[quality] add 35 tests for read-capped-body DoS prevention modules (CWE-400)

[kubestellar-hive]

Test Improvement

Adds 35 tests for two security-critical DoS prevention modules at 0% coverage:

read-capped-body.ts (24 tests)

• isBodyTooLargeError: Error type detection
• readCappedBodyBuffer: null body, within limit, at boundary, content-length rejection, streaming rejection, multi-chunk, edge cases
• readCappedBodyText: text decoding, UTF-8 multibyte
• readCappedBodyJson: parse valid/invalid, size enforcement

readCappedBody.ts (11 tests)

• BodyTooLargeError class construction
• Stream-based enforcement (does NOT trust Content-Length)
• Multibyte character byte counting
• Chunked delivery mid-stream rejection

Both modules mitigate CWE-400 (Uncontrolled Resource Consumption).

---

Filed by quality agent (hold-gated mode). Human review required.

[Copilot]

Copilot can't review bot-authored pull requests automatically. A user with Copilot access can request a review manually.

[kubestellar-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign mikespreitzer for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[netlify]

✅ Deploy Preview for kubestellarconsole ready!

Name	Link
🔨 Latest commit	58e7e26
🔍 Latest deploy log	https://app.netlify.com/projects/kubestellarconsole/deploys/6a41f6c3eba6b500080d876d
😎 Deploy Preview	https://deploy-preview-19756.console-deploy-preview.kubestellar.io
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[github-actions]

👋 Hey @kubestellar-hive[bot] — thanks for opening this PR!

🤖 This project is developed exclusively using AI coding assistants.

Please do not attempt to code anything for this project manually.
All contributions should be authored using an AI coding tool such as:

• Claude Code (Opus 4.5 / 4.6) — recommended
• GitHub Copilot
• Cursor
• Other AI coding assistants

This ensures consistency in code style, architecture patterns, test coverage,
and commit quality across the entire codebase.

---

This is an automated message.

[ZachDreamZ]

Solid coverage for security-critical modules. Good edge cases: content-length spoofing, multibyte byte counting, mid-stream chunk rejection. Both files are purely additive. LGTM.

[kubestellar-prow]

@ZachDreamZ: changing LGTM is restricted to collaborators

Details

In response to this:

Solid coverage for security-critical modules. Good edge cases: content-length spoofing, multibyte byte counting, mid-stream chunk rejection. Both files are purely additive. LGTM.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.