feat(cmd): add status command with ckb-tui v0.1.3#449
Conversation
Integrates ckb-tui to provide a terminal UI for monitoring CKB network status from a local node. Changes: - Add CKBTui class with automatic binary download/install for v0.1.3 - Add status command with RPC port connectivity check - Update settings schema with tools.rootFolder and ckbTui.version - Register status command in CLI with network validation Closes RET-161
humble-little-bear
left a comment
There was a problem hiding this comment.
[TEST-ORCHESTRATOR]
Test Results for #449
PR: feat(cmd): add status command with ckb-tui v0.1.3
Commit tested: ea81c87
Test dimensions: Unit / Integration / Chaos-Fuzz / Adversarial Review
Overall recommendation: ❌ Do not merge — blocking security issue and zero unit-test coverage must be resolved first.
1. Change Summary
- Adds
offckb status --network <devnet|testnet|mainnet>CLI command. - Adds
src/cmd/status.tswith RPC port connectivity check. - Adds
src/tools/ckb-tui.ts(CKBTuiclass) for downloading, extracting, and executing the ckb-tui binary. - Extends
src/cfg/setting.tswithtools.rootFolderandtools.ckbTui.version. - Registers the new command in
src/cli.ts.
2. Risk Distribution (after leader verification & challenger review)
| Severity | Count | Rationale |
|---|---|---|
| Critical | 1 | Confirmed command injection via user-controlled tools.rootFolder. |
| High | 3 | 0% unit-test coverage on new core modules; cross-process download race; unconditional execution of downloaded binary with no integrity check. |
| Medium | 5 | deepMerge mutates defaultSettings; loose version regex; missing curl --fail; incomplete cleanup on extraction failure; Windows unzip dependency unverified. |
| Low | 3 | isRPCPortListening does not validate port range; help text typo; RPC-unreachable exit code 0 is undocumented. |
3. Expert Findings (most severe first)
🔴 Critical: Command Injection via tools.rootFolder
- Source: Practical-Integration / Fuzz / confirmed by Leader.
- Location:
src/tools/ckb-tui.ts:60,64,66,79. - Issue:
downloadBinary()builds shell strings withexecSync(\curl -L -o "${archivePath}" ...`).archivePathandbinaryPathare derived fromsettings.tools.rootFolder, which a user (or attacker who can writesettings.json`) can set to any string. - Evidence: Setting
settings.jsonto{ "tools": { "rootFolder": "/tmp/offckb-test\"$(echo INJECTED)\"" } }produces the shell command:The shell executescurl -L -o "/tmp/offckb-test"$(echo INJECTED)"/ckb-tui-with-node-linux-amd64.tar.gz" "https://github.com/..."$(echo INJECTED)and resolves the output path to/tmp/offckb-testINJECTED/.... - Fix: Replace all
execSyncstring invocations withspawnSync/execFileSyncand array arguments, or at minimum shell-escape/whitelisttools.rootFolder. Restricttools.rootFolderto the offckb data directory tree.
🟠 High: Zero Unit-Test Coverage on New Core Code
- Source: Unitest-Assesor.
- Issue:
src/cmd/status.ts,src/tools/ckb-tui.ts, and thestatuscommand registration insrc/cli.tshave no corresponding test files. Existing 84 tests pass but do not exercise the new code paths. - Fix: Add
tests/status.test.ts,tests/ckb-tui.test.ts, andtests/cli-status.test.tscovering normal paths, error paths, and the command-injection case.
🟠 High: Cross-Process Race on Binary Download
- Source: Fuzz-Test-Assesor / partially confirmed by code review.
- Issue:
CKBTui.binaryPathis a process-local static variable. Multiple concurrentoffckb statusprocesses each see a missing file and start separate downloads/extractions to the same paths. Thefinallycleanup andfs.renameSyncare not atomic across processes. - Caveat: The Fuzz expert's claim that "process B sees process A's
binaryPath" is technically incorrect (static variables are not shared across processes), but the underlying filesystem-level race is real. - Fix: Use a process-level file lock (e.g.,
proper-lockfile) around download/extraction, and download to a temp file/directory before atomic rename.
