skills/supabase-postgres-best-practices
1
0
Fork 0
mirror of https://github.com/supabase/agent-skills.git synced 2026-03-27 10:09:26 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
9c6fd293eb94c5211e3fa0df8402c45b68dc436c
supabase-postgres-best-prac…/packages/evals/evals/service-role-edge-function/EVAL.ts
Pedro Rodrigues 9c6fd293eb use agent-evals package
2026-02-27 15:32:55 +00:00

87 lines
2.3 KiB
TypeScript
Raw Blame History

import { existsSync } from "node:fs";
import { join } from "node:path";
import { expect, test } from "vitest";
import {
findFunctionFile,
getFunctionCode,
getSharedCode,
getSupabaseDir,
} from "./eval-utils.ts";
const FUNCTION_NAME = "admin-reports";
function getAllCode(): string {
const code = getFunctionCode(FUNCTION_NAME);
return `${code}\n${getSharedCode()}`;
}
test("supabase project initialized (config.toml exists)", () => {
expect(existsSync(join(getSupabaseDir(), "config.toml"))).toBe(true);
});
test("edge function file exists", () => {
expect(findFunctionFile(FUNCTION_NAME) !== null).toBe(true);
});
test("uses Deno.env.get for service role key", () => {
expect(
/Deno\.env\.get\(\s*['"][^'"]*service[_-]?role[^'"]*['"]\s*\)/i.test(
getAllCode(),
),
).toBe(true);
});
test("no hardcoded service role key", () => {
const allCode = getAllCode();
const lines = allCode.split("\n");
const nonCommentLines = lines.filter(
(line) => !line.trimStart().startsWith("//"),
);
expect(
nonCommentLines.some((line) =>
/(['"`])eyJ[A-Za-z0-9_-]+\.\1?|(['"`])eyJ[A-Za-z0-9_-]+/.test(line),
),
).toBe(false);
});
test("createClient called with service role env var as second argument", () => {
const allCode = getAllCode();
expect(
/createClient/i.test(allCode) &&
/Deno\.env\.get\(\s*['"][^'"]*service[_-]?role[^'"]*['"]\s*\)/i.test(
allCode,
),
).toBe(true);
});
test("service role key env var name does not use NEXT_PUBLIC_ prefix", () => {
expect(/NEXT_PUBLIC_[^'"]*service[_-]?role/i.test(getAllCode())).toBe(false);
});
test("CORS headers present", () => {
expect(/Access-Control-Allow-Origin/.test(getAllCode())).toBe(true);
});
test("returns JSON response", () => {
const allCode = getAllCode();
expect(
/content-type['"]\s*:\s*['"]application\/json/i.test(allCode) ||
/Response\.json/i.test(allCode) ||
/JSON\.stringify/i.test(allCode),
).toBe(true);
});
test("overall quality: demonstrates service role Edge Function best practices", () => {
const allCode = getAllCode();
const signals: RegExp[] = [
/Deno\.env\.get\(\s*['"][^'"]*service[_-]?role[^'"]*['"]\s*\)/i,
/Access-Control-Allow-Origin/,
/createClient/i,
/\btry\s*\{/,
/Response\.json|JSON\.stringify/,
/Deno\.serve/,
];
expect(signals.filter((r) => r.test(allCode)).length >= 5).toBe(true);
});
Reference in New Issue View Git Blame Copy Permalink