fix(e2e/browser): gate 2 ungated screenshot helpers; add screenshot-policy-check guard (bookshelf-6krh) #910
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "bd-bookshelf-6krh"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Summary
e2e/browserjourney upload helpers (uploadWorkflowDetailScreenshotToPR+uploadRecomputeMatchScoreScreenshotToPR) bypassedshouldPostJourneyScreenshot, posting screenshots on every CI run regardless of PR title markers. This caused unrelated screenshots to appear on backend PRs (#897, #898, #908, #909).uploadJourneyScreenshotToPR(which callsshouldPostJourneyScreenshot), preserving the exact caption text and slugs (wf-detail-older-execution,recompute-match-score-kebab-open).scripts/screenshot_policy_check/main.goguard scanse2e/browser/*.goand fails if any file does a Forgejo issues POST without the gate. Wired intomake lint+ CI lint job.Policy-check before/after
Before fix (original files):
go run ./scripts/screenshot_policy_check→ exits 1 with:After fix (this PR): → exits 0 with:
Test plan
go build -tags e2e ./e2e/browser/...— cleanmake test— all unit tests passmake screenshot-policy-check— passes on fixed codemake e2e-policy-check+make test-policy-check— both still pass[shot:wf-detail-older-execution]and[shot:recompute-match-score-kebab-open]PR-title markers still trigger the respective posts (behavior preserved via shared helper)Closes bead bookshelf-6krh on merge.
CODE REVIEW: APPROVED — 2 minor findings, no blockers or majors.
Phase 0: DEMO Verification
The bead has no explicit runnable DEMO block; the VERIFY section requires the full e2e/browser suite. Per project rules, CI is the source of behavioral truth — CI state is success (SHA
08670af06b). Policy-check script was run directly in the worktree and passed. Behavioral verification by CI is accepted per review-standard.Phase 1: Spec Compliance — PASS
All bead requirements met:
uploadJourneyScreenshotToPR— verified in diff"wf-detail-older-execution"and"recompute-match-score-kebab-open"— exact strings confirmed in difffmt.Sprintfbodies carried over verbatim[shot:<slug>]PR-title path still works —shouldPostJourneyScreenshotgates on SCREENSHOT_JOURNEY matching the slug; unaffectedscripts/screenshot_policy_check/main.goadded with no build tagmake lint(Makefile line ~117) and CI lint job (.forgejo/workflows/ci.ymlstep)Claim verification — "FAILS on original files, PASSES after fix":
Manually verified both original files had
/issues/(×2 each) +MethodPost(×2 each) and zeroshouldPostJourneyScreenshot—hasUngatedPost()would return true for both. After fix both patterns are removed from the journey files (delegate to helper). Check passes. The claim is credible and verified.New-file regression coverage verified: Ran the check against a simulated new journey file with inline POST — correctly flagged as a violation (exit 1, named the file).
Phase 2: Code Quality
[MINOR] scripts/screenshot_policy_check/main.go:35 — main() exceeds 30-line function limit
main() spans lines 35–80 (45 executable lines), exceeding the project's 30-line limit (implementation-standard.md). For a utility script this is low-stakes, but the scan loop and error-print block could be extracted into helpers (e.g.
scanViolations(dir) []string,printViolations([]string)) to bring each function under the limit.[MINOR] scripts/screenshot_policy_check/main.go:85 — hasUngatedPost is file-level, not function-level; ungated helper in browser_helpers_test.go evades the check
The guard checks whether
/issues/+MethodPostappear withoutshouldPostJourneyScreenshotanywhere in the same file. Becausebrowser_helpers_test.goalready containsshouldPostJourneyScreenshot(the gate call at line 1 ofuploadJourneyScreenshotToPR), adding a second raw-POST helper to that same file would evade the check — verified by simulation. This means the guard catches the primary regression vector (copying old per-journey inline code into a new file) but not a new ungated helper added to the shared helpers file. Suggest: document this known gap in thehasUngatedPostdoc comment so future maintainers know the guard does not provide complete coverage forbrowser_helpers_test.goitself.REVIEW VERDICT: 0 blocker, 0 major, 2 minor
08670af06b52f1a5f2d4