[ACM-35524] Prevent SSE dictionary corruption from non-string resourc…

[zlayne]

…e values

📝 Summary

Ticket Summary (Title):
Policies containing CRD OpenAPI schema objects (or other nested objects) in fields like apiVersion or kind caused compressResource to store a non-string value into the shared SSE dictionary. This corrupted the dictionary and caused decompressResource to throw TypeError: key.includes is not a function on every subsequent client connection, aborting SSE stream setup before the end-of-packet signal was sent and leaving the UI in a permanent loading state.

• compressResource: only index a value into the dictionary when it is actually a string, otherwise fall through to recursive compression
• decompressResource: skip entries whose dictionary lookup returns a non-string key to prevent crashing on key.includes()

Ticket Link:
https://issues.redhat.com/browse/ACM-35524

Type of Change:

• 🐞 Bug Fix
• ✨ Feature
• 🔧 Refactor
• 💸 Tech Debt
• 🧪 Test-related
• 📄 Docs

---

✅ Checklist

General

• PR title follows the convention (e.g. ACM-12340 Fix bug with...)
• Code builds and runs locally without errors
• No console logs, commented-out code, or unnecessary files
• All commits are meaningful and well-labeled
• All new display strings are externalized for localization (English only)
• (Nice to have) JSDoc comments added for new functions and interfaces

If Feature

• UI/UX reviewed (if applicable)
• All acceptance criteria met
• Unit test coverage added or updated
• Relevant documentation or comments included

If Bugfix

• Root cause and fix summary are documented in the ticket (for future reference / errata)
• Fix tested thoroughly and resolves the issue
• Test(s) added to prevent regression

---

🗒️ Notes for Reviewers

Summary by CodeRabbit

• Bug Fixes
  • Enhanced compression and decompression operations to better handle edge cases with corrupted or malformed data values, improving system stability and preventing potential errors when processing improperly formatted information.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: zlayne

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [zlayne]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 627ad65d-8b51-4b6d-aa33-6b49a3db01eb

📥 Commits

Reviewing files that changed from the base of the PR and between 5e9c664 and 84e4b58.

📒 Files selected for processing (1)

• backend/src/lib/compression.ts

---

📝 Walkthrough

Walkthrough

compression.ts adds typeof === 'string' guards in compressResource and decompressResource to skip non-string values before dictionary lookups. Imports are reorganized to include deflateRaw/inflateRaw from node:zlib. No exported signatures changed.

Changes

Compression dictionary hardening

Layer / File(s)	Summary
Import reorganization backend/src/lib/compression.ts	promisify placement updated; deflateRaw/inflateRaw added to node:zlib imports; dictionary, resource, logging, and SSE type imports reorganized.
String-type guards in compress/decompress backend/src/lib/compression.ts	compressResource gates valueInDictionaryKeys mapping on typeof resource[key] === 'string'; decompressResource skips object reconstruction entries when the dictionary returns a non-string key.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately identifies the core bug fix addressing SSE dictionary corruption from non-string resource values, directly matching the changeset's main purpose.
Description check	✅ Passed	The description comprehensively documents root cause, solution details, ticket link, and type classification, though some checklist items remain unchecked.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[zlayne]

/test unit-tests-sonarcloud

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
90.9% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud