MCPcopy
hub / github.com/github/github-mcp-server / Test_GetCommit_IFC_FeatureFlag

Function Test_GetCommit_IFC_FeatureFlag

pkg/github/repositories_test.go:632–744  ·  view source on GitHub ↗

Test_GetCommit_IFC_FeatureFlag verifies that the IFC security label is only attached to get_commit results when the ifc_labels feature flag is enabled, and that the label content matches the commit-contents rule (untrusted on public repos, trusted on private). It also confirms the label is omitted w

(t *testing.T)

Source from the content-addressed store, hash-verified

630// misclassified. get_commit is representative of every tool wired through the
631// shared attachRepoVisibilityIFCLabel helper.
632func Test_GetCommit_IFC_FeatureFlag(t *testing.T) {
633 t.Parallel()
634
635 serverTool := GetCommit(translations.NullTranslationHelper)
636
637 mockCommit := &github.RepositoryCommit{
638 SHA: github.Ptr("abc123def456"),
639 Commit: &github.Commit{Message: github.Ptr("First commit")},
640 HTMLURL: github.Ptr("https://github.com/owner/repo/commit/abc123def456"),
641 }
642
643 makeMockClient := func(isPrivate bool) *http.Client {
644 return MockHTTPClientWithHandlers(map[string]http.HandlerFunc{
645 GetReposCommitsByOwnerByRepoByRef: mockResponse(t, http.StatusOK, mockCommit),
646 GetReposByOwnerByRepo: mockResponse(t, http.StatusOK, map[string]any{
647 "name": "repo",
648 "private": isPrivate,
649 }),
650 })
651 }
652
653 reqParams := map[string]any{
654 "owner": "owner",
655 "repo": "repo",
656 "sha": "abc123def456",
657 }
658
659 t.Run("feature flag disabled omits ifc label from result meta", func(t *testing.T) {
660 deps := BaseDeps{
661 Client: mustNewGHClient(t, makeMockClient(false)),
662 }
663 handler := serverTool.Handler(deps)
664
665 request := createMCPRequest(reqParams)
666 result, err := handler(ContextWithDeps(context.Background(), deps), &request)
667 require.NoError(t, err)
668 require.False(t, result.IsError)
669
670 assert.Nil(t, result.Meta, "result meta should be nil when IFC labels are disabled")
671 })
672
673 t.Run("feature flag enabled on public repo emits public untrusted label", func(t *testing.T) {
674 deps := BaseDeps{
675 Client: mustNewGHClient(t, makeMockClient(false)),
676 featureChecker: featureCheckerFor(FeatureFlagIFCLabels),
677 }
678 handler := serverTool.Handler(deps)
679
680 request := createMCPRequest(reqParams)
681 result, err := handler(ContextWithDeps(context.Background(), deps), &request)
682 require.NoError(t, err)
683 require.False(t, result.IsError)
684
685 require.NotNil(t, result.Meta)
686 ifcLabel, ok := result.Meta["ifc"]
687 require.True(t, ok, "result meta should contain ifc key")
688
689 ifcJSON, err := json.Marshal(ifcLabel)

Callers

nothing calls this directly

Calls 8

GetCommitFunction · 0.85
mockResponseFunction · 0.85
mustNewGHClientFunction · 0.85
createMCPRequestFunction · 0.85
ContextWithDepsFunction · 0.85
featureCheckerForFunction · 0.85
HandlerMethod · 0.45

Tested by

no test coverage detected