🟠 High: Downloaded Binary Executed Without Integrity Verification
- Source: Fuzz-Test-Assesor / Practical-Integration.
- Issue:
CKBTui.run()only checksfs.existsSync(binaryPath)beforespawnSync. A replaced or corrupted binary runs with the user's privileges. - Fix: Verify checksum or signature after download; lock down
tools.rootFolderpermissions.
🟡 Medium: deepMerge Mutates defaultSettings
- Source: Unitest-Assesor.
- Location:
src/cfg/setting.ts:140-152. - Issue:
readSettings()callsdeepMerge(defaultSettings, JSON.parse(data)), writing user config back into the shareddefaultSettingsobject. Repeated calls drift defaults. - Fix: Deep-clone
defaultSettingsbefore merging.
🟡 Medium: Loose Version Regex
- Source: Fuzz-Test / Unitest.
- Issue:
/^v\d+\.\d+\.\d+$/acceptsv01.02.03and arbitrarily long numbers. Cannot alter domain or inject commands, but can generate invalid URLs/filenames. - Fix: Use strict semver:
/^v(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)$/and cap length.
🟡 Medium: curl Without --fail
- Source: Fuzz-Test.
- Issue:
curl -L -o ...does not use--fail; a 404 or redirect-to-error-page is saved as the archive and later fails extraction with a confusing error. - Fix: Use
curl -fsSL --max-time 300 -o ....
🟡 Medium: Incomplete Cleanup on Extraction Failure
- Source: Fuzz-Test / Unitest.
- Issue:
finallydeletes the archive but leaves partially extracted directories behind. - Fix: Extract to a temp directory and atomically move on success; clean up the temp directory on any failure.
🟡 Medium: Windows Dependency on unzip
- Source: Practical-Integration.
- Issue: Windows
.zipextraction usesunzip, which is not guaranteed on all Windows environments. - Caveat: Not empirically tested on Windows in this run.
- Fix: Use a cross-platform Node archive library (e.g.,
adm-zip,tar).
🟢 Low: isRPCPortListening Port Validation
- Source: Fuzz-Test / Unitest.
- Issue: Function accepts negative, zero, >65535, non-integer, or string ports;
net.Socket.connectthrowsRangeError, which is caught and returnsfalse. Defensive-programming gap, not a crash. - Fix: Add explicit
Number.isInteger(port) && port > 0 && port < 65536check.
🟢 Low: Undocumented Exit-Code Behavior
- Source: Practical-Integration.
- Issue: Invalid network exits with code
1, but RPC-unreachable and ckb-tui failure both return code0. This is inconsistent but not documented as a bug. - Fix: Document or unify exit codes.
🟢 Low: Help Text Typo
- Source: Practical-Integration.
- Issue:
src/cli.ts:212saysSpecify the network to deploy toinstead ofmonitor. - Fix: Correct the description.
4. Adversarial Reviewer Findings & Leader Response
The Test-Challenger verified the PR branch directly via the GitHub API and raised several important challenges. Key responses:
| Challenger Point | Leader Response |
|---|---|
Chaos expert claimed test files tests/ckb-tui-security.test.ts, tests/ckb-tui-resources.test.ts, and scripts/reproduce-race.js exist, but they do not appear in the PR branch. |
Accepted. I independently confirmed tests/ contains only the 8 pre-existing test files. Those claims should be disregarded until the files are actually committed. |
Practical expert's statement about socket timeout event listeners was inaccurate. |
Accepted. The code uses a manual setTimeout, not a socket 'timeout' event. Functionally the 5-second timeout works; the code-style difference is Low severity at most. |
"User can override tools.rootFolder" is not itself High risk; the real risk is shell-string injection. |
Accepted. I re-rated: command injection = Critical; arbitrary directory configurability = Low/Medium (expected CLI behavior). |
| Cross-process race should be Medium, not High, for a local CLI. | Partially accepted. Downgraded to High (not Critical) because exploitation requires local concurrency, but it can corrupt the downloaded binary. |
| Version-regex looseness is not exploitable. | Accepted. Downgraded to Medium; it is a robustness issue, not a security bypass. |
| Leader failed to flag the incomplete full-download verification. | Accepted. Practical expert's download test only completed ~22% due to bandwidth. Full download-extract-run validation remains an uncovered dimension. |
5. Unresolved Conflicts
- None that block the final conclusion. The apparent conflict over socket
timeouthandling was resolved: manualsetTimeoutis functionally correct; the code merely lacks a sockettimeoutevent listener.
