Found during v0.7.1 release review (Tech Lead persona).
PR #820 added several build-time defenses in packages/opencode/script/build.ts:
- Empty-targets guard (
build.ts:196-206) — --target-index=99 or a --targets= flag that matches nothing now exits 1 instead of producing zero artifacts silently.
- musl-host
--single guard (build.ts:208-226) — refuses to build the glibc target on an Alpine/musl host where the resulting binary can't run.
_requiredExports regex extraction — captures upstream NAPI-RS loader format. v0.7.1 added a JSON.parse + shape-check on the captured literal, but no test exercises the regex against a real upstream loader fixture.
None of these defenses have a test today. v0.7.1's adversarial test covers runtime invariants (hermetic startup, .node count via strings), not the build-time decision points above.
Acceptance
A new test file packages/opencode/test/install/build-guards.test.ts (or similar) that:
- Asserts
bun run script/build.ts --target-index=999 exits non-zero with a message that names the cause.
- Asserts
bun run script/build.ts --single on a host that looks like musl (mockable via env var or fixture) exits non-zero with a message naming apk add gcompat.
- Loads a copy of upstream NAPI-RS's loader format (committed as a fixture under
test/install/fixtures/) and asserts the regex extracts a valid string array. Updates whenever altimate-core upgrades.
- Asserts a tampered fixture (
_requiredExports = ["x"]; phoneHome(); const _foo = [) is rejected by the JSON.parse + shape-check added in v0.7.1.
Why this isn't in v0.7.1
Each test requires standing up a build-script invocation harness that doesn't exist today. The scope-disciplined v0.7.1 release added the adversarial runtime tests but deferred build-time test infra to a focused PR.
Found during v0.7.1 release review (Tech Lead persona).
PR #820 added several build-time defenses in
packages/opencode/script/build.ts:build.ts:196-206) —--target-index=99or a--targets=flag that matches nothing now exits 1 instead of producing zero artifacts silently.--singleguard (build.ts:208-226) — refuses to build the glibc target on an Alpine/musl host where the resulting binary can't run._requiredExportsregex extraction — captures upstream NAPI-RS loader format. v0.7.1 added a JSON.parse + shape-check on the captured literal, but no test exercises the regex against a real upstream loader fixture.None of these defenses have a test today. v0.7.1's adversarial test covers runtime invariants (hermetic startup,
.nodecount viastrings), not the build-time decision points above.Acceptance
A new test file
packages/opencode/test/install/build-guards.test.ts(or similar) that:bun run script/build.ts --target-index=999exits non-zero with a message that names the cause.bun run script/build.ts --singleon a host that looks like musl (mockable via env var or fixture) exits non-zero with a message namingapk add gcompat.test/install/fixtures/) and asserts the regex extracts a valid string array. Updates whenever altimate-core upgrades._requiredExports = ["x"]; phoneHome(); const _foo = [) is rejected by the JSON.parse + shape-check added in v0.7.1.Why this isn't in v0.7.1
Each test requires standing up a build-script invocation harness that doesn't exist today. The scope-disciplined v0.7.1 release added the adversarial runtime tests but deferred build-time test infra to a focused PR.