cli: validate endpoint and inputs before creating resources#2789
Merged
heyitsaamir merged 5 commits intomainfrom Apr 27, 2026
Merged
cli: validate endpoint and inputs before creating resources#2789heyitsaamir merged 5 commits intomainfrom
heyitsaamir merged 5 commits intomainfrom
Conversation
Bad endpoint URLs (placeholders, HTTP, malformed) now fail immediately instead of after AAD app + secret creation. Adds shared validateEndpoint() and moves all field validations upfront in both create and update commands. Co-Authored-By: Claude <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Adds centralized endpoint validation and moves CLI flag validation earlier to prevent partial updates/resource creation when user inputs are invalid.
Changes:
- Introduce
validateEndpoint()(HTTPS + placeholder checks) and wire it intoapp create/app update. - Move
app updatefield validations (name/description/URLs/endpoint) ahead of token/API work. - Add inline validation to interactive endpoint prompts so invalid endpoints are rejected immediately.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
| packages/cli/src/commands/app/update.ts | Adds upfront validation (incl. endpoint) and prompt-time endpoint validation. |
| packages/cli/src/commands/app/create.ts | Validates endpoint flag early and adds prompt-time validation for endpoint input. |
| packages/cli/src/apps/manifest.ts | Adds shared validateEndpoint() helper used by commands. |
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
- Use `!== undefined` + trim for endpoint in update.ts (matches create.ts) - Add empty hostname guard in validateEndpoint() - Remove double icon read in create.ts by reusing early validation result - Add 12 unit tests for validateEndpoint and CLI endpoint validation Co-Authored-By: Claude <noreply@anthropic.com>
app create checks auth before validation, so those CLI tests fail in CI (no login). Keep unit tests + app update --json tests which hit validation before auth. Co-Authored-By: Claude <noreply@anthropic.com>
- Validation now runs before getAccount() so bad inputs fail even without login (fixes CI test issue) - Remove unreachable placeholder <> check — URL parser already rejects those characters Co-Authored-By: Claude <noreply@anthropic.com>
Collaborator
Author
|
Re: httpsUrlRegex not enforcing hostname — good catch in principle, but |
singhk97
approved these changes
Apr 27, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
validateEndpoint()to catch bad URLs (placeholders, HTTP, malformed) before any resources get createdapp updateso a bad flag doesn't leave the app half-updatedvalidateon interactive endpoint prompts in bothcreateandupdateso users get immediate feedbackTest plan
teams app create --name Test --endpoint "https://<foo>/api" --yes→ fails immediately with "Endpoint is not a valid URL."teams app create --name Test --endpoint "http://example.com/api" --yes→ fails with "Endpoint must use HTTPS."teams app update <id> --endpoint "ftp://bad" --json→ fails with validation error before any API callsteams app update <id> --name "x]x31" --json→ fails upfront, no partial mutationsapp create→ entering a bad endpoint re-prompts instead of acceptingnpm run testpasses