What
Add unit tests for HTTP/2 (4), session (3), and tracing (3) modules — 10 modules with zero coverage.
Part of #953
Why
- HPACK and HTTP/2 framing bugs are historically a common source of protocol vulnerabilities
- Session modules hold long-lived state — regressions produce subtle leaks and auth failures
- Tracing modules emit data consumed by observability tooling; output-format drift breaks dashboards
Where
Target modules (10)
HTTP/2 (4):
- hpack (static/dynamic table encoding/decoding)
- http2_client
- http2_server
- (framing layer if separate)
Session (3):
- messaging_session
- quic_session
- secure_session
Tracing (3):
- exporters (OTLP, Jaeger, Zipkin)
- span (lifecycle, timing, attributes)
- trace_context (W3C propagation)
How
Technical Approach
- HPACK: round-trip property tests with known RFC 7541 fixtures
- Sessions: FSM tests covering open → active → drain → closed transitions
- Tracing: golden-file comparison for exporter output
Acceptance Criteria
What
Add unit tests for HTTP/2 (4), session (3), and tracing (3) modules — 10 modules with zero coverage.
Part of #953
Why
Where
Target modules (10)
HTTP/2 (4):
Session (3):
Tracing (3):
How
Technical Approach
Acceptance Criteria