From 3fd6ce4149d567c67009b0332ca76c0cd6f51055 Mon Sep 17 00:00:00 2001 From: DanConwayDev Date: Thu, 12 Feb 2026 12:36:23 +0000 Subject: refactor(grasp-audit): introduce SpecRef enum for type-safe spec references Replace string-based spec references with typed SpecRef enum for compile-time validation and better IDE support. TestResult::new() now accepts SpecRef enum plus a requirement description string for test-specific context. --- grasp-audit/src/result.rs | 43 +++-- grasp-audit/src/specs/grasp01/cors.rs | 43 ++--- .../src/specs/grasp01/event_acceptance_policy.rs | 45 ++--- grasp-audit/src/specs/grasp01/git_clone.rs | 43 ++--- grasp-audit/src/specs/grasp01/git_filter.rs | 37 ++-- grasp-audit/src/specs/grasp01/mod.rs | 4 +- grasp-audit/src/specs/grasp01/nip01_smoke.rs | 25 +-- grasp-audit/src/specs/grasp01/nip11_document.rs | 17 +- .../src/specs/grasp01/push_authorization.rs | 196 +++++++++++---------- .../src/specs/grasp01/repository_creation.rs | 29 +-- grasp-audit/src/specs/grasp01/spec_requirements.rs | 150 +++++++++++++--- 11 files changed, 388 insertions(+), 244 deletions(-) diff --git a/grasp-audit/src/result.rs b/grasp-audit/src/result.rs index ae3ef26..0c3ec08 100644 --- a/grasp-audit/src/result.rs +++ b/grasp-audit/src/result.rs @@ -1,6 +1,6 @@ //! Test result types -use crate::specs::grasp01::{get_sections, GRASP_01_REQUIREMENTS, GRASP_COMMIT_ID}; +use crate::specs::grasp01::{get_sections, SpecRef, GRASP_01_REQUIREMENTS, GRASP_COMMIT_ID}; use std::collections::BTreeMap; use std::time::{Duration, Instant}; @@ -68,10 +68,16 @@ pub struct TestResult { impl TestResult { /// Create a new test result - pub fn new(name: &str, spec_ref: &str, requirement: &str) -> Self { + /// + /// # Arguments + /// * `name` - Test name identifier + /// * `spec_ref` - Reference to the spec requirement being tested + /// * `requirement` - Human-readable description of what this test validates + /// (can be more specific than the general spec text) + pub fn new(name: &str, spec_ref: SpecRef, requirement: &str) -> Self { TestResult { name: name.to_string(), - spec_ref: spec_ref.to_string(), + spec_ref: spec_ref.spec_ref_string().to_string(), requirement: requirement.to_string(), passed: false, error: None, @@ -293,9 +299,13 @@ mod tests { #[tokio::test] async fn test_result_pass() { - let result = TestResult::new("test", "SPEC:1", "Must work") - .run(|| async { Ok(()) }) - .await; + let result = TestResult::new( + "test", + SpecRef::NostrRelayNip01Compliant, + "Test requirement", + ) + .run(|| async { Ok(()) }) + .await; assert!(result.passed); assert!(result.error.is_none()); @@ -303,9 +313,13 @@ mod tests { #[tokio::test] async fn test_result_fail() { - let result = TestResult::new("test", "SPEC:1", "Must work") - .run(|| async { Err("Failed".to_string()) }) - .await; + let result = TestResult::new( + "test", + SpecRef::NostrRelayNip01Compliant, + "Test requirement", + ) + .run(|| async { Err("Failed".to_string()) }) + .await; assert!(!result.passed); assert_eq!(result.error, Some("Failed".to_string())); @@ -315,8 +329,15 @@ mod tests { fn test_audit_result() { let mut audit = AuditResult::new("Test Spec"); - audit.add(TestResult::new("test1", "SPEC:1", "Req1").pass()); - audit.add(TestResult::new("test2", "SPEC:2", "Req2").fail("Error")); + audit.add(TestResult::new("test1", SpecRef::NostrRelayNip01Compliant, "Test 1").pass()); + audit.add( + TestResult::new( + "test2", + SpecRef::NostrRelayRejectMissingCloneRelays, + "Test 2", + ) + .fail("Error"), + ); assert_eq!(audit.total_count(), 2); assert_eq!(audit.passed_count(), 1); diff --git a/grasp-audit/src/specs/grasp01/cors.rs b/grasp-audit/src/specs/grasp01/cors.rs index f8b5f3b..eba9e42 100644 --- a/grasp-audit/src/specs/grasp01/cors.rs +++ b/grasp-audit/src/specs/grasp01/cors.rs @@ -14,6 +14,7 @@ //! cd grasp-audit && nix develop -c bash test-ngit-relay.sh --mode test //! ``` +use crate::specs::grasp01::SpecRef; use crate::{AuditClient, AuditResult, FixtureKind, TestContext, TestResult}; use nostr_sdk::prelude::*; @@ -44,7 +45,7 @@ impl CorsTests { pub async fn test_cors_allow_origin(_client: &AuditClient, relay_domain: &str) -> TestResult { TestResult::new( "cors_allow_origin", - "GRASP-01:git-http:cors:50", + SpecRef::CorsAllowOrigin, "Access-Control-Allow-Origin: * on all responses", ) .run(|| { @@ -90,7 +91,7 @@ impl CorsTests { pub async fn test_cors_allow_methods(_client: &AuditClient, relay_domain: &str) -> TestResult { TestResult::new( "cors_allow_methods", - "GRASP-01:git-http:cors:51", + SpecRef::CorsAllowMethods, "Access-Control-Allow-Methods: GET, POST on all responses", ) .run(|| { @@ -134,7 +135,7 @@ impl CorsTests { pub async fn test_cors_allow_headers(_client: &AuditClient, relay_domain: &str) -> TestResult { TestResult::new( "cors_allow_headers", - "GRASP-01:git-http:cors:52", + SpecRef::CorsAllowHeaders, "Access-Control-Allow-Headers: Content-Type on all responses", ) .run(|| { @@ -181,8 +182,8 @@ impl CorsTests { ) -> TestResult { TestResult::new( "cors_options_preflight", - "GRASP-01:git-http:cors:53", - "OPTIONS requests return 204 No Content", + SpecRef::CorsOptionsResponse, + "OPTIONS requests return 204 No Content with CORS headers", ) .run(|| { let relay_domain = relay_domain.to_string(); @@ -250,8 +251,8 @@ impl CorsTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01", - "CORS headers on real repository endpoint", + SpecRef::CorsAllowOrigin, + "CORS headers on real repository endpoints", ) .fail(format!("Failed to create repo fixture: {}", e)) } @@ -271,8 +272,8 @@ impl CorsTests { None => { return TestResult::new( test_name, - "GRASP-01", - "CORS headers on real repository endpoint", + SpecRef::CorsAllowOrigin, + "CORS headers on real repository endpoints", ) .fail("Repository announcement missing d tag") } @@ -283,8 +284,8 @@ impl CorsTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01", - "CORS headers on real repository endpoint", + SpecRef::CorsAllowOrigin, + "CORS headers on real repository endpoints", ) .fail(format!("Failed to convert pubkey to npub: {}", e)) } @@ -302,8 +303,8 @@ impl CorsTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01", - "CORS headers on real repository endpoint", + SpecRef::CorsAllowOrigin, + "CORS headers on real repository endpoints", ) .fail(format!("Failed to GET info/refs: {}", e)) } @@ -313,8 +314,8 @@ impl CorsTests { if let Err(e) = check_cors_allow_origin(&response, "info/refs") { return TestResult::new( test_name, - "GRASP-01", - "CORS headers on real repository endpoint", + SpecRef::CorsAllowOrigin, + "CORS headers on real repository endpoints", ) .fail(&e); } @@ -322,8 +323,8 @@ impl CorsTests { if let Err(e) = check_cors_allow_methods(&response, "info/refs") { return TestResult::new( test_name, - "GRASP-01", - "CORS headers on real repository endpoint", + SpecRef::CorsAllowMethods, + "CORS headers on real repository endpoints", ) .fail(&e); } @@ -331,16 +332,16 @@ impl CorsTests { if let Err(e) = check_cors_allow_headers(&response, "info/refs") { return TestResult::new( test_name, - "GRASP-01", - "CORS headers on real repository endpoint", + SpecRef::CorsAllowHeaders, + "CORS headers on real repository endpoints", ) .fail(&e); } TestResult::new( test_name, - "GRASP-01", - "CORS headers on real repository endpoint", + SpecRef::CorsAllowOrigin, + "CORS headers on real repository endpoints", ) .pass() } diff --git a/grasp-audit/src/specs/grasp01/event_acceptance_policy.rs b/grasp-audit/src/specs/grasp01/event_acceptance_policy.rs index 5b697d8..8259283 100644 --- a/grasp-audit/src/specs/grasp01/event_acceptance_policy.rs +++ b/grasp-audit/src/specs/grasp01/event_acceptance_policy.rs @@ -92,6 +92,7 @@ //! - Transitive tests verify multi-hop acceptance chains use crate::fixtures::{send_and_verify_accepted, send_and_verify_rejected}; +use crate::specs::grasp01::SpecRef; use crate::{AuditClient, AuditResult, FixtureKind, TestContext, TestResult}; use nostr_sdk::{Event, Filter, Kind, Tag, TagKind, Timestamp, ToBech32}; use std::time::Duration; @@ -148,8 +149,8 @@ impl EventAcceptancePolicyTests { pub async fn