inx/naj
1
0
Fork 0
Code Issues Pull requests Projects Releases 4 Packages Wiki Activity Actions

Compare commits

base: inx:main
Branches Tags
inx:main
inx:v0.1.3
inx:v0.1.2
inx:v0.1.1
inx:v0.1.0
..
compare: inx:v0.1.1
Branches Tags
inx:main
inx:v0.1.3
inx:v0.1.2
inx:v0.1.1
inx:v0.1.0

No commits in common. "main" and "v0.1.1" have entirely different histories.
main ... v0.1.1

18 changed files with 311 additions and 453 deletions
Show stats Expand all files Collapse all files

21
Cargo.toml
View file

@ -1,16 +1,7 @@
[package]
name = "naj"
version = "0.1.3"
name = "gosh"
version = "0.1.1"
edition = "2021"
description = "Manage your digital selves. (Derived from Old Chinese /*ŋˤajʔ/ 'I/Me')"
authors = ["INX <inx@inx.wf>"]
license = "BSD-2-Clause"
readme = "README.md"
homepage = "https://github.com/dotinx/naj"
repository = "https://github.com/dotinx/naj"
categories = ["command-line-utilities"]
exclude = ["scripts/","assets/"]
[dependencies]
clap = { version = "4.5", features = ["derive"] }
@ -20,10 +11,6 @@ dirs = "5.0"
anyhow = "1.0"
[dev-dependencies]
assert_cmd = "2.1"
tempfile = "3.24"
assert_cmd = "2.0"
tempfile = "3.10"
predicates = "3.1"
[[bin]]
name = "naj"
path = "src/main.rs"

