test: expand unit test coverage across utils, APIs, and services (#934)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: PeterDaveHello

src/background/index.mjs

@@ -56,6 +56,7 @@ import { generateAnswersWithMoonshotCompletionApi } from '../services/apis/moons
 import { generateAnswersWithMoonshotWebApi } from '../services/apis/moonshot-web.mjs'
 import { isUsingModelName } from '../utils/model-name-convert.mjs'
 import { generateAnswersWithDeepSeekApi } from '../services/apis/deepseek-api.mjs'
+import { redactSensitiveFields } from './redact.mjs'
 
 const RECONNECT_CONFIG = {
   MAX_ATTEMPTS: 5,
@@ -64,80 +65,6 @@ const RECONNECT_CONFIG = {
   STABLE_CONNECT_RESET_DELAY_MS: 3000, // Reset retries only after connection stays stable
 }
 
-const SENSITIVE_KEYWORDS = [
-  'apikey', // Covers apiKey, customApiKey, claudeApiKey, etc.
-  'token', // Covers accessToken, refreshToken, etc.
-  'secret',
-  'password',
-  'kimimoonshotrefreshtoken',
-  'credential',
-  'jwt',
-  'session',
-]
-
-function isPromptOrSelectionLikeKey(lowerKey) {
-  const normalizedKey = lowerKey.replace(/[^a-z0-9]/g, '')
-  return (
-    normalizedKey.endsWith('question') ||
-    normalizedKey.endsWith('prompt') ||
-    normalizedKey.endsWith('query') ||
-    normalizedKey === 'selection' ||
-    normalizedKey === 'selectiontext'
-  )
-}
-
-function redactSensitiveFields(obj, recursionDepth = 0, maxDepth = 5, seen = new WeakSet()) {
-  if (recursionDepth > maxDepth) {
-    // Prevent infinite recursion on circular objects or excessively deep structures
-    return 'REDACTED_TOO_DEEP'
-  }
-  if (obj === null || typeof obj !== 'object') {
-    return obj
-  }
-
-  if (seen.has(obj)) {
-    return 'REDACTED_CIRCULAR_REFERENCE'
-  }
-  seen.add(obj)
-
-  if (Array.isArray(obj)) {
-    const redactedArray = []
-    for (let i = 0; i < obj.length; i++) {
-      const item = obj[i]
-      if (item !== null && typeof item === 'object') {
-        redactedArray[i] = redactSensitiveFields(item, recursionDepth + 1, maxDepth, seen)
-      } else {
-        redactedArray[i] = item
-      }
-    }
-    return redactedArray
-  }
-
-  const redactedObj = {}
-  for (const key in obj) {
-    if (Object.prototype.hasOwnProperty.call(obj, key)) {
-      const lowerKey = key.toLowerCase()
-      let isKeySensitive = isPromptOrSelectionLikeKey(lowerKey)
-      if (!isKeySensitive) {
-        for (const keyword of SENSITIVE_KEYWORDS) {
-          if (lowerKey.includes(keyword)) {
-            isKeySensitive = true
-            break
-          }
-        }
-      }
-      if (isKeySensitive) {
-        redactedObj[key] = 'REDACTED'
-      } else if (obj[key] !== null && typeof obj[key] === 'object') {
-        redactedObj[key] = redactSensitiveFields(obj[key], recursionDepth + 1, maxDepth, seen)
-      } else {
-        redactedObj[key] = obj[key]
-      }
-    }
-  }
-  return redactedObj
-}
-
 function setPortProxy(port, proxyTabId) {
   try {
     console.debug(`[background] Attempting to connect to proxy tab: ${proxyTabId}`)