test_accept_valid_repo_announcement(client: &AuditClient) -> TestResult { TestResult::new( "accept_valid_repo_announcement", - "GRASP-01:nostr-relay:7", - "Accept valid repository announcements with service in clone and relays tags", + SpecRef::NostrRelayNip01Compliant, + "MUST accept repo announcements listing service in clone & relays tags", ) .run(|| async { // Create TestContext for mode-aware fixture management @@ -253,8 +254,8 @@ impl EventAcceptancePolicyTests { ) -> TestResult { TestResult::new( "reject_repo_announcement_missing_clone_tag", - "GRASP-01:nostr-relay:9", - "Reject repository announcements without service in clone tag", + SpecRef::NostrRelayRejectMissingCloneRelays, + "MUST reject announcements not listing service in clone tag", ) .run(|| async { // Get relay URL from client @@ -329,8 +330,8 @@ impl EventAcceptancePolicyTests { ) -> TestResult { TestResult::new( "reject_repo_announcement_missing_relays_tag", - "GRASP-01:nostr-relay:9", - "Reject repository announcements without service in relays tag", + SpecRef::NostrRelayRejectMissingCloneRelays, + "MUST reject announcements not listing service in relays tag", ) .run(|| async { // Get relay URL from client @@ -425,8 +426,8 @@ impl EventAcceptancePolicyTests { ) -> TestResult { TestResult::new( "accept_recursive_maintainer_announcement_without_service", - "GRASP-01:nostr-relay:9", - "Accept recursive maintainer announcement for chain discovery (even without GRASP server in clone)", + SpecRef::NostrRelayRejectMissingCloneRelays, + "MUST accept recursive maintainer announcements for chain discovery", ) .run(|| async { // Create TestContext for mode-aware fixture management @@ -593,7 +594,7 @@ impl EventAcceptancePolicyTests { pub async fn test_accept_issue_via_a_tag(client: &AuditClient) -> TestResult { TestResult::new( "accept_issue_via_a_tag", - "GRASP-01:nostr-relay:13", + SpecRef::NostrRelayMustAcceptTaggedEvents, "Accept issue referencing repo via 'a' tag", ) .run(|| async { @@ -628,7 +629,7 @@ impl EventAcceptancePolicyTests { pub async fn test_accept_comment_via_capital_a_tag(client: &AuditClient) -> TestResult { TestResult::new( "accept_comment_via_A_tag", - "GRASP-01:nostr-relay:13", + SpecRef::NostrRelayMustAcceptTaggedEvents, "Accept NIP-22 comment with root 'A' tag referencing repo", ) .run(|| async { @@ -681,8 +682,8 @@ impl EventAcceptancePolicyTests { pub async fn test_accept_kind1_via_q_tag(client: &AuditClient) -> TestResult { TestResult::new( "accept_kind1_via_q_tag", - "GRASP-01:nostr-relay:13", - "Accept kind 1 note quoting repo via 'q' tag", + SpecRef::NostrRelayMustAcceptTaggedEvents, + "Accept kind 1 text note quoting repo via 'q' tag", ) .run(|| async { // Create TestContext @@ -731,8 +732,8 @@ impl EventAcceptancePolicyTests { pub async fn test_accept_issue_quoting_issue_via_q(client: &AuditClient) -> TestResult { TestResult::new( "accept_issue_quoting_issue_via_q", - "GRASP-01:nostr-relay:13", - "Accept issue quoting accepted issue (transitive)", + SpecRef::NostrRelayMustAcceptTaggedEvents, + "Accept issue quoting another accepted issue (transitive)", ) .run(|| async { // Create TestContext @@ -777,7 +778,7 @@ impl EventAcceptancePolicyTests { pub async fn test_accept_comment_via_capital_e_tag(client: &AuditClient) -> TestResult { TestResult::new( "accept_comment_via_E_tag", - "GRASP-01:nostr-relay:13", + SpecRef::NostrRelayMustAcceptTaggedEvents, "Accept NIP-22 comment with root 'E' tag to accepted issue", ) .run(|| async { @@ -816,7 +817,7 @@ impl EventAcceptancePolicyTests { pub async fn test_accept_kind1_via_e_tag(client: &AuditClient) -> TestResult { TestResult::new( "accept_kind1_via_e_tag", - "GRASP-01:nostr-relay:13", + SpecRef::NostrRelayMustAcceptTaggedEvents, "Accept kind 1 reply via 'e' tag to accepted kind 1", ) .run(|| async { @@ -872,7 +873,7 @@ impl EventAcceptancePolicyTests { pub async fn test_accept_kind1_referenced_in_issue(client: &AuditClient) -> TestResult { TestResult::new( "accept_kind1_referenced_in_issue", - "GRASP-01:nostr-relay:13", + SpecRef::NostrRelayMustAcceptTaggedEvents, "Accept kind 1 referenced in accepted issue (forward ref)", ) .run(|| async { @@ -964,7 +965,7 @@ impl EventAcceptancePolicyTests { pub async fn test_accept_comment_referenced_in_comment(client: &AuditClient) -> TestResult { TestResult::new( "accept_comment_referenced_in_comment", - "GRASP-01:nostr-relay:13", + SpecRef::NostrRelayMustAcceptTaggedEvents, "Accept comment referenced in another accepted comment (forward ref)", ) .run(|| async { @@ -1025,7 +1026,7 @@ impl EventAcceptancePolicyTests { pub async fn test_accept_kind1_referenced_in_kind1(client: &AuditClient) -> TestResult { TestResult::new( "accept_kind1_referenced_in_kind1", - "GRASP-01:nostr-relay:13", + SpecRef::NostrRelayMustAcceptTaggedEvents, "Accept kind 1 referenced in another accepted kind 1 (forward ref)", ) .run(|| async { @@ -1083,7 +1084,7 @@ impl EventAcceptancePolicyTests { pub async fn test_reject_orphan_issue(client: &AuditClient) -> TestResult { TestResult::new( "reject_orphan_issue", - "GRASP-01:nostr-relay:18", + SpecRef::NostrRelayMayRejectSpamCuration, "Reject issue referencing unaccepted repo", ) .run(|| async { @@ -1110,7 +1111,7 @@ impl EventAcceptancePolicyTests { pub async fn test_reject_orphan_kind1(client: &AuditClient) -> TestResult { TestResult::new( "reject_orphan_kind1", - "GRASP-01:nostr-relay:18", + SpecRef::NostrRelayMayRejectSpamCuration, "Reject kind 1 with no repo references", ) .run(|| async { @@ -1139,7 +1140,7 @@ impl EventAcceptancePolicyTests { pub async fn test_reject_comment_quoting_other_repo(client: &AuditClient) -> TestResult { TestResult::new( "reject_comment_quoting_other_repo", - "GRASP-01:nostr-relay:18", + SpecRef::NostrRelayMayRejectSpamCuration, "Reject comment quoting unaccepted repo", ) .run(|| async { diff --git a/grasp-audit/src/specs/grasp01/git_clone.rs b/grasp-audit/src/specs/grasp01/git_clone.rs index e162558..fda472b 100644 --- a/grasp-audit/src/specs/grasp01/git_clone.rs +++ b/grasp-audit/src/specs/grasp01/git_clone.rs @@ -15,6 +15,7 @@ //! cd grasp-audit && nix develop -c bash test-ngit-relay.sh --mode test //! ``` +use crate::specs::grasp01::SpecRef; use crate::{AuditClient, FixtureKind, TestContext, TestResult}; use nostr_sdk::prelude::*; use std::fs; @@ -53,7 +54,7 @@ impl GitCloneTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Repository must be cloneable via Git HTTP backend", ) .fail(format!("Failed to create repo fixture: {}", e)) @@ -74,7 +75,7 @@ impl GitCloneTests { None => { return TestResult::new( test_name, - "GRASP-01", + SpecRef::GitServeRepository, "Repository must be cloneable via Git HTTP backend", ) .fail("Repository announcement missing d tag") @@ -86,7 +87,7 @@ impl GitCloneTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Repository must be cloneable via Git HTTP backend", ) .fail(format!("Failed to convert pubkey to npub: {}", e)) @@ -121,7 +122,7 @@ impl GitCloneTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Repository must be cloneable via Git HTTP backend", ) .fail(format!("Failed to execute git clone: {}", e)); @@ -133,7 +134,7 @@ impl GitCloneTests { let stderr = String::from_utf8_lossy(&output.stderr); return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Repository must be cloneable via Git HTTP backend", ) .fail(format!("Git clone failed: {}", stderr)); @@ -144,7 +145,7 @@ impl GitCloneTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Repository must be cloneable via Git HTTP backend", ) .fail("Cloned repository missing .git directory"); @@ -153,7 +154,7 @@ impl GitCloneTests { cleanup(); TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Repository must be cloneable via Git HTTP backend", ) .pass() @@ -175,7 +176,7 @@ impl GitCloneTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Clone URL must follow correct format", ) .fail(format!("Failed to create repo fixture: {}", e)) @@ -203,7 +204,7 @@ impl GitCloneTests { if !valid_url.contains(&npub) { return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Clone URL must follow correct format", ) .fail("URL missing npub"); @@ -212,7 +213,7 @@ impl GitCloneTests { if !valid_url.contains(&format!