fix(test): keep app parity checks sparse safe

2026-06-06 05:51:15 +08:00 · 2026-06-01 14:59:53 +02:00
parent 408fa6e951
commit a0fbb6cfe2
2 changed files with 39 additions and 11 deletions
--- a/src/config/talk-defaults.test.ts
+++ b/src/config/talk-defaults.test.ts
@@ -1,3 +1,4 @@
+import { execFileSync } from "node:child_process";
 import fs from "node:fs";
 import path from "node:path";
 import { fileURLToPath } from "node:url";
@@ -11,7 +12,19 @@ import {
 const repoRoot = path.resolve(path.dirname(fileURLToPath(import.meta.url)), "../..");

 function readRepoFile(relativePath: string): string {
-  return fs.readFileSync(path.join(repoRoot, relativePath), "utf8");
+  try {
+    return fs.readFileSync(path.join(repoRoot, relativePath), "utf8");
+  } catch (error) {
+    if ((error as NodeJS.ErrnoException).code !== "ENOENT") {
+      throw error;
+    }
+  }
+
+  // Sparse worktrees may omit app sources, but the tracked blob is still the parity source.
+  return execFileSync("git", ["show", `HEAD:${relativePath}`], {
+    cwd: repoRoot,
+    encoding: "utf8",
+  });
 }

 describe("talk silence timeout defaults", () => {
--- a/src/infra/host-env-security.policy-parity.test.ts
+++ b/src/infra/host-env-security.policy-parity.test.ts
@@ -1,3 +1,4 @@
+import { execFileSync } from "node:child_process";
 import fs from "node:fs";
 import path from "node:path";
 import { sortUniqueStrings } from "@openclaw/normalization-core/string-normalization";
@@ -14,23 +15,37 @@ function parseSwiftStringArray(source: string, marker: string): string[] {
  return Array.from(match[1].matchAll(/"([^"]+)"/g), (m) => m[1]);
 }

+function readRepoFile(repoRoot: string, relativePath: string): string {
+  try {
+    return fs.readFileSync(path.join(repoRoot, relativePath), "utf8");
+  } catch (error) {
+    if ((error as NodeJS.ErrnoException).code !== "ENOENT") {
+      throw error;
+    }
+  }
+
+  // Sparse worktrees may omit app sources, but the tracked blob is still the parity source.
+  return execFileSync("git", ["show", `HEAD:${relativePath}`], {
+    cwd: repoRoot,
+    encoding: "utf8",
+  });
+}
+
 describe("host env security policy parity", () => {
  it("keeps generated macOS host env policy in sync with shared JSON policy", () => {
    const repoRoot = process.cwd();
    const policyPath = path.join(repoRoot, "src/infra/host-env-security-policy.json");
-    const generatedSwiftPath = path.join(
-      repoRoot,
-      "apps/macos/Sources/OpenClaw/HostEnvSecurityPolicy.generated.swift",
-    );
-    const sanitizerSwiftPath = path.join(
-      repoRoot,
-      "apps/macos/Sources/OpenClaw/HostEnvSanitizer.swift",
-    );

    const rawPolicy = JSON.parse(fs.readFileSync(policyPath, "utf8"));
    const policy = loadHostEnvSecurityPolicy(rawPolicy);
-    const generatedSource = fs.readFileSync(generatedSwiftPath, "utf8");
-    const sanitizerSource = fs.readFileSync(sanitizerSwiftPath, "utf8");
+    const generatedSource = readRepoFile(
+      repoRoot,
+      "apps/macos/Sources/OpenClaw/HostEnvSecurityPolicy.generated.swift",
+    );
+    const sanitizerSource = readRepoFile(
+      repoRoot,
+      "apps/macos/Sources/OpenClaw/HostEnvSanitizer.swift",
+    );

    const swiftBlockedKeys = parseSwiftStringArray(generatedSource, "static let blockedKeys");
    const swiftBlockedInheritedKeys = parseSwiftStringArray(