test(scripts): guard miner package README against stale public-package wording#7043
Conversation
…e wording
The publish-time check-miner-package check validated the miner package's file
list and scanned for secret-like content, but — unlike its sibling
check-mcp-package — never guarded README.md against stale pre-release wording
("private beta", a preview zeronode.workers.dev URL, "preview URL"). That let
placeholder marketing copy ship in the public @loopover/miner README unnoticed.
Mirror the mcp-package guard: reject a README containing STALE_PACKAGE_TEXT, and
add a regression test injecting stale README content via the existing
CHECK_MINER_PACK_TEST_CONTENT hook. The real miner README is already clean, so
the guard passes on the live workspace.
Closes JSONbored#7013
|
Superagent didn't find any vulnerabilities or security issues in this PR. |
1 similar comment
|
Superagent didn't find any vulnerabilities or security issues in this PR. |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #7043 +/- ##
=======================================
Coverage 93.74% 93.74%
=======================================
Files 691 691
Lines 68658 68658
Branches 18760 18760
=======================================
Hits 64361 64361
Misses 3302 3302
Partials 995 995
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
Tip ✅ LoopOver review result - approve/merge recommendedReview updated: 2026-07-17 19:36:48 UTC
Review summary Nits — 3 non-blocking
Decision drivers
Context & advisory signals — never blocks the verdict
Linked issue satisfactionAddressed Review context
Contributor next steps
Signal definitions
🧪 Chat with LoopOverAsk LoopOver a question about this PR directly in a comment — grounded only in the same cached, public-safe facts shown above, never a new claim.
Full command reference: https://loopover.ai/docs/loopover-commands 🧪 Experimental — new and may change. 🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed 💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →. Checked by LoopOver, a quiet PR intelligence layer for OSS maintainers.
|
Closes #7013
The publish-time `check-miner-package` check validated the miner package's file list and scanned for secret-like content, but — unlike its sibling `check-mcp-package` — never guarded `README.md` against stale pre-release wording (`private beta`, a preview `zeronode.workers.dev` URL, `preview URL`). That let placeholder marketing copy ship in the public `@loopover/miner` README unnoticed.
Change
Verification
scripts/test-only; no `src/**` touched.