test: add cross-package export smoke test to catch missing imports

[tamirdresher]

What

Adds a vitest smoke test (\ est/cross-package-exports.test.ts) that validates every value import \squad-cli\ uses from \squad-sdk\ resolves to a defined export at runtime.

Why

v0.9.3-insider.1 shipped with \FSStorageProvider\ missing from the SDK barrel — broke users at runtime while all TypeScript-level tests passed (TS resolves from source, not compiled output). This test would have caught that.

What it covers

20 test cases across 15 SDK subpaths and 50+ named exports:

SDK subpath	Key exports tested
@bradygaster/squad-sdk\ (root)	\FSStorageProvider, \SquadState, \TIMEOUTS, \StreamingPipeline, \RuntimeEventBus, \
esolveSquad, \
esolveGlobalSquadPath, \initSquadTelemetry, \
ecordAgent*, \safeTimestamp, \getMeter, \listRoles, \searchRoles, \getCategories, \getRoleById, \generateCharterFromRole, \�ddAgentToConfig, \initSquad, \cleanupOrphanInitPrompt, \�nsurePersonalSquadDir, \
esolvePersonalSquadDir, \
esolveExternalStateDir, \deriveProjectKey, \setupConsultMode, \isConsultMode, \PersonalSquadNotFoundError, \detectLicense, \loadStagedLearnings, \logConsultation, \mergeToPersonalSquad, \getPersonalSquadRoot, \discoverSquads, \ormatDiscoveryTable, \indSquadByName, \�uildDelegationArgs, \loadSubSquadsConfig, \
esolveSubSquad, \RemoteBridge\
/config\	\initSquad, \MigrationRegistry, \writeEconomyMode, \
eadEconomyMode\
/config/agent-source\	\LocalAgentSource\
/resolution\	\
esolveSquad, \
esolveSquadPaths, \
esolveGlobalSquadPath, \
esolvePersonalSquadDir, \�nsurePersonalSquadDir\
/client\	\SquadClient\
/adapter/errors\	\RateLimitError\
/agents/personal\	\
esolvePersonalAgents, \mergeSessionCast\
/casting\	\CastingEngine\
/platform\	\createPlatformAdapter\
/ralph\	\RalphMonitor\
/ralph/triage\	\parseRoster, \parseRoutingRules, \parseModuleOwnership, \ riageIssue\
/ralph/rate-limiting\	\PredictiveCircuitBreaker, \getTrafficLight\
/runtime/event-bus\	\EventBus\
Exports-map file check	All entries in SDK \package.json\ exports map point to real files

How to maintain

When adding a new import from @bradygaster/squad-sdk\ to \squad-cli, add a corresponding assertion in this test.

Refs #836

[github-actions]

🟢 Impact Analysis — PR #875

Risk tier: 🟢 LOW

📊 Summary

Metric	Count
Files changed	1
Files added	1
Files modified	0
Files deleted	0
Modules touched	1

🎯 Risk Factors

• 1 files changed (≤5 → LOW)
• 1 module(s) touched (≤1 → LOW)

📦 Modules Affected

tests (1 file)

• test/cross-package-exports.test.ts

---

This report is generated automatically for every PR. See #733 for details.

[github-actions]

🛫 PR Readiness Check

ℹ️ This comment updates on each push. Last checked: commit e3a9c75

PR Scope: 🔧 Infrastructure

⚠️ 6 item(s) to address before review

Status	Check	Details
❌	Single commit	4 commits — consider squashing before review
✅	Not in draft	Ready for review
❌	Branch up to date	insider is 1 commit(s) ahead — rebase recommended
❌	Copilot review	No Copilot review yet — it may still be processing
✅	Changeset present	Changeset file found
✅	Scope clean	No .squad/ or docs/proposals/ files
✅	No merge conflicts	No merge conflicts
❌	Copilot threads resolved	2 unresolved Copilot thread(s) — fix and resolve before merging
❌	CI passing	10 check(s) still running
❌	Issue linked	No issue reference — add Closes #N to PR body or commit message
✅	Protected files	No protected bootstrap files changed

Files Changed (11 files, +880 −7)

File	+/−
.changeset/readiness-file-list.md	+7 −0
.changeset/scope-boundary-check.md	+8 −0
.changeset/smart-pr-nudge.md	+8 −0
.github/copilot-instructions.md	+4 −0
.github/workflows/squad-pr-nudge.yml	+184 −0
.github/workflows/squad-repo-health.yml	+2 −2
.github/workflows/squad-scope-check.yml	+31 −0
CONTRIBUTING.md	+2 −0
scripts/pr-readiness.mjs	+99 −4
test/cross-package-exports.test.ts	+287 −0
test/pr-readiness.test.ts	+248 −1

Total: +880 −7

---

This check runs automatically on every push. Fix any ❌ items and push again.
See CONTRIBUTING.md and PR Requirements for details.

