test(app): broaden frontend coverage (batch 1) — api, sanitize, shortcuts, editor #44

Merged
rbrooks merged 1 commit from test/app-coverage-batch-1 into main 2026-06-25 22:41:05 +00:00
Owner

First batch of broader app-side test coverage. The recent tiptap v3 migration landed against a frontend with essentially one test (App.test.tsx), so a breaking change in core UI logic could only be caught by tsc, not behaviour. This starts closing that gap, prioritising the security-relevant and logic-heavy units that had zero coverage.

1 test → 28 tests across 5 files.

What's covered

Unit Tests Why it matters
lib/api.ts 9 The fetch wrapper every page depends on: method/header/credentials wiring, JSON body serialization, ApiError (status + body-error message, statusText fallback), and the 204 → undefined path.
lib/sanitize.ts 6 The client-side DOMPurify safety-net behind the dangerouslySetInnerHTML ban — asserts it strips all tags/attrs/scripts and neutralizes javascript: links while keeping text.
lib/shortcuts.ts 10 The global keyboard registry: register/getAll/unregister, case-insensitive matching, and the keydown guards (don't fire while typing in input/textarea/select/contenteditable, or with ⌘/Ctrl/Alt held), plus destroy() teardown.
MarkdownEditor.tsx 2 tiptap v3 regression guard — mounts without a duplicate-extension throw, round-trips markdown (**bold**<strong>, safe-URL link → <a href>), and verifies external value changes sync via setContent without emitting onChange (the { emitUpdate: false } fix).

Notes

  • Pure-logic style matches the existing App.test.tsx (vitest globals, jsdom, @testing-library). No new deps, no production-code changes.
  • The MarkdownEditor test is the permanent version of the throwaway smoke test from the tiptap PR (#43) — future tiptap bumps now have a real safety net.
  • Verified on the dev server: full app suite 28/28 green.

This is intended as the first of a few batches — natural follow-ups are the useAuth/useOfflineQueue/useTheme hooks and a couple of the higher-traffic pages.

🤖 Generated with Claude Code

First batch of broader app-side test coverage. The recent tiptap v3 migration landed against a frontend with essentially one test (`App.test.tsx`), so a breaking change in core UI logic could only be caught by `tsc`, not behaviour. This starts closing that gap, prioritising the **security-relevant and logic-heavy units** that had zero coverage. **1 test → 28 tests** across 5 files. ## What's covered | Unit | Tests | Why it matters | |---|---|---| | `lib/api.ts` | 9 | The fetch wrapper every page depends on: method/header/`credentials` wiring, JSON body serialization, `ApiError` (status + body-error message, `statusText` fallback), and the `204 → undefined` path. | | `lib/sanitize.ts` | 6 | The client-side DOMPurify safety-net behind the `dangerouslySetInnerHTML` ban — asserts it strips **all** tags/attrs/scripts and neutralizes `javascript:` links while keeping text. | | `lib/shortcuts.ts` | 10 | The global keyboard registry: register/getAll/unregister, case-insensitive matching, and the keydown **guards** (don't fire while typing in input/textarea/select/contenteditable, or with ⌘/Ctrl/Alt held), plus `destroy()` teardown. | | `MarkdownEditor.tsx` | 2 | **tiptap v3 regression guard** — mounts without a duplicate-extension throw, round-trips markdown (`**bold**` → `<strong>`, safe-URL link → `<a href>`), and verifies external value changes sync via `setContent` **without** emitting `onChange` (the `{ emitUpdate: false }` fix). | ## Notes - Pure-logic style matches the existing `App.test.tsx` (vitest globals, jsdom, `@testing-library`). No new deps, no production-code changes. - The `MarkdownEditor` test is the permanent version of the throwaway smoke test from the tiptap PR (#43) — future tiptap bumps now have a real safety net. - Verified on the dev server: full app suite **28/28 green**. This is intended as the first of a few batches — natural follow-ups are the `useAuth`/`useOfflineQueue`/`useTheme` hooks and a couple of the higher-traffic pages. 🤖 Generated with [Claude Code](https://claude.com/claude-code)
test(app): cover api wrapper, sanitize, shortcuts, MarkdownEditor
All checks were successful
CI / App — typecheck, test & build (push) Successful in 1m29s
CI / API — typecheck & tests (push) Successful in 2m36s
CI / App — typecheck, test & build (pull_request) Successful in 1m37s
CI / API — typecheck & tests (pull_request) Successful in 2m30s
e6ea59bc2f
Broadens app-side test coverage from 1 test to 28. Focuses on the
security-relevant and logic-heavy units that were previously untested:

- lib/api: fetch wrapper — method/header/credentials wiring, JSON body
  serialization, ApiError (status + body-error, statusText fallback), 204.
- lib/sanitize: DOMPurify safety-net strips all tags/attrs/scripts and
  neutralizes javascript: links while preserving text.
- lib/shortcuts: registry round-trip, case-insensitive matching, and the
  keydown guards (inputs / textarea / contenteditable / modifier keys),
  plus destroy() teardown.
- MarkdownEditor: tiptap v3 regression test — mounts without a
  duplicate-extension throw, round-trips markdown (bold + safe-URL link),
  and syncs external value changes via setContent without emitting onChange.

Verified on the dev server: full app suite 28/28 green.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
rbrooks scheduled this pull request to auto merge when all checks succeed 2026-06-25 22:36:15 +00:00
rbrooks deleted branch test/app-coverage-batch-1 2026-06-25 22:41:05 +00:00
Sign in to join this conversation.
No reviewers
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
rbrooks/TeaLeaves!44
No description provided.