davida-ps
fefecaa60a
* feat(wiki): add full in-app wiki browser and llms index * feat(wiki): auto-generate per-page llms exports * vuln package * fix(wiki): guard malformed route decoding * fix(wiki): preserve markdown anchor fragments across page links * refactor(markdown): share default render components * fix(wiki): block unsafe markdown link schemes * fix(wiki): block unsafe markdown image schemes * docs(wiki): migrate root docs into wiki pages * chore(wiki): de-track generated llms exports * chore(wiki): ignore generated public wiki artifacts * fix(wiki): align llms urls with per-page endpoint pattern * fix(wiki): derive llms index from wiki index page * refactor(markdown): share frontmatter and title helpers * refactor(wiki): share route and llms path mapping * ci(pages): add pr verify workflow and tighten deploy triggers
3.5 KiB
Platform Verification Checklist
Use this checklist to validate portability and path-handling behavior after changes.
Linux Verification
-
Run core Node tests:
node skills/clawsec-suite/test/path_resolution.test.mjs node skills/clawsec-suite/test/guarded_install.test.mjs node skills/clawsec-suite/test/advisory_suppression.test.mjs node skills/openclaw-audit-watchdog/test/suppression_config.test.mjsExpected: all tests pass.
-
Verify no literal
$HOMEpath acceptance:CLAWSEC_LOCAL_FEED='\$HOME/advisories/feed.json' \ node skills/clawsec-suite/scripts/guarded_skill_install.mjs --skill test-skill --dry-runExpected: exits non-zero with
Unexpanded home tokenerror. -
Verify
$HOMEexpansion works:HOME=/tmp/clawsec-home node skills/clawsec-suite/test/path_resolution.test.mjsExpected:
$HOMEexpansion tests pass.
macOS Verification
- Run the same Node test suite as Linux.
- Confirm OpenSSL tooling path assumptions are documented:
- If using LibreSSL/OpenSSL variations, ensure checks use tested command forms from docs.
- Verify tilde expansion in config path:
Expected: path resolves correctly (or clear file-not-found error at expanded location).
OPENCLAW_AUDIT_CONFIG=~/.openclaw/security-audit.json \ node skills/openclaw-audit-watchdog/scripts/load_suppression_config.mjs --enable-suppressions
Windows Verification (PowerShell)
-
Run Node tests:
node skills/clawsec-suite/test/path_resolution.test.mjs node skills/clawsec-suite/test/guarded_install.test.mjs node skills/clawsec-suite/test/advisory_suppression.test.mjsExpected: all pass.
-
Verify PowerShell env path expansion behavior:
$env:CLAWSEC_LOCAL_FEED = '$env:USERPROFILE\advisories\feed.json' node skills/clawsec-suite/scripts/guarded_skill_install.mjs --skill test-skill --dry-runExpected: path token is expanded/normalized or fails with a clear error if target files are missing.
-
Verify escaped literal token rejection:
$env:CLAWSEC_LOCAL_FEED = '\$HOME\advisories\feed.json' node skills/clawsec-suite/scripts/guarded_skill_install.mjs --skill test-skill --dry-runExpected:
Unexpanded home tokenerror; no directory creation with literal$HOME.
Line Endings Sanity
-
Confirm LF policy is present:
test -f .gitattributes && grep -n "eol=lf" .gitattributesExpected: script/config file patterns enforce LF.
-
After a CRLF-prone checkout, verify scripts still parse:
bash -n scripts/populate-local-feed.sh bash -n scripts/populate-local-skills.shExpected: no
^Mshebang/parse errors.
Explicit Bug Check: No Literal $HOME Directory Creation
- Configure a path with a literal/escaped token.
- Run setup/install command.
- Verify command fails early with token error.
- Confirm no
$HOMEsegment directory was created under working directories.
Expected outcome: no directories containing literal $HOME are created by supported setup scripts.
Source References
- .gitattributes
- scripts/populate-local-feed.sh
- scripts/populate-local-skills.sh
- skills/clawsec-suite/test/path_resolution.test.mjs
- skills/clawsec-suite/test/guarded_install.test.mjs
- skills/clawsec-suite/test/advisory_suppression.test.mjs
- skills/clawsec-suite/scripts/guarded_skill_install.mjs
- skills/openclaw-audit-watchdog/scripts/load_suppression_config.mjs
- skills/openclaw-audit-watchdog/test/suppression_config.test.mjs