fix(portal): GRO-2203 validate petId as UUID before PATCH lookup (500→404) #177

Merged

Flea Flicker merged 1 commits from fix/gro-2203-portal-pet-patch-uuid-validation into dev

2026-06-08 17:03:45 +00:00

Author	SHA1	Message	Date
Savannah Savings	bd9866520b	fix(portal): GRO-2203 validate petId as UUID before PATCH lookup (500→404) CI / Test (pull_request) Successful in 23s Details CI / Lint & Typecheck (pull_request) Successful in 29s Details CI / Build & Push Docker Images (pull_request) Successful in 1m2s Details A non-UUID :petId passed straight into where(eq(pets.id, petId)) made Postgres throw "invalid input syntax for type uuid", surfacing as an unhandled 500. Guard the param with z.string().uuid() and return the existing 404 {"error":"Not found"} for malformed ids, mirroring the GRO-2014 fix in pets.ts. Valid-UUID-not-found already returned 404. - Add regression test (non-UUID petId → 404, no mutation) - Update UAT_PLAYBOOK.md §8 (TC-API-8.16) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-06-08 17:01:26 +00:00

Author

SHA1

Message

Date

Savannah Savings

bd9866520b

fix(portal): GRO-2203 validate petId as UUID before PATCH lookup (500→404)

CI / Test (pull_request) Successful in 23s

Details

CI / Lint & Typecheck (pull_request) Successful in 29s

Details

CI / Build & Push Docker Images (pull_request) Successful in 1m2s

Details

A non-UUID :petId passed straight into where(eq(pets.id, petId)) made
Postgres throw "invalid input syntax for type uuid", surfacing as an
unhandled 500. Guard the param with z.string().uuid() and return the
existing 404 {"error":"Not found"} for malformed ids, mirroring the
GRO-2014 fix in pets.ts. Valid-UUID-not-found already returned 404.

- Add regression test (non-UUID petId → 404, no mutation)
- Update UAT_PLAYBOOK.md §8 (TC-API-8.16)

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-06-08 17:01:26 +00:00

fix(portal): GRO-2203 validate petId as UUID before PATCH lookup (500→404) #177

1 Commits