("{}.git", repo_id)) { return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Clone URL must follow correct format", ) .fail("URL missing repository identifier"); @@ -241,7 +242,7 @@ impl GitCloneTests { if output.status.success() { return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Clone URL must follow correct format", ) .fail("Invalid URL was accepted (should have been rejected)"); @@ -249,7 +250,7 @@ impl GitCloneTests { TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Clone URL must follow correct format", ) .pass() @@ -278,7 +279,7 @@ impl GitCloneTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include allow-reachable-sha1-in-want and allow-tip-sha1-in-want in advertisement", ) .fail(format!("Failed to create repo fixture: {}", e)) @@ -299,7 +300,7 @@ impl GitCloneTests { None => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include allow-reachable-sha1-in-want and allow-tip-sha1-in-want in advertisement", ) .fail("Repository announcement missing d tag") @@ -311,7 +312,7 @@ impl GitCloneTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include allow-reachable-sha1-in-want and allow-tip-sha1-in-want in advertisement", ) .fail(format!("Failed to convert pubkey to npub: {}", e)) @@ -331,7 +332,7 @@ impl GitCloneTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include allow-reachable-sha1-in-want and allow-tip-sha1-in-want in advertisement", ) .fail(format!("HTTP request failed: {}", e)) @@ -341,7 +342,7 @@ impl GitCloneTests { if !response.status().is_success() { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include allow-reachable-sha1-in-want and allow-tip-sha1-in-want in advertisement", ) .fail(format!( @@ -356,7 +357,7 @@ impl GitCloneTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include allow-reachable-sha1-in-want and allow-tip-sha1-in-want in advertisement", ) .fail(format!("Failed to read response body: {}", e)) @@ -370,7 +371,7 @@ impl GitCloneTests { if !has_allow_reachable { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include allow-reachable-sha1-in-want and allow-tip-sha1-in-want in advertisement", ) .fail("Missing capability: allow-reachable-sha1-in-want"); @@ -379,7 +380,7 @@ impl GitCloneTests { if !has_allow_tip { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include allow-reachable-sha1-in-want and allow-tip-sha1-in-want in advertisement", ) .fail("Missing capability: allow-tip-sha1-in-want"); @@ -387,7 +388,7 @@ impl GitCloneTests { TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include allow-reachable-sha1-in-want and allow-tip-sha1-in-want in advertisement", ) .pass() diff --git a/grasp-audit/src/specs/grasp01/git_filter.rs b/grasp-audit/src/specs/grasp01/git_filter.rs index 21bab0a..7f203a2 100644 --- a/grasp-audit/src/specs/grasp01/git_filter.rs +++ b/grasp-audit/src/specs/grasp01/git_filter.rs @@ -22,6 +22,7 @@ //! cd grasp-audit && nix develop -c bash test-ngit-relay.sh --mode test //! ``` +use crate::specs::grasp01::SpecRef; use crate::{AuditClient, FixtureKind, TestContext, TestResult}; use nostr_sdk::prelude::*; use std::fs; @@ -66,7 +67,7 @@ impl GitFilterTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include uploadpack.allowFilter in advertisement", ) .fail(format!("Failed to create repo fixture: {}", e)) @@ -87,7 +88,7 @@ impl GitFilterTests { None => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include uploadpack.allowFilter in advertisement", ) .fail("Repository announcement missing d tag") @@ -99,7 +100,7 @@ impl GitFilterTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include uploadpack.allowFilter in advertisement", ) .fail(format!("Failed to convert pubkey to npub: {}", e)) @@ -119,7 +120,7 @@ impl GitFilterTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include uploadpack.allowFilter in advertisement", ) .fail(format!("HTTP request failed: {}", e)) @@ -129,7 +130,7 @@ impl GitFilterTests { if !response.status().is_success() { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include uploadpack.allowFilter in advertisement", ) .fail(format!( @@ -144,7 +145,7 @@ impl GitFilterTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include uploadpack.allowFilter in advertisement", ) .fail(format!("Failed to read response body: {}", e)) @@ -155,7 +156,7 @@ impl GitFilterTests { if !body.contains("filter") { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include uploadpack.allowFilter in advertisement", ) .fail("Missing capability: filter"); @@ -163,7 +164,7 @@ impl GitFilterTests { TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST include uploadpack.allowFilter in advertisement", ) .pass() @@ -189,7 +190,7 @@ impl GitFilterTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST serve filtered clone requests", ) .fail(format!("Failed to create repo fixture: {}", e)) @@ -243,7 +244,7 @@ impl GitFilterTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST serve filtered clone requests", ) .fail(format!("Failed to execute git clone: {}", e)); @@ -255,7 +256,7 @@ impl GitFilterTests { let stderr = String::from_utf8_lossy(&output.stderr); return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST serve filtered clone requests", ) .fail(format!("Filtered git clone failed: {}", stderr)); @@ -266,7 +267,7 @@ impl GitFilterTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST serve filtered clone requests", ) .fail("Filtered clone missing .git directory"); @@ -275,7 +276,7 @@ impl GitFilterTests { cleanup(); TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST serve filtered clone requests", ) .pass() @@ -300,7 +301,7 @@ impl GitFilterTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST serve filtered fetch requests", ) .fail(format!("Failed to create repo fixture: {}", e)) @@ -352,7 +353,7 @@ impl GitFilterTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST serve filtered fetch requests", ) .fail("Failed to create initial shallow clone for fetch test"); @@ -371,7 +372,7 @@ impl GitFilterTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST serve filtered fetch requests", ) .fail(format!("Failed to execute git fetch: {}", e)); @@ -383,7 +384,7 @@ impl GitFilterTests { let stderr = String::from_utf8_lossy(&output.stderr); return TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST serve filtered fetch requests", ) .fail(format!("Filtered git fetch failed: {}", stderr)); @@ -392,7 +393,7 @@ impl GitFilterTests { cleanup(); TestResult::new( test_name, - "GRASP-01:git-http:42", + SpecRef::GitIncludeAllowSha1InWant, "MUST serve filtered fetch requests", ) .pass() diff --git a/grasp-audit/src/specs/grasp01/mod.rs b/grasp-audit/src/specs/grasp01/mod.rs index 0a819ee..125594c 100644 --- a/grasp-audit/src/specs/grasp01/mod.rs +++ b/grasp-audit/src/specs/grasp01/mod.rs @@ -32,6 +32,6 @@ pub use nip11_document::Nip11DocumentTests; pub use push_authorization::PushAuthorizationTests; pub use repository_creation::RepositoryCreationTests; pub use spec_requirements::{ - get_requirement, get_requirements_for_section, get_sections, RequirementLevel, SpecRequirement, - GRASP_01_REQUIREMENTS, GRASP_COMMIT_ID, + get_requirement, get_requirement_by_ref, get_requirements_for_section, get_sections, + RequirementLevel, SpecRef, SpecRequirement, GRASP_01_REQUIREMENTS, GRASP_COMMIT_ID, }; diff --git a/grasp-audit/src/specs/grasp01/nip01_smoke.rs b/grasp-audit/src/specs/grasp01/nip01_smoke.rs index 4d0b8a4..5976252 100644 --- a/grasp-audit/src/specs/grasp01/nip01_smoke.rs +++ b/grasp-audit/src/specs/grasp01/nip01_smoke.rs @@ -4,6 +4,7 @@ //! We don't comprehensively test NIP-01 because rust-nostr already has 1000+ tests. //! These are just smoke tests to ensure the relay is working at all. +use crate::specs::grasp01::SpecRef; use crate::{AuditClient, AuditResult, FixtureKind, TestContext, TestResult}; use nostr_sdk::prelude::*; @@ -32,8 +33,8 @@ impl Nip01SmokeTests { pub async fn test_websocket_connection(client: &AuditClient) -> TestResult { TestResult::new( "websocket_connection", - "GRASP-01:nostr-relay:7", - "Can