test: guard fetch ssrf mock calls

2026-05-18 18:24:47 +00:00 · 2026-05-12 06:15:37 +01:00
parent 651c62040f
commit 1e7d5d6201
1 changed files with 4 additions and 6 deletions
--- a/src/infra/net/fetch-guard.ssrf.test.ts
+++ b/src/infra/net/fetch-guard.ssrf.test.ts
@@ -98,7 +98,7 @@ function expectDispatcherAttached(value: unknown): void {
 }

 function getSecondRequestHeaders(fetchImpl: ReturnType<typeof vi.fn>): Headers {
-  const [, secondInit] = fetchImpl.mock.calls[1] as [string, RequestInit];
+  const [, secondInit] = fetchImpl.mock.calls.at(1) as [string, RequestInit];
  return new Headers(secondInit.headers);
 }

@@ -119,7 +119,7 @@ function getFirstRequestInit(fetchImpl: ReturnType<typeof vi.fn>): RequestInit {
 }

 function getSecondRequestInit(fetchImpl: ReturnType<typeof vi.fn>): RequestInit {
-  const [, secondInit] = fetchImpl.mock.calls[1] as [string, RequestInit];
+  const [, secondInit] = fetchImpl.mock.calls.at(1) as [string, RequestInit];
  return secondInit;
 }

@@ -301,7 +301,7 @@ describe("fetchWithSsrFGuard hardening", () => {
    ).rejects.toThrow(/private|internal|blocked/i);
    expect(fetchImpl).not.toHaveBeenCalled();
    expect(logWarnMock).toHaveBeenCalledTimes(1);
-    const [warning] = logWarnMock.mock.calls[0] as [string];
+    const [warning] = logWarnMock.mock.calls.at(0) as [string];
    expect(warning).toContain(
      "security: blocked URL fetch (qa-audit) targetOrigin=http://127.0.0.1:8080",
    );
@@ -602,9 +602,7 @@ describe("fetchWithSsrFGuard hardening", () => {
      },
    });
    expect(fetchImpl).toHaveBeenCalledTimes(1);
-    const fetchCall = fetchImpl.mock.calls[0] as unknown as
-      | [string, { dispatcher?: unknown }]
-      | undefined;
+    const fetchCall = fetchImpl.mock.calls.at(0) as [string, { dispatcher?: unknown }] | undefined;
    expect(fetchCall?.[0]).toBe("https://public.example/resource");
    if (!fetchCall?.[1].dispatcher) {
      throw new Error("Expected proxy dispatcher");