6. Final Recommendation
- Pass
- Conditional pass / Do not merge yet — blocking issues below must be fixed and re-tested.
- Reject permanently
Blocking issues:
- Fix command injection in
CKBTui.downloadBinary()by eliminating shell-stringexecSynccalls. - Add unit tests for
src/cmd/status.ts,src/tools/ckb-tui.ts, and thestatusCLI registration. - Add cross-process file locking and atomic download-to-temp + rename for ckb-tui binary installation.
Strongly recommended before merge:
- Fix
deepMergemutation ofdefaultSettings. - Add
curl --failand download timeout. - Tighten version regex.
- Clean up extracted temp directories on failure.
- Document or unify
statusexit codes. - Fix help text typo.
7. Remaining / Unverified Risks
- Full download-extract-run end-to-end on Linux was not completed due to bandwidth (~22% downloaded).
- No verification on macOS or Windows.
- No test against a real CKB node; RPC reachability was simulated with a TCP listener.
- No verification in disk-full, read-only directory, antivirus, proxy, or slow-network conditions.
- No test of
ckb-tuibehavior when killed via SIGINT while running. - No assessment of whether
https://github.com/Officeyutong/ckb-tui/releasesis an officially trusted supply-chain source. - No non-TTY/CI behavior validation.
Report synthesized by Test-Orchestrator from Unitest-Assesor, Practical-Integration-Test-Assesor, Fuzz-Test-Assesor, and Test-Challenger outputs, with direct code verification against PR branch feature/integrate-ckb-tui.
humble-little-bear
left a comment
There was a problem hiding this comment.
[REVIEW-ORCHESTRATOR]
Code Review Report — #449
Review dimensions: Correctness, Maintainability, Performance, Security
Specialists: 4/4 completed | Challenger: completed
Preliminary findings: 19 → Retained after Challenger: 19 (0 dropped, 3 downgraded)
Final tally: CRITICAL: 3 | WARNING: 9 | SUGGESTION: 7
Verdict: REQUEST CHANGES — three security issues must be resolved before merge.
CRITICAL (must fix before merge)
1. [Security] Command injection via shell-interpolated paths
- Location:
src/tools/ckb-tui.ts:61,64,66,80 - Description:
execSyncis called with shell-interpreted strings that interpolatearchivePath,binDir,downloadUrl, andbinaryPath. These values are derived fromsettings.tools.rootFolderand release asset names. A malicious or malformedsettings.jsoncan inject shell metacharacters. - Evidence:
execSync(`curl -L -o "${archivePath}" "${downloadUrl}"`, { stdio: 'inherit' }); execSync(`tar -xzf "${archivePath}" -C "${binDir}"`, { stdio: 'inherit' }); execSync(`unzip "${archivePath}" -d "${binDir}"`, { stdio: 'inherit' }); execSync(`chmod +x "${this.binaryPath}"`);
- Fix: Use
execFileSync/spawnSyncwithshell: falseand pass arguments as arrays. Validate/sanitizebinDirandbinaryPathto a permitted subdirectory.
