• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

stacklok / toolhive / 29424050116
68%

Build:
DEFAULT BRANCH: main
Ran 15 Jul 2026 02:39PM UTC
Jobs 1
Files 798
Run time 2min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst

15 Jul 2026 02:32PM UTC coverage: 68.095% (+0.09%) from 68.006%
29424050116

push

github

web-flow
Fix tool-filter terminal drain dropping error bodies (#5816)

* Stop tool-filter terminal drain from dropping error bodies

The unconditional Flush() added in #5809 to drain the tool-filter
buffer after ServeHTTP returns shares its buffer-processing logic
with the streaming Flush() path. For any body whose Content-Type
isn't application/json or text/event-stream (e.g. a plain-text
error from http.Error), processBuffer() rejects it as unsupported
and the shared logic discarded the original bytes, sending an
empty body to the client despite the correct status code.

Split the terminal drain into its own method that passes an
unprocessable body through unchanged instead of discarding it,
since there's no further chance to flush it once ServeHTTP has
returned. Flush() keeps its existing streaming semantics.

* Fail closed on tools-list filtering failures, not raw pass-through

Review feedback on the terminal-drain fix (PR #5816) found three gaps:

- drainBuffer() passed the raw body through on ANY processing error,
  including a malformed tools/list (e.g. a tool missing its required
  name) that failed filtering -- leaking the unfiltered list instead
  of failing closed.
- A missing/mislabeled Content-Type on an otherwise-valid, successful
  tools/list response bypassed filtering entirely, since the "no
  content type" path wrote the buffer through unconditionally.
- Flush() unconditionally forwarded the transport-level flush after
  drainBuffer(false), even when the buffer was incomplete and nothing
  new had been written, whereas the original implementation withheld
  it in that case.

Distinguish "unrecognized/error body, safe to pass through" from "a
tools list we failed to filter, must not leak" via a sentinel error.
For a 2xx response with an unsupported/missing Content-Type, sniff the
raw body the same way a correctly-labeled response would be processed
(mirrors the disguised-result handling in pkg/authz for #5257) so a
backend can't smuggle an unf... (continued)

90 of 95 new or added lines in 1 file covered. (94.74%)

13 existing lines in 6 files now uncovered.

73664 of 108178 relevant lines covered (68.1%)

63.95 hits per line

Uncovered Changes

Lines Coverage ∆ File
5
90.67
1.33% pkg/mcp/tool_filter.go

Coverage Regressions

Lines Coverage ∆ File
3
97.37
-0.53% pkg/authz/authorizers/cedar/core.go
3
71.85
-1.11% pkg/ignore/processor.go
2
96.04
0.0% pkg/authserver/storage/memory.go
2
80.56
-0.47% pkg/transport/proxy/httpsse/http_proxy.go
2
57.89
-3.51% pkg/transport/session/sse_session.go
1
90.67
1.33% pkg/mcp/tool_filter.go
Jobs
ID Job ID Ran Files Coverage
1 29424050116.1 15 Jul 2026 02:39PM UTC 798
68.1
GitHub Action Run
Source Files on build 29424050116
  • Tree
  • List 798
  • Changed 12
  • Source Changed 1
  • Coverage Changed 12
Coverage ∆ File Lines Relevant Covered Missed Hits/Line
  • Back to Repo
  • Github Actions Build #29424050116
  • 30ecff01 on github
  • Prev Build on main (#29416043682)
  • Next Build on main (#29428067019)
STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2026 Coveralls, Inc