62
README.md
View file

@ -1,30 +1,20 @@
# Naj
# Gosh (Git Operations SHell)
![Naj Banner](assets/naj-banner.jpg)
**Naj** is a lightweight, secure, and idempotent wrapper for Git, written in Rust. It solves the chaos of managing multiple Git identities (Work vs. Personal) by strictly isolating configurations and preventing accidental identity leaks.
**Gosh** is a lightweight, secure, and idempotent wrapper for Git, written in Rust. It solves the chaos of managing multiple Git identities (Work vs. Personal) by strictly isolating configurations and preventing accidental identity leaks.
## 🚀 Features
* **🛡️ Fail-Safe Security**: Uses "Blind Injection" to forcibly wipe global identity keys before applying a profile. If your profile lacks a key, Naj fails securely rather than falling back to your global `~/.gitconfig`.
* **⚡ Ephemeral Execution**: Run commands like `naj work commit` without modifying any files on disk. Perfect for one-off fixes.
* **🛡️ Fail-Safe Security**: Uses "Blind Injection" to forcibly wipe global identity keys before applying a profile. If your profile lacks a key, Gosh fails securely rather than falling back to your global `~/.gitconfig`.
* **⚡ Ephemeral Execution**: Run commands like `gosh work commit` without modifying any files on disk. Perfect for one-off fixes.
* **💾 Persistent Switching**: Permanently bind a repository to an identity using Git's native `[include]` directive.
* **🛠️ Zero Config Setup**: Automatically handles `clone` and `init` setup, applying the correct identity immediately.
* **📂 Portable Profiles**: Profiles are stored in `~/.config/naj/profiles/`, designed to be synced via a private Git repository.
* **📂 Portable Profiles**: Profiles are stored in `~/.config/gosh/profiles/`, designed to be synced via a private Git repository.
## 📦 Installation
### From Cargo
```bash
cargo install naj
```
### From Source
```bash
git clone https://github.com/dotinx/naj.git
cd naj
cargo install --path .
```
@ -32,28 +22,28 @@ cargo install --path .
### 1. Management: Create Identities
Naj manages identities as "Profiles".
Gosh manages identities as "Profiles".
```bash
# Syntax: naj -c <Name> <Email> <ProfileID>
naj -c "Alice Work" "alice@company.com" "work"
naj -c "Alice Hobby" "alice@gmail.com" "personal"
# Syntax: gosh -c <Name> <Email> <ProfileID>
gosh -c "Alice Work" "alice@company.com" "work"
gosh -c "Alice Hobby" "alice@gmail.com" "personal"
# List all profiles
naj -l
gosh -l
# Edit a profile (e.g., to add signingkey or sshCommand)
naj -e work
gosh -e work
```
### 2. Workflow A: Setup New Projects (Recommended)
When you clone or init a repository, Naj automatically sets up the local config.
When you clone or init a repository, Gosh automatically sets up the local config.
```bash
# Clones the repo and immediately binds it to the "work" profile
naj work clone git@github.com:company/backend.git
gosh work clone git@github.com:company/backend.git
# Inside the repo, you can now just use standard git
cd backend
@ -67,10 +57,10 @@ Run a command with a specific identity *without* modifying the repository config
```bash
# Temporarily commit as "personal" in a work repo (e.g., fixing a typo)
naj personal commit -m "Fix typo"
gosh personal commit -m "Fix typo"
# Verification
naj personal config user.email
gosh personal config user.email
```
@ -80,32 +70,32 @@ Change the identity bound to an existing repository.
```bash
cd my-repo
naj work
gosh work
# If the repo has "dirty" config (manually set user.name), force overwrite it:
naj work -f
gosh work -f
```
## ⚙️ Configuration
Naj follows the XDG Base Directory specification.
Gosh follows the XDG Base Directory specification.
* **Config File**: `~/.config/naj/naj.toml`
* **Profiles**: `~/.config/naj/profiles/*.gitconfig`
* **Config File**: `~/.config/gosh/gosh.toml`
* **Profiles**: `~/.config/gosh/profiles/*.gitconfig`
On the first run, Naj will automatically create these directories and a default configuration file.
On the first run, Gosh will automatically create these directories and a default configuration file.
### Environment Variables
* `NAJ_CONFIG_PATH`: Override the config directory (Useful for NixOS or testing).
* `NAJ_MOCKING=1`: Dry-run mode. Prints the constructed `git` command to stderr instead of executing it.
* `GOSH_CONFIG_PATH`: Override the config directory (Useful for NixOS or testing).
* `GOSH_MOCKING=1`: Dry-run mode. Prints the constructed `git` command to stderr instead of executing it.
## 🔒 Security Design: Blind Injection
In **Exec Mode**, Naj does **not** read your local configuration to decide what to override. Instead, it aggressively injects empty values for sensitive keys before applying your profile.
In **Exec Mode**, Gosh does **not** read your local configuration to decide what to override. Instead, it aggressively injects empty values for sensitive keys before applying your profile.
**Example command generated by Naj:**
**Example command generated by Gosh:**
```bash
git \
@ -113,7 +103,7 @@ git \
-c user.email="" \
-c user.signingkey="" \
-c commit.gpgsign=false \
-c include.path=~/.config/naj/profiles/work.gitconfig \ # 2. Apply Profile
-c include.path=~/.config/gosh/profiles/work.gitconfig \ # 2. Apply Profile
commit ...
```

BIN
assets/naj-banner.jpg
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 46 KiB

4
scripts/build.sh Executable file → Normal file
View file

@ -2,7 +2,7 @@
set -e # 遇到错误立即停止
# --- 配置部分 ---
APP_NAME="naj"
APP_NAME="gosh"
OUTPUT_DIR="dist"
# 新增:获取 dist 目录的绝对物理路径
mkdir -p "$OUTPUT_DIR"
@ -65,7 +65,7 @@ for target in "${TARGETS[@]}"; do
exit 1
fi
# 3. 打包文件名格式: naj-v0.1.0-x86_64-unknown-linux-musl.tar.gz
# 3. 打包文件名格式: gosh-v0.1.0-x86_64-unknown-linux-musl.tar.gz
ARCHIVE_NAME="${APP_NAME}-v${VERSION}-${target}"
# 进入输出目录进行打包操作

44
scripts/hash.sh
View file

@ -1,44 +0,0 @@
#!/bin/bash
# 定义目标目录
TARGET_DIR="$PWD/dist"
# 检查目录是否存在
if [ ! -d "$TARGET_DIR" ]; then
echo "Error: Directory $TARGET_DIR does not exist."
exit 1
fi
# 输出表格表头
echo "| Filename | SHA256 | Status |"
echo "| :--- | :--- | :--- |"
# 遍历所有的 .tar.gz 文件
for file in "$TARGET_DIR"/*.tar.gz; do
# 检查是否有匹配的文件,防止 glob 失败
[ -e "$file" ] || continue
filename=$(basename "$file")
sha_file="${file}.sha256"
# 计算当前的 SHA256
# 使用 awk 只取第一列(哈希值)
actual_sha=$(sha256sum "$file" | awk '{print $1}')
# 校验逻辑
if [ -f "$sha_file" ]; then
# 从文件中读取预期的 SHA256
expected_sha=$(cat "$sha_file" | awk '{print $1}')
if [ "$actual_sha" == "$expected_sha" ]; then
status="✅ OK"
else
status="❌ Mismatch"
fi
else
status="⚠️ No .sha256 file"
fi
# 输出表格行
echo "| $filename | \`$actual_sha\` | $status |"
done

14
scripts/tests/README.md
View file

@ -1,10 +1,10 @@
# Naj Integration & Scenario Tests
# Gosh Integration & Scenario Tests
This directory contains the integration test suite and scenario simulations for `naj`. These scripts are designed to validate the core functionality, security isolation, and developer workflows in a controlled, sandbox environment.
This directory contains the integration test suite and scenario simulations for `gosh`. These scripts are designed to validate the core functionality, security isolation, and developer workflows in a controlled, sandbox environment.
## Overview
The tests in this directory focus on end-to-end (E2E) validation, ensuring that `naj` correctly interacts with Git configurations, SSH keys, and system environments without contaminating the user's global settings.
The tests in this directory focus on end-to-end (E2E) validation, ensuring that `gosh` correctly interacts with Git configurations, SSH keys, and system environments without contaminating the user's global settings.
## Test Matrix
@ -21,7 +21,7 @@ The tests in this directory focus on end-to-end (E2E) validation, ensuring that
To run these tests locally, ensure you have the following installed:
- **Bash**: Most scripts use standard Bash features.
- **Git**: Version 2.34+ is required for SSH signing tests.
- **Naj**: The `naj` binary must be available in your PATH or accessible via the `NAJ_CMD` environment variable.
- **Gosh**: The `gosh` binary must be available in your PATH or accessible via the `GOSH_CMD` environment variable.
## Running Tests
@ -42,11 +42,11 @@ You can run individual test scripts directly:
bash scripts/tests/alice.sh
```
Each script initializes a sandbox in `/tmp/naj_test_*` or similar, ensuring that your `~/.gitconfig` and `~/.ssh` remain untouched.
Each script initializes a sandbox in `/tmp/gosh_test_*` or similar, ensuring that your `~/.gitconfig` and `~/.ssh` remain untouched.
## Design Principles
1. **Isolation**: All tests use a dedicated `NAJ_CONFIG_PATH` and temporary directories to ensure side-effect-free execution.
1. **Isolation**: All tests use a dedicated `GOSH_CONFIG_PATH` and temporary directories to ensure side-effect-free execution.
2. **Assertions**: Scripts use exit codes and explicit checks to verify expected outcomes (e.g., checking `git cat-file` for signatures).
3. **Readability**: Log levels (STEP, INFO, ERROR) are used to provide clear feedback during execution.
@ -55,5 +55,5 @@ Each script initializes a sandbox in `/tmp/naj_test_*` or similar, ensuring that
When adding a new test script:
- Use `set -e` to ensure the script fails on the first error.
- Use a dedicated sandbox directory for all temporary files.
- Export `NAJ_CONFIG_PATH` to point into your sandbox.
- Export `GOSH_CONFIG_PATH` to point into your sandbox.
- Document the scenario and expected results in the script header.