src/background/redact.mjs

@@ -0,0 +1,74 @@
+const SENSITIVE_KEYWORDS = [
+  'apikey', // Covers apiKey, customApiKey, claudeApiKey, etc.
+  'token', // Covers accessToken, refreshToken, etc.
+  'secret',
+  'password',
+  'kimimoonshotrefreshtoken',
+  'credential',
+  'jwt',
+  'session',
+]
+
+export function isPromptOrSelectionLikeKey(lowerKey) {
+  lowerKey = lowerKey.toLowerCase()
+  const normalizedKey = lowerKey.replace(/[^a-z0-9]/g, '')
+  return (
+    normalizedKey.endsWith('question') ||
+    normalizedKey.endsWith('prompt') ||
+    normalizedKey.endsWith('query') ||
+    normalizedKey === 'selection' ||
+    normalizedKey === 'selectiontext'
+  )
+}
+
+export function redactSensitiveFields(obj, recursionDepth = 0, maxDepth = 5, seen = new WeakSet()) {
+  if (recursionDepth > maxDepth) {
+    // Prevent infinite recursion on circular objects or excessively deep structures
+    return 'REDACTED_TOO_DEEP'
+  }
+  if (obj === null || typeof obj !== 'object') {
+    return obj
+  }
+
+  if (seen.has(obj)) {
+    return 'REDACTED_CIRCULAR_REFERENCE'
+  }
+  seen.add(obj)
+
+  if (Array.isArray(obj)) {
+    const redactedArray = []
+    for (let i = 0; i < obj.length; i++) {
+      const item = obj[i]
+      if (item !== null && typeof item === 'object') {
+        redactedArray[i] = redactSensitiveFields(item, recursionDepth + 1, maxDepth, seen)
+      } else {
+        redactedArray[i] = item
+      }
+    }
+    return redactedArray
+  }
+
+  const redactedObj = {}
+  for (const key in obj) {
+    if (Object.prototype.hasOwnProperty.call(obj, key)) {
+      const lowerKey = key.toLowerCase()
+      let isKeySensitive = isPromptOrSelectionLikeKey(lowerKey)
+      if (!isKeySensitive) {
+        for (const keyword of SENSITIVE_KEYWORDS) {
+          if (lowerKey.includes(keyword)) {
+            isKeySensitive = true
+            break
+          }
+        }
+      }
+      if (isKeySensitive) {
+        redactedObj[key] = 'REDACTED'
+      } else if (obj[key] !== null && typeof obj[key] === 'object') {
+        redactedObj[key] = redactSensitiveFields(obj[key], recursionDepth + 1, maxDepth, seen)
+      } else {
+        redactedObj[key] = obj[key]
+      }
+    }
+  }
+  return redactedObj
+}

src/services/apis/custom-api.mjs

@@ -76,20 +76,20 @@ export async function generateAnswersWithCustomApi(
 
       if (data.response) answer = data.response
       else {
-        const delta = data.choices[0]?.delta?.content
-        const content = data.choices[0]?.message?.content
-        const text = data.choices[0]?.text
+        const delta = data.choices?.[0]?.delta?.content
+        const content = data.choices?.[0]?.message?.content
+        const text = data.choices?.[0]?.text
         if (delta !== undefined) {
           answer += delta
-        } else if (content) {
+        } else if (typeof content === 'string') {
           answer = content
         } else if (text) {
           answer += text
         }
       }
       port.postMessage({ answer: answer, done: false, session: null })
 
-      if (data.choices[0]?.finish_reason) {
+      if (data.choices?.[0]?.finish_reason) {
         finish()
         return
       }

tests/setup/jsx-loader-hooks.mjs

@@ -0,0 +1,59 @@
+// ESM loader hooks that transform .mjs files containing JSX via esbuild
+// and provide CJS-to-ESM interop for packages that need it.
+// Register with: module.register('./tests/setup/jsx-loader-hooks.mjs', import.meta.url)
+import { readFile } from 'node:fs/promises'
+import { fileURLToPath } from 'node:url'
+import { createRequire } from 'node:module'
+
+const JSX_RE = /<[A-Z][A-Za-z0-9]*[\s/>]/
+
+// CJS packages that need named-export re-exporting for ESM consumers.
+const CJS_REEXPORT = new Set(['countries-list'])
+
+export async function load(url, context, nextLoad) {
+  // Handle CJS packages that lack ESM named exports
+  for (const pkg of CJS_REEXPORT) {
+    if (url.includes(`/node_modules/${pkg}/`)) {
+      const require = createRequire(url)
+      const mod = require(pkg)
+      const IDENT_RE = /^[a-zA-Z_$][a-zA-Z0-9_$]*$/
+      const names = Object.keys(mod).filter((k) => k !== 'default' && k !== '__esModule')
+      const used = new Set()
+      const toSafe = (k) => {
+        let s = k.replace(/[^a-zA-Z0-9_$]/g, '_')
+        if (/^[0-9]/.test(s)) s = '_' + s
+        while (used.has(s)) s = '_' + s
+        used.add(s)
+        return s
+      }
+      const src = [
+        `import { createRequire as _cr } from 'node:module';`,
+        `const _req = _cr(${JSON.stringify(url)});`,
+        `const _mod = _req(${JSON.stringify(pkg)});`,
+        ...names.map((n) => {
+          const id = IDENT_RE.test(n) ? n : toSafe(n)
+          return `export const ${id} = _mod[${JSON.stringify(n)}];`
+        }),
+        `export default _mod;`,
+      ].join('\n')
+      return { shortCircuit: true, format: 'module', source: src }
+    }
+  }
+
+  // Transform source .mjs files that contain JSX
+  if (url.startsWith('file://') && url.endsWith('.mjs') && !url.includes('node_modules')) {
+    const filePath = fileURLToPath(url)
+    const source = await readFile(filePath, 'utf8')
+    if (JSX_RE.test(source)) {
+      const esbuild = await import('esbuild')
+      const result = await esbuild.transform(source, {
+        loader: 'jsx',
+        jsx: 'automatic',
+        jsxImportSource: 'preact',
+      })
+      return { shortCircuit: true, format: 'module', source: result.code }
+    }
+  }
+
+  return nextLoad(url, context)
+}

