import { expect, test } from "bun:test"; import { createHash } from "node:crypto"; import { readFileSync } from "node:fs"; import { resolve } from "node:path"; const repositoryRoot = resolve(import.meta.dir, "../../.."); const manifestPath = resolve(repositoryRoot, "scripts/vendor/ajv-dist/8.17.1/manifest.json"); test("repo-owned Ajv 2020 bundle matches the locked dependency and source artifact", () => { const manifest = JSON.parse(readFileSync(manifestPath, "utf8")); const packageJson = JSON.parse(readFileSync(resolve(repositoryRoot, "package.json"), "utf8")); const vendor = readFileSync(resolve(repositoryRoot, manifest.vendorPath)); const source = readFileSync(resolve(repositoryRoot, manifest.sourcePath)); expect(packageJson.dependencies[manifest.package]).toBe(manifest.version); expect(vendor.byteLength).toBe(manifest.bytes); expect(createHash("sha256").update(vendor).digest("hex")).toBe(manifest.sha256); expect(vendor.equals(source)).toBe(true); });