36
scripts/tests/alice.sh
View file

@ -2,11 +2,11 @@
set -e
# --- 0. 环境与工具准备 ---
NAJ_CMD="naj" # 确保已编译或 alias 到 cargo run
GOSH_CMD="gosh" # 确保已编译或 alias 到 cargo run
BASE_DIR="/tmp/alice_demo_signed"
# 隔离 Naj 配置
export NAJ_CONFIG_PATH="$BASE_DIR/config"
# 隔离 Gosh 配置
export GOSH_CONFIG_PATH="$BASE_DIR/config"
# 隔离 SSH 密钥目录
SSH_DIR="$BASE_DIR/ssh_keys"
# 模拟仓库目录
@ -29,7 +29,7 @@ info "Git Version: $GIT_VERSION (SSH Signing requires 2.34+)"
# --- 1. 清理与沙盒初始化 ---
log "Initializing Sandbox at $BASE_DIR..."
rm -rf "$BASE_DIR"
mkdir -p "$NAJ_CONFIG_PATH"
mkdir -p "$GOSH_CONFIG_PATH"
mkdir -p "$SSH_DIR"
mkdir -p "$REPO_DIR"
@ -44,15 +44,15 @@ info "Generated Work Key: $SSH_DIR/id_work"
ssh-keygen -t ed25519 -C "alice@alice.com" -f "$SSH_DIR/id_personal" -N "" -q
info "Generated Personal Key: $SSH_DIR/id_personal"
# --- 3. 使用 Naj 创建 Profile 并注入签名配置 ---
log "Creating Naj Profiles..."
# --- 3. 使用 Gosh 创建 Profile 并注入签名配置 ---
log "Creating Gosh Profiles..."
# 3.1 创建基础 Work Profile
$NAJ_CMD -c "Alice Work" "alice@contoso.com" "work"
$GOSH_CMD -c "Alice Work" "alice@contoso.com" "work"
# 3.2 手动追加 SSH 签名配置到 Work Profile
# 这里演示了 Naj 的灵活性:你可以手动编辑生成的 .gitconfig
WORK_PROFILE="$NAJ_CONFIG_PATH/profiles/work.gitconfig"
# 这里演示了 Gosh 的灵活性:你可以手动编辑生成的 .gitconfig
WORK_PROFILE="$GOSH_CONFIG_PATH/profiles/work.gitconfig"
cat >> "$WORK_PROFILE" <<EOF
[gpg]
format = ssh
@ -67,8 +67,8 @@ EOF
info "Configured Work Profile with SSH Signing"
# 3.3 创建并配置 Personal Profile
$NAJ_CMD -c "Alice Personal" "alice@alice.com" "personal"
PERSONAL_PROFILE="$NAJ_CONFIG_PATH/profiles/personal.gitconfig"
$GOSH_CMD -c "Alice Personal" "alice@alice.com" "personal"
PERSONAL_PROFILE="$GOSH_CONFIG_PATH/profiles/personal.gitconfig"
cat >> "$PERSONAL_PROFILE" <<EOF
[gpg]
format = ssh
@ -90,9 +90,9 @@ cd "$REPO_DIR"
# 模拟远程仓库
git init --bare --quiet "backend.git"
# 使用 Naj 克隆 (Clone -> Infer -> Switch)
# 使用 Gosh 克隆 (Clone -> Infer -> Switch)
# 注意:这里我们 Clone 本地路径,但 core.sshCommand 依然会被配置进去,这是符合预期的
$NAJ_CMD work clone "$REPO_DIR/backend.git" work-backend
$GOSH_CMD work clone "$REPO_DIR/backend.git" work-backend
cd work-backend
# 提交代码
@ -123,7 +123,7 @@ git init --quiet "oss-project"
cd oss-project
# 切换到 Personal
$NAJ_CMD personal
$GOSH_CMD personal
# 提交
touch fun.txt
@ -148,12 +148,12 @@ fi
log "Scenario C: Ephemeral Execution (Security Check)"
# 当前在 oss-project (Personal),我们想用 Work 身份签个名
# 执行 naj work commit
$NAJ_CMD work commit --allow-empty -m "Hotfix via Exec" > /dev/null
# 执行 gosh work commit
$GOSH_CMD work commit --allow-empty -m "Hotfix via Exec" > /dev/null
# 验证最后一次提交的签名
# 注意Exec 模式下,Naj 会通过 -c user.signingkey="" 先清空,再注入 work profile
# 如果这一步成功且签名了,说明 Naj 正确注入了 id_work.pub
# 注意Exec 模式下,Gosh 会通过 -c user.signingkey="" 先清空,再注入 work profile
# 如果这一步成功且签名了,说明 Gosh 正确注入了 id_work.pub
LATEST_COMMIT_MSG=$(git log -1 --pretty=%B)
info "Latest commit: $LATEST_COMMIT_MSG"

36
scripts/tests/alice2.sh
View file

@ -2,11 +2,11 @@
set -e
# --- 0. 环境与工具准备 ---
NAJ_CMD="naj" # 确保已编译或 alias 到 cargo run
GOSH_CMD="gosh" # 确保已编译或 alias 到 cargo run
BASE_DIR="/tmp/alice_demo_debug"
# 隔离 Naj 配置
export NAJ_CONFIG_PATH="$BASE_DIR/config"
# 隔离 Gosh 配置
export GOSH_CONFIG_PATH="$BASE_DIR/config"
# 隔离 SSH 密钥目录
SSH_DIR="$BASE_DIR/ssh_keys"
# 模拟仓库目录
@ -43,7 +43,7 @@ info "Git Version: $GIT_VERSION (SSH Signing requires 2.34+)"
# --- 1. 清理与沙盒初始化 ---
log "Initializing Sandbox at $BASE_DIR..."
rm -rf "$BASE_DIR"
mkdir -p "$NAJ_CONFIG_PATH"
mkdir -p "$GOSH_CONFIG_PATH"
mkdir -p "$SSH_DIR"
mkdir -p "$REPO_DIR"
@ -54,12 +54,12 @@ info "Generated Work Key: .../id_work"
ssh-keygen -t ed25519 -C "alice@alice.com" -f "$SSH_DIR/id_personal" -N "" -q
info "Generated Personal Key: .../id_personal"
# --- 3. 使用 Naj 创建 Profile ---
log "Creating Naj Profiles..."
# --- 3. 使用 Gosh 创建 Profile ---
log "Creating Gosh Profiles..."
# 3.1 Work Profile
$NAJ_CMD -c "Alice Work" "alice@contoso.com" "work"
WORK_PROFILE="$NAJ_CONFIG_PATH/profiles/work.gitconfig"
$GOSH_CMD -c "Alice Work" "alice@contoso.com" "work"
WORK_PROFILE="$GOSH_CONFIG_PATH/profiles/work.gitconfig"
cat >> "$WORK_PROFILE" <<EOF
[gpg]
format = ssh
@ -73,8 +73,8 @@ EOF
info "Configured Work Profile (SSH Signing Enabled)"
# 3.2 Personal Profile
$NAJ_CMD -c "Alice Personal" "alice@alice.com" "personal"
PERSONAL_PROFILE="$NAJ_CONFIG_PATH/profiles/personal.gitconfig"
$GOSH_CMD -c "Alice Personal" "alice@alice.com" "personal"
PERSONAL_PROFILE="$GOSH_CONFIG_PATH/profiles/personal.gitconfig"
cat >> "$PERSONAL_PROFILE" <<EOF
[gpg]
format = ssh
@ -94,9 +94,9 @@ log "Scenario A: Setup Mode (Work Repo)"
cd "$REPO_DIR"
git init --bare --quiet "backend.git"
# 使用 Naj 克隆
info "Running: naj work clone ..."
$NAJ_CMD work clone "$REPO_DIR/backend.git" work-backend
# 使用 Gosh 克隆
info "Running: gosh work clone ..."
$GOSH_CMD work clone "$REPO_DIR/backend.git" work-backend
cd work-backend
# 提交代码
@ -114,8 +114,8 @@ git init --quiet "oss-project"
cd oss-project
# 切换到 Personal
info "Running: naj personal (Switching...)"
$NAJ_CMD personal
info "Running: gosh personal (Switching...)"
$GOSH_CMD personal
# 提交
touch fun.txt
@ -128,11 +128,11 @@ debug_inspect
# === 场景 C: 临时执行与密钥隔离 (Exec Mode) ===
log "Scenario C: Ephemeral Execution (Security Check)"
info "Current Profile is: Personal (oss-project)"
info "Executing 'naj work commit' (Should use Work Identity temporarily)..."
info "Executing 'gosh work commit' (Should use Work Identity temporarily)..."
# 执行 naj work commit
# 执行 gosh work commit
# 注意:这里我们不再重定向到 /dev/null我们要看 git 的原生输出
$NAJ_CMD work commit --allow-empty -m "Hotfix via Exec (Scenario C)"
$GOSH_CMD work commit --allow-empty -m "Hotfix via Exec (Scenario C)"
# 🔍 查看日志
# 这里的重点是:

34
scripts/tests/alice3.sh
View file

@ -2,11 +2,11 @@
set -e
# --- 0. 全局配置 ---
NAJ_CMD="naj"
BASE_DIR="/tmp/naj_collab_demo"
GOSH_CMD="gosh"
BASE_DIR="/tmp/gosh_collab_demo"
# 隔离 Naj 配置
export NAJ_CONFIG_PATH="$BASE_DIR/config"
# 隔离 Gosh 配置
export GOSH_CONFIG_PATH="$BASE_DIR/config"
# 隔离 SSH 密钥目录
SSH_DIR="$BASE_DIR/ssh_keys"
# 模拟仓库目录
@ -58,7 +58,7 @@ verify_last_commit() {
# --- 1. 初始化沙盒 ---
log "Initializing Sandbox..."
rm -rf "$BASE_DIR"
mkdir -p "$NAJ_CONFIG_PATH/profiles"
mkdir -p "$GOSH_CONFIG_PATH/profiles"
mkdir -p "$SSH_DIR"
mkdir -p "$REPO_DIR"
@ -79,12 +79,12 @@ ssh-keygen -t ed25519 -C "bob@partner.org" -f "$SSH_DIR/id_bob" -N "" -q
echo "bob@partner.org $(cat $SSH_DIR/id_bob.pub)" >> "$ALLOWED_SIGNERS"
ok "Generated Bob's Key & Added to Trust Store"
# --- 3. 配置 Naj Profiles ---
log "Configuring Naj Profiles..."
# --- 3. 配置 Gosh Profiles ---
log "Configuring Gosh Profiles..."
# --> Alice Profile
$NAJ_CMD -c "Alice Work" "alice@contoso.com" "alice_work"
cat >> "$NAJ_CONFIG_PATH/profiles/alice_work.gitconfig" <<EOF
$GOSH_CMD -c "Alice Work" "alice@contoso.com" "alice_work"
cat >> "$GOSH_CONFIG_PATH/profiles/alice_work.gitconfig" <<EOF
[gpg]
format = ssh
[user]
@ -97,8 +97,8 @@ EOF
ok "Profile 'alice_work' created"
# --> Bob Profile
$NAJ_CMD -c "Bob Partner" "bob@partner.org" "bob_partner"
cat >> "$NAJ_CONFIG_PATH/profiles/bob_partner.gitconfig" <<EOF
$GOSH_CMD -c "Bob Partner" "bob@partner.org" "bob_partner"
cat >> "$GOSH_CONFIG_PATH/profiles/bob_partner.gitconfig" <<EOF
[gpg]
format = ssh
[user]
@ -121,7 +121,7 @@ cd project-alpha
# 1. Alice 初始化项目
echo ">>> [Commit 1] Alice starts the project"
$NAJ_CMD alice_work
$GOSH_CMD alice_work
touch README.md
git add README.md
git commit -m "Init Project Alpha" > /dev/null
@ -129,14 +129,14 @@ verify_last_commit "alice@contoso.com" "alice_work"
# 2. Bob 进来修改 (模拟同一台机器切换身份)
echo ">>> [Commit 2] Bob adds features"
$NAJ_CMD bob_partner
$GOSH_CMD bob_partner
echo "Feature by Bob" >> README.md
git commit -am "Bob adds feature" > /dev/null
verify_last_commit "bob@partner.org" "bob_partner"
# 3. Alice 审查并修改
echo ">>> [Commit 3] Alice reviews and updates"
$NAJ_CMD alice_work
$GOSH_CMD alice_work
echo "Reviewed by Alice" >> README.md
git commit -am "Alice review" > /dev/null
verify_last_commit "alice@contoso.com" "alice_work"
@ -149,7 +149,7 @@ git init --quiet project-beta
cd project-beta
# 1. Bob 拥有这个项目
$NAJ_CMD bob_partner
$GOSH_CMD bob_partner
touch main.rs
git add main.rs
git commit -m "Bob starts Beta" > /dev/null
@ -157,13 +157,13 @@ verify_last_commit "bob@partner.org" "bob_partner"
# 2. Alice 临时修复 (不切换 Profile直接用 Exec)
# 当前 Profile 依然是 bob_partner (可以通过 .git/config 验证)
# Alice 用 naj alice_work exec 临时提交
# Alice 用 gosh alice_work exec 临时提交
echo ">>> [Commit 4] Alice hotfixes via Exec Mode"
echo "// Hotfix" >> main.rs
git add main.rs
# 这里是关键测试Exec 模式下的签名注入
$NAJ_CMD alice_work commit -m "Alice hotfix" > /dev/null
$GOSH_CMD alice_work commit -m "Alice hotfix" > /dev/null
# 验证:虽然此时 .git/config 指向 Bob但这个 Commit 必须是 Alice 签名的
verify_last_commit "alice@contoso.com" "alice_work"