tests/unit/background/redact.test.mjs

@@ -0,0 +1,110 @@
+import assert from 'node:assert/strict'
+import { describe, test } from 'node:test'
+import {
+  redactSensitiveFields,
+  isPromptOrSelectionLikeKey,
+} from '../../../src/background/redact.mjs'
+
+describe('redactSensitiveFields', () => {
+  test('redacts keys containing sensitive keywords', () => {
+    const input = {
+      apiKey: 'sk-1234',
+      accessToken: 'tok-abc',
+      secret: 'shh',
+      password: 'hunter2',
+      credential: 'cred-value',
+      jwt: 'eyJ...',
+      session: 'sess-xyz',
+      kimimoonshotrefreshtoken: 'refresh-val',
+    }
+    const result = redactSensitiveFields(input)
+    for (const key of Object.keys(input)) {
+      assert.equal(result[key], 'REDACTED', `expected ${key} to be redacted`)
+    }
+  })
+
+  test('preserves non-sensitive keys', () => {
+    const input = { name: 'Alice', age: 30, enabled: true }
+    const result = redactSensitiveFields(input)
+    assert.deepEqual(result, { name: 'Alice', age: 30, enabled: true })
+  })
+
+  test('handles nested objects', () => {
+    const input = {
+      user: { name: 'Bob', apiKey: 'sk-nested' },
+      count: 5,
+    }
+    const result = redactSensitiveFields(input)
+    assert.equal(result.user.name, 'Bob')
+    assert.equal(result.user.apiKey, 'REDACTED')
+    assert.equal(result.count, 5)
+  })
+
+  test('handles arrays with mixed objects', () => {
+    const input = [{ name: 'a', token: 'tok1' }, 'plain-string', 42, { password: 'pw', safe: true }]
+    const result = redactSensitiveFields(input)
+    assert.ok(Array.isArray(result))
+    assert.equal(result[0].name, 'a')
+    assert.equal(result[0].token, 'REDACTED')
+    assert.equal(result[1], 'plain-string')
+    assert.equal(result[2], 42)
+    assert.equal(result[3].password, 'REDACTED')
+    assert.equal(result[3].safe, true)
+  })
+
+  test('respects maxDepth', () => {
+    const deep = { a: { b: { c: { d: 'value' } } } }
+    const result = redactSensitiveFields(deep, 0, 2)
+    assert.equal(result.a.b.c, 'REDACTED_TOO_DEEP')
+  })
+
+  test('handles null and primitive inputs', () => {
+    assert.equal(redactSensitiveFields(null), null)
+    assert.equal(redactSensitiveFields(42), 42)
+    assert.equal(redactSensitiveFields('hello'), 'hello')
+    assert.equal(redactSensitiveFields(undefined), undefined)
+  })
+
+  test('handles circular references', () => {
+    const obj = { name: 'root' }
+    obj.self = obj
+    const result = redactSensitiveFields(obj)
+    assert.equal(result.name, 'root')
+    assert.equal(result.self, 'REDACTED_CIRCULAR_REFERENCE')
+  })
+
+  test('redacts prompt/selection-like keys via isPromptOrSelectionLikeKey integration', () => {
+    const input = {
+      prompt: 'secret input',
+      userQuestion: 'what is X?',
+      selection: 'highlighted text',
+      name: 'safe',
+    }
+    const result = redactSensitiveFields(input)
+    assert.equal(result.prompt, 'REDACTED')
+    assert.equal(result.userQuestion, 'REDACTED')
+    assert.equal(result.selection, 'REDACTED')
+    assert.equal(result.name, 'safe')
+  })
+})
+
+describe('isPromptOrSelectionLikeKey', () => {
+  test('matches prompt/selection-related keys', () => {
+    assert.ok(isPromptOrSelectionLikeKey('question'))
+    assert.ok(isPromptOrSelectionLikeKey('prompt'))
+    assert.ok(isPromptOrSelectionLikeKey('query'))
+    assert.ok(isPromptOrSelectionLikeKey('selection'))
+    assert.ok(isPromptOrSelectionLikeKey('selectiontext'))
+    assert.ok(isPromptOrSelectionLikeKey('systemprompt'))
+    assert.ok(isPromptOrSelectionLikeKey('user_question'))
+    assert.ok(isPromptOrSelectionLikeKey('searchquery'))
+  })
+
+  test('rejects unrelated keys', () => {
+    assert.ok(!isPromptOrSelectionLikeKey('name'))
+    assert.ok(!isPromptOrSelectionLikeKey('apikey'))
+    assert.ok(!isPromptOrSelectionLikeKey('enabled'))
+    assert.ok(!isPromptOrSelectionLikeKey('count'))
+    assert.ok(!isPromptOrSelectionLikeKey('model'))
+  })
+})