fix(source): reject HTTP error responses in UrlSource

[oritwoen]

UrlSource::new() was calling reqwest::blocking::get() without checking the status code. A 404 or 500 response got silently treated as valid content, so you'd end up hashing an HTML error page instead of getting an error.

Added a status check before reading the body. Updated the existing test_url_source_http_500_succeeds (which was testing the broken behavior) and added a 404 test.

Closes #16

[coderabbitai]

Warning

Rate limit exceeded

@oritwoen has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 1 minutes and 57 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 1cd3e791-e8a0-42d1-a142-c88c00803c1c

📥 Commits

Reviewing files that changed from the base of the PR and between 73af24e and e648bd5.

📒 Files selected for processing (2)

• src/source/url.rs
• tests/integration.rs

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/url-source-http-errors

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch fix/url-source-http-errors

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cubic-dev-ai]

No issues found across 2 files

Confidence score: 5/5

• Automated review surfaced no issues in the provided summaries.
• No files require special attention.

_{Requires human review: This PR modifies business logic and error handling in a core path (UrlSource initialization). Such changes require human review to confirm the behavior change is intended.}

Architecture diagram

sequenceDiagram
    participant Caller as Test Runner / Client
    participant Src as UrlSource::new()
    participant HTTP as reqwest (Blocking)
    participant Srv as Remote Server / WireMock

    Caller->>Src: Initialize with URL
    Src->>HTTP: get(url)
    HTTP->>Srv: HTTP GET Request
    Srv-->>HTTP: HTTP Response (Status + Body)
    HTTP-->>Src: Response Object

    Note over Src: NEW: Validate HTTP Status
    
    alt Status is SUCCESS (2xx)
        Src->>HTTP: text()
        HTTP-->>Src: Response Body (String)
        Src-->>Caller: Ok(UrlSource)
    else CHANGED: Status is FAILURE (4xx, 5xx, etc.)
        Src->>Src: anyhow::bail!("HTTP {status} from {url}")
        Src-->>Caller: Err(Error)
    end

    Note over Caller,Srv: Integration tests now verify 404 and 500 rejection

Loading