18
scripts/tests/edge_cases.sh
View file

@ -2,9 +2,9 @@
set -e
# --- 配置 ---
NAJ_CMD="naj"
BASE_DIR="/tmp/naj_edge_test"
export NAJ_CONFIG_PATH="$BASE_DIR/config"
GOSH_CMD="gosh"
BASE_DIR="/tmp/gosh_edge_test"
export GOSH_CONFIG_PATH="$BASE_DIR/config"
REPO_DIR="$BASE_DIR/repos"
# 颜色
@ -15,11 +15,11 @@ log() { echo -e "\n\033[0;34m[TEST] $1\033[0m"; }
# --- 初始化 ---
rm -rf "$BASE_DIR"
mkdir -p "$NAJ_CONFIG_PATH" "$REPO_DIR"
mkdir -p "$GOSH_CONFIG_PATH" "$REPO_DIR"
# 创建一个 Profile
log "Creating Profile..."
$NAJ_CMD -c "Edge User" "edge@test.com" "edge"
$GOSH_CMD -c "Edge User" "edge@test.com" "edge"
# --- 测试 1: 子目录执行 ---
log "Scenario 1: Running from a deep subdirectory"
@ -30,10 +30,10 @@ mkdir -p src/deep/level
cd src/deep/level
echo "Current dir: $(pwd)"
echo "Executing 'naj edge' from subdirectory..."
echo "Executing 'gosh edge' from subdirectory..."
# 执行 switch
$NAJ_CMD edge
$GOSH_CMD edge
# 验证
# 我们需要回到根目录看 config或者直接用 git config
@ -55,9 +55,9 @@ cd "$DIR_WITH_SPACE"
git init --quiet
echo "Current dir: $(pwd)"
echo "Executing 'naj edge'..."
echo "Executing 'gosh edge'..."
$NAJ_CMD edge
$GOSH_CMD edge
# 验证
CONFIG_EMAIL=$(git config user.email)

24
scripts/tests/security_edge.sh
View file

@ -1,8 +1,8 @@
#!/bin/bash
# --- 准备 ---
NAJ_CMD="naj" # 确保已编译或 alias
BASE_DIR="/tmp/naj_security_test"
GOSH_CMD="gosh" # 确保已编译或 alias
BASE_DIR="/tmp/gosh_security_test"
UNSAFE_REPO="$BASE_DIR/root_owned_repo"
# 1. 初始化一个归属于 root 的仓库 (对当前用户来说是不安全的)
@ -17,29 +17,29 @@ sudo touch "$UNSAFE_REPO/testfile"
# 确保当前用户对目录有读写权限(以便能进入),但 .git 依然属于 root
sudo chmod -R 777 "$UNSAFE_REPO"
echo "[TEST] Running 'naj' in a dubious ownership repo..."
echo "[TEST] Running 'gosh' in a dubious ownership repo..."
cd "$UNSAFE_REPO"
# 2. 尝试运行 naj (期望失败)
if $NAJ_CMD -l > /dev/null 2>&1; then
# 注意:naj -l 不需要 git 仓库,所以应该成功。
# 2. 尝试运行 gosh (期望失败)
if $GOSH_CMD -l > /dev/null 2>&1; then
# 注意:gosh -l 不需要 git 仓库,所以应该成功。
# 我们需要测 switch 或 exec这需要 git 上下文
echo " (naj list works, which is fine)"
echo " (gosh list works, which is fine)"
fi
echo "Attempting to switch profile..."
# 捕获输出
OUTPUT=$($NAJ_CMD testprofile 2>&1 || true)
OUTPUT=$($GOSH_CMD testprofile 2>&1 || true)
# 3. 验证结果
if echo "$OUTPUT" | grep -q "fatal: detected dubious ownership"; then
echo "✅ PASS: Naj propagated Git's security error."
echo "✅ PASS: Gosh propagated Git's security error."
echo " Git said: 'detected dubious ownership'"
echo " Naj refused to act."
echo " Gosh refused to act."
elif echo "$OUTPUT" | grep -q "Not a git repository"; then
echo "✅ PASS: Naj treated it as invalid (Git rev-parse failed)."
echo "✅ PASS: Gosh treated it as invalid (Git rev-parse failed)."
else
echo "❌ FAIL: Naj tried to execute! This is dangerous."
echo "❌ FAIL: Gosh tried to execute! This is dangerous."
echo "Output was: $OUTPUT"
exit 1
fi

2
src/cli.rs
View file

@ -1,7 +1,7 @@
use clap::{Parser, Args};
#[derive(Parser, Debug)]
#[command(name = "naj")]
#[command(name = "gosh")]
#[command(about = "Git Operations Shell", long_about = None)]
pub struct Cli {
#[command(flatten)]

