Skip to content

refactor(validation): unify UI and identity layer validation as SSoT#396

Merged
nullvariant merged 2 commits into
mainfrom
refactor/unify-validation-logic-ssot
Mar 29, 2026
Merged

refactor(validation): unify UI and identity layer validation as SSoT#396
nullvariant merged 2 commits into
mainfrom
refactor/unify-validation-logic-ssot

Conversation

@nullvariant
Copy link
Copy Markdown
Owner

@nullvariant nullvariant commented Mar 29, 2026

Summary

  • Delegate all UI-layer validators (validateNameInput, validateEmailInput, validateGpgKeyIdInput, validateSshHostInput, validateFieldInput default case) to identity-layer functions in inputValidator.ts, establishing it as the SSoT for validation logic
  • Add hasDangerousChars() (SAFE_TEXT_REGEX) check to validateFieldForDangerousPatterns and isShellSafePath, closing a gap where control characters (0x02-0x09, 0x7F) were not detected by the identity layer
  • Add validation consistency tests verifying both layers agree on dangerous/safe inputs, with boundary value and hex escape sequence coverage

Test plan

  • TypeScript compilation passes (npx tsc --noEmit)
  • ESLint passes with --max-warnings=0
  • All tests pass
  • Statement coverage remains at 100%
  • Quality review passed (architect + security + test engineer + sergeant)

🤖 Generated with Claude Code

@nullvariant @claude
refactor(validation): unify UI and identity layer validation as SSoT
637fe2f 
UI layer had separate validation logic (SAFE_TEXT_REGEX) from identity
layer (DANGEROUS_PATTERNS), risking divergence. Delegate all UI
validators to inputValidator.ts functions. Add hasDangerousChars()
check to validateFieldForDangerousPatterns and isShellSafePath for
control character detection. Add consistency tests.

🖥️ IDE: [Cursor](https://cursor.sh)
🔌 Extension: [Claude Code](https://claude.ai/download)

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Model-Raw: claude-opus-4-6
@nullvariant-mimi
Copy link
Copy Markdown
Contributor

nullvariant-mimi Bot commented Mar 29, 2026
edited
Loading

🐰 Mimi's Validation Report ✅

All checks are looking good! Great job! 🎉

⏳ Some checks are still running. I will keep watching!

バリデーターを通してくださいね

This report was carefully prepared by nullvariant-mimi[bot]

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 29, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 91cfea9.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

Scanned Files

None

@nullvariant-slow
Copy link
Copy Markdown
Contributor

nullvariant-slow Bot commented Mar 29, 2026
edited
Loading

🦥 Slow's Code Review 😩

...yawn... Do I really have to review this?

⚠️ TOO LONG... I can barely keep my eyes open reading these:

File Lines

| extensions/git-id-switcher/src/identity/inputValidator.ts | 317 |
| extensions/git-id-switcher/src/test/e2e/identityManager.test.ts | 3362 |
| extensions/git-id-switcher/src/test/validation.test.ts | 517 |
| extensions/git-id-switcher/src/ui/identityManager.ts | 1181 |

Split it up... reading long files is exhausting.

働きたくないでござる

This review was reluctantly filed by nullvariant-slow[bot]

@nullvariant-ciel
Copy link
Copy Markdown
Contributor

nullvariant-ciel Bot commented Mar 29, 2026
edited
Loading

🕊️ Ciel's Mediation 🌤️

*~~ floating down from the clouds ~~ The zoo seems a bit noisy today...*

2 zoo members have reviewed this PR.

Zoo Member Status
🦥 Slow Commented
🐰 Mimi Commented

⚖️ The zoo has mixed opinions. Some are concerned, some are fine with it. Please review each comment carefully and make the final call.

まあまあ、ほどほどに。

This mediation was peacefully delivered by nullvariant-ciel[bot]

@codecov
Copy link
Copy Markdown

codecov Bot commented Mar 29, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@nullvariant @claude
test(e2e): update expectations for stricter service/description valid…
91cfea9 
…ation

Service and description fields now use validateFieldForDangerousPatterns
(SAFE_TEXT_REGEX) instead of hasDangerousCharsForText, which rejects
ampersand and angle brackets as shell metacharacters.

🖥️ IDE: [Cursor](https://cursor.sh)
🔌 Extension: [Claude Code](https://claude.ai/download)

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Model-Raw: claude-opus-4-6
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Mar 29, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@nullvariant nullvariant merged commit 636c704 into main Mar 29, 2026
29 checks passed
@nullvariant nullvariant deleted the refactor/unify-validation-logic-ssot branch March 29, 2026 15:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@nullvariant