fix(test) resolve cyclonedx binary once instead of using npx per call#18
Merged
fix(test) resolve cyclonedx binary once instead of using npx per call#18
Conversation
Concurrent npx invocations race on the shared npx cache, causing ENOTEMPTY on directory renames. Instead, resolve the cyclonedx-npm binary once (via require.resolve or a one-time npm install into a temp prefix) and invoke it directly with node for all subsequent calls. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
test:coverage was missing ./test/**/*.test.js, so verification and parser-specific tests were excluded from coverage runs. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add pretest/pretest:coverage hooks to run fixture decoding so that test/parsers/*.test.js can find decoded fixtures in CI. Align test and test:coverage globs to include test/parsers/*.test.js. Add test:all for running the full suite including verification and monorepo tests locally. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
runCycloneDXintest/support/parity.jsno longer invokesnpx @cyclonedx/cyclonedx-npmon every call. A newgetCycloneDXBin()helper resolves the binary path once — first tryingrequire.resolvefromnode_modules, then falling back to a one-timenpm installinto a temp prefix — and caches it for the process lifetime. All subsequent calls invoke the binary directly vianode.Why
getParityResultsrunsrunCycloneDXtwice in parallel (lockfile-only and full). Bothnpxinvocations attempt to install or update@cyclonedx/cyclonedx-npmin the same shared~/.npm/_npx/cache directory simultaneously. npm's rename-based atomic install (rename(dir, .dir-XXXX)) collides, producingENOTEMPTY: directory not empty, rename '…/cyclonedx-library' -> '…/.cyclonedx-library-LGlIfzMw'. This is a known npm concurrency bug with no upstream fix.The previous behavior caused non-deterministic test failures — the
debug@4.3.4parity test would pass or fail depending on filesystem timing. By resolving the binary once and calling it withnodedirectly, the npx cache is never touched during parallel execution.Risk Assessment
Low risk. Only affects test infrastructure, not library code. The binary resolution has a two-tier fallback (
require.resolve→ tempnpm install), so it works both with and without@cyclonedx/cyclonedx-npmas a devDependency. All 9 parser parity tests pass deterministically.References
test/verification/parser-parity.test.js→debug@4.3.4ENOTEMPTYduring concurrentnpxcache writes🤖 Generated with Claude Code