Add vitest support, enhance doctor command, implement formula/lookup RLS conditions

[Copilot]

CLI test runner only supported Jest. Doctor command lacked dependency checks. RLS query trimmer couldn't handle formula-based or lookup chain conditions.

CLI Enhancements

Test Command (packages/tools/cli/src/commands/test.ts)

• Auto-detects vitest alongside existing Jest support
• Added --runner, --watch, --coverage flags
• Falls back to npm test when no runner detected

Doctor Command (packages/tools/cli/src/commands/doctor.ts)

• Node.js version check (v16+ required, v18+ recommended)
• TypeScript detection and tsconfig validation (strict mode, target)
• Package.json validation and dependency listing
• ObjectQL package/driver detection

RLS Query Trimmer

Formula Conditions (packages/foundation/plugin-security/src/query-trimmer.ts)

Converts JavaScript-style expressions to database filters:

// Before: formula conditions returned empty filter {}
// After: parses and converts to native query filters

{
  type: 'formula',
  formula: "status == 'active' && owner == $current_user.id"
}
// → { $and: [{ status: 'active' }, { owner: 'user123' }] }

Supports:

• Comparison: ==, !=, >, >=, <, <=
• Logical: &&, || (with proper precedence)
• Field tests: owner (exists), !archived (null)
• User context: $current_user.*
• Type coercion: strings, numbers, booleans, null

Lookup Conditions

Converts lookup chains to $lookup subquery filters:

{
  type: 'lookup',
  object: 'projects',
  via: 'project_id',
  condition: { field: 'owner', operator: '=', value: '$current_user.id' }
}
// → { $lookup: { from: 'projects', localField: 'project_id', 
//               foreignField: '_id', filter: { owner: 'user123' } } }

Tests

• CLI: 17 tests (2 new for test/doctor commands)
• Security: 13 tests (all new for formula/lookup conditions)
• All existing tests pass unchanged

Original prompt

🟡 中优先级问题 (影响开发体验)

问题 #6-7: CLI 工具不完整

new 命令: 缺少动作和钩子生成器
test 命令: 未集成测试运行器
doctor 命令: 缺少依赖检查
问题 #8: RLS 查询修剪器功能受限

不支持公式基础的条件
不支持查找链条件

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
objectql	Ready	Preview, Comment	Jan 29, 2026 0:21am

[github-actions]

⚠️ No Changeset Found

This PR does not include a changeset file.
If this PR includes user-facing changes, please add a changeset by running:

pnpm changeset

[Copilot]

Pull request overview

This pull request adds vitest test runner support to the CLI, enhances the doctor command with comprehensive environment checks, and implements formula-based and lookup-based row-level security (RLS) conditions in the security plugin's query trimmer.

Changes:

• CLI test command now auto-detects and supports both Jest and vitest test runners with new flags (--watch, --coverage, --runner)
• Doctor command enhanced with Node.js version validation, TypeScript detection, package.json validation, and ObjectQL dependency checking
• Query trimmer implements formula condition parsing to convert JavaScript-style expressions into database filters
• Query trimmer implements lookup condition support to handle relationship-based RLS through subquery filters

Reviewed changes

Copilot reviewed 8 out of 9 changed files in this pull request and generated 18 comments.

Show a summary per file

File	Description
packages/tools/cli/src/commands/test.ts	Added vitest detection alongside Jest, refactored to handle both runners with auto-detection logic
packages/tools/cli/src/register/tools.ts	Added new command-line flags for test command (--watch, --coverage, --runner, --dir)
packages/tools/cli/src/commands/doctor.ts	Comprehensive rewrite adding Node version checks, TypeScript validation, tsconfig analysis, and dependency detection
packages/tools/cli/tests/commands.test.ts	Added basic tests for test command (missing runner detection) and doctor command (Node.js version, package.json detection)
packages/foundation/plugin-security/src/query-trimmer.ts	Implemented formulaToFilter and lookupToFilter methods to convert RLS conditions to database query filters
packages/foundation/plugin-security/tests/query-trimmer.test.ts	New test file with 13 tests covering formula conditions, lookup conditions, and existing functionality
packages/foundation/plugin-security/package.json	Added Jest dependencies (jest, @types/jest, ts-jest) for testing
packages/foundation/plugin-security/jest.config.js	New Jest configuration for the security plugin
pnpm-lock.yaml	Updated with new dependencies and libc metadata for native packages

Files not reviewed (1)

• pnpm-lock.yaml: Language not supported

Comments suppressed due to low confidence (3)

packages/tools/cli/tests/commands.test.ts:16

• Unused import format.

import { format } from '../src/commands/format';

packages/tools/cli/tests/commands.test.ts:172

• Unused variable configPath.

        let configPath: string;

packages/tools/cli/src/commands/doctor.ts:264

• Unused function loadObjectQLInstance.

async function loadObjectQLInstance(configPath?: string) {

[Copilot]

The formula parser does not validate or sanitize the user-provided formula expression before evaluation. While it attempts to parse common patterns, there's no prevention of code injection through formula strings. For example, a malicious formula could potentially include method calls or property access that aren't intended to be supported.

