flights_web/scripts/ci/audit-console-allowlist.sh

#!/usr/bin/env bash
# audit-console-allowlist.sh — find dead entries in tests/e2e/fixtures/console-allowlist.json.
#
# Usage: BASE_URL=<url> ./scripts/ci/audit-console-allowlist.sh
#
# Strategy: stash the current allowlist, run e2e with it empty (so console-gate
# captures every message, attached to test artifacts), then diff captured
# messages against allowlist patterns. Patterns that didn't match anything
# are flagged as dead.
set -euo pipefail

REPO="$(cd "$(dirname "$0")/../.." && pwd)"
ALLOWLIST="$REPO/tests/e2e/fixtures/console-allowlist.json"

[ -f "$ALLOWLIST" ] || { echo "fatal: $ALLOWLIST not found" >&2; exit 1; }
command -v jq >/dev/null 2>&1 || { echo "fatal: jq required" >&2; exit 2; }

BACKUP=$(mktemp)
cp "$ALLOWLIST" "$BACKUP"
trap 'mv "$BACKUP" "$ALLOWLIST"' EXIT

# Empty the allowlist
echo '{"patterns":[]}' > "$ALLOWLIST"

# Run e2e, allow failures (we want the captured messages, not pass/fail)
echo "Running e2e with empty allowlist (captures all console messages)..."
( cd "$REPO" && pnpm test:e2e --reporter=line ) || true

# Collect all console-violations.txt attachments
CAPTURED=$(mktemp)
find "$REPO/playwright-report" -name "console-violations.txt" -exec cat {} \; > "$CAPTURED" || true
find "$REPO/test-results"      -name "console-violations.txt" -exec cat {} \; >> "$CAPTURED" 2>/dev/null || true

# For each pattern in the original allowlist, check if any captured line matches
echo
echo "=== Allowlist audit ==="
PATTERNS=$(jq -r '.patterns[] | "\(.pattern)\t\(.reason)"' "$BACKUP")
DEAD=0
LIVE=0
while IFS=$'\t' read -r pat reason; do
  [ -z "$pat" ] && continue
  if grep -qE "$pat" "$CAPTURED" 2>/dev/null; then
    echo "✅ live: $pat — $reason"
    LIVE=$((LIVE + 1))
  else
    echo "💀 dead: $pat — $reason"
    DEAD=$((DEAD + 1))
  fi
done <<< "$PATTERNS"

echo
echo "Summary: $LIVE live, $DEAD dead. Review dead entries — they may be safe to remove."

rm -f "$CAPTURED"