-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest-hook-env.mjs
More file actions
75 lines (67 loc) · 2.95 KB
/
Copy pathtest-hook-env.mjs
File metadata and controls
75 lines (67 loc) · 2.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
// Test that hooks never see OrbCode credentials (or other secret-like env vars).
// Run with: node test-hook-env.mjs
import { HookRunner } from "./dist/core/hooks.js"
import assert from "node:assert"
let passed = 0
const ok = (name) => { console.log(` ok - ${name}`); passed++ }
function makeRunner(config) {
const systemMessages = []
const runner = new HookRunner({
cwd: process.cwd(),
sessionId: "test-session",
transcriptPath: "/tmp/test-session.json",
config,
onSystemMessage: (message, isError) => systemMessages.push({ message, isError }),
})
return { runner, systemMessages }
}
// Set up credential-like env vars that must NEVER reach a hook.
process.env.MATTERAI_TOKEN = "secret-orbcode-token"
process.env.MATTERAI_API_KEY = "secret-api-key"
process.env.MATTERAI_CONFIG_DIR = "/should/not/leak"
process.env.MY_GITHUB_TOKEN = "ghp_secret"
process.env.AWS_SECRET_ACCESS_KEY = "aws-secret"
process.env.DATABASE_PASSWORD = "db-pass"
// 1. MATTERAI_TOKEN and MATTERAI_API_KEY are redacted from the hook env.
{
const { runner } = makeRunner({
SessionStart: [{ hooks: [{ type: "command", command: "env" }] }],
})
const r = await runner.run("SessionStart", { source: "startup" })
const envOutput = r.additionalContext || ""
assert.ok(!envOutput.includes("secret-orbcode-token"), "MATTERAI_TOKEN must not leak to hooks")
assert.ok(!envOutput.includes("secret-api-key"), "MATTERAI_API_KEY must not leak to hooks")
assert.ok(!envOutput.includes("/should/not/leak"), "MATTERAI_CONFIG_DIR must not leak to hooks")
ok("OrbCode credential env vars are redacted from hooks")
}
// 2. Credential-like patterns (TOKEN, SECRET, PASSWORD) are redacted too.
{
const { runner } = makeRunner({
SessionStart: [{ hooks: [{ type: "command", command: "env" }] }],
})
const r = await runner.run("SessionStart", { source: "startup" })
const envOutput = r.additionalContext || ""
assert.ok(!envOutput.includes("ghp_secret"), "MY_GITHUB_TOKEN must not leak")
assert.ok(!envOutput.includes("aws-secret"), "AWS_SECRET_ACCESS_KEY must not leak")
assert.ok(!envOutput.includes("db-pass"), "DATABASE_PASSWORD must not leak")
ok("credential-pattern env vars (TOKEN/SECRET/PASSWORD) are redacted")
}
// 3. Non-credential env vars (PATH, HOME, MATTERAI_PROJECT_DIR) are preserved.
{
const { runner } = makeRunner({
SessionStart: [{ hooks: [{ type: "command", command: "env" }] }],
})
const r = await runner.run("SessionStart", { source: "startup" })
const envOutput = r.additionalContext || ""
assert.ok(envOutput.includes("MATTERAI_PROJECT_DIR"), "MATTERAI_PROJECT_DIR must be present")
assert.ok(envOutput.includes("PATH="), "PATH must be preserved")
ok("non-credential env vars (PATH, MATTERAI_PROJECT_DIR) are preserved")
}
// Cleanup
delete process.env.MATTERAI_TOKEN
delete process.env.MATTERAI_API_KEY
delete process.env.MATTERAI_CONFIG_DIR
delete process.env.MY_GITHUB_TOKEN
delete process.env.AWS_SECRET_ACCESS_KEY
delete process.env.DATABASE_PASSWORD
console.log(`\n${passed} checks passed`)