test: vitest unit suite for binding-independent surfaces (test-leg slice 1)#168
Merged
liplus-lin-lay merged 1 commit intoJun 21, 2026
Conversation
Restore the missing CI test leg (#165), first slice: the surfaces that run without Cloudflare Workers bindings, so no test-harness decision is needed yet. Adds vitest + `npm test`, wires it into CI, and covers: - vector-id: determinism, per-surface prefix, 64-byte cap, NUL-join collision resistance (known-answer vectors) - hash: computeBodyHash / sha256Hex / base64UrlEncode (known-answer) + truncation - ingest-filter: isBotSender / isBodyTooShort boundaries - fts: toRankMap + reciprocalRankFusion (exact RRF scores, k, contributions, order) - webhook: verifyGitHubSignature against GitHub's published HMAC example vector While writing these, the signature check was found to use a non-constant-time comparison -> filed #167. Binding-dependent surfaces (D1/Vectorize/AI) remain in #165, gated on the harness choice. バインディング非依存のロジックに最小のテスト脚を敷いた。仕様書はあるのに照合する ものが無い状態を埋める最初の一枚で、known-answer ベクトルで公式を pin している。 Refs #165
Deploying with
|
| Status | Name | Latest Commit | Updated (UTC) |
|---|---|---|---|
| ✅ Deployment successful! View logs |
github-rag-mcp | c1cb3ad | Jun 21 2026, 01:05 AM |
liplus-lin-lay
commented
Jun 21, 2026
liplus-lin-lay
left a comment
Member
Author
There was a problem hiding this comment.
AI セルフレビュー (auto mode)
- ✅ CI 全 green(test = vitest 38 件 + schema-drift +
tsc --noEmit+ wrangler dry-run / Workers Builds)。ローカルでも同一シーケンスを事前確認済み。 - ✅
src/の Worker 本体コードは無変更。差分はテスト 5 ファイル +ci.yml(npm test追加)+package.json/lock(vitest devDep)のみ。挙動変更なし。 - ✅ known-answer は外部オラクル(GitHub 公式 HMAC サンプル、独立計算した sha256 / base64url)で pin。実装ミラーではないので tautological ではない。
- ✅ harness 選定を要する範囲には踏み込んでいない(バインディング非依存に限定)。#165 の残スコープは本文に明記。
⚠️ プロセス上の自己訂正: vector-id 区切りを当初 space と誤読し #166 を起票 → byte レベル確認で NUL(正しい) と判明、#166 をクローズし、テストを正の衝突耐性テストへ修正。known-answer テストの失敗が誤読を即座に捕捉した。誤りは残さず是正済み。- リリース種別: 本体無変更で patch 相当。ただし CI に vitest が増えるため、リリース要否・種別は Master 判断(本 PR では release しない)。
self-review pass。auto mode のため squash merge を実行。#165 は残スコープのため open 継続。
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
概要
#165(テスト脚の復元)の最初の一枚。Cloudflare Workers バインディング(D1/Vectorize/AI)非依存で node 上で回せるロジックに限定して、最小の unit テストを敷いた。harness 選定(
@cloudflare/vitest-pool-workersか miniflare)はバインディング依存テスト用の判断で、本 PR はそれを待たず進められる範囲。追加
vitestを devDependency に追加。npm test(=vitest run)を CI(ci.ymlの test ジョブ)へ組み込み。computeBodyHash/sha256Hex/base64UrlEncode(known-answer)+ embedding 入力の truncation・null 処理isBotSender([bot]suffix)/isBodyTooShort(floor=10 の境界)toRankMap+reciprocalRankFusion(RRF 公式1/(k+rank)、k、contributions の null、降順ソート)verifyGitHubSignatureを GitHub 公式の HMAC サンプルベクトルで検証副産物(このPRでは直さない)
verifyGitHubSignatureが===(定数時間でない)比較 → bug(webhook): verifyGitHubSignature uses non-constant-time string comparison #167 を起票。挙動は不変なので本テストはそのまま通る。影響範囲
src/の Worker 本体コードは無変更(テスト・CI・package のみ)。npm 公開パッケージ(mcp-server/)は不変。残(#165 に残置)
mcp-server)の PKCE も別スライス。Refs #165