establish WebSocket connection to /", + SpecRef::NostrRelayNip01Compliant, + "MUST serve a relay at / via WebSocket", ) .run(|| async { if !client.is_connected().await { @@ -61,8 +62,8 @@ impl Nip01SmokeTests { pub async fn test_send_receive_event(client: &AuditClient) -> TestResult { TestResult::new( "send_receive_event", - "GRASP-01:nostr-relay:7", - "Can send EVENT and receive OK response", + SpecRef::NostrRelayNip01Compliant, + "MUST accept valid EVENT messages", ) .run(|| async { // Step 1: GENERATE - Create TestContext and get ValidRepo fixture @@ -127,8 +128,8 @@ impl Nip01SmokeTests { pub async fn test_create_subscription(client: &AuditClient) -> TestResult { TestResult::new( "create_subscription", - "GRASP-01:nostr-relay:7", - "Can create subscription with REQ and receive EOSE", + SpecRef::NostrRelayNip01Compliant, + "MUST support REQ subscriptions", ) .run(|| async { // Step 1: GENERATE - Create TestContext and get ValidRepo fixture @@ -165,8 +166,8 @@ impl Nip01SmokeTests { pub async fn test_close_subscription(client: &AuditClient) -> TestResult { TestResult::new( "close_subscription", - "GRASP-01:nostr-relay:7", - "Can close subscriptions", + SpecRef::NostrRelayNip01Compliant, + "MUST support CLOSE to end subscriptions", ) .run(|| async { // For now, we just verify we can query events @@ -193,8 +194,8 @@ impl Nip01SmokeTests { pub async fn test_reject_invalid_signature(client: &AuditClient) -> TestResult { TestResult::new( "reject_invalid_signature", - "GRASP-01:nostr-relay:7", - "Rejects events with invalid signatures", + SpecRef::NostrRelayNip01Compliant, + "MUST reject events with invalid signatures", ) .run(|| async { // Create a valid event @@ -247,8 +248,8 @@ impl Nip01SmokeTests { pub async fn test_reject_invalid_event_id(client: &AuditClient) -> TestResult { TestResult::new( "reject_invalid_event_id", - "GRASP-01:nostr-relay:7", - "Rejects events with invalid event IDs", + SpecRef::NostrRelayNip01Compliant, + "MUST reject events where ID doesn't match hash", ) .run(|| async { // Create a valid event diff --git a/grasp-audit/src/specs/grasp01/nip11_document.rs b/grasp-audit/src/specs/grasp01/nip11_document.rs index 19ceace..5bf53bd 100644 --- a/grasp-audit/src/specs/grasp01/nip11_document.rs +++ b/grasp-audit/src/specs/grasp01/nip11_document.rs @@ -8,6 +8,7 @@ //! - Includes repo_acceptance_criteria field describing acceptance policy //! - Handles curation field correctly (present if curated, absent otherwise) +use crate::specs::grasp01::SpecRef; use crate::{AuditClient, AuditResult, TestResult}; pub struct Nip11DocumentTests; @@ -37,8 +38,8 @@ impl Nip11DocumentTests { pub async fn test_nip11_document_exists(client: &AuditClient) -> TestResult { TestResult::new( "nip11_document_exists", - "GRASP-01:nostr-relay:26", - "Serve NIP-11 relay information document", + SpecRef::Nip11ServeDocument, + "MUST serve NIP-11 document", ) .run(|| async { // 1. Extract HTTP(S) URL from client's WebSocket URL @@ -96,8 +97,8 @@ impl Nip11DocumentTests { pub async fn test_nip11_supported_grasps_field(client: &AuditClient) -> TestResult { TestResult::new( "nip11_supported_grasps_field", - "GRASP-01:nostr-relay:28", - "NIP-11 document includes supported_grasps field with GRASP-01", + SpecRef::Nip11ListSupportedGrasps, + "MUST list supported GRASPs as string array", ) .run(|| async { // 1. Fetch NIP-11 document @@ -172,8 +173,8 @@ impl Nip11DocumentTests { pub async fn test_nip11_repo_acceptance_criteria_field(client: &AuditClient) -> TestResult { TestResult::new( "nip11_repo_acceptance_criteria_field", - "GRASP-01:nostr-relay:29", - "NIP-11 document includes repo_acceptance_criteria field", + SpecRef::Nip11ListRepoAcceptanceCriteria, + "MUST list repository acceptance criteria", ) .run(|| async { // 1. Fetch NIP-11 document @@ -227,8 +228,8 @@ impl Nip11DocumentTests { pub async fn test_nip11_curation_field(client: &AuditClient) -> TestResult { TestResult::new( "nip11_curation_field", - "GRASP-01:nostr-relay:30", - "NIP-11 curation field present if curated, absent otherwise", + SpecRef::Nip11ListCurationPolicy, + "MUST include curation if curated, omit otherwise", ) .run(|| async { // 1. Fetch NIP-11 document diff --git a/grasp-audit/src/specs/grasp01/push_authorization.rs b/grasp-audit/src/specs/grasp01/push_authorization.rs index 677af89..be354a0 100644 --- a/grasp-audit/src/specs/grasp01/push_authorization.rs +++ b/grasp-audit/src/specs/grasp01/push_authorization.rs @@ -31,6 +31,7 @@ #[allow(dead_code)] const PR_TEST_COMMIT_HASH: &str = "5d40fb1555a0c28bf4d650515a73aaa54d4d9bfb"; +use crate::specs::grasp01::SpecRef; use crate::{ clone_repo, create_commit, create_deterministic_commit_with_variant, try_push, try_push_to_ref, AuditClient, CommitVariant, FixtureKind, TestContext, TestResult, @@ -411,7 +412,7 @@ impl PushAuthorizationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected without state event", ) .fail(format!("Failed to create repo: {}", e)) @@ -435,7 +436,7 @@ impl PushAuthorizationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected without state event", ) .fail(&e) @@ -449,7 +450,7 @@ impl PushAuthorizationTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected without state event", ) .fail(&e); @@ -462,19 +463,19 @@ impl PushAuthorizationTests { match push_result { Ok(false) => TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected without state event", ) .pass(), Ok(true) => TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected without state event", ) .fail("Push accepted but should be rejected"), Err(e) => TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected without state event", ) .fail(&e), @@ -507,13 +508,13 @@ impl PushAuthorizationTests { match ctx.get_fixture(FixtureKind::OwnerStateDataPushed).await { Ok(_state_event) => TestResult::new( test_name, - "GRASP-01:git-http:36", // TODO do we add purgatory line here? + SpecRef::GitAcceptPushesAlignState, "Push authorized with matching state", ) .pass(), Err(e) => TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push authorized with matching state", ) .fail(format!("{}", e)), @@ -555,7 +556,7 @@ impl PushAuthorizationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected when commit not in state event", ) .fail(format!("Failed to create RepoState fixture: {}", e)); @@ -575,7 +576,7 @@ impl PushAuthorizationTests { None => { return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected when commit not in state event", ) .fail("Missing repo_id in state event"); @@ -587,7 +588,7 @@ impl PushAuthorizationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected when commit not in state event", ) .fail(format!("Failed to convert pubkey to bech32: {}", e)); @@ -603,7 +604,7 @@ impl PushAuthorizationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected when commit not in state event", ) .fail(format!("Failed to clone repo: {}", e)); @@ -626,7 +627,7 @@ impl PushAuthorizationTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected when commit not in state event", ) .fail(format!("Failed to create/checkout main branch: {}", e)); @@ -635,7 +636,7 @@ impl PushAuthorizationTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected when commit not in state event", ) .fail(format!( @@ -652,7 +653,7 @@ impl PushAuthorizationTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push rejected when commit not in state event", ) .fail(format!("Failed to create wrong commit: {}", e)); @@ -666,10 +667,10 @@ impl PushAuthorizationTests { cleanup(); match push_result { - Ok(false) => TestResult::new(test_name, "GRASP-01:git-http:36", "Push rejected when commit not in state event").pass(), - Ok(true) => TestResult::new(test_name, "GRASP-01:git-http:36", "Push rejected when commit not in state event") + Ok(false) => TestResult::new(test_name, SpecRef::GitAcceptPushesAlignState, "Push rejected when commit not in state event").pass(), + Ok(true) => TestResult::new(test_name, SpecRef::GitAcceptPushesAlignState, "Push rejected when commit not in state event") .fail("Push accepted but should be rejected. The pushed commit is not in the state event."), - Err(e) => TestResult::new(test_name, "GRASP-01:git-http:36", "Push rejected when commit not in state event").fail(&e), + Err(e) => TestResult::new(test_name, SpecRef::GitAcceptPushesAlignState, "Push rejected when commit not in state event").fail(&e), } } @@ -704,13 +705,13 @@ impl PushAuthorizationTests { { Ok(_maintainer_state_event) => TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push authorized by maintainer state event only (no announcement)", ) .pass(), Err(e) => TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push authorized by maintainer state event only (no announcement)", ) .fail(format!