30
src/config.rs
View file

@ -11,58 +11,58 @@ pub struct Strategies {
}
#[derive(Serialize, Deserialize, Debug)]
pub struct NajConfig {
pub struct GoshConfig {
pub strategies: Strategies,
pub profile_dir: String,
}
impl Default for NajConfig {
impl Default for GoshConfig {
fn default() -> Self {
NajConfig {
GoshConfig {
strategies: Strategies {
clone: "INCLUDE".to_string(),
switch: "include".to_string(),
},
profile_dir: "~/.config/naj/profiles".to_string(),
profile_dir: "~/.config/gosh/profiles".to_string(),
}
}
}
pub fn get_config_root() -> Result<PathBuf> {
if let Ok(path) = std::env::var("NAJ_CONFIG_PATH") {
if let Ok(path) = std::env::var("GOSH_CONFIG_PATH") {
return Ok(PathBuf::from(path));
}
let config_dir = dirs::config_dir().ok_or_else(|| anyhow::anyhow!("Could not find config directory"))?;
Ok(config_dir.join("naj"))
Ok(config_dir.join("gosh"))
}
pub fn load_config() -> Result<NajConfig> {
pub fn load_config() -> Result<GoshConfig> {
let root = get_config_root()?;
let config_path = root.join("naj.toml");
let config_path = root.join("gosh.toml");
if !config_path.exists() {
return initialize_config(&root, &config_path);
}
let content = fs::read_to_string(&config_path).context("Failed to read config file")?;
let config: NajConfig = toml::from_str(&content).context("Failed to parse config file")?;
let config: GoshConfig = toml::from_str(&content).context("Failed to parse config file")?;
Ok(config)
}
fn initialize_config(root: &Path, config_path: &Path) -> Result<NajConfig> {
fn initialize_config(root: &Path, config_path: &Path) -> Result<GoshConfig> {
// Ensure root exists
fs::create_dir_all(root).context("Failed to create config root")?;
// Determine default profile_dir based on environment to support testing isolation
let profile_dir_str = if let Ok(env_path) = std::env::var("NAJ_CONFIG_PATH") {
// If NAJ_CONFIG_PATH is set, default profile dir should be inside it for isolation
let profile_dir_str = if let Ok(env_path) = std::env::var("GOSH_CONFIG_PATH") {
// If GOSH_CONFIG_PATH is set, default profile dir should be inside it for isolation
let p = PathBuf::from(env_path).join("profiles");
// Use forward slashes for TOML consistency if possible, though PathBuf handles it.
// On Windows, replace backslashes to avoid escape issues in TOML string if not raw
// We'll just rely on to_string_lossy but be careful with escaping in the format macro
p.to_string_lossy().to_string()
} else {
"~/.config/naj/profiles".to_string()
"~/.config/gosh/profiles".to_string()
};
// Use toml serialization to ensure string is escaped properly?
@ -70,7 +70,7 @@ fn initialize_config(root: &Path, config_path: &Path) -> Result<NajConfig> {
// If path contains backslashes (Windows), we need to escape them for the TOML string literal: "C:\\Foo"
let escaped_profile_dir = profile_dir_str.replace("\\", "\\\\");
let generated_toml = format!(r#"# Naj Configuration
let generated_toml = format!(r#"# Gosh Configuration
profile_dir = "{}"
@ -85,6 +85,6 @@ switch = "include" # Soft strategy
let expanded_profile_dir = expand_path(&profile_dir_str)?;
fs::create_dir_all(&expanded_profile_dir).context("Failed to create profiles directory")?;
let config: NajConfig = toml::from_str(&generated_toml)?;
let config: GoshConfig = toml::from_str(&generated_toml)?;
Ok(config)
}

69
src/git.rs
View file

@ -1,4 +1,4 @@
use crate::config::NajConfig;
use crate::config::GoshConfig;
use crate::sanitizer;
use crate::utils::expand_path;
use anyhow::{Result, anyhow, Context};
@ -11,7 +11,7 @@ enum Action {
Switch,
}
pub fn run(config: &NajConfig, profile_id: &str, args: &[String], force: bool) -> Result<()> {
pub fn run(config: &GoshConfig, profile_id: &str, args: &[String], force: bool) -> Result<()> {
// Determine Action
let action = if args.is_empty() {
Action::Switch
@ -28,7 +28,7 @@ pub fn run(config: &NajConfig, profile_id: &str, args: &[String], force: bool) -
}
}
fn get_profile_path(config: &NajConfig, id: &str) -> Result<PathBuf> {
fn get_profile_path(config: &GoshConfig, id: &str) -> Result<PathBuf> {
let profile_dir = expand_path(&config.profile_dir)?;
let p = profile_dir.join(format!("{}.gitconfig", id));
if !p.exists() {
@ -38,7 +38,7 @@ fn get_profile_path(config: &NajConfig, id: &str) -> Result<PathBuf> {
}
fn is_mocking() -> bool {
std::env::var("NAJ_MOCKING").is_ok()
std::env::var("GOSH_MOCKING").is_ok()
}
fn run_command(cmd: &mut Command) -> Result<()> {
@ -70,7 +70,7 @@ fn run_command(cmd: &mut Command) -> Result<()> {
Ok(())
}
fn get_profile_dir(config: &NajConfig) -> Result<PathBuf> {
fn get_profile_dir(config: &GoshConfig) -> Result<PathBuf> {
expand_path(&config.profile_dir)
}
@ -90,27 +90,23 @@ fn clean_existing_profiles(profile_dir: &Path) -> Result<()> {
// Check if the path belongs to our profile directory
// We use string containment as a heuristic since paths might be canonicalized differently
// but typically we add absolute paths.
let is_naj_profile = val.contains(&profile_dir.to_string_lossy().to_string())
let is_gosh_profile = val.contains(&profile_dir.to_string_lossy().to_string())
|| (val.contains("/profiles/") && val.ends_with(".gitconfig"));
if is_naj_profile {
if is_gosh_profile {
let mut cmd = Command::new("git");
cmd.args(&["config", "--local", "--unset", "include.path", val]);
// We tolerate failure here (e.g. if key doesn't exist anymore for some reason)
if is_mocking() {
eprintln!("[DRY-RUN] {:?}", cmd);
} else {
let _ = cmd.output();
}
let _ = cmd.output();
}
}
Ok(())
}
fn run_exec(config: &NajConfig, profile_id: &str, args: &[String]) -> Result<()> {
fn run_exec(config: &GoshConfig, profile_id: &str, args: &[String]) -> Result<()> {
let profile_path = get_profile_path(config, profile_id)?;
let injections = sanitizer::BLIND_INJECTIONS;
let injections = sanitizer::get_blind_injections();
let mut cmd = Command::new("git");
@ -132,7 +128,7 @@ fn run_exec(config: &NajConfig, profile_id: &str, args: &[String]) -> Result<()>
run_command(&mut cmd)
}
fn run_switch(config: &NajConfig, profile_id: &str, force: bool) -> Result<()> {
fn run_switch(config: &GoshConfig, profile_id: &str, force: bool) -> Result<()> {
let status = Command::new("git")
.args(&["rev-parse", "--is-inside-work-tree"])
.stdout(std::process::Stdio::null())
@ -169,11 +165,7 @@ fn run_switch(config: &NajConfig, profile_id: &str, force: bool) -> Result<()> {
let mut cmd = Command::new("git");
cmd.args(&["config", "--remove-section", section]);
// Ignore errors
if is_mocking() {
eprintln!("[DRY-RUN] {:?}", cmd);
} else {
let _ = cmd.output();
}
let _ = cmd.output();
}
// Unset keys
@ -181,15 +173,11 @@ fn run_switch(config: &NajConfig, profile_id: &str, force: bool) -> Result<()> {
for key in keys {
let mut cmd = Command::new("git");
cmd.args(&["config", "--unset", key]);
if is_mocking() {
eprintln!("[DRY-RUN] {:?}", cmd);
} else {
let _ = cmd.output();
}
let _ = cmd.output();
}
}
// 0. Clean existing naj profiles
// 0. Clean existing gosh profiles
let profiles_dir = get_profile_dir(config)?;
clean_existing_profiles(&profiles_dir)?;
@ -200,12 +188,10 @@ fn run_switch(config: &NajConfig, profile_id: &str, force: bool) -> Result<()> {
run_command(&mut cmd)?;
println!("Switched to profile '{}'", profile_id);
warn_if_dirty_config(profile_id)?;
Ok(())
}
fn run_setup(config: &NajConfig, profile_id: &str, args: &[String]) -> Result<()> {
fn run_setup(config: &GoshConfig, profile_id: &str, args: &[String]) -> Result<()> {
// 1. Pass raw args to git (no injection)
let mut cmd = Command::new("git");
cmd.args(args);
@ -286,28 +272,3 @@ fn extract_basename(url: &str) -> PathBuf {
let path = Path::new(s);
path.file_name().map(|n| PathBuf::from(n)).unwrap_or_else(|| PathBuf::from("repo"))
}
fn warn_if_dirty_config(profile_id: &str) -> Result<()> {
let config_path = Path::new(".git/config");
if config_path.exists() {
let content = std::fs::read_to_string(config_path)?;
// Check for sections that typically contain identity or dangerous settings
// We look for [user], [author], [gpg] sections, or specific keys like sshCommand/gpgsign
let is_dirty = content.contains("[user]")
|| content.contains("[author]")
|| content.contains("[gpg]")
|| content.contains("sshCommand")
|| content.contains("gpgsign");
if is_dirty {
println!("\n⚠️ WARNING: Dirty Local Config Detected!");
println!(" Your .git/config contains hardcoded '[user]' or '[core]' settings.");
println!(" These settings (like signing keys) are merging with your profile");
println!(" and causing a \"Frankenstein Identity\".");
println!("");
println!(" 👉 Fix it: Run 'naj {} -f' to force clean.\n", profile_id);
}
}
Ok(())
}

