Conversation
- Add namespace auto-detection to createEventHelper with 'wpk' fallback - Implement namespace-aware store operations in createStoreHelper - Fix security vulnerability by replacing new Function() with safe property access - Import ResourceConfig from kernel package to eliminate type duplication - Update all tests for dual page.evaluate call pattern (namespace + setup) - Maintain backward compatibility - no function signature changes - Add Window type extension for wpKernelNamespace detection Fixes #47 Security: Eliminates code injection risk in createStoreHelper Coverage: Maintains 96.88% test coverage with all 715 tests passing Types: All TypeScript compilation passes without errors
6 tasks
Contributor
There was a problem hiding this comment.
Pull Request Overview
Implements namespace integration for E2E testing utilities in WP Kernel framework, enabling multi-namespace support while maintaining backward compatibility and fixing a security vulnerability in the store helper.
- Auto-detection of namespace from
window.wpKernelNamespacewith 'wpk' fallback - Security fix replacing
new Function()with safe property access evaluation - Updated test patterns to accommodate dual page.evaluate calls for namespace detection
Reviewed Changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| packages/e2e-utils/src/types.ts | Removed duplicated ResourceConfig interface, importing from wp-kernel instead |
| packages/e2e-utils/src/createKernelUtils.ts | Added namespace auto-detection to store/event helpers and replaced insecure Function constructor |
| packages/e2e-utils/src/tests/createKernelUtils.test.ts | Updated tests for dual page.evaluate pattern and added const assertions |
| packages/e2e-utils/src/tests/createEventHelper.test.ts | Updated all event helper tests to handle namespace detection and setup calls |
Comment on lines
2
to
5
| * WP Kernel E2E Utils - M/** | ||
| * Create E2E utilities for WordPress Kernel* Single factory pattern that creates kernel-aware E2E utilities | ||
| * extending WordPress E2E test utils. | ||
| * |
There was a problem hiding this comment.
Malformed comment header with incomplete text and formatting errors.
Suggested change
| * WP Kernel E2E Utils - M/** | |
| * Create E2E utilities for WordPress Kernel* Single factory pattern that creates kernel-aware E2E utilities | |
| * extending WordPress E2E test utils. | |
| * | |
| * WP Kernel E2E Utils | |
| * | |
| * Provides a single factory pattern for creating kernel-aware E2E utilities, | |
| * extending WordPress E2E test utils for use with WordPress Kernel applications. | |
| * |
- Fix malformed JSDoc header formatting - Fix event listener cleanup to use dynamic namespace pattern - Add prototype pollution protection to prevent security vulnerabilities - Update tests to match new stop() method signature Resolves GitHub Copilot review comments on PR #54
Contributor
Author
✅ PR Review Comments AddressedI've fixed all 3 issues identified by GitHub Copilot: 1. Fixed Comment Header Formatting
2. Fixed Event Listener Cleanup Bug 🔧
3. Enhanced Security Validation 🔒
Test Updates
Commit: d7d0437 - fix(e2e-utils): address PR review comments Ready for re-review! 🚀 |
pipewrk
added a commit
that referenced
this pull request
Nov 8, 2025
- Fix malformed JSDoc header formatting - Fix event listener cleanup to use dynamic namespace pattern - Add prototype pollution protection to prevent security vulnerabilities - Update tests to match new stop() method signature Resolves GitHub Copilot review comments on PR #54
pipewrk
added a commit
that referenced
this pull request
Nov 8, 2025
…ace-integration feat(e2e-utils): implement namespace integration for testing utilities
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implements Task 4: E2E Utils Namespace Integration from Sprint 2.5, making all E2E testing utilities namespace-aware while maintaining backward compatibility and fixing a security vulnerability.
🎯 Key Achievements
✅ Namespace Integration
window.wpKernelNamespacewith 'wpk' fallbacknamespace/storeformat)🔐 Security Fix
new Function()vulnerability in createStoreHelper🏗️ Framework Compatibility
📋 Changes Made
Core Implementation
page.evaluatepatternTesting Updates
as constassertions🧪 Quality Assurance
🔍 Technical Details
Namespace Detection Strategy
Security Improvement
🎯 Issue Resolution
Closes #47 - Task 4: E2E Utils Namespace Integration
Sprint 2.5 Progress: ✅ Task 4 Complete
🚀 Impact
This PR enables multi-namespace support in E2E testing while strengthening security and maintaining the framework's stability guarantees. Developers can now test namespace-aware applications without breaking changes to existing test suites.