2. [Security] Remote binary downloaded and executed without integrity verification
- Location:
src/tools/ckb-tui.ts:55-82 - Description:
ckb-tuiis downloaded from GitHub releases and executed with no checksum or signature verification. HTTPS only protects transport; a compromised release account, tag overwrite, or MITM-proxied build can serve attacker-controlled binaries. - Evidence:
const downloadUrl = `https://github.com/Officeyutong/ckb-tui/releases/download/${version}/${assetName}`; execSync(`curl -L -o "${archivePath}" "${downloadUrl}"`, ...); spawnSync(binaryPath, args, { stdio: 'inherit' });
- Fix: Publish a SHA-256 checksum (or PGP signature) alongside each release asset and verify it after download and before extraction/execution. Reject assets that do not pass verification.
3. [Security] Arbitrary file write/overwrite from user-controlled settings
- Location:
src/tools/ckb-tui.ts:56,70,80 - Description:
binDirand the finalbinaryPathare derived fromsettings.tools.rootFolder, which can be set to any absolute path viasettings.json.fs.renameSyncwrites/overwrites there without resolving or whitelisting the path. - Evidence:
const binDir = path.dirname(this.binaryPath!); fs.renameSync(extractedBinary, this.binaryPath!); execSync(`chmod +x "${this.binaryPath}"`);
- Fix: Resolve and validate that
binDiris under a known-safe location (e.g., the OffCKB data directory). Reject paths that escape the intended root afterpath.resolve.
WARNING (should fix before merge)
4. [Security] Settings loaded without schema/type validation
- Location:
src/cfg/setting.ts:109 - Description:
readSettingsdeep-merges rawJSON.parse(data)into defaults without validating types or rejecting unknown keys. This amplifies issues #1 and #3 by allowing arbitrary strings for paths and versions. - Evidence:
return deepMerge(defaultSettings, JSON.parse(data)) as Settings;
- Fix: Validate the parsed object against the
Settingsschema (e.g., with zod, io-ts, or a hand-written validator) before merging.
5. [Correctness] Tools root directory is not created before curl writes into it
- Location:
src/tools/ckb-tui.ts:55-61 - Description:
downloadBinaryderivesbinDirfromsettings.tools.rootFolderand immediately callscurlto writearchivePaththere. If the directory does not exist, curl fails withENOENT. - Evidence:
const binDir = path.dirname(this.binaryPath!); const archivePath = path.join(binDir, assetName); execSync(`curl -L -o "${archivePath}" ...`);
- Fix: Add
fs.mkdirSync(binDir, { recursive: true })before writing the archive.
6. [Correctness] getBinaryPath() caches a path before the binary is verified/downloaded
- Location:
src/tools/ckb-tui.ts:14-18 - Description:
this.binaryPathis assigned unconditionally beforedownloadBinaryruns. If the download fails, subsequent calls return the stale path and skip the install logic. - Evidence:
this.binaryPath = path.join(binDir, 'ckb-tui'); if (!fs.existsSync(this.binaryPath)) { this.downloadBinary(version); }
- Fix: Assign
this.binaryPathonly after a successful install, or reset it tonullin the catch path ofdownloadBinary.
7. [Maintainability/Correctness] getBinaryPath() and isInstalled() have hidden side effects
- Location:
src/tools/ckb-tui.ts:11-19,125-129 - Description: Path lookup and presence checks trigger blocking network downloads. This violates the principle of least surprise and makes the class hard to test.
- Evidence:
static isInstalled(): boolean { const binPath = this.getBinaryPath(); return fs.existsSync(binPath); }
- Fix: Split into
getBinaryPath()(pure lookup) andensureInstalled()/install()(explicit side effect).
8. [Maintainability] CKBTui is a class of only static members with mutable global state
- Location:
src/tools/ckb-tui.ts:9 - Description:
private static binaryPathis effectively global mutable state. There is no instance behavior that benefits from a class. - Fix: Convert to plain functions or a namespace, passing the binary path as an argument.
9. [Maintainability] Binary download/installation duplicates existing utilities
- Location:
src/tools/ckb-tui.ts:25-82 - Description:
downloadBinaryre-implements download/extract/chmod logic already present insrc/node/install.ts(downloadCKBBinaryAndUnzip,installCKBBinary). - Fix: Reuse the existing binary-installation utilities or extract a shared module.
