test: add comprehensive regression tests for dependency constraint preservation

chrisbbreuer · chrisbbreuer · commit 390ca90ced0a · 2025-07-31T23:14:02.000-07:00
- Add regression tests for zip/unzip cross-contamination bug
- Test real-world scenario with mixed package updates
- Cover edge cases like packages with shared substrings (react/react-dom)
- Test packages with special characters in YAML format
- Validates that word boundary fix prevents package name confusion
- All 4 regression tests pass, ensuring the fix is working correctly

These tests will catch any future regressions in constraint preservation logic.
diff --git a/test/regression-deps-constraint.test.ts b/test/regression-deps-constraint.test.ts
@@ -0,0 +1,193 @@
+import type { PackageUpdate } from '../src/types'
+import { describe, expect, it } from 'bun:test'
+import { updateDependencyFile } from '../src/utils/dependency-file-parser'
+
+describe('Regression Test - Dependency Constraint Preservation', () => {
+  describe('zip/unzip cross-contamination bug', () => {
+    it('should preserve correct constraints for zip and unzip packages', async () => {
+      // This is the exact content from the stacks deps.yaml file
+      const content = `# Please note, this file is auto-generated based on your ./config & local environment.
+# It's recommended to keep it in your project's root directory, and to commit it.
+#
+# The framework understands your project's dependencies, knows which ones are
+# already installed in your environment, and which aren't — prompting
+# to automatically install missing dependencies when needed.
+#
+# To learn more, please visit:
+# https://stacksjs.org/docs/dependency-management
+
+dependencies:
+  aws/cli: ^2.22.26
+  bun: ^1.2.13
+  gh: ^2.69.0
+  zip: ^3.0
+  unzip: ^6.0
+  sqlite3: ^3.47.2
+  node: ^22.12.0 # only temporarily needed until bun & vue-tsc issue is resolved
+  # mailpit: ^1.21.8
+  # redis: ^7.4.1
+  # rust: ^1.74.1
+  # openjdk.org: ^21.0.3.6`
+
+      // These are the actual updates that would be generated by dependency resolution
+      const updates: PackageUpdate[] = [
+        {
+          name: 'zip',
+          currentVersion: '^3.0',
+          newVersion: '3.0.0',
+          updateType: 'patch',
+          dependencyType: 'dependencies',
+          file: 'deps.yaml',
+          metadata: undefined,
+        },
+        {
+          name: 'unzip',
+          currentVersion: '^6.0',
+          newVersion: '6.0.0',
+          updateType: 'patch',
+          dependencyType: 'dependencies',
+          file: 'deps.yaml',
+          metadata: undefined,
+        },
+      ]
+
+      const result = await updateDependencyFile('deps.yaml', content, updates)
+
+      // CRITICAL: These are the exact assertions that must pass to prevent regression
+      expect(result).toContain('zip: ^3.0.0')   // zip should be updated to ^3.0.0
+      expect(result).toContain('unzip: ^6.0.0') // unzip should be updated to ^6.0.0 (NOT ^3.0.0!)
+      
+      // Ensure no cross-contamination happened
+      expect(result).not.toContain('unzip: ^3.0.0') // This was the bug - unzip getting zip's version
+      expect(result).not.toMatch(/^\s*zip: \^6\.0\.0/m) // zip should not get unzip's version
+      
+      // Verify other packages remain unchanged
+      expect(result).toContain('aws/cli: ^2.22.26')
+      expect(result).toContain('bun: ^1.2.13')
+      expect(result).toContain('gh: ^2.69.0')
+      expect(result).toContain('sqlite3: ^3.47.2')
+      expect(result).toContain('node: ^22.12.0')
+    })
+
+    it('should handle mixed updates in real-world scenario', async () => {
+      const content = `dependencies:
+  aws/cli: ^2.22.26
+  bun: ^1.2.19
+  gh: ^2.76.1
+  zip: ^3.0
+  unzip: ^6.0
+  sqlite3: ^3.50.3
+  node: ^22.17.1`
+
+      // Simulate what happens when multiple packages get updated at once
+      const updates: PackageUpdate[] = [
+        {
+          name: 'aws/cli',
+          currentVersion: '^2.22.26',
+          newVersion: '2.27.60',
+          updateType: 'minor',
+          dependencyType: 'dependencies',
+          file: 'deps.yaml',
+          metadata: undefined,
+        },
+        {
+          name: 'bun',
+          currentVersion: '^1.2.19',
+          newVersion: '1.2.19',
+          updateType: 'patch',
+          dependencyType: 'dependencies',
+          file: 'deps.yaml',
+          metadata: undefined,
+        },
+        {
+          name: 'zip',
+          currentVersion: '^3.0',
+          newVersion: '3.0.0',
+          updateType: 'patch',
+          dependencyType: 'dependencies',
+          file: 'deps.yaml',
+          metadata: undefined,
+        },
+        {
+          name: 'unzip',
+          currentVersion: '^6.0',
+          newVersion: '6.0.0',
+          updateType: 'patch',
+          dependencyType: 'dependencies',
+          file: 'deps.yaml',
+          metadata: undefined,
+        },
+      ]
+
+      const result = await updateDependencyFile('deps.yaml', content, updates)
+
+      // This reproduces the exact scenario from the user's reported issue
+      expect(result).toContain('aws/cli: ^2.27.60')
+      expect(result).toContain('bun: ^1.2.19')
+      expect(result).toContain('zip: ^3.0.0')
+      expect(result).toContain('unzip: ^6.0.0') // MUST be ^6.0.0, not ^3.0.0!
+      
+      // Log the result for debugging if the test fails
+      if (result.includes('unzip: ^3.0.0')) {
+        console.log('REGRESSION: unzip got wrong version!')
+        console.log('Full result:')
+        console.log(result)
+      }
+    })
+  })
+
+  describe('similar package name edge cases', () => {
+    it('should handle packages that are substrings of each other', async () => {
+      const content = `dependencies:
+  react: ^18.0.0
+  react-dom: ^18.0.0
+  react-router: ^6.0.0
+  react-router-dom: ^6.0.0`
+
+      const updates: PackageUpdate[] = [
+        {
+          name: 'react',
+          currentVersion: '^18.0.0',
+          newVersion: '18.2.0',
+          updateType: 'minor',
+          dependencyType: 'dependencies',
+          file: 'deps.yaml',
+          metadata: undefined,
+        },
+      ]
+
+      const result = await updateDependencyFile('deps.yaml', content, updates)
+
+      expect(result).toContain('react: ^18.2.0')
+      expect(result).toContain('react-dom: ^18.0.0')
+      expect(result).toContain('react-router: ^6.0.0')
+      expect(result).toContain('react-router-dom: ^6.0.0')
+    })
+
+    it('should handle packages with special characters in YAML format', async () => {
+      const content = `dependencies:
+  "@types/node": ^20.0.0
+  "@types/node-fetch": ^2.0.0
+  node: ^20.0.0`
+
+      const updates: PackageUpdate[] = [
+        {
+          name: 'node',
+          currentVersion: '^20.0.0',
+          newVersion: '20.5.0',
+          updateType: 'minor',
+          dependencyType: 'dependencies',
+          file: 'deps.yaml',
+          metadata: undefined,
+        },
+      ]
+
+      const result = await updateDependencyFile('deps.yaml', content, updates)
+
+      // Should only update unquoted 'node', not '@types/node' or '@types/node-fetch'
+      expect(result).toContain('node: ^20.5.0')
+      expect(result).toContain('"@types/node": ^20.0.0')
+      expect(result).toContain('"@types/node-fetch": ^2.0.0')
+    })
+  })
+})
