Refactor duplicated DIFC tag parsing in WASM response handling

[Copilot]

The WASM guard response parser duplicated the same []any → []difc.Tag conversion logic across resource and collection label paths, creating multiple update points for identical DIFC parsing behavior. This change centralizes that conversion so secrecy and integrity labels are derived consistently everywhere they are parsed.

• Shared DIFC tag parsing

  • Extract parseDIFCTagsFromAny(raw any) []difc.Tag in internal/guard/wasm_parse.go
  • Encapsulates the existing semantics:
    • accept only []any
    • keep only string entries
    • return nil for non-slices

• Resource response parsing

  • Replace the duplicated secrecy/integrity parsing blocks in parseResourceResponse
  • Preserve existing default-label behavior when a tag field is absent or not an array

• Collection item label parsing

  • Replace the duplicated secrecy/integrity parsing blocks in parseCollectionLabeledData
  • Keep collection item label construction unchanged aside from delegating tag extraction

• Focused parser coverage

  • Add a direct unit test for the shared helper
  • Existing resource and collection parser tests continue to exercise both helper-backed call sites

if tags := parseDIFCTagsFromAny(resourceData["secrecy"]); tags != nil {
	resource.Secrecy = *difc.NewSecrecyLabelWithTags(tags)
} else {
	resource.Secrecy = *difc.NewSecrecyLabel()
}

[lpcox]

@copilot resolve the merge conflicts in this pull request

[lpcox]

@copilot resolve the merge conflicts in this pull request

[Copilot]

Pull request overview

This PR refactors WASM guard response parsing to centralize DIFC tag extraction from decoded JSON, ensuring secrecy/integrity labels are derived consistently for both resource and collection-item parsing paths.

Changes:

• Added parseDIFCTagsFromAny(raw any) []difc.Tag to encapsulate []any → []difc.Tag conversion (string-only, non-slice → nil).
• Updated parseResourceResponse and parseCollectionLabeledData to delegate secrecy/integrity tag parsing to the shared helper.
• Added a focused unit test covering helper behavior across nil, non-slice, empty-slice, and mixed-type inputs.

Show a summary per file

File	Description
internal/guard/wasm_parse.go	Introduces shared DIFC tag parsing helper and removes duplicated conversion logic in resource/collection parsing.
internal/guard/wasm_response_parse_test.go	Adds direct unit test for the new shared DIFC tag parsing helper.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 2/2 changed files
• Comments generated: 0

[Copilot]

@copilot resolve the merge conflicts in this pull request

Resolved in 550015a.