10. [Maintainability] Network validation is duplicated inline
- Location:
src/cli.ts:212-216 - Description: The status command manually checks
Object.values(Network)and exits, butsrc/util/validator.tsalready providesvalidateNetworkOpt()andisValidNetworkString(). - Fix: Use
validateNetworkOpt(option.network)fromsrc/util/validator.tsfor consistency.
11. [Performance] execSync calls have no timeout
- Location:
src/tools/ckb-tui.ts:61,64,66,80 - Description: Downloads and extractions can block the CLI indefinitely if GitHub or the local shell stalls.
- Fix: Add
{ timeout: 120000 }(or similar) to everyexecSynccall and handleETIMEDOUT/ETIMEgracefully.
12. [Performance] CKBTui.run() can synchronously download the binary
- Location:
src/tools/ckb-tui.ts:134 - Description:
run()callsgetBinaryPath(), which can block the event loop until a multi-megabyte archive is downloaded and extracted. - Fix: Separate installation from execution: expose an async
install()method and makerun()only execute an already-installed binary.
SUGGESTION (optional polish)
13. [Correctness] isRPCPortListening only verifies TCP connectivity
- Location:
src/cmd/status.ts:22-35 - Description: The probe confirms a socket can connect but never verifies the service speaks CKB JSON-RPC. Another process bound to the same port will pass the check.
- Fix: Send a minimal JSON-RPC request (e.g.,
get_blockchain_info) and validate the response before launchingckb-tui.
14. [Correctness] network is typed as optional but undefined is not handled
- Location:
src/cmd/status.ts:9,14-18 - Description:
StatusOptions.network?: Networkallowsundefined, which falls through the ternary tosettings.mainnet.rpcProxyPort. The CLI currently supplies a default, but the type and implementation are inconsistent. - Fix: Make
networkrequired inStatusOptionsor add an explicit default/validation at the top ofstatus().
15. [Maintainability] Network-to-port mapping uses a nested ternary
- Location:
src/cmd/status.ts:16-18 - Description: A
Record<Network, number>lookup would be more readable and extensible. - Fix: Replace the ternary with a small lookup table or helper function.
16. [Maintainability] --network help text for status is copy-pasted from deploy
- Location:
src/cli.ts:209 - Description: The option description says "Specify the network to deploy to", which is inaccurate for the
statuscommand. - Fix: Change to "Specify the network whose node status to monitor".
17. [Maintainability] findBinary() re-implements a weaker version of existing utility
- Location:
src/tools/ckb-tui.ts:103-121 - Description: It searches only one subdirectory level and does not check
isFile().src/util/fs.tsalready exportsfindFileInFolder()which recursively searches the tree. - Fix: Use
findFileInFolder(binDir, binaryName)fromsrc/util/fs.ts.
18. [Correctness] Caught error message access assumes an Error object
- Location:
src/tools/ckb-tui.ts:87 - Description:
(error as Error).messageis unsafe if a non-Errorvalue is thrown. - Fix: Use
error instanceof Error ? error.message : String(error).
19. [Correctness] Exit status of ckb-tui is ignored
- Location:
src/cmd/status.ts:28 - Description:
CKBTui.run()returns aSpawnSyncReturnsresult, butstatus()does not propagate it, so scripts cannot detect TUI failure. - Fix: Set
process.exitCode = result.status ?? 1when the child exits with an error.
20. [Performance] Local RPC probe timeout is long
- Location:
src/cmd/status.ts:35 - Description: A 5-second timeout for a
127.0.0.1probe is generous and slows failure detection. - Fix: Consider reducing
TIMEOUT_MSto 1000–2000 ms or making it configurable.
21. [Performance] chmod is performed via execSync
- Location:
src/tools/ckb-tui.ts:80 - Description: A shell process is spawned when
fs.chmodSync(this.binaryPath!, 0o755)suffices. - Fix: Use
fs.chmodSyncinstead.
