Fix broken CI test suite and close major test coverage gaps#3
Conversation
- Fix 7 test files importing from 'bun:test' instead of 'vitest', which made npx vitest run (what CI actually runs) fail to load them entirely — CI was passing on a fraction of the suite. - Rewrite the 4 live-server integration suites (auth, resources, questions/interview/AI, user-paths) to authenticate via the real JWT session cookie flow; they still used the x-user-id header shortcut that was removed as a security fix, so they were exercising an auth path that no longer exists. - Wire those integration suites into CI: spin up a Postgres service, push + seed the schema, build, start the app, and run them against the live server instead of skipping unconditionally under CI=true. - Make login/register/general API rate limits configurable via env vars (defaults unchanged) so the integration suite's request volume doesn't trip production-tuned limits. - Add real render tests (MockInterview, ResumeLab, OnboardingQuiz), direct unit tests (session, rate-limit, sanitize), and route tests (subscription webhook/manage, verify-email, questions/count) that import the actual implementation instead of reimplementing it. - Add @vitest/coverage-v8 and a test:coverage script. Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01CyerEYcFhnBf8oaqqSSCSg
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Warning Review limit reached
Next review available in: 5 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (27)
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
Problem
A test-coverage audit found that CI's
Testsstep (CI=true npx vitest run) was silently failing to load 7 of the richest test files because they imported frombun:testinstead ofvitest. Digging further, the 4 live-server integration suites (auth, resources, questions/interview/AI, user-paths) were unconditionally skipped underCI=trueand, when actually run, turned out to authenticate via anx-user-idheader that had been deliberately removed as a security fix — they were exercising an auth path that no longer exists in the app.Solution
bun:test→vitestimports so those suites actually load and run.x-user-idheader.'PPC VA'not'Amazon PPC VA', and'PPC Fundamentals'isn't a validskillAreaenum value.@vitest/coverage-v8and atest:coveragescript.Scope
Included: test infrastructure, CI workflow, the two rate-limit env-var additions in
login/register/middleware.ts, and new test files.Excluded: no product/UI behavior changes. Did not refactor the existing "shadow stub" test files (tests that reimplement route logic in-file rather than importing it) — that's a larger, separate effort.
Acceptance criteria
Validation
npx tsc --noEmit— cleannpx eslint .— 0 errors (pre-existing warnings only, none in changed files)CI=true npx vitest run— 331 passed, 97 skipped (integration suites, correctly gated without a live server)Risk and rollback
Low risk: additive test coverage plus one CI workflow change and small, backward-compatible env-var-gated rate-limit config (defaults unchanged, so production behavior is identical unless the new env vars are explicitly set). Rollback is a plain revert of this commit.
Documentation
No user-facing docs changed.
docs/TESTING.mddescribes the test suite's intent, which this PR makes actually true in CI; a follow-up doc update noting the live-server CI job could be worthwhile but wasn't required for this fix.Generated by Claude Code