fix(ego-lint): don't flag gi:// strings passed to importInShellOnly/importInPrefsOnly (#162)

ZviBaratz · Solomon · web-flow · commit c1f88581991b · 2026-04-06T05:05:55.000+03:00
## Problem Field test against Burn-My-Windows v48 (2.4M EGO downloads) produced **14 false positive FAILs** from `imports/shared-module-shell` and `imports/no-gtk-in-extension`. Closes #159. The extension uses a conditional import utility pattern in `src/utils.js`: ```js export async function importInShellOnly(module) { if (typeof global !== 'undefined') { return (await import(module)).default; } return null; } ``` Effect modules reference Shell libraries via this guard: ```js const Clutter = await utils.importInShellOnly('gi://Clutter'); ``` The previous grep matched `gi://Clutter` anywhere in the file, including as a quoted string argument. These are not imports — they're string arguments to guard functions that guarantee the import never executes in the wrong process context. ## Fix Filter grep output to only flag lines that contain an actual import statement (`from '...'` or `import('...')`). String references like `importInShellOnly('gi://Clutter')` don't contain either pattern and are no longer flagged. Applied to both: - `imports/shared-module-shell` (Shell imports in prefs-reachable modules) - `imports/no-gtk-in-extension` (GTK imports in extension-reachable modules) ## Test Coverage Added `import-guarded@test` fixture with the exact `importInShellOnly`/`importInPrefsOnly` pattern from Burn-My-Windows. Two new assertions verify no false positives are produced. ## Impact - Burn-My-Windows v48: 14 FP FAILs → 0 (only the real R-SEC-22 dconf FAIL remains) - Existing `shared-import-violation@test` still fires — real violations are unaffected 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Solomon <sol@nanoclaw.dev>
diff --git a/skills/ego-lint/scripts/check-imports.sh b/skills/ego-lint/scripts/check-imports.sh
@@ -81,7 +81,9 @@ for f in "${runtime_files[@]}"; do
         rel_path="${f#"$EXT_DIR/"}"
         echo "FAIL|imports/no-gtk-in-extension|$rel_path: $match"
         violations=$((violations + 1))
-    done < <(grep -nE "$gtk_pattern" "$f" 2>/dev/null | grep -vE "gi://GdkPixbuf" || true)
+    done < <(grep -nE "$gtk_pattern" "$f" 2>/dev/null \
+        | grep -vE "gi://GdkPixbuf" \
+        | grep -E "(from\s+['\"]|import\s*\()" || true)
 done
 
 # ---------------------------------------------------------------------------
@@ -146,14 +148,17 @@ if [[ -f "$EXT_DIR/prefs.js" ]]; then
         done < <(get_local_imports "$current")
     done
 
-    # Check prefs-reachable modules (excluding prefs.js itself) for Shell imports
+    # Check prefs-reachable modules (excluding prefs.js itself) for Shell imports.
+    # Only flag actual import statements (from '...' or import('...')) — not gi:// strings
+    # passed as arguments to guard functions like importInShellOnly('gi://Clutter').
     for f in "${!prefs_visited[@]}"; do
         [[ "$f" == "$EXT_DIR/prefs.js" ]] && continue
         rel_path="${f#"$EXT_DIR/"}"
         while IFS= read -r match; do
             echo "FAIL|imports/shared-module-shell|$rel_path: Shell runtime import in module reachable from prefs.js: $match"
             violations=$((violations + 1))
-        done < <(grep -nE "$shell_pattern" "$f" 2>/dev/null || true)
+        done < <(grep -nE "$shell_pattern" "$f" 2>/dev/null \
+            | grep -E "(from\s+['\"]|import\s*\()" || true)
     done
 fi
 
diff --git a/tests/assertions/import-segregation.sh b/tests/assertions/import-segregation.sh
@@ -7,3 +7,10 @@ run_lint "shared-import-violation@test"
 assert_exit_code "exits with 1 (has failures)" 1
 assert_output_contains "fails on shared module Shell import" "\[FAIL\].*imports/shared-module-shell"
 echo ""
+
+# --- import-guarded: importInShellOnly/importInPrefsOnly guard pattern ---
+echo "=== import-guarded ==="
+run_lint "import-guarded@test"
+assert_output_not_contains "no false positive for importInShellOnly string arg" "imports/shared-module-shell"
+assert_output_not_contains "no false positive for importInPrefsOnly Gtk string arg" "imports/no-gtk-in-extension"
+echo ""
diff --git a/tests/fixtures/import-guarded@test/LICENSE b/tests/fixtures/import-guarded@test/LICENSE
@@ -0,0 +1 @@
+GPL-2.0-or-later
diff --git a/tests/fixtures/import-guarded@test/extension.js b/tests/fixtures/import-guarded@test/extension.js
@@ -0,0 +1,17 @@
+import {Extension} from 'resource:///org/gnome/shell/extensions/extension.js';
+import * as utils from './utils.js';
+
+export default class GuardedExtension extends Extension {
+    async enable() {
+        // Shell-only imports via guard — safe, prefs process gets null
+        const Clutter = await utils.importInShellOnly('gi://Clutter');
+        const St = await utils.importInShellOnly('gi://St');
+        if (Clutter) {
+            this._actor = new Clutter.Actor();
+        }
+    }
+
+    disable() {
+        this._actor = null;
+    }
+}
diff --git a/tests/fixtures/import-guarded@test/metadata.json b/tests/fixtures/import-guarded@test/metadata.json
@@ -0,0 +1,8 @@
+{
+  "name": "Import Guarded Test",
+  "description": "Extension using importInShellOnly/importInPrefsOnly guard pattern",
+  "uuid": "import-guarded@test",
+  "version": 1,
+  "shell-version": ["45", "46", "47", "48", "49", "50"],
+  "url": "https://example.com"
+}
diff --git a/tests/fixtures/import-guarded@test/prefs.js b/tests/fixtures/import-guarded@test/prefs.js
@@ -0,0 +1,13 @@
+import {ExtensionPreferences} from 'resource:///org/gnome/Shell/Extensions/js/extensions/prefs.js';
+import * as utils from './utils.js';
+
+export default class GuardedPrefs extends ExtensionPreferences {
+    async fillPreferencesWindow(window) {
+        // Prefs-only import via guard — safe, Shell process gets null
+        const Gtk = await utils.importInPrefsOnly('gi://Gtk');
+        if (Gtk) {
+            const box = new Gtk.Box();
+            window.add(box);
+        }
+    }
+}
diff --git a/tests/fixtures/import-guarded@test/utils.js b/tests/fixtures/import-guarded@test/utils.js
@@ -0,0 +1,16 @@
+// Conditional import utilities — safe guard pattern used by Burn-My-Windows and similar extensions.
+// These functions ensure Shell-only modules never load in the prefs process (and vice versa).
+
+export async function importInShellOnly(module) {
+  if (typeof global !== 'undefined') {
+    return (await import(module)).default;
+  }
+  return null;
+}
+
+export async function importInPrefsOnly(module) {
+  if (typeof global === 'undefined') {
+    return (await import(module)).default;
+  }
+  return null;
+}
