test(e2e): add nominal tests for exec & init CLI commands (#434)

ErwanRaulo · web-flow · commit 7806ebaa982c · 2025-05-09T17:52:39.000+02:00
no breaking changes use childprocess to collect CLI stdout missing limit case tests fix #395
diff --git a/.gitignore b/.gitignore
@@ -65,5 +65,9 @@ json/
 reports/
 preview/
 dist/
-.nodesecurerc
+/.nodesecurerc
 .DS_Store
+
+# IDE
+.vscode
+jsconfig.json
diff --git a/package.json b/package.json
@@ -1,76 +1,77 @@
-{
-  "name": "@nodesecure/report",
-  "version": "3.0.0",
-  "description": "NodeSecure HTML & PDF graphic security report",
-  "main": "./dist/src/index.js",
-  "type": "module",
-  "bin": {
-    "nreport": "./dist/bin/index.js"
-  },
-  "exports": {
-    ".": {
-      "import": "./dist/src/index.js"
-    }
-  },
-  "scripts": {
-    "build": "tsc && npm run build:views && npm run build:public",
-    "build:views": "rimraf dist/views && cp -r views dist/views",
-    "build:public": "rimraf dist/public && cp -r public dist/public",
-    "lint": "eslint src test bin scripts",
-    "test-only": "glob -c \"tsx --test-reporter=spec --test\" \"./test/**/*.spec.ts\"",
-    "test": "c8 --all --src ./src -r html npm run test-only",
-    "preview:light": "tsx --no-warnings ./scripts/preview.js --theme light",
-    "preview:dark": "tsx --no-warnings ./scripts/preview.js --theme dark",
-    "prepublishOnly": "npm run build"
-  },
-  "files": [
-    "dist"
-  ],
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/NodeSecure/report.git"
-  },
-  "keywords": [
-    "security",
-    "report",
-    "nodesecure",
-    "pdf",
-    "html",
-    "chart"
-  ],
-  "author": "NodeSecure",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/NodeSecure/report/issues"
-  },
-  "homepage": "https://github.com/NodeSecure/report#readme",
-  "dependencies": {
-    "@nodesecure/flags": "^2.4.0",
-    "@nodesecure/ossf-scorecard-sdk": "^3.2.1",
-    "@nodesecure/rc": "^4.0.0",
-    "@nodesecure/scanner": "^6.0.2",
-    "@nodesecure/utils": "^2.2.0",
-    "@openally/mutex": "^1.0.0",
-    "@topcli/spinner": "^2.1.2",
-    "esbuild": "^0.25.0",
-    "filenamify": "^6.0.0",
-    "kleur": "^4.1.5",
-    "puppeteer": "24.3.1",
-    "sade": "^1.8.1",
-    "zup": "0.0.2"
-  },
-  "devDependencies": {
-    "@openally/config.eslint": "^2.1.0",
-    "@openally/config.typescript": "^1.0.3",
-    "@types/node": "^22.2.0",
-    "c8": "^10.1.2",
-    "glob": "^11.0.0",
-    "open": "^10.1.0",
-    "rimraf": "^6.0.1",
-    "tsx": "^4.19.2",
-    "typescript": "^5.7.2"
-  },
-  "engines": {
-    "node": ">=20"
-  }
-}
+{
+  "name": "@nodesecure/report",
+  "version": "3.0.0",
+  "description": "NodeSecure HTML & PDF graphic security report",
+  "main": "./dist/src/index.js",
+  "type": "module",
+  "bin": {
+    "nreport": "./dist/bin/index.js"
+  },
+  "exports": {
+    ".": {
+      "import": "./dist/src/index.js"
+    }
+  },
+  "scripts": {
+    "build": "tsc && npm run build:views && npm run build:public",
+    "build:views": "rimraf dist/views && cp -r views dist/views",
+    "build:public": "rimraf dist/public && cp -r public dist/public",
+    "lint": "eslint src test bin scripts",
+    "test-only": "glob -c \"tsx --test-reporter=spec --test\" \"./test/**/*.spec.ts\"",
+    "test": "c8 --all --src ./src -r html npm run test-only",
+    "test:e2e": "glob -c \"tsx -r dotenv/config --test-reporter=spec --test\" \"./test/**/*.e2e-spec.ts\"",
+    "preview:light": "tsx --no-warnings ./scripts/preview.js --theme light",
+    "preview:dark": "tsx --no-warnings ./scripts/preview.js --theme dark",
