gb_flea/paperclip
1
0
Fork 0
forked from farhoodlabs/paperclip
Code Pull Requests Activity

Guard dev health JSON parsing

Browse Source 
Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
dotta
2026-04-06 20:17:47 -05:00
parent bfa60338cc
commit 9a8a169e95
7 changed files with 122 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/src/__tests__/dev-runner-output.test.ts
+17 -1
View File
@@ -1,5 +1,5 @@
import { describe, expect, it } from "vitest";
import { createCapturedOutputBuffer } from "../../../scripts/dev-runner-output.mjs";
import { createCapturedOutputBuffer, parseJsonResponseWithLimit } from "../../../scripts/dev-runner-output.mjs";
describe("createCapturedOutputBuffer", () => {
it("keeps small output unchanged", () => {
@@ -26,4 +26,20 @@ describe("createCapturedOutputBuffer", () => {
expect(result.text).toContain("total 12 bytes");
expect(result.text.endsWith("efghijkl")).toBe(true);
});
it("parses bounded JSON responses", async () => {
const response = new Response(JSON.stringify({ ok: true }), {
headers: { "content-type": "application/json" },
});
await expect(parseJsonResponseWithLimit<{ ok: boolean }>(response, 64)).resolves.toEqual({ ok: true });
});
it("rejects oversized JSON responses before parsing them", async () => {
const response = new Response(JSON.stringify({ payload: "x".repeat(128) }), {
headers: { "content-type": "application/json" },
});
await expect(parseJsonResponseWithLimit(response, 32)).rejects.toThrow("Response exceeds 32 bytes");
});
});
server/src/__tests__/dev-server-status.test.ts
+10
View File
@@ -63,4 +63,14 @@ describe("dev server status helpers", () => {
waitingForIdle: true,
});
});
it("ignores oversized persisted status files", () => {
const filePath = createTempStatusFile({
dirty: true,
changedPathsSample: ["x".repeat(70 * 1024)],
pendingMigrations: [],
});
expect(readPersistedDevServerStatus({ PAPERCLIP_DEV_SERVER_STATUS_FILE: filePath })).toBeNull();
});
});