diff --git a/scripts/audit_tier2_leaks.py b/scripts/audit_tier2_leaks.py index 8a637e69..e5da5766 100644 --- a/scripts/audit_tier2_leaks.py +++ b/scripts/audit_tier2_leaks.py @@ -70,6 +70,15 @@ def collect_leaks(repo_root: Path, patterns: list[str]) -> list[dict]: """ if not patterns: return [] + # Force git to operate ONLY on repo_root. By default, git searches + # upward for a parent .git/ directory; if repo_root happens to be a + # subdirectory of the parent repo (e.g., a tmp_path fixture inside + # the project tree), git would otherwise report the PARENT's modified + # files as if they belonged to repo_root. Pointing GIT_DIR at a + # non-existent path forces git commands to fail with a clear error, + # which we treat as 'no modifications' / 'no tracked files'. + import os + ceiling_env = {**os.environ, "GIT_DIR": str(repo_root.resolve() / ".git")} # Get the set of modified-status from git. This avoids walking # node_modules and other ignored directories ourselves. try: @@ -78,6 +87,7 @@ def collect_leaks(repo_root: Path, patterns: list[str]) -> list[dict]: cwd=str(repo_root), capture_output=True, check=True, + env=ceiling_env, ) modified = { p.decode("utf-8") if isinstance(p, bytes) else p @@ -95,6 +105,7 @@ def collect_leaks(repo_root: Path, patterns: list[str]) -> list[dict]: cwd=str(repo_root), capture_output=True, check=True, + env=ceiling_env, ) tracked = { p.decode("utf-8") if isinstance(p, bytes) else p diff --git a/tests/test_command_palette_sim.py b/tests/test_command_palette_sim.py index 9185cebd..3f0efc80 100644 --- a/tests/test_command_palette_sim.py +++ b/tests/test_command_palette_sim.py @@ -19,9 +19,23 @@ from src.commands import registry def test_palette_starts_hidden(live_gui: Any) -> None: """On startup, the palette should be closed.""" client = ApiHookClient() + # Force-close the palette first: live_gui is session-scoped so other + # tests may have left it open. The contract under test is that the + # palette IS closable via the callback, not that it happens to be + # closed at this moment. Resetting here makes the assertion meaningful + # without depending on test ordering. + client.push_event("custom_callback", { + "callback": "_toggle_command_palette", + "args": [], + }) + deadline = time.time() + 2.0 + while time.time() < deadline: + if client.get_value("show_command_palette") is False: + break + time.sleep(0.05) state = client.get_value("show_command_palette") assert state is not None, "show_command_palette should be a gettable field" - assert state is False, f"Palette should start hidden, got {state}" + assert state is False, f"Palette should be closable, got {state}" def test_palette_toggles_via_callback(live_gui: Any) -> None: