Alex Loftus

Alex Loftus

alexloftus2004 [AT] gmail.com

RECORD

RECORD

2026-03-11

  • Added website regression tests in tests/test_build_scenario_ui.py covering Testland-only create-agent invite flow, create-agent workspace/default wiring, and daily-log people/bots view pathing and drilldown rendering.
  • Verified the website suite with uv run pytest tests/test_build_scenario_ui.py -q (66 passed).
  • Cleaned up brittle website/template tests: removed exact catalog-size assertions, file-length/font checks, and several JS implementation-lock assertions; kept endpoint, DOM-anchor, escaping, and Firebase-path contract coverage.
  • Verified with uv run pytest tests/test_build_scenario_ui.py tests/test_templates.py -q (74 passed) and uv run pytest tests -q (248 passed, 34 skipped).

2026-03-16

  • Audited the red-teaming test suites across red-teaming/tests/, red-teaming/agent_proxy/tests/, red-teaming/api/tests/, and red-teaming/tests/website.test.js.
  • Tightened weak fork tests in tests/test_fork.py so they assert exact truncation behavior instead of only checking that output changed.
  • Rewrote the retry/archive/Firebase-gate coverage in tests/test_daily_log_resilience.py to call discord_daily_log._run_single_day() directly instead of copying production control flow into the tests.
  • Fixed tests/test_endpoints_extended.py to reflect the real create-agent contract: uppercase names are normalized to lowercase, not rejected.
  • Updated tests/website.test.js to match current session-viewer access rules (kwkaiser and alex) and replaced the common-image rollout source-string assertion with a behavioral fetch assertion.
  • Fixed red-teaming/api/pyproject.toml so the documented cd red-teaming/api && uv run pytest command works in this checkout.
  • Verified with:
    • uv run pytest red-teaming/tests/test_fork.py red-teaming/tests/test_daily_log_resilience.py red-teaming/tests/test_endpoints_extended.py -q (108 passed)
    • cd red-teaming && npm test -- --runTestsByPath tests/website.test.js (209 passed)
    • cd red-teaming/api && uv run pytest -q (10 passed)
    • uv run pytest red-teaming/tests red-teaming/agent_proxy/tests -q (476 passed, 35 skipped)
  • Remaining audit findings:
    • tests/website.test.js still uses a VM harness that prepends stubs for pre-encryption functions and rewrites top-level bindings, so it is not faithful browser coverage for the auth gate/session bootstrap path.
    • tests/test_integration.py still defaults to prod targets when STAGING is unset and includes live-mutating cases; treat it as operator-driven, not routine CI coverage.