12
src/manage.rs
View file

@ -2,15 +2,15 @@ use anyhow::{bail, Context, Result};
use std::fs;
use std::path::PathBuf;
use std::process::Command;
use crate::config::NajConfig;
use crate::config::GoshConfig;
use crate::utils::expand_path;
fn get_profile_path(config: &NajConfig, id: &str) -> Result<PathBuf> {
fn get_profile_path(config: &GoshConfig, id: &str) -> Result<PathBuf> {
let profile_dir = expand_path(&config.profile_dir)?;
Ok(profile_dir.join(format!("{}.gitconfig", id)))
}
pub fn create_profile(config: &NajConfig, name: &str, email: &str, id: &str) -> Result<()> {
pub fn create_profile(config: &GoshConfig, name: &str, email: &str, id: &str) -> Result<()> {
let file_path = get_profile_path(config, id)?;
if file_path.exists() {
@ -28,7 +28,7 @@ pub fn create_profile(config: &NajConfig, name: &str, email: &str, id: &str) ->
Ok(())
}
pub fn remove_profile(config: &NajConfig, id: &str) -> Result<()> {
pub fn remove_profile(config: &GoshConfig, id: &str) -> Result<()> {
let file_path = get_profile_path(config, id)?;
if !file_path.exists() {
@ -40,7 +40,7 @@ pub fn remove_profile(config: &NajConfig, id: &str) -> Result<()> {
Ok(())
}
pub fn edit_profile(config: &NajConfig, id: &str) -> Result<()> {
pub fn edit_profile(config: &GoshConfig, id: &str) -> Result<()> {
let file_path = get_profile_path(config, id)?;
if !file_path.exists() {
@ -60,7 +60,7 @@ pub fn edit_profile(config: &NajConfig, id: &str) -> Result<()> {
Ok(())
}
pub fn list_profiles(config: &NajConfig) -> Result<()> {
pub fn list_profiles(config: &GoshConfig) -> Result<()> {
let profile_dir = expand_path(&config.profile_dir)?;
if !profile_dir.exists() {

24
src/sanitizer.rs
View file

@ -7,14 +7,16 @@ pub const BLACKLIST_KEYS: &[&str] = &[
"http.cookieFile",
];
pub const BLIND_INJECTIONS: &[(&str, &str)] = &[
("user.name", ""),
("user.email", ""),
("user.signingkey", ""),
("core.sshCommand", ""),
("gpg.format", "openpgp"),
("gpg.ssh.program", "ssh-keygen"),
("gpg.program", "gpg"),
("commit.gpgsign", "false"),
("tag.gpgsign", "false"),
];
pub fn get_blind_injections() -> Vec<(&'static str, &'static str)> {
vec![
("user.name", ""),
("user.email", ""),
("user.signingkey", ""),
("core.sshCommand", ""),
("gpg.format", "openpgp"),
("gpg.ssh.program", "ssh-keygen"),
("gpg.program", "gpg"),
("commit.gpgsign", "false"),
("tag.gpgsign", "false"),
]
}