[Copilot]

Pull request overview

Adds a Vitest smoke test to prevent runtime breakages caused by missing/incorrect @bradygaster/squad-sdk re-exports (e.g., SDK barrel/export-map drift that TypeScript may not catch during development).

Changes:

• Introduces test/cross-package-exports.test.ts to dynamically import the SDK root barrel + key subpaths and assert required named exports are defined at runtime.
• Adds an additional check that every packages/squad-sdk/package.json exports entry points to an existing file on disk.

[Copilot]

pkg.exports is being cast to Record<string, Record<string, string>>, but Node’s package.json exports field can be either a string or a nested condition object. This cast makes the typeof targets === 'string' branch type-inconsistent (and would fail if tests are ever type-checked) and also masks the possibility of nested/non-string conditions. Prefer typing exportsMap as unknown (or a union of string | Record<string, unknown>) and narrowing/recursing on leaf string targets before calling resolve()/existsSync().

[Copilot]

The header comment mentions “The grep one-liner in the test description shows how to audit”, but this file doesn’t currently include that one-liner. Either add the referenced command here (so the maintenance instructions are self-contained) or remove that sentence to avoid stale documentation.

Suggested change

	* add a corresponding assertion here. The grep one-liner in the test
	* description shows how to audit.
	* add a corresponding assertion here. Audit current usage with:
	* grep -RhoE "from '@bradygaster/squad-sdk[^']*'" packages/squad-cli/src

[tamirdresher]

✅ Verified: Test catches the exact FSStorageProvider bug

We manually reproduced the insider.1 failure and confirmed this test catches it:

Reproduction steps

1. Commented out export * from './storage/index.js' in packages/squad-sdk/src/index.ts (simulating the missing FSStorageProvider export)
2. Ran npx vitest run test/cross-package-exports.test.ts

Result

`
❌ FAIL exports FSStorageProvider and core runtime symbols
→ Error: Test timed out in 5000ms (import failed — export doesn't exist)

✅ 19 passed | 1 failed (20 total)
`

The exact test case that checks FSStorageProvider failed when the storage export was removed — which is precisely the bug users hit with v0.9.3-insider.1.

What this prevents going forward

• Missing SDK barrel re-exports (like FSStorageProvider)
• ESM/CJS file extension mismatches (.js vs .cjs — Brady's fix: rename root index.js to index.cjs for ESM compat #845/fix: rename lib/rework.js to .cjs for ESM compat #846 fixes)
• package.json exports map entries pointing to non-existent files
• Any new CLI→SDK import that isn't wired up in the SDK's public API

Coverage

• 20 test cases across 15 SDK subpaths
• 50+ named exports validated
• Separate test for exports-map file existence

[diberry]

🧪 Post-Merge Review — Simon (Tester)

Verdict: 🟡 Conditional Approve — Core test is valuable, follow-ups needed.

What's Good

The cross-package export smoke test directly targets the v0.9.3-insider.1 FSStorageProvider incident. The approach — dynamic import() against 15 SDK subpaths plus an exports-map file existence check across all 52 subpaths — is sound. It tests compiled output, not source, catching the exact class of bug that broke users.

Concerns

#	Severity	Finding
1	🔴	Scope creep — Only 287 of 880 lines are the stated test. Three unrelated features (PR nudge workflow, scope check workflow, readiness file list) were bundled in, each with its own changeset.
2	🟡	Resolution fragility — The test claims to test compiled output, but doesn't verify it resolves to dist/. If vitest resolution ever changes, this test silently becomes useless.
3	🟡	Two unresolved Copilot review comments merged — The exportsMap type cast is unsafe, and the referenced grep audit one-liner was never added.
4	🟡	Manual maintenance burden — New CLI→SDK imports require hand-editing this test. No automated drift detection. This will go stale.
5	🟠	Build order dependency is implicit — Nothing enforces that SDK is built before this test runs.

Recommended Follow-Ups

1. Add compiled-output resolution guard (expect(import.meta.resolve(...)).toContain('/dist/'))
2. Add the grep audit command to the test header
3. Fix the unsafe type cast on pkg.exports
4. Consider automated import-coverage drift detection in CI
5. Enforce PR scope discipline — one concern per PR

---

Review by Squad AI team (Simon — Tester) · requested by Dina Berry

[tamirdresher]

Thanks @diberry — Simon's review is valuable. Filed #926 for the resolution guard and type safety fixes. The drift detection idea is worth exploring in CI.