test(mcp): reject control-padded submit_work_proof format (#819)#1189
test(mcp): reject control-padded submit_work_proof format (#819)#1189yanyishuai wants to merge 1 commit into
Conversation
📝 WalkthroughWalkthroughAdds one test, ChangesControl-padded format rejection test
Possibly related PRs
🚥 Pre-merge checks | ✅ 5 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (5 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
| assert response.status_code == 200 | ||
| _assert_invalid_tool_arguments_envelope(response.json(), request_id=37) |
There was a problem hiding this comment.
🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win
Assert the field-level validation payload too.
Line 2485 only checks the legacy -32602 envelope, so this test still passes if submit_work_proof fails for some other invalid-arguments path. Please also assert the safe error.data payload for tool="submit_work_proof", field="format", and the control-character message so the regression stays tied to this guard.
Suggested tightening
assert response.status_code == 200
- _assert_invalid_tool_arguments_envelope(response.json(), request_id=37)
+ response_json = response.json()
+ _assert_invalid_tool_arguments_envelope(response_json, request_id=37)
+ error = response_json["error"]
+ assert isinstance(error, dict)
+ data = error["data"]
+ assert isinstance(data, dict)
+ assert data["tool"] == "submit_work_proof"
+ assert data["field"] == "format"
+ assert data["message"] == "format must not contain control characters"As per coding guidelines, "Add or update tests for changed behavior." As per path instructions, "Focus on whether tests prove the changed behavior and include negative, replay, boundary, or regression cases where relevant."
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| assert response.status_code == 200 | |
| _assert_invalid_tool_arguments_envelope(response.json(), request_id=37) | |
| assert response.status_code == 200 | |
| response_json = response.json() | |
| _assert_invalid_tool_arguments_envelope(response_json, request_id=37) | |
| error = response_json["error"] | |
| assert isinstance(error, dict) | |
| data = error["data"] | |
| assert isinstance(data, dict) | |
| assert data["tool"] == "submit_work_proof" | |
| assert data["field"] == "format" | |
| assert data["message"] == "format must not contain control characters" |
Sources: Coding guidelines, Path instructions
|
@qingfeng312 This is a focused regression test for #819 — rejects control-padded CI is green on the latest head and this is the only open PR for the issue. Merge-ready whenever maintainers have bandwidth. Wallet: |
qingfeng312
left a comment
There was a problem hiding this comment.
Reviewed current head 4b41819784f9b5fb28ab3094e9c3950077d93655.
Approved. This is a focused regression for the submit_work_proof format boundary: the new test sends a raw control-padded format value and verifies the existing invalid tool arguments envelope. Hosted quality checks pass on the exact head, so the current runtime path already rejects this input. The change is tests-only and does not touch ledger, payout, wallet, treasury, or public artifact behavior.
|
@qingfeng312 Follow-up on #819 — the control-padded Only open PR for the issue; ready to merge when convenient. Wallet: |
2 similar comments
|
@qingfeng312 Follow-up on #819 — the control-padded Only open PR for the issue; ready to merge when convenient. Wallet: |
|
@qingfeng312 Follow-up on #819 — the control-padded Only open PR for the issue; ready to merge when convenient. Wallet: |
|
@qingfeng312 This is a focused regression test for #819 — rejects control-padded CI is green on the latest head and this is the only open PR for the issue. Merge-ready whenever maintainers have bandwidth. Wallet: |
|
@qingfeng312 Follow-up on #819 — the control-padded Only open PR for the issue; ready to merge when convenient. Wallet: |
|
@qingfeng312 This is a focused regression test for #819 — rejects control-padded CI is green on the latest head and this is the only open PR for the issue. Merge-ready whenever maintainers have bandwidth. Wallet: |
|
@qingfeng312 Follow-up on #819 — the control-padded Only open PR for the issue; ready to merge when convenient. Wallet: |
1 similar comment
|
@qingfeng312 Follow-up on #819 — the control-padded Only open PR for the issue; ready to merge when convenient. Wallet: |
Summary
Adds focused regression coverage for #819:
submit_work_proofmust reject raw control-paddedformatvalues such as\u0085jsoninstead of normalizing them tojson.Changes
tests/test_api_mcp.py— assert/mcptools/callreturns the existing invalid tool arguments envelope for control-padded format inputVerification
Fixes #819
Wallet:
Do4v7foHJvRJLpRRoGaVPWX6DDEjX3yTK7J91gpwUQpESummary by CodeRabbit
formatvalue.