("{}", e)), @@ -747,13 +748,13 @@ impl PushAuthorizationTests { { Ok(_recursive_maintainer_state_event) => TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push authorized by recursive maintainer state event", ) .pass(), Err(e) => TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Push authorized by recursive maintainer state event", ) .fail(format!("{}", e)), @@ -797,7 +798,7 @@ impl PushAuthorizationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Non-maintainer state events ignored", ) .fail(format!("Failed to get OwnerStateDataPushed fixture: {}", e)); @@ -815,7 +816,7 @@ impl PushAuthorizationTests { None => { return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Non-maintainer state events ignored", ) .fail("Missing repo_id in state event"); @@ -827,7 +828,7 @@ impl PushAuthorizationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Non-maintainer state events ignored", ) .fail(format!("Failed to convert pubkey to bech32: {}", e)); @@ -842,7 +843,7 @@ impl PushAuthorizationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Non-maintainer state events ignored", ) .fail(format!("Failed to clone repo: {}", e)); @@ -864,7 +865,7 @@ impl PushAuthorizationTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Non-maintainer state events ignored", ) .fail(format!("Failed to create commit: {}", e)); @@ -890,7 +891,7 @@ impl PushAuthorizationTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Non-maintainer state events ignored", ) .fail(format!("Failed to build rogue state event: {}", e)); @@ -902,7 +903,7 @@ impl PushAuthorizationTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:36", + SpecRef::GitAcceptPushesAlignState, "Non-maintainer state events ignored", ) .fail(format!("Failed to send rogue state event: {}", e)); @@ -919,8 +920,8 @@ impl PushAuthorizationTests { cleanup(); match push_result { - Ok(false) => TestResult::new(test_name, "GRASP-01:git-http:36", "Non-maintainer state events ignored").pass(), - Ok(true) => TestResult::new(test_name, "GRASP-01:git-http:36", "Non-maintainer state events ignored") + Ok(false) => TestResult::new(test_name, SpecRef::GitAcceptPushesAlignState, "Non-maintainer state events ignored").pass(), + Ok(true) => TestResult::new(test_name, SpecRef::GitAcceptPushesAlignState, "Non-maintainer state events ignored") .fail(format!( "Push accepted but should be rejected. A non-maintainer (pubkey: {}) published \ a state event announcing commit {}, but the push was accepted. The relay should \ @@ -929,7 +930,7 @@ impl PushAuthorizationTests { new_commit, client.public_key() )), - Err(e) => TestResult::new(test_name, "GRASP-01:git-http:36", "Non-maintainer state events ignored").fail(&e), + Err(e) => TestResult::new(test_name, SpecRef::GitAcceptPushesAlignState, "Non-maintainer state events ignored").fail(&e), } } @@ -960,7 +961,7 @@ impl PushAuthorizationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:40", + SpecRef::GitAcceptRefsNostrEventId, "Push to refs/nostr/ rejected", ) .fail(format!("Failed to create repo: {}", e)); @@ -986,7 +987,7 @@ impl PushAuthorizationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:40", + SpecRef::GitAcceptRefsNostrEventId, "Push to refs/nostr/ rejected", ) .fail(&e); @@ -1001,7 +1002,7 @@ impl PushAuthorizationTests { cleanup(); return TestResult::new( test_name, - "GRASP-01:git-http:40", + SpecRef::GitAcceptRefsNostrEventId, "Push to refs/nostr/ rejected", ) .fail(&e); @@ -1020,13 +1021,13 @@ impl PushAuthorizationTests { match push_result { Ok(false) => TestResult::new( test_name, - "GRASP-01:git-http:40", + SpecRef::GitAcceptRefsNostrEventId, "Push to refs/nostr/ rejected", ) .pass(), Ok(true) => TestResult::new( test_name, - "GRASP-01:git-http:40", + SpecRef::GitAcceptRefsNostrEventId, "Push to refs/nostr/ rejected", ) .fail(format!( @@ -1037,7 +1038,7 @@ impl PushAuthorizationTests { )), Err(e) => TestResult::new( test_name, - "GRASP-01:git-http:40", + SpecRef::GitAcceptRefsNostrEventId, "Push to refs/nostr/ rejected", ) .fail(format!("Push error: {}", e)), @@ -1071,10 +1072,11 @@ impl PushAuthorizationTests { .get_fixture(FixtureKind::PRWrongCommitPushedBeforeEvent) .await { - Ok(_pr_event) => TestResult::new(test_name, "GRASP-01:git-http:40", desc).pass(), - Err(e) => { - TestResult::new(test_name, "GRASP-01:git-http:40", desc).fail(format!("{}", e)) + Ok(_pr_event) => { + TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc).pass() } + Err(e) => TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) + .fail(format!("{}", e)), } } @@ -1100,7 +1102,7 @@ impl PushAuthorizationTests { { Ok(e) => e, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail(format!("{}", e)); } }; @@ -1111,7 +1113,7 @@ impl PushAuthorizationTests { let repo = match ctx.get_fixture(FixtureKind::ValidRepo).await { Ok(r) => r, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail(format!("{}", e)); } }; @@ -1127,7 +1129,7 @@ impl PushAuthorizationTests { let owner_npub = match repo.pubkey.to_bech32() { Ok(n) => n, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail(format!("Failed to get owner npub: {}", e)); } }; @@ -1136,7 +1138,8 @@ impl PushAuthorizationTests { let clone_path = match clone_repo(relay_domain, &owner_npub, &repo_id) { Ok(p) => p, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc).fail(&e); + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) + .fail(&e); } }; @@ -1146,7 +1149,8 @@ impl PushAuthorizationTests { Ok(exists) => exists, Err(e) => { let _ = fs::remove_dir_all(&clone_path); - return TestResult::new(test_name, "GRASP-01:git-http:40", desc).fail(&e); + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) + .fail(&e); } }; @@ -1154,13 +1158,13 @@ impl PushAuthorizationTests { // Ref should be deleted since the pushed commit doesn't match the PR event's `c` tag if refs_exist { - TestResult::new(test_name, "GRASP-01:git-http:40", desc).fail(format!( + TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc).fail(format!( "Expected refs/nostr/{} to be deleted when PR event published with non-matching commit, \ but the ref still exists. The relay should delete refs that don't match the event's `c` tag.", pr_event_id )) } else { - TestResult::new(test_name, "GRASP-01:git-http:40", desc).pass() + TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc).pass() } } @@ -1186,7 +1190,7 @@ impl PushAuthorizationTests { { Ok(e) => e, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail(format!("{}", e)); } }; @@ -1197,7 +1201,7 @@ impl PushAuthorizationTests { let repo = match ctx.get_fixture(FixtureKind::ValidRepo).await { Ok(r) => r, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail(format!("{}", e)); } }; @@ -1213,7 +1217,7 @@ impl PushAuthorizationTests { let owner_npub = match repo.pubkey.to_bech32() { Ok(n) => n, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail(format!