test(handlers): add workspace_crud validation helper tests (#713) #743

Merged

hongming merged 2 commits from test/713-workspace-crud-validators into staging

2026-05-12 21:10:29 +00:00

Author	SHA1	Message	Date
core-devops	5e5fb503ec	ci: rerun after mc#724 all-required fix lands All checks were successful Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 15s Details sop-tier-check / tier-check (pull_request) Successful in 13s Details audit-force-merge / audit (pull_request) Successful in 14s Details	2026-05-12 20:51:20 +00:00
Molecule AI Fullstack Engineer	dccc8f53cb	test(handlers): add workspace_crud validation helper tests (#713 ) All checks were successful Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 14s Details sop-tier-check / tier-check (pull_request) Successful in 14s Details Covers the three pure validator functions introduced in #685/#688: validateWorkspaceID(id): - valid UUID forms (nil error) - empty, traversal, SQL injection, short, invalid hex → error validateWorkspaceDir(dir): - absolute non-system paths → nil - relative paths → error - traversal sequences (..) → error - system paths (/etc, /proc, /sys, /dev, /boot, /sbin, /bin, /lib, /usr, /var) → error - prefixes of system paths → error validateWorkspaceFields(name, role, model, runtime): - all-empty → nil - valid values → nil - name > 255 chars → error; exactly 255 → nil - role > 1000 chars → error - model > 100 chars → error - runtime > 100 chars → error - \n or \r in any field → error - YAML special chars ({ } [ ] \| > * & !) in name/role → error - YAML chars allowed in model/runtime (only name/role are gated) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-12 16:29:55 +00:00

Author

SHA1

Message

Date

core-devops

5e5fb503ec

ci: rerun after mc#724 all-required fix lands

Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 15s

Details

sop-tier-check / tier-check (pull_request) Successful in 13s

Details

audit-force-merge / audit (pull_request) Successful in 14s

Details

2026-05-12 20:51:20 +00:00

Molecule AI Fullstack Engineer

dccc8f53cb

test(handlers): add workspace_crud validation helper tests (#713 )

Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 14s

Details

sop-tier-check / tier-check (pull_request) Successful in 14s

Details

Covers the three pure validator functions introduced in #685/#688:

  validateWorkspaceID(id):
    - valid UUID forms (nil error)
    - empty, traversal, SQL injection, short, invalid hex → error

  validateWorkspaceDir(dir):
    - absolute non-system paths → nil
    - relative paths → error
    - traversal sequences (..) → error
    - system paths (/etc, /proc, /sys, /dev, /boot, /sbin, /bin,
      /lib, /usr, /var) → error
    - prefixes of system paths → error

  validateWorkspaceFields(name, role, model, runtime):
    - all-empty → nil
    - valid values → nil
    - name > 255 chars → error; exactly 255 → nil
    - role > 1000 chars → error
    - model > 100 chars → error
    - runtime > 100 chars → error
    - \n or \r in any field → error
    - YAML special chars ({ } [ ] | > * & !) in name/role → error
    - YAML chars allowed in model/runtime (only name/role are gated)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-12 16:29:55 +00:00

test(handlers): add workspace_crud validation helper tests (#713) #743

2 Commits