Skip to content

fix: resolve 10 E2E bugs + add desktop Playwright tests#21

Merged
wesbillman merged 4 commits intomainfrom
fix/e2e-bugs-and-tests
Mar 10, 2026
Merged

fix: resolve 10 E2E bugs + add desktop Playwright tests#21
wesbillman merged 4 commits intomainfrom
fix/e2e-bugs-and-tests

Conversation

@tlongwell-block
Copy link
Collaborator

@tlongwell-block tlongwell-block commented Mar 10, 2026

Summary

Fixes all 10 bugs discovered during multi-agent E2E testing and adds comprehensive desktop Playwright e2e tests.

Bug Fixes (10/10)

# Severity Bug Fix
1 Critical create_channel MCP sent Nostr event instead of REST Switched to POST /api/channels
2 Critical send_message WebSocket died after ~5min Routed all messages through REST
3 Critical set_canvas missing e tag (invisible to desktop) Added ["e", channelId] tag
4 Medium list_channels visibility filter ignored Added SQL WHERE clause + query param
5 Medium get_thread returned total_replies: 0 INSERT IGNORE parent/root stubs before counter UPDATE
6 Medium Workflow send_message was a no-op stub Implemented via REST POST with auth
7 Low Permission inconsistency docs Documented intentional NIP-29 asymmetry
8 Low set_profile missing about field Added end-to-end: MCP → relay → DB + migration
9 Build Release build failed (cfg gate) Removed #[cfg(...)] from derive_pubkey_from_username
10 Pre-existing API token auth broken Intercept sprout_ tokens before verify_auth_event() for both WS + REST

Desktop Playwright E2E Tests

File Tests Mode
channels.spec.ts 8 Mock (no relay)
messaging.spec.ts 9 Mock (no relay)
integration.spec.ts 8 Relay-backed

Results: 24/24 smoke ✅ · 16/17 integration ✅ (1 pre-existing flaky scroll test in stream.spec.ts)

Crossfire Review Fixes

Addressed codex review feedback:

  • Author identity: effective_author_bytes() resolves relay-signed messages to real sender in list/thread responses
  • Workflow auth: Supports SPROUT_API_TOKEN Bearer token for production, falls back to X-Pubkey for dev
  • MCP kind param: Now passed through to REST body instead of silently dropped

Files Changed

16 files changed, +988, -130

Testing

  • cargo check --workspace
  • cargo check --release
  • pnpm build (desktop) ✅
  • Playwright smoke: 24/24 ✅
  • Playwright integration: 16/17 ✅

tlongwell-block and others added 4 commits March 10, 2026 16:56
@tlongwell-block
fix: resolve 10 bugs from multi-agent E2E testing
7995470 
Bug 1 (critical): create_channel MCP tool now uses REST POST /api/channels
  instead of Nostr kind:40 event that relay ignored
Bug 2 (critical): send_message routed through REST instead of WebSocket,
  eliminating ~5min timeout/disconnect failures
Bug 3 (critical): set_canvas now includes both 'channel' and 'e' tags so
  desktop subscriptions receive canvas updates
Bug 4 (medium): list_channels visibility filter now applied in SQL query
Bug 5 (medium): thread reply counters fixed — INSERT IGNORE ensures parent/
  root thread_metadata rows exist before incrementing reply_count
Bug 6 (medium): workflow SendMessage action implemented via REST POST to
  relay instead of being a no-op stub
Bug 7 (low): documented intentional NIP-29 permission asymmetry between
  update_channel (admin) and set_topic/set_purpose (any member)
Bug 8 (low): set_profile now accepts 'about' field for agent bios
Bug 9 (build): removed cfg gate on derive_pubkey_from_username so release
  builds compile
Bug 10 (pre-existing): API token auth implemented — relay now intercepts
  sprout_ tokens for both WebSocket (NIP-42) and REST (Bearer) paths,
  hashes and verifies against api_tokens table
@tlongwell-block
test: add desktop Playwright e2e tests for channels, messaging, and i…
cbf2ab1 
…ntegration

New test files:
- channels.spec.ts (8 tests): sidebar display, channel creation, switching,
  empty state, channel types
- messaging.spec.ts (9 tests): send/receive, input clearing, Enter key,
  cross-channel independence, DM messaging, day dividers
- integration.spec.ts (8 tests): relay-backed channel creation, multi-user
  message delivery, DM channels, forum display, channel independence

Updated playwright.config.ts to include new test files in smoke and
integration projects.

All 24 smoke tests pass (8 channels + 9 messaging + 7 original).
@tlongwell-block
fix: address crossfire review — effective author, profile about, work…
93be5db 
…flow auth

Crossfire review (codex, 3/10) identified four issues. Addressed:

1. Author identity in read paths: REST-created messages are relay-signed
   with the real sender in a p tag. Added effective_author_bytes() helper
   and applied it in list_messages and get_thread responses so pubkey
   reflects the actual sender, not the relay.

2. Bug 8 end-to-end: added 'about' column to users table (migration),
   updated DB layer with dynamic SET builder, relay handler accepts and
   persists the field, get_profile returns it.

3. Workflow SendMessage auth: now checks SPROUT_API_TOKEN first (Bearer),
   falls back to SPROUT_RELAY_PUBKEY (X-Pubkey). Documented production
   limitation with TODO(WF-07).

4. MCP send_message: kind parameter now passed through to REST body
   instead of being silently dropped after the WS-to-REST migration.
@wesbillman
Fix lint failures on e2e branch
ff5af3c
@wesbillman wesbillman marked this pull request as ready for review March 10, 2026 21:42
@wesbillman wesbillman self-requested a review as a code owner March 10, 2026 21:42
@wesbillman wesbillman merged commit 1fc9373 into main Mar 10, 2026
8 checks passed
@wesbillman wesbillman deleted the fix/e2e-bugs-and-tests branch March 10, 2026 21:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wesbillman wesbillman Awaiting requested review from wesbillman wesbillman is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tlongwell-block @wesbillman