76
tests/integration_test.rs
View file

@ -7,15 +7,15 @@ fn test_config_initialization() -> Result<(), Box<dyn std::error::Error>> {
let temp_dir = TempDir::new()?;
let config_path = temp_dir.path().join("config");
// Run naj with NAJ_CONFIG_PATH set to temp dir
let mut cmd = Command::new(env!("CARGO_BIN_EXE_naj"));
cmd.env("NAJ_CONFIG_PATH", &config_path)
// Run gosh with GOSH_CONFIG_PATH set to temp dir
let mut cmd = Command::new(env!("CARGO_BIN_EXE_gosh"));
cmd.env("GOSH_CONFIG_PATH", &config_path)
.arg("-l") // Trigger config load using list flag (not positional "list" profile)
.assert()
.success();
// Verify config file exists
assert!(config_path.join("naj.toml").exists());
assert!(config_path.join("gosh.toml").exists());
assert!(config_path.join("profiles").exists());
Ok(())
@ -26,8 +26,8 @@ fn test_profile_creation_and_listing() -> Result<(), Box<dyn std::error::Error>>
let temp_dir = TempDir::new()?;
let config_path = temp_dir.path();
let mut cmd = Command::new(env!("CARGO_BIN_EXE_naj"));
cmd.env("NAJ_CONFIG_PATH", config_path)
let mut cmd = Command::new(env!("CARGO_BIN_EXE_gosh"));
cmd.env("GOSH_CONFIG_PATH", config_path)
.args(&["-c", "Test User", "test@example.com", "test_user"])
.assert()
.success();
@ -40,8 +40,8 @@ fn test_profile_creation_and_listing() -> Result<(), Box<dyn std::error::Error>>
assert!(content.contains("email = test@example.com"));
// Verify list
let mut cmd_list = Command::new(env!("CARGO_BIN_EXE_naj"));
cmd_list.env("NAJ_CONFIG_PATH", config_path)
let mut cmd_list = Command::new(env!("CARGO_BIN_EXE_gosh"));
cmd_list.env("GOSH_CONFIG_PATH", config_path)
.arg("-l")
.assert()
.success()
@ -56,15 +56,15 @@ fn test_duplicate_creation_failure() -> Result<(), Box<dyn std::error::Error>> {
let config_path = temp_dir.path();
// Create first
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", config_path)
.args(&["-c", "User", "u@e.com", "dup_test"])
.assert()
.success();
// Create duplicate
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", config_path)
.args(&["-c", "User2", "u2@e.com", "dup_test"])
.assert()
.failure(); // Should fail
@ -79,24 +79,24 @@ fn test_remove_profile() -> Result<(), Box<dyn std::error::Error>> {
let profile_path = config_path.join("profiles").join("rem_test.gitconfig");
// Create
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", config_path)
.args(&["-c", "User", "u@e.com", "rem_test"])
.assert()
.success();
assert!(profile_path.exists());
// Remove
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", config_path)
.args(&["-r", "rem_test"])
.assert()
.success();
assert!(!profile_path.exists());
// Remove non-existent
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", config_path)
.args(&["-r", "rem_test"])
.assert()
.failure();
@ -110,16 +110,16 @@ fn test_exec_dry_run_injection_strict() -> Result<(), Box<dyn std::error::Error>
let config_path = temp_dir.path();
// Create a profile first
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", config_path)
.args(&["-c", "Test", "test@e.com", "p1"])
.assert()
.success();
// Run exec with mocking
let mut cmd = Command::new(env!("CARGO_BIN_EXE_naj"));
cmd.env("NAJ_CONFIG_PATH", config_path)
.env("NAJ_MOCKING", "1")
let mut cmd = Command::new(env!("CARGO_BIN_EXE_gosh"));
cmd.env("GOSH_CONFIG_PATH", config_path)
.env("GOSH_MOCKING", "1")
.args(&["p1", "commit", "-m", "foo"])
.assert()
.success()
@ -150,15 +150,15 @@ fn test_switch_mode_persistent() -> Result<(), Box<dyn std::error::Error>> {
.output()?;
// Create profile
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", &config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", &config_path)
.args(&["-c", "Switch User", "s@e.com", "switch_test"])
.assert()
.success();
// Switch
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", &config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", &config_path)
.current_dir(&repo_dir)
.arg("switch_test")
.assert()
@ -197,15 +197,15 @@ fn test_switch_force_mode_sanitization() -> Result<(), Box<dyn std::error::Error
fs::write(&config_file, current_config)?;
// Create profile
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", &config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", &config_path)
.args(&["-c", "Force User", "f@e.com", "force_test"])
.assert()
.success();
// Force Switch
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", &config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", &config_path)
.current_dir(&repo_dir)
.args(&["force_test", "-f"])
.assert()
@ -240,22 +240,22 @@ fn test_setup_mode_local_clone() -> Result<(), Box<dyn std::error::Error>> {
// Git allows cloning an empty repo, so this is enough
// 2. Create Profile
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", &config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", &config_path)
.args(&["-c", "CloneUser", "c@e.com", "clone_test"])
.assert()
.success();
// 3. Run Naj Clone (Setup Mode)
// 3. Run Gosh Clone (Setup Mode)
// We clone from local source to a folder named "dest_repo"
// Naj should:
// Gosh should:
// a) Run git clone
// b) Infer directory is "dest_repo"
// c) Run switch logic on "dest_repo"
let dest_repo_name = "dest_repo";
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", &config_path)
Command::new(env!("CARGO_BIN_EXE_gosh"))
.env("GOSH_CONFIG_PATH", &config_path)
.current_dir(temp_dir.path()) // Execute in temp root
.args(&["clone_test", "clone", source_repo.to_str().unwrap(), dest_repo_name])
.assert()
@ -270,7 +270,7 @@ fn test_setup_mode_local_clone() -> Result<(), Box<dyn std::error::Error>> {
assert!(dest_git_config.exists(), "Cloned repo config should exist");
let content = fs::read_to_string(dest_git_config)?;
// Verify that naj automatically switched the profile after cloning
// Verify that gosh automatically switched the profile after cloning
assert!(content.contains("[include]"));
assert!(content.contains("clone_test.gitconfig"));

38
tests/test_force_mocking.rs
View file

@ -1,38 +0,0 @@
use assert_cmd::Command;
use std::fs;
use tempfile::TempDir;
#[test]
fn test_switch_force_mocking() -> Result<(), Box<dyn std::error::Error>> {
let temp_dir = TempDir::new()?;
let config_path = temp_dir.path().join("config");
let repo_dir = temp_dir.path().join("repo");
fs::create_dir_all(&repo_dir)?;
std::process::Command::new("git")
.arg("init")
.current_dir(&repo_dir)
.output()?;
// Create profile
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", &config_path)
.args(&["-c", "User", "u@e.com", "mock_test"])
.assert()
.success();
// Run force switch with mocking
Command::new(env!("CARGO_BIN_EXE_naj"))
.env("NAJ_CONFIG_PATH", &config_path)
.env("NAJ_MOCKING", "1")
.current_dir(&repo_dir)
.args(&["mock_test", "-f"])
.assert()
.success()
// Check for dry-run output of cleanup commands
.stderr(predicates::str::contains("config"))
.stderr(predicates::str::contains("--remove-section"))
.stderr(predicates::str::contains("user"));
Ok(())
}