+    "prepublishOnly": "npm run build"
+  },
+  "files": [
+    "dist"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/NodeSecure/report.git"
+  },
+  "keywords": [
+    "security",
+    "report",
+    "nodesecure",
+    "pdf",
+    "html",
+    "chart"
+  ],
+  "author": "NodeSecure",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/NodeSecure/report/issues"
+  },
+  "homepage": "https://github.com/NodeSecure/report#readme",
+  "dependencies": {
+    "@nodesecure/flags": "^2.4.0",
+    "@nodesecure/ossf-scorecard-sdk": "^3.2.1",
+    "@nodesecure/rc": "^4.0.0",
+    "@nodesecure/scanner": "^6.0.2",
+    "@nodesecure/utils": "^2.2.0",
+    "@openally/mutex": "^1.0.0",
+    "@topcli/spinner": "^2.1.2",
+    "esbuild": "^0.25.0",
+    "filenamify": "^6.0.0",
+    "kleur": "^4.1.5",
+    "puppeteer": "24.3.1",
+    "sade": "^1.8.1",
+    "zup": "0.0.2"
+  },
+  "devDependencies": {
+    "@openally/config.eslint": "^2.1.0",
+    "@openally/config.typescript": "^1.0.3",
+    "@types/node": "^22.2.0",
+    "c8": "^10.1.2",
+    "glob": "^11.0.0",
+    "open": "^10.1.0",
+    "rimraf": "^6.0.1",
+    "tsx": "^4.19.2",
+    "typescript": "^5.7.2"
+  },
+  "engines": {
+    "node": ">=20"
+  }
+}
diff --git a/test/commands/execute.e2e-spec.ts b/test/commands/execute.e2e-spec.ts
@@ -0,0 +1,63 @@
+// Import Node.js Dependencies
+import { fileURLToPath } from "node:url";
+import path from "node:path";
+import fs from "node:fs/promises";
+import { afterEach, describe, it } from "node:test";
+import assert from "node:assert";
+import { stripVTControlCharacters } from "node:util";
+
+// Import Internal Dependencies
+import { filterProcessStdout } from "../helpers/reportCommandRunner.js";
+import * as CONSTANTS from "../../src/constants.js";
+
+// CONSTANTS
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const kProcessDir = path.join(__dirname, "../..");
+
+describe("Report execute command", () => {
+  afterEach(async() => await fs.rm(CONSTANTS.DIRS.CLONES, {
+    recursive: true, force: true
+  }));
+
+  it("should execute command on fixture '.nodesecurerc'", async() => {
+    const options = {
+      cmd: "node",
+      args: ["dist/bin/index.js", "execute"],
+      cwd: kProcessDir
+    };
+
+    function byMessage(buffer) {
+      const message = ".*";
+      const afterNonAlphaNum = String.raw`?<=[^a-zA-Z\d\s:]\s`;
+      const beforeTime = String.raw`?=\s\d{1,5}.\d{1,4}ms`;
+      const withoutDuplicates = String.raw`(?![\s\S]*\1)`;
+
+      const matchMessage = `(${afterNonAlphaNum})(${message})(${beforeTime})|(${afterNonAlphaNum})(${message})`;
+      const reg = new RegExp(`(${matchMessage})${withoutDuplicates}`, "g");
+
+      const matchedMessages = stripVTControlCharacters(buffer.toString()).match(reg);
+
+      return matchedMessages ?? [""];
+    }
+
+    const expectedLines = [
+      `Executing nreport at: ${kProcessDir}`,
+      "title: Default report title",
+      "reporters: html,pdf",
+      "[Fetcher: NPM] - Fetching NPM packages metadata on the NPM Registry",
+      "",
+      "[Fetcher: NPM] - successfully executed in",
+      "[Fetcher: GIT] - Cloning GIT repositories",
+      "[Fetcher: GIT] - Fetching repositories metadata on the NPM Registry",
+      "[Fetcher: GIT] - successfully executed in",
+      "[Reporter: HTML] - Building template and assets",
+      "[Reporter: HTML] - successfully executed in",
+      "[Reporter: PDF] - Using puppeteer to convert HTML content to PDF",
+      "[Reporter: PDF] - successfully executed in",
+      "Security report successfully generated! Enjoy 🚀."
