fix(upstream): fail closed on profile lookup miss

David Ruzicka · David Ruzicka · commit 391664b3e355 · 2026-05-02T23:48:37.000+02:00
- prevent HTTP upstream routing from falling back to this.profile
  when transport context cannot resolve the requested profileId
- report invalid upstream_mcp shapes as upstream config errors
  instead of misleading missing openapi_spec_path errors
- add regression tests for both paths
diff --git a/src/profile/profile-loader.ts b/src/profile/profile-loader.ts
@@ -72,7 +72,9 @@ export class ProfileLoader {
     } catch (err) {
       if (err instanceof ZodError) {
         const upstreamIssues = err.issues.filter((i) => i.path[0] === 'upstream_mcp');
-        if (upstreamIssues.length > 0) {
+        // Only wrap when ALL Zod issues are upstream_mcp — if other fields also failed,
+        // re-throw the raw ZodError so the caller sees every problem, not just upstream_mcp.
+        if (upstreamIssues.length > 0 && upstreamIssues.length === err.issues.length) {
           const arrayIssue = upstreamIssues.find(
             (i) => i.code === 'invalid_type' && 'received' in i && i.received === 'array',
           );
diff --git a/src/profile/upstream-mcp-config.test.ts b/src/profile/upstream-mcp-config.test.ts
@@ -6,7 +6,7 @@
 
 import { describe, it, expect } from 'vitest';
 import { ValidationError } from '../core/errors.js';
-import { resolveUpstreamMcpConfig, hasUpstreamMcpFlag } from './upstream-mcp-config.js';
+import { resolveUpstreamMcpConfig, hasUpstreamMcpFlag, looksLikeUpstreamMcpProxy } from './upstream-mcp-config.js';
 import type { Profile } from '../types/profile.js';
 
 /** Minimal valid tool definition to satisfy Profile type. */
@@ -371,3 +371,57 @@ describe('upstream_mcp_from_env D-01 migration', () => {
     expect(resolved?.name).toBe('p1');
   });
 });
+
+describe('looksLikeUpstreamMcpProxy', () => {
+  it('returns true for valid http-streamable object', () => {
+    expect(looksLikeUpstreamMcpProxy({
+      name: 'p1',
+      transport: { type: 'http-streamable', url: 'https://example.com/mcp' },
+    })).toBe(true);
+  });
+
+  it('returns false for null', () => {
+    expect(looksLikeUpstreamMcpProxy(null)).toBe(false);
+  });
+
+  it('returns false for undefined', () => {
+    expect(looksLikeUpstreamMcpProxy(undefined)).toBe(false);
+  });
+
+  it('returns false for array (legacy shape)', () => {
+    expect(looksLikeUpstreamMcpProxy([{ transport: { type: 'http-streamable', url: 'https://example.com/mcp' } }])).toBe(false);
+  });
+
+  it('returns false for empty object', () => {
+    expect(looksLikeUpstreamMcpProxy({})).toBe(false);
+  });
+
+  it('returns false when transport is missing', () => {
+    expect(looksLikeUpstreamMcpProxy({ name: 'p1' })).toBe(false);
+  });
+
+  it('returns false for stdio transport', () => {
+    expect(looksLikeUpstreamMcpProxy({
+      name: 'p1',
+      transport: { type: 'stdio', command: 'npx' },
+    })).toBe(false);
+  });
+
+  it('returns false when url is empty string', () => {
+    expect(looksLikeUpstreamMcpProxy({
+      name: 'p1',
+      transport: { type: 'http-streamable', url: '   ' },
+    })).toBe(false);
+  });
+
+  it('returns false when url is missing', () => {
+    expect(looksLikeUpstreamMcpProxy({
+      name: 'p1',
+      transport: { type: 'http-streamable' },
+    })).toBe(false);
+  });
+
+  it('returns false when transport is an array', () => {
+    expect(looksLikeUpstreamMcpProxy({ transport: [{ type: 'http-streamable', url: 'https://example.com' }] })).toBe(false);
+  });
+});
diff --git a/src/profile/upstream-mcp-config.ts b/src/profile/upstream-mcp-config.ts
@@ -230,7 +230,8 @@ export function looksLikeUpstreamMcpProxy(value: unknown): boolean {
 // all deployed profiles have been migrated to singular upstream_mcp object.
 // Both cleanup sites (this function + the Array.isArray branch in profile-resolver.ts
 // extractEnvVars) MUST be removed together — they serve the same migration window.
-// Removal: grep -rn "MIGRATION-CLEANUP(phase-03.1)" src/ — exactly 2 sites.
+// Removal: grep -rn "MIGRATION-CLEANUP(phase-03.1)" src/ — 2 code sites (grep returns 3 lines
+// because this comment block spans 2 lines; the third hit is in profile-resolver.ts).
 /**
  * Returns true if the raw profile.upstream_mcp value indicates an upstream MCP
  * provider is configured. Tolerates BOTH the legacy array shape and the post
