fix(bitdefender): fourth-pass - urllib reset safety, Retry-After clamp, sweep/install-links id validation

From a third review pass (converging - all MEDIUM/LOW):
- urllib fallback: a post-send reset (RemoteDisconnected/ConnectionReset, which
  urllib wraps in URLError) was misclassified as always-safe 'connect' and could
  retry a non-idempotent write after a server commit. Now only ConnectionRefused/
  DNS (socket.gaierror) -> 'connect'; everything else -> 'timeout' (write-gated).
- _retry_delay clamps a negative numeric Retry-After to 0 (was -> time.sleep(-1) ValueError).
- cmd_sweep + cmd_install_links now validate --company; cmd_company_create validates
  --parent (finished _require_oid consistency - these mislogged as errorlog noise).
- cmd_push_test parses --extra-json before gating (validate->gate order, matches siblings).
- selftest: +sweep/install-links bad-company assertions. 81/81. Units: clamp + reset classification.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-06-25 13:59:19 -07:00
parent 5af2fc09ec
commit 3d6cb467bf
3 changed files with 24 additions and 7 deletions

View File

@@ -95,6 +95,8 @@ check("policy no shallow warning", ["policy", "5c42940b6e16d61a0c8b4568"], want_
# behavior, not a skill bug. ---
check("endpoint bad id -> rc2 (client-side)", ["endpoint", "bogus"], want_rc=2, err_has="not a valid")
check("policy bad id -> rc2 (client-side)", ["policy", "bogus"], want_rc=2, err_has="not a valid")
check("sweep bad company -> rc2 (client-side)", ["sweep", "--company", "bogus"], want_rc=2, err_has="not a valid")
check("install-links bad company -> rc2", ["install-links", "--package", "P", "--company", "bogus"], want_rc=2, err_has="not a valid")
# --- argparse: missing required arg -> rc2 ---
check("quarantine missing --company -> rc2", ["quarantine"], want_rc=2)