MCPcopy
hub / github.com/affaan-m/ECC / run

Function run

tests/ci/supply-chain-advisory-sources.test.js:41–288  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

39}
40
41async function run() {
42 console.log('\n=== Testing supply-chain advisory source refresh ===\n');
43
44 let passed = 0;
45 let failed = 0;
46
47 if (await test('default sources cover the active npm and PyPI campaign', async () => {
48 const ids = DEFAULT_ADVISORY_SOURCES.map(source => source.id);
49 for (const requiredId of [
50 'tanstack-postmortem',
51 'github-ghsa-g7cv-rxg3-hmpx',
52 'stepsecurity-mini-shai-hulud',
53 'openai-tanstack-response',
54 'socket-node-ipc',
55 'cisa-npm-compromise',
56 ]) {
57 assert.ok(ids.includes(requiredId), `Missing advisory source ${requiredId}`);
58 }
59
60 const ecosystemCoverage = new Set(DEFAULT_ADVISORY_SOURCES.flatMap(source => source.ecosystems));
61 assert.ok(ecosystemCoverage.has('npm'));
62 assert.ok(ecosystemCoverage.has('PyPI'));
63 assert.ok(ecosystemCoverage.has('AI developer tooling'));
64 })) passed++; else failed++;
65
66 if (await test('offline report emits passing coverage checks and Linear-ready ITO-57 payload', async () => {
67 const report = await buildAdvisorySourceReport({
68 generatedAt: '2026-05-16T00:00:00.000Z',
69 refresh: false,
70 });
71
72 assert.strictEqual(report.schema_version, 'ecc.supply-chain-advisory-sources.v1');
73 assert.strictEqual(report.ready, true);
74 assert.strictEqual(report.refresh.enabled, false);
75 assert.ok(report.sources.length >= 8);
76 assert.ok(report.checks.every(check => check.status === 'pass'));
77 assert.strictEqual(report.linear.status.issueId, 'ITO-57');
78 assert.match(report.linear.status.summary, /advisory sources current/i);
79 assert.match(report.linear.status.remaining, /Linear status/i);
80 })) passed++; else failed++;
81
82 if (await test('refresh mode records per-source live check results', async () => {
83 const calls = [];
84 const report = await buildAdvisorySourceReport({
85 generatedAt: '2026-05-16T00:00:00.000Z',
86 refresh: true,
87 fetchSource: async source => {
88 calls.push(source.id);
89 return {
90 ok: true,
91 statusCode: 200,
92 finalUrl: source.url,
93 checkedAt: '2026-05-16T00:00:00.000Z',
94 };
95 },
96 });
97
98 assert.deepStrictEqual(

Calls 7

spawnSyncFunction · 0.85
okMethod · 0.80
hasMethod · 0.80
testFunction · 0.70
parseArgsFunction · 0.50
renderTextFunction · 0.50

Tested by

no test coverage detected