("Failed to get owner npub: {}", e)); } }; @@ -1222,7 +1226,8 @@ impl PushAuthorizationTests { let clone_path = match clone_repo(relay_domain, &owner_npub, &repo_id) { Ok(p) => p, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc).fail(&e); + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) + .fail(&e); } }; @@ -1230,7 +1235,7 @@ impl PushAuthorizationTests { if let Err(e) = create_deterministic_commit_with_variant(&clone_path, CommitVariant::Owner) { let _ = fs::remove_dir_all(&clone_path); - return TestResult::new(test_name, "GRASP-01:git-http:40", desc).fail(&e); + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc).fail(&e); } // Try to push with wrong commit (should be rejected since PR event exists) @@ -1238,7 +1243,8 @@ impl PushAuthorizationTests { Ok(success) => success, Err(e) => { let _ = fs::remove_dir_all(&clone_path); - return TestResult::new(test_name, "GRASP-01:git-http:40", desc).fail(&e); + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) + .fail(&e); } }; @@ -1246,11 +1252,11 @@ impl PushAuthorizationTests { // Should REJECT - PR event exists with different commit hash if push_succeeded { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail("Push accepted (expected rejection due to commit hash mismatch)"); } - TestResult::new(test_name, "GRASP-01:git-http:40", desc).pass() + TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc).pass() } /// Test 4: Push correct commit to refs/nostr/ AFTER PR event exists @@ -1275,7 +1281,7 @@ impl PushAuthorizationTests { { Ok(e) => e, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail(format!("{}", e)); } }; @@ -1286,7 +1292,7 @@ impl PushAuthorizationTests { let repo = match ctx.get_fixture(FixtureKind::ValidRepo).await { Ok(r) => r, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail(format!("{}", e)); } }; @@ -1302,7 +1308,7 @@ impl PushAuthorizationTests { let owner_npub = match repo.pubkey.to_bech32() { Ok(n) => n, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail(format!("Failed to get owner npub: {}", e)); } }; @@ -1311,26 +1317,27 @@ impl PushAuthorizationTests { let clone_path = match clone_repo(relay_domain, &owner_npub, &repo_id) { Ok(p) => p, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc).fail(&e); + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) + .fail(&e); } }; // Create the CORRECT PR test commit (the one expected by PR event) if let Err(e) = reset_to_correct_pr_commit(&clone_path) { let _ = fs::remove_dir_all(&clone_path); - return TestResult::new(test_name, "GRASP-01:git-http:40", desc).fail(&e); + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc).fail(&e); } // Check event is not yet served by relay (still in purgatory) match client.is_event_on_relay(pr_event.id).await { Ok(on_relay) => { if on_relay { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail("PR event not in purgatory before correct commit pushed to refs/nostr/ (the relay serve the PR event)"); } } Err(_) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail("failed to query relay"); } } @@ -1340,7 +1347,8 @@ impl PushAuthorizationTests { Ok(success) => success, Err(e) => { let _ = fs::remove_dir_all(&clone_path); - return TestResult::new(test_name, "GRASP-01:git-http:40", desc).fail(&e); + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) + .fail(&e); } }; @@ -1348,7 +1356,7 @@ impl PushAuthorizationTests { // Should ACCEPT - commit matches PR event's c tag if !push_succeeded { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail("Push rejected (expected acceptance since commit matches PR event)"); } @@ -1361,17 +1369,17 @@ impl PushAuthorizationTests { match client.is_event_on_relay(pr_event.id).await { Ok(on_relay) => { if !on_relay { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail("PR event not served after correct commit at refs/nostr/"); } } Err(_) => { - return TestResult::new(test_name, "GRASP-01:git-http:40", desc) + return TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc) .fail("failed to query relay"); } } - TestResult::new(test_name, "GRASP-01:git-http:40", desc).pass() + TestResult::new(test_name, SpecRef::GitAcceptRefsNostrEventId, desc).pass() } /// Test that HEAD is set after a state event is published with an existing commit @@ -1408,10 +1416,9 @@ impl PushAuthorizationTests { { Ok(e) => e, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc).fail(format!( - "Failed to create HeadSetToDevelopBranch fixture: {}", - e - )); + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc).fail( + format!("Failed to create HeadSetToDevelopBranch fixture: {}", e), + ); } }; @@ -1421,7 +1428,7 @@ impl PushAuthorizationTests { let valid_repo = match ctx.get_fixture(FixtureKind::ValidRepo).await { Ok(e) => e, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to get ValidRepo fixture: {}", e)); } }; @@ -1434,7 +1441,7 @@ impl PushAuthorizationTests { { Some(id) => id.to_string(), None => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail("Missing repo_id in ValidRepo"); } }; @@ -1442,7 +1449,7 @@ impl PushAuthorizationTests { let npub = match valid_repo.pubkey.to_bech32() { Ok(n) => n, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to convert pubkey to bech32: {}", e)); } }; @@ -1454,16 +1461,16 @@ impl PushAuthorizationTests { match get_default_branch_from_info_refs(relay_domain, &npub, &repo_id).await { Ok(branch) => branch, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to get default branch: {}", e)); } }; // Verify HEAD points to refs/heads/develop if default_branch == "refs/heads/develop" { - TestResult::new(test_name, "GRASP-01:git-http:38", desc).pass() + TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc).pass() } else { - TestResult::new(test_name, "GRASP-01:git-http:38", desc).fail(format!( + TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc).fail(format!( "Expected HEAD to point to 'refs/heads/develop' but got '{}'. \ GRASP-01 requires: 'MUST set repository HEAD per repository state announcement \ as soon as the git data related to that branch has been received.'", @@ -1512,10 +1519,9 @@ impl PushAuthorizationTests { let _develop_state = match ctx.get_fixture(FixtureKind::HeadSetToDevelopBranch).await { Ok(e) => e, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc).fail(format!( - "Failed to create HeadSetToDevelopBranch fixture: {}", - e - )); + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc).fail( + format!("Failed to create HeadSetToDevelopBranch fixture: {}", e), + ); } }; @@ -1525,7 +1531,7 @@ impl PushAuthorizationTests { let valid_repo = match ctx.get_fixture(FixtureKind::ValidRepo).await { Ok(e) => e, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to get ValidRepo fixture: {}", e)); } }; @@ -1538,7 +1544,7 @@ impl PushAuthorizationTests { { Some(id) => id.to_string(), None => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail("Missing repo_id in ValidRepo"); } }; @@ -1546,7 +1552,7 @@ impl PushAuthorizationTests { let npub = match valid_repo.pubkey.to_bech32() { Ok(n) => n, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to convert pubkey to bech32: {}", e)); } }; @@ -1557,7 +1563,7 @@ impl PushAuthorizationTests { let clone_path = match clone_repo(relay_domain, &npub, &repo_id) { Ok(path) => path, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to clone repo: {}", e)); } }; @@ -1572,7 +1578,7 @@ impl PushAuthorizationTests { if let Err(e) = output { let _ = fs::remove_dir_all(&clone_path); - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to create develop1 branch: {}", e)); } @@ -1581,7 +1587,7 @@ impl PushAuthorizationTests { Ok(hash) => hash, Err(e) => { let _ = fs::remove_dir_all(&clone_path); - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to create commit: {}", e)); } }; @@ -1610,7 +1616,7 @@ impl PushAuthorizationTests { Ok(e) => e, Err(e) => { let _ = fs::remove_dir_all(&clone_path); - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to build state event: {}", e)); } }; @@ -1621,7 +1627,7 @@ impl PushAuthorizationTests { .await { let _ = fs::remove_dir_all(&clone_path); - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to send state event: {}", e)); } @@ -1634,11 +1640,11 @@ impl PushAuthorizationTests { match push_result { Ok(true) => { /* Push succeeded, continue to verify */ } Ok(false) => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail("Push to refs/heads/develop1 was rejected"); } Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to push develop1 branch: {}", e)); } } @@ -1651,16 +1657,16 @@ impl PushAuthorizationTests { match get_default_branch_from_info_refs(relay_domain, &npub, &repo_id).await { Ok(branch) => branch, Err(e) => { - return TestResult::new(test_name, "GRASP-01:git-http:38", desc) + return TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc) .fail(format!