Add input validation to ensure only safe operators and field references are allowed in formulas. Consider using an allowlist approach where only specific operators and syntax patterns are permitted.

[Copilot]

Same issue as with formula conditions - returning an empty filter object when lookup conversion fails could allow records to be fetched that should be restricted. The console.warn indicates the lookup "will be evaluated in-memory" but there's no guarantee that in-memory evaluation is implemented or will work correctly.

For RLS security, it's safer to fail closed. Consider throwing an error or returning a restrictive filter ({ _id: null }) when lookup conditions cannot be safely converted to database filters.

Suggested change

	// If we can't convert to a filter, return empty object
	return {};
	// If we can't convert to a filter safely, fail closed with a restrictive filter
	return { _id: null };

[Copilot]

The vitest command construction differs from jest in how it handles the watch flag. For vitest, when watch is not specified, it adds 'run' as a subcommand (line 100). However, this assumes vitest always needs an explicit 'run' command when not in watch mode, which may not align with how vitest is typically invoked in package.json scripts.

Verify that this is the correct vitest invocation pattern. In many projects, vitest can be run without the 'run' subcommand and will default to running tests once.

[Copilot]

The doctor command calls process.exit(1) on errors (line 152), which makes it untestable and prevents proper error handling in programmatic usage. The test at line 481-533 works around this by not testing error cases.

Consider returning an exit code or throwing errors instead of calling process.exit() directly. This would make the command more testable and allow it to be composed with other tools.

Suggested change

	process.exit(1);
	} else if (hasWarnings) {
	console.log(chalk.yellow('⚠️ Everything works, but some improvements are recommended.'));
	} else {
	console.log(chalk.green('✅ Everything looks good!'));
	return 1;
	} else if (hasWarnings) {
	console.log(chalk.yellow('⚠️ Everything works, but some improvements are recommended.'));
	return 0;
	} else {
	console.log(chalk.green('✅ Everything looks good!'));
	return 0;

[Copilot]

The getCommandVersion function executes shell commands without any timeout, which could cause the doctor command to hang indefinitely if a command is unresponsive. This creates a poor user experience.

Add a timeout to the spawn call to ensure the command doesn't hang. Consider using a timeout of 5-10 seconds for version checks.

[Copilot]

The $lookup filter syntax used here is MongoDB-specific, but the QueryTrimmer is supposed to be database-agnostic and work at the AST level before SQL generation. According to the ObjectQL architecture principles, this should compile to abstract intent that can be interpreted by different drivers (SQL, MongoDB, etc.).

This implementation violates the "Compiler, Not ORM" principle by leaking database-specific syntax into the core security layer. The $lookup operator won't work with SQL drivers. Consider creating an abstract representation that can be translated by each driver, or document that lookup conditions only work with MongoDB.

[Copilot]

The operatorToMongoFilter method is called but uses MongoDB-specific syntax ($gt, $gte, $ne, etc.) which violates the architecture principle that QueryTrimmer should work at the AST level. The comment on line 18 states it "Works at the AST level to inject security filters before SQL generation" but the implementation leaks MongoDB-specific operators.

According to the ObjectQL architecture, packages/foundation must NEVER contain dialect-specific logic. Either refactor to use an abstract filter representation that drivers can interpret, or document this limitation.

[Copilot]

The test command calls process.exit() directly on test failures or success, which makes the command untestable and prevents proper error propagation. This is inconsistent with testing best practices and makes it difficult to test the CLI itself.

Consider returning error codes or throwing errors instead of calling process.exit() directly, allowing the caller to handle the exit. This pattern is already acknowledged in the test file at line 90 where a test is skipped due to process.exit.

[Copilot]

When the user specifies a runner via the --runner flag but that runner is not installed in package.json, the command silently falls through to the "no test configuration" message. This is confusing - if a user explicitly requests jest or vitest, they should get a clear error message that the specified runner is not installed.

Add validation to check if the explicitly requested runner is installed, and provide a specific error message if it's not found.

[Copilot]

The test mocks console.log to verify output but doesn't check for specific error paths or edge cases. For example, it doesn't test what happens when package.json contains invalid JSON for dependencies, when TypeScript version extraction fails, or when Node version is below v16.

Add tests for error paths and edge cases to ensure robust error handling in the doctor command, such as when version parsing fails or dependencies are malformed.