Fix checklist for the author
- Replace shell-interpolated
execSynccalls withexecFileSync/spawnSyncand argument arrays - Add checksum/signature verification for downloaded
ckb-tuibinaries - Resolve and validate
tools.rootFolderto a known-safe path - Add schema validation to
readSettings() - Ensure destination directory exists before curl writes to it
- Separate binary path lookup from installation/download side effects
- Reuse existing binary-installation utilities from
src/node/install.ts - Use
validateNetworkOpt()for CLI network validation - Add timeouts to download/extraction
execSynccalls - (Optional) Tighten RPC probe, fix error-message casting, and propagate
ckb-tuiexit code
- Replace execSync shell interpolation with spawnSync array args (CRIT ckb-devrel#1) - Add path validation for tools.rootFolder bounded to dataPath (CRIT ckb-devrel#3) - Add SHA-256 checksum verification for downloaded binaries (CRIT ckb-devrel#2) - Use -fsSL flags on curl, add timeouts, use fs.chmodSync, findFileInFolder - Fix deepMerge mutation by cloning defaultSettings before merge - Add settings validation for tools.rootFolder, ckbTui.version, proxy types - Fix status help text typo and use validateNetworkOpt() consistently - Replace nested ternary with lookup table, propagate exit code
🔧 Fix Summary (Round 1)Addressed feedback from [REVIEW-ORCHESTRATOR]:
Addressed feedback from [TEST-ORCHESTRATOR]:
Files changed:
Deferred:
Verification:
|
humble-little-bear
left a comment
There was a problem hiding this comment.
[TEST-ORCHESTRATOR]
Updated Test Results for #449 (after follow-up verification)
PR: feat(cmd): add status command with ckb-tui v0.1.3
Original commit tested: ea81c87
Author's fix commit: 7619bae
Test dimensions: Unit / Integration / Chaos-Fuzz / Adversarial Review
Overall recommendation: 🟡 Conditional pass / needs re-test on the new fix commit — the author has addressed most blocking issues in 7619bae0, but those fixes have not yet been independently verified by the test squad.
1. Follow-up Completion Status
All three specialist follow-up issues are now done:
- RET-173 (Unit-test specialist) — code fixes + unit tests claimed;
pnpm testreported passing. - RET-174 (Practical-Integration specialist) — tested against original commit
ea81c87. - RET-175 (Chaos/Fuzz specialist) — tested against original PR branch before
7619bae0.
Important timeline note: the author's fix commit 7619bae0 was pushed after the unit-test and chaos follow-ups were submitted and before the practical follow-up was finalized. All specialist reports therefore primarily verify the pre-fix state; the fix commit itself has not been re-tested by the squad.
2. Confirmed Findings from Original Commit (ea81c87)
🔴 Critical
- Command injection via
tools.rootFolder— Confirmed by practical and chaos specialists. A malicioussettings.jsonvalue containing"/$(...)breaks out of the shell string used byexecSyncindownloadBinary()and executes arbitrary commands.
🟠 High
- First-run directory not created —
downloadBinary()does not callfs.mkdirSync(binDir, { recursive: true }), causing first-timeoffckb statusto fail withENOENT. - Cross-process download race — Multiple concurrent
offckb statusprocesses write to the same archive path, corrupting the download. - No integrity verification — The downloaded binary is executed without checksum or signature verification.
- Windows
unzipdependency —.zipextraction shells out tounzip, which is not present by default on Windows. - Non-TTY / CI hang —
ckb-tuiis an interactive TUI; pipingoffckb status | catcauses a hang. - Exit-code propagation missing —
CKBTui.run()return value is ignored;offckb statusreturns0even when RPC is unreachable orckb-tuiexits non-zero.
🟡 Medium
- Black-hole port mis-detected as listening —
isRPCPortListening()returnstruefor a TCP port that accepts the connection but never responds. The timeout only covers connection-establishment failure, not RPC silence. deepMergemutatesdefaultSettings—readSettings()merges user config into the shared defaults object.- Version regex — Debated as too strict vs. too loose; author tightened to strict semver in the fix commit.
