• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

stacklok / toolhive / 28378137776
68%

Build:
DEFAULT BRANCH: main
Ran 29 Jun 2026 02:14PM UTC
Jobs 1
Files 762
Run time 2min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst

29 Jun 2026 02:08PM UTC coverage: 67.383% (-0.07%) from 67.449%
28378137776

push

github

web-flow
Strip client Authorization on upstreamswap custom header (#5661)

The upstreamswap "custom" header strategy injected the upstream IdP
token into a custom header but left the client's original Authorization
header (the ToolHive-issued JWT) in place, forwarding it to the backend.
That token is minted for the proxy, not the upstream, so passing it
through is credential passthrough (#5504). The "replace" strategy avoids
this implicitly because it overwrites Authorization; the strip-auth
middleware from #4168 only runs on the DisableUpstreamTokenInjection
path, so it never covered this case.

Strip Authorization in the custom injector after setting the custom
header, matching the "replace" behavior. When the custom header name is
itself Authorization (case-insensitive), the Set already replaced the
JWT with the upstream token, so the strip is skipped.

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

4 of 4 new or added lines in 1 file covered. (100.0%)

80 existing lines in 5 files now uncovered.

69750 of 103513 relevant lines covered (67.38%)

63.92 hits per line

Coverage Regressions

Lines Coverage ∆ File
64
61.69
-5.52% pkg/workloads/manager.go
6
20.11
-3.45% pkg/client/manager.go
5
0.0
-100.0% pkg/workloads/sysproc_unix.go
3
73.79
-2.91% pkg/state/local.go
2
82.29
-0.21% pkg/vmcp/composer/workflow_engine.go
Jobs
ID Job ID Ran Files Coverage
1 28378137776.1 29 Jun 2026 02:14PM UTC 762
67.38
GitHub Action Run
Source Files on build 28378137776
  • Tree
  • List 762
  • Changed 9
  • Source Changed 1
  • Coverage Changed 9
Coverage ∆ File Lines Relevant Covered Missed Hits/Line
  • Back to Repo
  • Github Actions Build #28378137776
  • 96596997 on github
  • Prev Build on main (#28310930043)
  • Next Build on main (#28384795303)
STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2026 Coveralls, Inc