ahmido
92704a2f7e
Implements Spec 118 baseline drift engine improvements: - Resumable, budget-aware evidence capture for baseline capture/compare runs (resume token + UI action) - “Why no findings?” reason-code driven explanations and richer run context panels - Baseline Snapshot resource (list/detail) with fidelity visibility - Retention command + schedule for pruning baseline-purpose PolicyVersions - i18n strings for Baseline Compare landing Verification: - `vendor/bin/sail bin pint --dirty --format agent` - `vendor/bin/sail artisan test --compact --filter=Baseline` (159 passed) Note: - `docs/audits/redaction-audit-2026-03-04.md` left untracked (not part of PR). Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #143
32 lines
985 B
PHP
32 lines
985 B
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
it('prevents legacy fingerprinting/compare helpers from re-entering baseline orchestration (Spec 118)', function (): void {
|
|
$forbiddenTokens = [
|
|
'PolicyNormalizer',
|
|
'VersionDiff',
|
|
'flattenForDiff',
|
|
'SettingsNormalizer',
|
|
'ScopeTagsNormalizer',
|
|
'->hashNormalized(',
|
|
'::hashNormalized(',
|
|
];
|
|
|
|
$compareJob = file_get_contents(base_path('app/Jobs/CompareBaselineToTenantJob.php'));
|
|
expect($compareJob)->toBeString();
|
|
expect($compareJob)->toContain('CurrentStateHashResolver');
|
|
|
|
foreach ($forbiddenTokens as $token) {
|
|
expect($compareJob)->not->toContain($token);
|
|
}
|
|
|
|
$captureJob = file_get_contents(base_path('app/Jobs/CaptureBaselineSnapshotJob.php'));
|
|
expect($captureJob)->toBeString();
|
|
expect($captureJob)->toContain('CurrentStateHashResolver');
|
|
|
|
foreach ($forbiddenTokens as $token) {
|
|
expect($captureJob)->not->toContain($token);
|
|
}
|
|
});
|