3. Key Conflict Resolution
"Fixes claimed" vs. "vulnerabilities confirmed" — There is no factual conflict. The specialists confirmed vulnerabilities in the original commit, while the unit-test specialist and the author independently implemented similar fixes shortly afterward. The fixes exist in commit 7619bae0 but have not been re-verified by the test squad.
isRPCPortListening timeout semantics — The function does not hang; it uses a manual setTimeout + client.destroy(). However, a black-hole port (accepts connection, sends no data) returns true, showing the probe verifies TCP connectivity, not RPC health.
4. Author's Fix Commit (7619bae) — Claims to Address
Per the author's Fix Summary (Round 1):
- Replaced
execSyncshell strings withspawnSyncarray arguments. - Added
resolveAndValidateBinDir()restrictingtools.rootFolderunderdataPath. - Added
verifyChecksum()using releasechecksums-sha256.txt. - Added
fs.mkdirSync(binDir, { recursive: true })before download. - Switched to atomic temp-directory download +
fs.renameSync. - Replaced Windows
unzipshell call withAdmZip. - Propagated
ckb-tuiexit code viaprocess.exitCode. - Fixed
deepMergemutation by cloning defaults before merge. - Tightened version regex to strict semver.
Deferred items (author explicitly did not address): unit-test coverage for new modules, real JSON-RPC probe, cross-process file locking, async install refactor.
5. Final Recommendation
- Pass
- Conditional pass / needs re-test on new commit
- Do not merge
The author has responded comprehensively to the blocking findings. However, because the fix commit 7619bae0 was not part of the specialist follow-up verification, the squad cannot confirm the fixes actually work.
Required before merge:
- Confirm
7619bae0contains all claimed fixes and push any final stable commit. - Re-run the full test squad workflow (unit / integration / chaos / adversarial review) against the new commit.
- Verify in particular: command injection elimination, directory creation, atomic download, checksum verification, exit-code propagation, and
defaultSettingspollution fix.
Strongly recommended:
- Add executable unit tests for
src/cmd/status.ts,src/tools/ckb-tui.ts, and thestatusCLI registration. The author deferred this; it should not be deferred again. - Test on macOS arm64 and Windows x64.
- Define behavior for non-TTY / CI environments.
6. Remaining / Unverified Risks
- Fix commit
7619bae0has not been independently tested. - No macOS / Windows live testing.
- No real CKB JSON-RPC probe; only TCP connectivity is checked.
- No non-TTY/CI behavior validation.
- No disk-full, read-only directory, proxy, or slow-network testing.
- Supply-chain checksum verification is new and depends on upstream publishing
checksums-sha256.txt.
Report synthesized by Test-Orchestrator from Unitest-Assesor, Practical-Integration-Test-Assesor, Fuzz-Test-Assesor, and Test-Challenger follow-up outputs, plus the author's fix summary.
🔧 Fix Summary (Round 2)Addressed feedback from [TEST-ORCHESTRATOR]:
Addressed feedback from [REVIEW-ORCHESTRATOR]:
Files changed:
Deferred:
Verification:
CC |
Changes
Integrates ckb-tui (v0.1.3) into offckb to provide a terminal UI for monitoring CKB network status from a local node.
What's new
statuscommand:offckb status --network devnet/testnet/mainnetlaunches the ckb-tui monitoring interfaceFiles changed
src/tools/ckb-tui.ts— Platform-aware binary download/install for Linux x64, macOS arm64, Windows x64src/cmd/status.ts— Status command with RPC port connectivity checksrc/cfg/setting.ts— Addedtools.rootFolderandtools.ckbTui.versionsettingssrc/cli.ts— Registeredstatuscommand with network enum validationREADME.md— Documentedstatuscommand and TUI usageKey differences from PR #323
ckb-tuibinary (no platform suffix), uses recursive search to locate itRef
RET-161
Test
pnpm run buildpasses cleanlytsc --noEmitpasses with no type errors