test: add send audit idempotency diagnostics

This commit is contained in:
zhaoyilun
2026-07-10 20:28:13 +08:00
parent dadf42817c
commit 2a7087218b
6 changed files with 279 additions and 7 deletions

View File

@@ -170,7 +170,7 @@ git push gitea main
- Consumes: `ISPHERE_SEND_AUDIT_PATH`, `ISPHERE_SEND_IDEMPOTENCY_PATH`.
- Produces script output keys: `audit_records`, `idempotency_records`, `duplicate_detected`, `conflict_detected`, `raw_body_present`, `raw_idempotency_key_present`.
- [ ] **Step 1: Write fixture test script**
- [x] **Step 1: Write fixture test script**
`scripts/test-verify-send-audit-idempotency.ps1` creates temporary JSONL audit/idempotency files with one normal record, one duplicate, and one conflict.
@@ -180,7 +180,7 @@ powershell -NoProfile -ExecutionPolicy Bypass -File scripts\test-verify-send-aud
Expected before implementation: FAIL because `verify-send-audit-idempotency.ps1` does not exist.
- [ ] **Step 2: Implement diagnostic script**
- [x] **Step 2: Implement diagnostic script**
`scripts/verify-send-audit-idempotency.ps1` accepts:
@@ -193,11 +193,11 @@ param(
It prints sanitized JSON with counts and booleans only; it exits non-zero if raw `content_text` or raw `idempotency_key` appears.
- [ ] **Step 3: Add tool-level test for audit redaction regression**
- [x] **Step 3: Add tool-level test for audit redaction regression**
Add `TestISphereSendMessageAuditRedactionIsStable` asserting JSONL audit files do not contain the submitted message body or raw idempotency key.
- [ ] **Step 4: Verify and commit**
- [x] **Step 4: Verify and commit**
```powershell
git diff --check
@@ -213,6 +213,14 @@ git push gitea main
**Acceptance gate:** Diagnostics can prove audit/idempotency shape without opening iSphere.
**R6g Result:**
- Added `scripts/test-verify-send-audit-idempotency.ps1` and confirmed the red test failed before the verifier existed.
- Added `scripts/verify-send-audit-idempotency.ps1` to summarize redacted audit/idempotency JSONL files with sanitized counts and booleans.
- Diagnostic detects duplicate same-key/same-target/content replay, conflict same-key/different-content replay, and raw field leaks.
- Added `TestISphereSendMessageAuditRedactionIsStable` to prove file-backed audit JSONL does not store raw message body or raw idempotency key.
- No iSphere login, real send, helper action, hook, upload, or network replay was introduced.
---
### R6h: Central production gate policy for send message