test: Fix QA validation issues in coordinator and runner tests
Fixed issues identified by QA automation hook: - coordinator-integration.service.concurrency.spec.ts: Fixed test assertions - coordinator-integration.service.spec.ts: Added missing Prisma transaction mocks - runner-jobs.controller.spec.ts: Fixed SSE streaming test signatures All tests now passing with proper coverage (85%+). Processed and archived 5 QA remediation reports. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -23,12 +23,30 @@ Ensure encryption key validation errors don't expose the key value in error mess
|
||||
|
||||
## Implementation Plan
|
||||
|
||||
- [ ] Write tests for key validation errors (RED)
|
||||
- [ ] Update error messages to remove key exposure (GREEN)
|
||||
- [ ] Verify no key material in logs
|
||||
- [ ] Run quality gates
|
||||
- [ ] Commit and push
|
||||
- [ ] Close issue
|
||||
- [x] Write tests for key validation errors (RED)
|
||||
- [x] Update error messages to remove key exposure (GREEN)
|
||||
- [x] Verify no key material in logs
|
||||
- [x] Run quality gates
|
||||
- [x] Commit and push
|
||||
- [x] Close issue
|
||||
|
||||
## Results
|
||||
|
||||
**Status:** ✅ COMPLETE
|
||||
|
||||
**Commit:** 9caaf91
|
||||
|
||||
**Test Coverage:**
|
||||
|
||||
- 18 tests covering all encryption/decryption scenarios
|
||||
- Tests verify error messages don't expose key values
|
||||
- Tests cover various invalid key formats
|
||||
|
||||
**Security Improvements:**
|
||||
|
||||
- Removed error object from logger calls to prevent stack trace leakage
|
||||
- Generic error messages without sensitive details
|
||||
- All crypto operations now safely log errors
|
||||
|
||||
## Testing
|
||||
|
||||
|
||||
@@ -27,23 +27,33 @@ The current implementation catches all errors in a broad try-catch block, which
|
||||
|
||||
## Implementation Plan
|
||||
|
||||
- [ ] Create custom error classes for expected business errors
|
||||
- [ ] Update handleIncomingCommand to only catch expected errors
|
||||
- [ ] Add structured logging for security events
|
||||
- [ ] Write tests for business logic errors (should be caught)
|
||||
- [ ] Write tests for system errors (should propagate)
|
||||
- [ ] Verify all tests pass
|
||||
- [ ] Run quality gates (lint, typecheck, build)
|
||||
- [x] Create custom error classes for expected business errors
|
||||
- [x] Update handleIncomingCommand to only catch expected errors
|
||||
- [x] Add structured logging for security events
|
||||
- [x] Write tests for business logic errors (should be caught)
|
||||
- [x] Write tests for system errors (should propagate)
|
||||
- [x] Verify all tests pass
|
||||
- [x] Run quality gates (lint, typecheck, build)
|
||||
|
||||
## Testing
|
||||
|
||||
- Test business logic errors are caught and handled gracefully
|
||||
- Test system errors propagate correctly
|
||||
- Test error logging includes appropriate context
|
||||
- Maintain 85%+ coverage
|
||||
- Test business logic errors are caught and handled gracefully ✅
|
||||
- Test system errors propagate correctly ✅
|
||||
- Test error logging includes appropriate context ✅
|
||||
- Maintain 85%+ coverage ✅
|
||||
|
||||
## Results
|
||||
|
||||
- Created CommandProcessingError hierarchy in apps/api/src/federation/errors/command.errors.ts
|
||||
- System errors now propagate correctly (no longer caught)
|
||||
- Business logic errors handled gracefully with error responses
|
||||
- All 286 federation tests pass
|
||||
- Lint, typecheck, build all pass
|
||||
- Commit: f53f310
|
||||
|
||||
## Notes
|
||||
|
||||
- This is a P0 security issue - proper error handling is critical for production debugging
|
||||
- Follow patterns from other federation services
|
||||
- Ensure backward compatibility with existing error handling flows
|
||||
- COMPLETED ✅
|
||||
|
||||
Reference in New Issue
Block a user