From 002a719236a6d94303437278e9b8a70360cbfd4e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Kautler?= Date: Fri, 24 Apr 2026 16:00:56 +0200 Subject: [PATCH] fix(server): Deliver 404 if the significant version was not valid --- jit-binding-server/build.gradle.kts | 1 + .../jitbindingserver/RequestParsing.kt | 2 +- .../jitbindingserver/ArtifactRoutesTest.kt | 45 +++++++++++++++++++ .../jitbindingserver/RequestParsingTest.kt | 2 +- 4 files changed, 48 insertions(+), 2 deletions(-) diff --git a/jit-binding-server/build.gradle.kts b/jit-binding-server/build.gradle.kts index ddaaefd69..47d94e57a 100644 --- a/jit-binding-server/build.gradle.kts +++ b/jit-binding-server/build.gradle.kts @@ -30,6 +30,7 @@ dependencies { implementation(projects.sharedInternal) testImplementation("io.ktor:ktor-server-test-host") + testImplementation("io.ktor:ktor-client-mock:3.4.3") testImplementation("io.mockk:mockk:1.14.9") } diff --git a/jit-binding-server/src/main/kotlin/io/github/typesafegithub/workflows/jitbindingserver/RequestParsing.kt b/jit-binding-server/src/main/kotlin/io/github/typesafegithub/workflows/jitbindingserver/RequestParsing.kt index a16cdf304..56770914c 100644 --- a/jit-binding-server/src/main/kotlin/io/github/typesafegithub/workflows/jitbindingserver/RequestParsing.kt +++ b/jit-binding-server/src/main/kotlin/io/github/typesafegithub/workflows/jitbindingserver/RequestParsing.kt @@ -13,7 +13,6 @@ import io.ktor.http.Parameters fun Parameters.parseRequest(extractVersion: Boolean): BindingsServerRequest? { val owner = this["owner"]!! val nameAndPathAndSignificantVersionParts = this["name"]!!.split("___", limit = 2) - val nameAndPath = nameAndPathAndSignificantVersionParts.first() val significantVersion = nameAndPathAndSignificantVersionParts .drop(1) @@ -24,6 +23,7 @@ fun Parameters.parseRequest(extractVersion: Boolean): BindingsServerRequest? { .entries .find { "$it" == significantVersionString } } ?: FULL + val nameAndPath = if (significantVersion == FULL) this["name"]!! else nameAndPathAndSignificantVersionParts.first() val nameAndPathParts = nameAndPath.split("__") val name = nameAndPathParts.first() val path = diff --git a/jit-binding-server/src/test/kotlin/io/github/typesafegithub/workflows/jitbindingserver/ArtifactRoutesTest.kt b/jit-binding-server/src/test/kotlin/io/github/typesafegithub/workflows/jitbindingserver/ArtifactRoutesTest.kt index 847408d02..982779149 100644 --- a/jit-binding-server/src/test/kotlin/io/github/typesafegithub/workflows/jitbindingserver/ArtifactRoutesTest.kt +++ b/jit-binding-server/src/test/kotlin/io/github/typesafegithub/workflows/jitbindingserver/ArtifactRoutesTest.kt @@ -4,9 +4,12 @@ import io.github.typesafegithub.workflows.actionbindinggenerator.domain.TypingAc import io.github.typesafegithub.workflows.mavenbinding.BindingsServerRequest import io.github.typesafegithub.workflows.mavenbinding.TextArtifact import io.github.typesafegithub.workflows.mavenbinding.VersionArtifacts +import io.github.typesafegithub.workflows.mavenbinding.buildVersionArtifacts import io.kotest.core.spec.style.FunSpec import io.kotest.matchers.shouldBe import io.ktor.client.HttpClient +import io.ktor.client.engine.mock.MockEngine +import io.ktor.client.engine.mock.respond import io.ktor.client.request.get import io.ktor.client.statement.bodyAsText import io.ktor.http.HttpStatusCode @@ -146,5 +149,47 @@ class ArtifactRoutesTest : verify(exactly = 2) { mockBuildVersionArtifacts(any(), any()) } } } + + test("when version significance is invalid") { + testApplication { + // Given + application { + appModule( + buildVersionArtifacts = { bindingsServerRequest, _ -> + buildVersionArtifacts( + bindingsServerRequest, + HttpClient( + MockEngine { request -> + when (request.url.toString()) { + "https://raw.githubusercontent.com" + + "/some-owner/some-action-act/v4/_weird/action.yml", + "https://raw.githubusercontent.com" + + "/some-owner/some-action-act/v4/_weird/action.yaml", + -> { + respond("Not found", status = HttpStatusCode.NotFound) + } + + else -> { + error("An internal error occurred!") + } + } + }, + ), + ) + }, + // Irrelevant for these tests. + buildPackageArtifacts = { _, _, _, _ -> emptyMap() }, + getGithubAuthToken = { "" }, + ) + } + + // When + val response = + client.get("some-owner/some-action-act___weird/v4/some-action-act___weird-v4.pom") + + // Then + response.status shouldBe HttpStatusCode.NotFound + } + } } }) diff --git a/jit-binding-server/src/test/kotlin/io/github/typesafegithub/workflows/jitbindingserver/RequestParsingTest.kt b/jit-binding-server/src/test/kotlin/io/github/typesafegithub/workflows/jitbindingserver/RequestParsingTest.kt index 4e968f118..8c7ec1b67 100644 --- a/jit-binding-server/src/test/kotlin/io/github/typesafegithub/workflows/jitbindingserver/RequestParsingTest.kt +++ b/jit-binding-server/src/test/kotlin/io/github/typesafegithub/workflows/jitbindingserver/RequestParsingTest.kt @@ -83,7 +83,7 @@ class RequestParsingTest : name = "act", version = "irrelevant", significantVersion = FULL, - path = null, + path = "_weird", ), ) }