Add failing tests for issue #466: OAuth all-repo access#467
Add failing tests for issue #466: OAuth all-repo access#467prompt-driven-github[bot] wants to merge 1 commit intomainfrom
Conversation
This commit adds comprehensive test coverage to detect the bug where PDD CLI requests access to ALL repositories instead of allowing selective repository access. Unit tests: - tests/test_get_jwt_token.py: Verify OAuth scope "repo,user" is hardcoded at pdd/get_jwt_token.py:251 E2E tests: - tests/test_e2e_issue_466_oauth_all_repo_scope.py: Verify the complete authentication flow uses OAuth Apps which cannot support selective repository access These are regression tests that document the current buggy behavior. After the fix (migrating to GitHub Apps), these tests will need to be updated to verify the new selective access functionality. Related to #466 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
gltanaka
added
pdd-sync
|
🚀 Job Queued! Job ID: |
❌ PDD Execution FailedExecution failed: PDD command failed with exit code 2. Error: No such option: --force |
|
🚀 Job Queued! Job ID: |
❌ PDD Execution FailedExecution failed: PDD command failed with exit code 2. Error: Basename '#467' contains invalid characters. Only alphanumeric, underscore, hyphen, and forward slash (for subdirectories) are allowed. |
|
🚀 Job Queued! Job ID: |
❌ PDD Execution FailedExecution failed: PDD command failed with exit code 1. |
|
🚀 Job Queued! Job ID: |
|
🚀 Job Queued! Job ID: |
PDD Agentic Sync - Error |
❌ PDD Execution FailedExecution failed: PDD command failed with exit code 1. |
❌ PDD Execution FailedExecution failed: PDD command failed with exit code 1. |
gltanaka
added
pdd-sync
* test: Add failing tests for E2E timeout retry bug #791 - 8 unit tests in test_agentic_e2e_fix_orchestrator.py (2 pass prompt checks, 6 fail detecting missing behavior) - 3 E2E tests in test_e2e_issue_791_e2e_timeout_retry.py (all fail detecting the bug) - Prompt fix adding E2E pre-flight check and cross-cycle memory requirements Root causes: 1. No environment pre-flight check before Step 2 E2E tests (line 660-726) 2. step_outputs cleared between cycles destroying failure memory (line 857-859) Fixes #791 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: PDD bug changes for #791 * fix: pdd fix: E2E test step times out on every cycle, wasting cost and time Fixes #791 * fix: PDD fix changes for #791 * fix: persist skipped_steps to state and remove artifact files - Save skipped_steps in state_data so it survives resume across sessions - Load skipped_steps from state on resume (with JSON string-to-int key conversion) - Include skipped_steps in KeyboardInterrupt and Exception state saves - Remove artifact files: error_output_791.txt, test_errors_791.txt, and agentic_e2e_fix_orchestrator_test_agentic_e2e_fix_orchestrator_fixed.py Fixes #791 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: add _check_e2e_environment mock to issue promptdriven#419 tests The new E2E environment preflight check skips Step 2 when no playwright config exists. Existing tests that expect Step 2 to dispatch to the LLM agent need to mock _check_e2e_environment to return (True, ""). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: add _check_e2e_environment mock to issue promptdriven#545 tests Same fix as promptdriven#419 tests: mock the E2E environment preflight check so Step 2 dispatches to the LLM mock instead of being skipped. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: add _check_e2e_environment mock to e2e_fix_deps fixture in promptdriven#549 tests Without this mock, _check_e2e_environment skips Step 2 (no playwright config in tmp_path), so the cycle1_step2 assertion fails. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: add _check_e2e_environment mock to promptdriven#468, promptdriven#467, promptdriven#357 test fixtures Same pattern as previous fixes — without this mock, _check_e2e_environment skips Step 2 (no playwright in tmp_path), breaking step execution assertions. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: address PR review — narrow skip trigger to timeouts, remove last_completed_step advance, add check=True - Narrow Step 2 skip to timeout-specific errors only (not transient provider outages like rate limits) - Remove contradictory last_completed_step = step_num in skip path (skipped_steps dict already handles cross-cycle memory) - Add check=True to git subprocess calls in test_issue_791 fixture Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: PDD Bot <pdd-bot@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Greg Tanaka <glt@alumni.caltech.edu>
2 participants
Summary
Adds failing tests that detect the bug reported in #466 where PDD CLI requests access to ALL repositories instead of allowing selective repository access.
Test Files
tests/test_get_jwt_token.pytests/test_e2e_issue_466_oauth_all_repo_scope.pyWhat This PR Contains
"repo,user"is hardcoded atpdd/get_jwt_token.py:251Root Cause
PDD CLI uses GitHub OAuth Apps with the
repo,userscope, which by architectural design grants access to ALL repositories. This is a fundamental limitation of GitHub OAuth Apps that cannot be worked around by changing scopes. TherepoOAuth scope always means "all repositories the user can access" - there is no OAuth scope that provides selective repository access.Location:
pdd/get_jwt_token.py:251- The DeviceFlow class hardcodesscope = "repo,user"Solution Required: Migrate from OAuth App to GitHub App for CLI authentication, which would allow users to install the app and select specific repositories during installation.
Test Behavior
These are regression tests that document the current buggy behavior:
Next Steps
Fixes #466
Generated by PDD agentic bug workflow - Step 10