rodin/review-bot
2
1
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases 6 Wiki Activity

fix: address review findings from reviews #2955 and #2958

Browse Source 
- Convert handleResponse to package-level function (unused receiver) [#17955]
- Add clarifying comment for nil resp on transport error [#17956]
- Use consistent %w wrapping in dual-unmarshal error path [#17957]
- Add SafeError() method to APIError for safe logging [#17964]
- Enforce safe CheckRedirect policy in SetHTTPClient [#17965]
- Add tests for SafeError and SetHTTPClient enforcement
This commit is contained in:
claw
2026-05-12 21:19:01 -07:00
parent b380e7fcae
commit 6316007eb1
3 changed files with 60 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
github/client_test.go
+43
View File
@@ -554,3 +554,46 @@ func TestSetHTTPClient_NilRestoresDefault(t *testing.T) {
t.Fatal("expected CheckRedirect policy after SetHTTPClient(nil)")
}
}
func TestSetHTTPClient_NilCheckRedirectEnforcesDefault(t *testing.T) {
c := NewClient("token", "https://api.github.com")
// Provide a client with nil CheckRedirect — should get default policy enforced.
hc := &http.Client{Timeout: 5 * time.Second}
c.SetHTTPClient(hc)
if c.httpClient.CheckRedirect == nil {
t.Fatal("expected CheckRedirect to be enforced when caller provides nil")
}
if c.httpClient.Timeout != 5*time.Second {
t.Errorf("expected caller's timeout preserved, got %v", c.httpClient.Timeout)
}
}
func TestSetHTTPClient_PreservesCustomCheckRedirect(t *testing.T) {
c := NewClient("token", "https://api.github.com")
called := false
hc := &http.Client{
CheckRedirect: func(req *http.Request, via []*http.Request) error {
called = true
return nil
},
}
c.SetHTTPClient(hc)
// Invoke the redirect to verify original is preserved
_ = c.httpClient.CheckRedirect(nil, []*http.Request{{}})
if !called {
t.Fatal("expected custom CheckRedirect to be preserved")
}
}
func TestAPIError_SafeError(t *testing.T) {
e := &APIError{StatusCode: 403, Body: "some sensitive body content"}
got := e.SafeError()
if got != "HTTP 403" {
t.Errorf("SafeError() = %q, want %q", got, "HTTP 403")
}
// Ensure Error() still includes body
full := e.Error()
if full != "HTTP 403: some sensitive body content" {
t.Errorf("Error() = %q, unexpected", full)
}
}