ahmido
92704a2f7e
Implements Spec 118 baseline drift engine improvements: - Resumable, budget-aware evidence capture for baseline capture/compare runs (resume token + UI action) - “Why no findings?” reason-code driven explanations and richer run context panels - Baseline Snapshot resource (list/detail) with fidelity visibility - Retention command + schedule for pruning baseline-purpose PolicyVersions - i18n strings for Baseline Compare landing Verification: - `vendor/bin/sail bin pint --dirty --format agent` - `vendor/bin/sail artisan test --compact --filter=Baseline` (159 passed) Note: - `docs/audits/redaction-audit-2026-03-04.md` left untracked (not part of PR). Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #143
32 lines
994 B
PHP
32 lines
994 B
PHP
<?php
|
|
|
|
use App\Support\Baselines\BaselineEvidenceResumeToken;
|
|
|
|
it('encodes and decodes resume token state deterministically', function (): void {
|
|
$state = [
|
|
'offset' => 12,
|
|
'note' => 'opaque to callers',
|
|
];
|
|
|
|
$token = BaselineEvidenceResumeToken::encode($state);
|
|
|
|
expect($token)->toBeString();
|
|
expect($token)->not->toContain('+');
|
|
expect($token)->not->toContain('/');
|
|
expect($token)->not->toContain('=');
|
|
|
|
$decoded = BaselineEvidenceResumeToken::decode($token);
|
|
|
|
expect($decoded)->toBe($state);
|
|
});
|
|
|
|
it('returns null for invalid resume tokens', function (): void {
|
|
expect(BaselineEvidenceResumeToken::decode(''))->toBeNull();
|
|
expect(BaselineEvidenceResumeToken::decode('not-base64url'))->toBeNull();
|
|
|
|
$payload = json_encode(['v' => 999, 'state' => ['offset' => 1]], JSON_THROW_ON_ERROR);
|
|
$token = rtrim(strtr(base64_encode($payload), '+/', '-_'), '=');
|
|
|
|
expect(BaselineEvidenceResumeToken::decode($token))->toBeNull();
|
|
});
|