fix: reject unknown ecosystems instead of silently defaulting to pypi

2026-05-11 19:59:47 +03:00
parent a6cd20e41c
commit fb5559b8b7
3 changed files with 25 additions and 5 deletions
--- a/tests/e2e/test_llm_and_edge_cases.py
+++ b/tests/e2e/test_llm_and_edge_cases.py
@@ -201,6 +201,22 @@ class TestErrorHandlingE2e:
        resp = await e2e_client.post("/webhooks/nexus", json=payload)
        assert resp.status_code == 400

+    @pytest.mark.asyncio
+    async def test_e2e_webhook_unknown_ecosystem(self, e2e_client):
+        """Verify that webhooks with unknown ecosystem are rejected."""
+        payload = {
+            "action": "UPDATED",
+            "repositoryName": "test-repo",
+            "asset": {
+                "format": "maven",
+                "name": "/packages/test/1.0/test-1.0.tar.gz",
+            },
+        }
+        resp = await e2e_client.post("/webhooks/nexus", json=payload)
+        assert resp.status_code == 200
+        assert resp.json()["status"] == "ignored"
+        assert resp.json()["reason"] == "unknown_ecosystem"
+

 class TestWebsocketFragmentE2e:
    """E2E tests for HTMX fragment responses."""