
this pull request
Mar 14, 2026
Addresses 18 review comments from BYK on the generator-commands PR: #2: Use result.user = user instead of cherry-picking fields (login.ts) #3: Remove process.stdin param from runInteractiveLogin (interactive-login.ts) #4: Use return yield pattern for one-liner yields (logout.ts) #5: Make OutputConfig.json optional (defaults to true) (output.ts) #6: Convert trace/logs.ts to yield commandOutput (trace/logs.ts) #7: Move URL/QR display through yield commandOutput (trial/start.ts) #8: Rename const log → const logger, import logger as log (trial/start.ts) #9: Convert help.ts to yield commandOutput (help.ts) #11: Replace Symbol branding with class + instanceof for CommandOutput (output.ts, command.ts) #12: Remove jsonlLines/JSONL mechanism — each yield becomes one JSON line (output.ts, log/list.ts) #15-#17: Replace polling dots with spinner in interactive login (interactive-login.ts) #18: Yield individual log items in follow mode (log/list.ts) Key changes: - CommandOutput is now a class using instanceof instead of Symbol branding - JSONL support removed — streaming commands yield items individually - trace/logs.ts uses OutputConfig with human/jsonTransform instead of manual stdout - help.ts yields through output framework - trial/start.ts handlePlanTrial is now an async generator yielding display data - interactive-login.ts uses consola spinner for polling, removes stdin param - OutputConfig.json is now optional (defaults to true when object form is used) Tests updated for trace/logs and trial/start to use context stdout.
BYK
added a commit
that referenced
this pull request
Mar 16, 2026
Addresses 18 review comments from BYK on the generator-commands PR: #2: Use result.user = user instead of cherry-picking fields (login.ts) #3: Remove process.stdin param from runInteractiveLogin (interactive-login.ts) #4: Use return yield pattern for one-liner yields (logout.ts) #5: Make OutputConfig.json optional (defaults to true) (output.ts) #6: Convert trace/logs.ts to yield commandOutput (trace/logs.ts) #7: Move URL/QR display through yield commandOutput (trial/start.ts) #8: Rename const log → const logger, import logger as log (trial/start.ts) #9: Convert help.ts to yield commandOutput (help.ts) #11: Replace Symbol branding with class + instanceof for CommandOutput (output.ts, command.ts) #12: Remove jsonlLines/JSONL mechanism — each yield becomes one JSON line (output.ts, log/list.ts) #15-#17: Replace polling dots with spinner in interactive login (interactive-login.ts) #18: Yield individual log items in follow mode (log/list.ts) Key changes: - CommandOutput is now a class using instanceof instead of Symbol branding - JSONL support removed — streaming commands yield items individually - trace/logs.ts uses OutputConfig with human/jsonTransform instead of manual stdout - help.ts yields through output framework - trial/start.ts handlePlanTrial is now an async generator yielding display data - interactive-login.ts uses consola spinner for polling, removes stdin param - OutputConfig.json is now optional (defaults to true when object form is used) Tests updated for trace/logs and trial/start to use context stdout.
BYK
added a commit
that referenced
this pull request
Apr 21, 2026
…786) ## Summary Surfaces the highest-signal env vars directly in `sentry --help` and adds an `envVars` array to `sentry help --json`. Previously, `SENTRY_AUTH_TOKEN`, `SENTRY_FORCE_ENV_TOKEN`, and friends lived only in [configuration.md](https://cli.sentry.dev/configuration/). Users hitting odd auth behavior had to leave the terminal to discover them. This matches how `gh --help` surfaces `GH_TOKEN` / `GH_HOST` at the top level. **Surfaced vars:** `SENTRY_AUTH_TOKEN`, `SENTRY_FORCE_ENV_TOKEN`, `SENTRY_ORG`, `SENTRY_PROJECT`, `SENTRY_DSN`, `SENTRY_HOST`, `SENTRY_LOG_LEVEL`, `NO_COLOR`. Source of truth is `env-registry.ts`: entries gain an optional `topLevel` flag plus a one-line `briefDescription` used in the branded help summary. The full catalog of every env var remains in `configuration.md` unchanged. ## Test plan - `bun test test/lib/help.test.ts` — new test cases assert each top-level var appears both in `printCustomHelp()` output and in `introspectAllCommands().envVars`. - `bun run typecheck`, `bun run lint` — clean (one pre-existing unrelated warning). - Full unit suite: 5263 passing. Part of #785 (addresses items #5 and #6).
BYK
added a commit
that referenced
this pull request
Jun 16, 2026
…#1106) ## Summary Resolves the open Dependabot security alerts for `getsentry/cli`. `gh security-advisories` was empty; Dependabot had 7 open alerts (plus 1 already-fixed astro alert). This PR fixes 6 of them via dependency updates; the 7th has no upstream patch and is dismissed separately. ## Alerts fixed | # | Package | Severity | Fix | Where | |---|---------|----------|-----|-------| | 8 | esbuild | High (RCE via `NPM_CONFIG_REGISTRY`) | 0.28.1 | root | | 7 | esbuild | High (RCE) | 0.28.1 | docs | | 6 | esbuild | Low (Windows path traversal) | 0.28.1 | docs | | 5 | shell-quote | Critical (command injection) | 1.8.4 | root | | 3 | qs | Medium (DoS) | 6.15.2 | root | ## Changes - **Root `package.json`**: bump direct `esbuild` to `^0.28.1` (used by `script/build.ts`, `script/bundle.ts`, `script/text-import-plugin.ts`); add `pnpm.overrides` pinning the vulnerable transitive ranges of `esbuild`, `shell-quote`, and `qs` to patched versions; bump `@mastra/client-js` to `^1.24.0`. - **`docs/package.json`** (standalone, non-workspace pnpm project): add `pnpm.overrides` for `esbuild` (covers alerts #6 and #7). - Regenerated both `pnpm-lock.yaml` files. `pnpm.overrides` lives under the `pnpm` key, so `check:deps` (no root `dependencies`) still passes. ## Not in this PR - **Alert #4** (`@ai-sdk/provider-utils`, CVE-2026-8769, Low): no patched version exists upstream (`first_patched_version: null`). Max stable 3.x (3.0.26) is still within the affected range `<=3.0.97`, and only the 4.x major escapes it — but that would break the v5 consumers (`@ai-sdk/ui-utils` pins 2.2.8). Bumping `@mastra/client-js` does not remove the vulnerable instances. Dev-only/inconclusive transitive dep. **Dismissed on GitHub as `tolerable_risk`** pending an upstream fix. - **Alert #2** (astro XSS): already fixed on `main` (resolved to astro 6.3.7 ≥ 6.1.6). ## Verification - `pnpm run check:deps` ✓ - `pnpm run typecheck` ✓ - `pnpm run build` ✓ (esbuild 0.28.1 bundle + Node SEA binary) - Confirmed no vulnerable `esbuild`/`shell-quote`/`qs` versions remain in either lockfile.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds comprehensive test infrastructure for the CLI using
bun:test.Changes
Test Infrastructure
.env.localfor test credentialstmpdir,mockProcess,runCli)Tests Added
test/lib/dsn.test.tstest/lib/dsn-detector.test.tstest/lib/config.test.tstest/e2e/auth.test.tstest/e2e/issue.test.tstest/e2e/project.test.tsCode Changes
SENTRY_CLI_CONFIG_DIRenv var support for test isolationprocess.exitCode(for proper exit codes with stricli)auth login --tokenCI Updates
packages/cli/Test Commands
CI Setup Required
Add
SENTRY_TEST_AUTH_TOKENto GitHub repository secrets for E2E tests.Test Results