Molecule AI Fullstack Engineer
e908772bcc
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 19s
CI / Detect changes (pull_request) Successful in 1m10s
Harness Replays / detect-changes (pull_request) Successful in 19s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 15s
E2E API Smoke Test / detect-changes (pull_request) Successful in 48s
gate-check-v3 / gate-check (pull_request) Successful in 17s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 48s
qa-review / approved (pull_request) Successful in 15s
security-review / approved (pull_request) Successful in 15s
sop-checklist / all-items-acked (pull_request) Successful in 14s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 37s
sop-tier-check / tier-check (pull_request) Successful in 14s
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m14s
audit-force-merge / audit (pull_request) Successful in 27s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 7s
CI / Canvas (Next.js) (pull_request) Successful in 10s
CI / Python Lint & Test (pull_request) Successful in 8s
Harness Replays / Harness Replays (pull_request) Successful in 10s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 8s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Failing after 1m35s
CI / Canvas Deploy Reminder (pull_request) Successful in 4s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 5m55s
CI / Platform (Go) (pull_request) Failing after 9m42s
CI / all-required (pull_request) Successful in 6s
This PR closes #965 and brings PR#956's org_helpers_security_test.go
onto the staging branch, with all conflicts resolved.
Fix 1 — TestResolveInsideRoot_DotDotWithIntermediate panic (GH#965):
a/b/../../c from /safe/root normalizes to /safe/root/c (valid descendant),
so resolveInsideRoot returns nil. The test expected an error and called
err.Error() on nil → panic. Fixed by rewriting the test to expect success
and verify the resolved path stays within root.
Fix 2 — Nil-panic propagation across resolveInsideRoot tests:
All resolveInsideRoot tests that checked "err == nil" then called err.Error()
on the falling-through path. Changed to t.Fatalf to stop immediately so the
nil dereference never fires.
Fix 3 — expandWithEnv literal-dollar regression:
Re-applied the fix from fix/duplicate-test-declarations: expandWithEnv now
skips $VAR keys not starting with [a-zA-Z_], so "cost $100" stays as-is
even in environments where $1 could be resolved.
Fix 4 — SSH probe tests degrade gracefully:
TestHandleDiagnose_RoutesToRemote and TestDiagnoseRemote_StopsAtSSHProbe
now t.Skip when ssh-keygen/nc are absent from PATH.
Fix 5 — org_helpers_security_test.go duplicate declarations resolved:
Removed isSafeRoleName tests (already in org_helpers_pure_test.go).
Renamed TestMergeCategoryRouting_* → TestSecureRouting_* to avoid
redeclaration with org_helpers_pure_test.go.
Added the file from PR#956 (merged to main at
|
||
|---|---|---|
| .. | ||
| artifacts | ||
| buildinfo | ||
| bundle | ||
| channels | ||
| crypto | ||
| db | ||
| envx | ||
| events | ||
| handlers | ||
| imagewatch | ||
| memory | ||
| messagestore | ||
| metrics | ||
| middleware | ||
| models | ||
| orgtoken | ||
| pendinguploads | ||
| plugins | ||
| provisioner | ||
| provlog | ||
| registry | ||
| router | ||
| scheduler | ||
| supervised | ||
| textutil | ||
| ws | ||
| wsauth | ||