+    ];
+
+    const actualLines = await filterProcessStdout(options, byMessage);
+    assert.deepEqual(actualLines, expectedLines, "we are expecting these lines");
+  });
+});
diff --git a/test/commands/initialize.e2e-spec.ts b/test/commands/initialize.e2e-spec.ts
@@ -0,0 +1,50 @@
+// Import Node.js Dependencies
+import { fileURLToPath } from "node:url";
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import { before, describe, it } from "node:test";
+import assert from "node:assert";
+import { stripVTControlCharacters } from "node:util";
+
+// Import Internal Dependencies
+import { runProcess } from "../helpers/reportCommandRunner.js";
+
+// CONSTANTS
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const kBinDir = path.join(__dirname, "../..", "dist/bin/index.js");
+const kProcessDir = os.tmpdir();
+const kConfigFilePath = path.join(kProcessDir, ".nodesecurerc");
+
+describe("Report init command if config does not exists", () => {
+  before(() => {
+    if (fs.existsSync(kConfigFilePath)) {
+      fs.unlinkSync(kConfigFilePath);
+    }
+  });
+
+  it("should create config if not exists", async() => {
+    const lines = [
+      /.*/,
+      / > Executing nreport at: .*$/,
+      /.*/,
+      /Successfully generated NodeSecure runtime configuration at current location/,
+      /.*/
+    ];
+
+    const processOptions = {
+      cmd: "node",
+      args: [kBinDir, "initialize"],
+      cwd: kProcessDir
+    };
+
+    for await (const line of runProcess(processOptions)) {
+      const regexp = lines.shift();
+      assert.ok(regexp, "we are expecting this line");
+      assert.ok(regexp.test(stripVTControlCharacters(line)), `line (${line}) matches ${regexp}`);
+    }
+
+    // to prevent false positive if no lines have been emitted from process
+    assert.equal(lines.length, 0);
+  });
+});
diff --git a/test/fixtures/.nodesecurerc b/test/fixtures/.nodesecurerc
@@ -0,0 +1,42 @@
+{
+  "version": "1.0.0",
+  "i18n": "english",
+  "strategy": "github-advisory",
+  "registry": "https://registry.npmjs.org",
+  "report": {
+    "theme": "light",
+    "includeTransitiveInternal": false,
+    "reporters": [
+      "html",
+      "pdf"
+    ],
+    "charts": [
+      {
+        "name": "Extensions",
+        "display": true,
+        "interpolation": "d3.interpolateRainbow",
+        "type": "bar"
+      },
+      {
+        "name": "Licenses",
+        "display": true,
+        "interpolation": "d3.interpolateCool",
+        "type": "bar"
+      },
+      {
+        "name": "Warnings",
+        "display": true,
+        "type": "horizontalBar",
+        "interpolation": "d3.interpolateInferno"
+      },
+      {
+        "name": "Flags",
+        "display": true,
+        "type": "horizontalBar",
+        "interpolation": "d3.interpolateSinebow"
+      }
+    ],
+    "title": "Default report title",
+    "showFlags": true
+  }
+}
diff --git a/test/helpers/reportCommandRunner.ts b/test/helpers/reportCommandRunner.ts
@@ -0,0 +1,54 @@
+// Import Node.js Dependencies
+import { ChildProcess, spawn } from "node:child_process";
+import { createInterface } from "node:readline";
+import { stripVTControlCharacters } from "node:util";
+
+export async function* runProcess(options) {
+  const childProcess = spawnedProcess(options);
+  try {
+    if (!childProcess.stdout) {
+      return;
+    }
+
+    const rStream = createInterface(childProcess.stdout);
+
+    for await (const line of rStream) {
+      yield stripVTControlCharacters(line);
+    }
+  }
+  finally {
+    childProcess.kill();
+  }
+}
+
+export function filterProcessStdout(options, filter): Promise<string[]> {
+  const { resolve, reject, promise } = Promise.withResolvers<string[]>();
+
+  const childProcess = spawnedProcess(options);
+  const output = new Set<string>();
+
+  childProcess.stdout?.on("data", (buffer) => {
+    filter(buffer).forEach((filteredData) => {
+      output.add(filteredData);
+    });
+  });
+
+  childProcess.on("close", () => {
+    resolve(Array.from(output));
+  });
+
+  childProcess.on("error", (err) => {
+    reject(err);
+  });
+
+  return promise;
+}
+
+function spawnedProcess(options): ChildProcess {
+  const { cmd, args = [], cwd = process.cwd() } = options;
+
+  return spawn(cmd, args, {
+    stdio: ["ignore", "pipe", "pipe", "ipc"],
+    cwd
+  });
+}
