Fix crash in secret scanning middleware for invalid versions (#58792)

heiskr · web-flow · commit 29a79eb623f2 · 2025-12-10T18:56:23.000Z
diff --git a/src/secret-scanning/middleware/secret-scanning.ts b/src/secret-scanning/middleware/secret-scanning.ts
@@ -30,6 +30,10 @@ export default async function secretScanning(
 
   const { isEnterpriseCloud, isEnterpriseServer } = getVersionInfo(currentVersion)
 
+  if (isEnterpriseServer && !allVersions[currentVersion]) {
+    return next()
+  }
+
   const versionPath = isEnterpriseCloud
     ? 'ghec'
     : isEnterpriseServer
diff --git a/src/secret-scanning/tests/rendering.ts b/src/secret-scanning/tests/rendering.ts
@@ -17,4 +17,12 @@ describe('secret-scanning pipeline', () => {
     const page = await get(`/${targetFilename}`, { followRedirects: true })
     expect(page.statusCode).toBe(200)
   })
+
+  test('should not crash on malformed URL with double version', async () => {
+    const url =
+      '/en/enterprise-server@3.11/enterprise-cloud@latest/code-security/secret-scanning/introduction/supported-secret-scanning-patterns'
+    const res = await get(url)
+    // It should probably be a 404 because the URL is invalid, but definitely not a 500
+    expect(res.statusCode).not.toBe(500)
+  })
 })