("Failed to get default branch: {}", e)); } }; // Verify HEAD points to refs/heads/develop1 if default_branch == "refs/heads/develop1" { - TestResult::new(test_name, "GRASP-01:git-http:38", desc).pass() + TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc).pass() } else { - TestResult::new(test_name, "GRASP-01:git-http:38", desc).fail(format!( + TestResult::new(test_name, SpecRef::GitSetHeadOnReceive, desc).fail(format!( "Expected HEAD to point to 'refs/heads/develop1' but got '{}'. \ GRASP-01 requires: 'MUST set repository HEAD per repository state announcement \ as soon as the git data related to that branch has been received.'", diff --git a/grasp-audit/src/specs/grasp01/repository_creation.rs b/grasp-audit/src/specs/grasp01/repository_creation.rs index 2eddb97..a702afe 100644 --- a/grasp-audit/src/specs/grasp01/repository_creation.rs +++ b/grasp-audit/src/specs/grasp01/repository_creation.rs @@ -15,6 +15,7 @@ //! cd grasp-audit && nix develop -c bash test-ngit-relay.sh --mode test //! ``` +use crate::specs::grasp01::SpecRef; use crate::{AuditClient, FixtureKind, TestContext, TestResult}; use nostr_sdk::prelude::*; @@ -55,7 +56,7 @@ impl RepositoryCreationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Bare repository must be created and accessible via Smart HTTP when announcement is accepted", ) .fail(format!("Failed to create repo fixture: {}", e)) @@ -76,7 +77,7 @@ impl RepositoryCreationTests { None => { return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Bare repository must be created and accessible via Smart HTTP when announcement is accepted", ) .fail("Repository announcement missing d tag") @@ -88,7 +89,7 @@ impl RepositoryCreationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Bare repository must be created and accessible via Smart HTTP when announcement is accepted", ) .fail(format!("Failed to convert pubkey to npub: {}", e)) @@ -99,7 +100,7 @@ impl RepositoryCreationTests { if let Err(e) = check_repo_accessible_via_http(relay_domain, &npub, &repo_id).await { return TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Bare repository must be created and accessible via Smart HTTP when announcement is accepted", ) .fail(format!("Repository not accessible via HTTP: {}", e)); @@ -107,7 +108,7 @@ impl RepositoryCreationTests { TestResult::new( test_name, - "GRASP-01:git-http:34", + SpecRef::GitServeRepository, "Bare repository must be created and accessible via Smart HTTP when announcement is accepted", ) .pass() @@ -135,7 +136,7 @@ impl RepositoryCreationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:44", + SpecRef::GitServeWebpage, "Relay SHOULD serve a webpage for existing repositories", ) .fail(format!("Failed to create repo fixture: {}", e)) @@ -156,7 +157,7 @@ impl RepositoryCreationTests { None => { return TestResult::new( test_name, - "GRASP-01:git-http:44", + SpecRef::GitServeWebpage, "Relay SHOULD serve a webpage for existing repositories", ) .fail("Repository announcement missing d tag") @@ -168,7 +169,7 @@ impl RepositoryCreationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:44", + SpecRef::GitServeWebpage, "Relay SHOULD serve a webpage for existing repositories", ) .fail(format!("Failed to convert pubkey to npub: {}", e)) @@ -179,7 +180,7 @@ impl RepositoryCreationTests { if let Err(e) = check_webpage_served(relay_domain, &npub, &repo_id).await { return TestResult::new( test_name, - "GRASP-01:git-http:44", + SpecRef::GitServeWebpage, "Relay SHOULD serve a webpage for existing repositories", ) .fail(format!("Webpage not served: {}", e)); @@ -187,7 +188,7 @@ impl RepositoryCreationTests { TestResult::new( test_name, - "GRASP-01:git-http:44", + SpecRef::GitServeWebpage, "Relay SHOULD serve a webpage for existing repositories", ) .pass() @@ -214,7 +215,7 @@ impl RepositoryCreationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:44", + SpecRef::GitServeWebpage, "Relay SHOULD return 404 for repositories it doesn't host", ) .fail(format!("Failed to create repo fixture: {}", e)) @@ -226,7 +227,7 @@ impl RepositoryCreationTests { Err(e) => { return TestResult::new( test_name, - "GRASP-01:git-http:44", + SpecRef::GitServeWebpage, "Relay SHOULD return 404 for repositories it doesn't host", ) .fail(format!("Failed to convert pubkey to npub: {}", e)) @@ -239,7 +240,7 @@ impl RepositoryCreationTests { if let Err(e) = check_404_for_nonexistent_repo(relay_domain, &npub, fake_repo_id).await { return TestResult::new( test_name, - "GRASP-01:git-http:44", + SpecRef::GitServeWebpage, "Relay SHOULD return 404 for repositories it doesn't host", ) .fail(format!("Expected 404, got: {}", e)); @@ -247,7 +248,7 @@ impl RepositoryCreationTests { TestResult::new( test_name, - "GRASP-01:git-http:44", + SpecRef::GitServeWebpage, "Relay SHOULD return 404 for repositories it doesn't host", ) .pass() diff --git a/grasp-audit/src/specs/grasp01/spec_requirements.rs b/grasp-audit/src/specs/grasp01/spec_requirements.rs index 71b2d69..6bc961c 100644 --- a/grasp-audit/src/specs/grasp01/spec_requirements.rs +++ b/grasp-audit/src/specs/grasp01/spec_requirements.rs @@ -6,9 +6,36 @@ /// GRASP spec repository commit ID that this version is based on pub const GRASP_COMMIT_ID: &str = "1fdb8f7"; +/// Reference to a specific GRASP-01 specification requirement +#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)] +pub enum SpecRef { + NostrRelayNip01Compliant, + NostrRelayRejectMissingCloneRelays, + NostrRelayMayRejectOtherCriteria, + NostrRelayMustAcceptTaggedEvents, + NostrRelayMayRejectSpamCuration, + PurgatoryAcceptUntilGitData, + Nip11ServeDocument, + Nip11ListSupportedGrasps, + Nip11ListRepoAcceptanceCriteria, + Nip11ListCurationPolicy, + GitServeRepository, + GitAcceptPushesAlignState, + GitSetHeadOnReceive, + GitAcceptRefsNostrEventId, + GitIncludeAllowSha1InWant, + GitServeWebpage, + CorsAllowOrigin, + CorsAllowMethods, + CorsAllowHeaders, + CorsOptionsResponse, +} + /// A single specification requirement #[derive(Debug, Clone)] pub struct SpecRequirement { + /// Unique reference to this requirement + pub spec_ref: SpecRef, /// Line number in the spec document pub line: u32, /// Section name (e.g., "Nostr Relay", "Git Smart HTTP Service", "CORS Support") @@ -37,121 +64,175 @@ impl std::fmt::Display for RequirementLevel { } } +impl SpecRef { + /// Get the spec reference string in format "GRASP-01:section:line" + pub fn spec_ref_string(self) -> &'static str { + match self { + SpecRef::NostrRelayNip01Compliant => "GRASP-01:nostr-relay:7", + SpecRef::NostrRelayRejectMissingCloneRelays => "GRASP-01:nostr-relay:9", + SpecRef::NostrRelayMayRejectOtherCriteria => "GRASP-01:nostr-relay:11", + SpecRef::NostrRelayMustAcceptTaggedEvents => "GRASP-01:nostr-relay:13", + SpecRef::NostrRelayMayRejectSpamCuration => "GRASP-01:nostr-relay:18", + SpecRef::PurgatoryAcceptUntilGitData => "GRASP-01:purgatory:22", + SpecRef::Nip11ServeDocument => "GRASP-01:nip-11:26", + SpecRef::Nip11ListSupportedGrasps => "GRASP-01:nip-11:28", + SpecRef::Nip11ListRepoAcceptanceCriteria => "GRASP-01:nip-11:29", + SpecRef::Nip11ListCurationPolicy => "GRASP-01:nip-11:30", + SpecRef::GitServeRepository => "GRASP-01:git-http:34", + SpecRef::GitAcceptPushesAlignState => "GRASP-01:git-http:36", + SpecRef::GitSetHeadOnReceive => "GRASP-01:git-http:39", + SpecRef::GitAcceptRefsNostrEventId => "GRASP-01:git-http:45", + SpecRef::GitIncludeAllowSha1InWant => "GRASP-01:git-http:56", + SpecRef::GitServeWebpage => "GRASP-01:git-http:58", + SpecRef::CorsAllowOrigin => "GRASP-01:cors:64", + SpecRef::CorsAllowMethods => "GRASP-01:cors:65", + SpecRef::CorsAllowHeaders => "GRASP-01:cors:66", + SpecRef::CorsOptionsResponse => "GRASP-01:cors:67", + } + } +} + /// All GRASP-01 specification requirements pub const GRASP_01_REQUIREMENTS: &[SpecRequirement] = &[ // Nostr Relay section SpecRequirement { + spec_ref: SpecRef::NostrRelayNip01Compliant, line: 7, section: "Nostr Relay", text: "MUST serve a NIP-01 compliant nostr relay at `/` that accepts git repository announcements and their corresponding repo state announcements.", level: RequirementLevel::Must, }, SpecRequirement { + spec_ref: SpecRef::NostrRelayRejectMissingCloneRelays, line: 9, section: "Nostr Relay", text: "MUST reject git repository announcements that do not list the service in both `clone` and `relays` tags unless implementing `GRASP-05`.", level: RequirementLevel::Must, }, SpecRequirement { + spec_ref: SpecRef::NostrRelayMayRejectOtherCriteria, line: 11, section: "Nostr Relay", text: "MAY reject git repository announcements based on other criteria such as pre-payment, quotas, WoT, whitelist, SPAM prevention, etc.", level: RequirementLevel::May, }, SpecRequirement { + spec_ref: SpecRef::NostrRelayMustAcceptTaggedEvents, line: 13, section: "Nostr Relay", text: "MUST accept other events that tag, or are tagged by, either: 1. accepted git repository announcements; or 2. accepted issues or patches", level: RequirementLevel::Must, }, SpecRequirement { + spec_ref: SpecRef::NostrRelayMayRejectSpamCuration, line: 18, section: "Nostr Relay", text: "MAY reject or delete events for generic SPAM prevention reasons or curation eg. WoT, whitelist, user bans and banned topics.", level: RequirementLevel::May, }, SpecRequirement { + spec_ref: SpecRef::PurgatoryAcceptUntilGitData, + line: 22, + section: "Purgatory", + text: "New repository announcements, repo state announcements, PRs and PR Updates SHOULD be accepted with message \"purgatory: won't be served until git data arrives\" and kept in purgatory (not served) until the related git data arrives and otherwise discarded after 30 minutes.", + level: RequirementLevel::Should, + }, + SpecRequirement { + spec_ref: SpecRef::Nip11ServeDocument, line: 26, - section: "Nostr Relay", + section: "NIP-11", text: "MUST serve a NIP-11 document", level: RequirementLevel::Must, }, SpecRequirement { + spec_ref: SpecRef::Nip11ListSupportedGrasps, line: 28, - section: "Nostr Relay", + section: "NIP-11", text: "MUST list each supported GRASP under `supported_grasps` in format `GRASP-XX` eg `GRASP-01` as a string array", level: RequirementLevel::Must, }, SpecRequirement { + spec_ref: SpecRef::Nip11ListRepoAcceptanceCriteria, line: 29, - section: "Nostr Relay", + section: "NIP-11", text: "MUST list repository acceptance criteria under `repo_acceptance_criteria` as a human readable string", level: RequirementLevel::Must, }, SpecRequirement { + spec_ref: SpecRef::Nip11ListCurationPolicy, line: 30, - section: "Nostr Relay", + section: "NIP-11", text: "MUST list brief summary of curation policy under `curation` if events are curated beyond generic SPAM prevention; otherwise `curation` MUST be omitted", level: RequirementLevel::Must, }, // Git Smart HTTP Service section SpecRequirement { + spec_ref: SpecRef::GitServeRepository, line: 34, section: "Git Smart HTTP Service", - text: "MUST serve a git repository via an unauthenticated git smart http service at `//.git` for each accepted git repository announcement.", + text: "MUST serve a git repository via an unauthenticated git smart http service at `//.git` for each git repository announcement the relay serves or has in purgatory.", level: RequirementLevel::Must, }, SpecRequirement { + spec_ref: SpecRef::GitAcceptPushesAlignState, line: 36, section: "Git Smart HTTP Service", - text: "MUST accept pushes via this service that match the latest repo state announcement on the relay, respecting the recursive maintainer set.", + text: "MUST accept pushes via this service that fully align the git repository state with a repo state announcement in purgatory that is authorised for this repository, respecting the recursive maintainer set.", level: RequirementLevel::Must, }, SpecRequirement { - line: 38, + spec_ref: SpecRef::GitSetHeadOnReceive, + line: 39, section: "Git Smart HTTP Service", - text: "MUST set repository HEAD per repo state announcement as soon as the git data related to that branch has been received.", + text: "As soon as the `receive-pack` is successful, the server MUST: 1. Release the event (and related repository announcement) from purgatory. 2. Align the repository HEAD with the repo state announcement. 3. Synchronize git state with other git repositories on the server for which this state event is authoritative.", level: RequirementLevel::Must, }, SpecRequirement { - line: 40, + spec_ref: SpecRef::GitAcceptRefsNostrEventId, + line: 45, section: "Git Smart HTTP Service", - text: "MUST accept pushes via this service to `refs/nostr/` but SHOULD reject if event exists on relay listing a different tip and MAY reject based on criteria such as size, SPAM prevention, etc. SHOULD delete and MAY garbage collect these refs if no corresponding git PR event or git PR update event, with a `c` tag that matches the ref tip, is accepted by relay within 20 minutes.", + text: "MUST accept pushes via this service to `refs/nostr/` but SHOULD reject if the event exists in purgatory listing a different tip, and MAY reject based on criteria such as size, SPAM prevention, etc.", level: RequirementLevel::Must, }, SpecRequirement { - line: 42, + spec_ref: SpecRef::GitIncludeAllowSha1InWant, + line: 56, section: "Git Smart HTTP Service", text: "MUST include `allow-reachable-sha1-in-want` and `allow-tip-sha1-in-want` in advertisement and serve available oids.", level: RequirementLevel::Must, }, SpecRequirement { - line: 44, + spec_ref: SpecRef::GitServeWebpage, + line: 58, section: "Git Smart HTTP Service", text: "SHOULD serve a webpage at the same endpoint linking to git nostr client(s) to browse the repository and a 404 page for repositories it doesn't host.", level: RequirementLevel::Should, }, // CORS Support section SpecRequirement { - line: 50, + spec_ref: SpecRef::CorsAllowOrigin, + line: 64, section: "CORS Support", text: "Set `Access-Control-Allow-Origin: *` on ALL responses", level: RequirementLevel::Must, }, SpecRequirement { - line: 51, + spec_ref: SpecRef::CorsAllowMethods, + line: 65, section: "CORS Support", text: "Set `Access-Control-Allow-Methods: GET, POST` on ALL responses", level: RequirementLevel::Must, }, SpecRequirement { - line: 52, + spec_ref: SpecRef::CorsAllowHeaders, + line: 66, section: "CORS Support", text: "Set `Access-Control-Allow-Headers: Content-Type` on ALL responses", level: RequirementLevel::Must, }, SpecRequirement { - line: 53, + spec_ref: SpecRef::CorsOptionsResponse, + line: 67, section: "CORS Support", text: "Respond to OPTIONS requests with 204 No Content", level: RequirementLevel::Must, @@ -163,6 +244,13 @@ pub fn get_requirement(line: u32) -> Option<&'static SpecRequirement> { GRASP_01_REQUIREMENTS.iter().find(|r| r.line == line) } +/// Get a requirement by its SpecRef +pub fn get_requirement_by_ref(spec_ref: SpecRef) -> Option<&'static SpecRequirement> { + GRASP_01_REQUIREMENTS + .iter() + .find(|r| r.spec_ref == spec_ref) +} + /// Get all requirements for a section pub fn get_requirements_for_section(section: &str) -> Vec<&'static SpecRequirement> { GRASP_01_REQUIREMENTS @@ -193,17 +281,39 @@ mod tests { assert!(req.text.contains("NIP-01")); } + #[test] + fn test_get_requirement_by_ref() { + let req = get_requirement_by_ref(SpecRef::NostrRelayNip01Compliant) + .expect("SpecRef should exist"); + assert_eq!(req.line, 7); + assert_eq!(req.spec_ref, SpecRef::NostrRelayNip01Compliant); + } + #[test] fn test_get_sections() { let sections = get_sections(); - assert_eq!(sections.len(), 3); + assert_eq!(sections.len(), 5); assert_eq!(sections[0], "Nostr Relay"); - assert_eq!(sections[1], "Git Smart HTTP Service"); - assert_eq!(sections[2], "CORS Support"); + assert_eq!(sections[1], "Purgatory"); + assert_eq!(sections[2], "NIP-11"); + assert_eq!(sections[3], "Git Smart HTTP Service"); + assert_eq!(sections[4], "CORS Support"); } #[test] fn test_requirement_count() { - assert_eq!(GRASP_01_REQUIREMENTS.len(), 19); + assert_eq!(GRASP_01_REQUIREMENTS.len(), 20); + } + + #[test] + fn test_spec_ref_unique() { + let mut refs = std::collections::HashSet::new(); + for req in GRASP_01_REQUIREMENTS { + assert!( + refs.insert(req.spec_ref), + "Duplicate SpecRef found: {:?}", + req.spec_ref + ); + } } } -- cgit v1.2.3