fix: prevent hosting deploy to site in wrong project (#10380)

joehan · web-flow · commit 9864f27eb53f · 2026-04-17T15:15:53.000-07:00
* fix: prevent hosting deploy to site in wrong project ### Description Prevent accidental deployments to a hosting site that does not belong to the active project. The CLI now verifies that the site belongs to the project before creating a version. Fixes #10376 ### Scenarios Tested - Verified that error is thrown when site does not belong to project. - Verified that deploy passes when site belongs to project. - Verified that check is skipped for demo projects. ### Sample Commands `firebase deploy --project project-b` (where site in firebase.json belongs to project-a) -> should fail. * chore: remove excessive site validation check and update tests * Comment * chore: remove demo project check and corresponding test * chore: remove unused Constants import in prepare.ts
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,2 +1,3 @@
+- Fixed an issue where hosting deploy allowed publishing to a site in a different project. (#10376)
 - Added 'firebase_deploy' and 'firebase_deploy_status' MCP tools.
 - Added SSE mode support to `firebase mcp`. To use it, run `firebase mcp --mode=sse --port=3000`, and connect your client on `http://localhost:3000`.
diff --git a/src/deploy/hosting/prepare.spec.ts b/src/deploy/hosting/prepare.spec.ts
@@ -29,6 +29,12 @@ describe("hosting prepare", () => {
     trackingStub = sinon.stub(tracking);
     backendStub = sinon.stub(backend);
     loggerStub = sinon.stub(utils, "logLabeledBullet");
+    hostingStub.getSite.resolves({
+      name: "projects/project/sites/site",
+      defaultUrl: "https://site.web.app",
+      appId: "app-id",
+      labels: {},
+    });
 
     // We're intentionally using pointer references so that editing site
     // edits the results of hostingConfig() and changes firebase.json
@@ -147,6 +153,34 @@ describe("hosting prepare", () => {
     });
   });
 
+  it("throws error if site does not exist in project", async () => {
+    hostingStub.getSite.rejects(new Error(`could not find site "site" for project "project"`));
+
+    const context: Context = {
+      projectId: "project",
+    };
+
+    await expect(prepare(context, options)).to.eventually.be.rejectedWith(
+      `could not find site "site" for project "project"`,
+    );
+  });
+
+  it("passes if site belongs to project", async () => {
+    hostingStub.getSite.resolves({
+      name: "projects/project/sites/site",
+      defaultUrl: "https://site.web.app",
+      appId: "app-id",
+      labels: {},
+    });
+    hostingStub.createVersion.resolves("version");
+
+    const context: Context = {
+      projectId: "project",
+    };
+
+    await expect(prepare(context, options)).to.eventually.be.fulfilled;
+  });
+
   describe("unsafePins", () => {
     const apiRewriteWithoutPin: hostingApi.Rewrite = {
       glob: "**",
diff --git a/src/deploy/hosting/prepare.ts b/src/deploy/hosting/prepare.ts
@@ -116,6 +116,8 @@ export async function prepare(
 
   const versions = await Promise.all(
     configs.map(async (config) => {
+      // Get the site to confirm that it exists on this project
+      await api.getSite(context.projectId, config.site);
       const labels: Record<string, string> = {
         ...deploymentTool.labels(),
       };

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,3 @@`
	`1`	`+- Fixed an issue where hosting deploy allowed publishing to a site in a different project. (#10376)`
`1`	`2`	`- Added 'firebase_deploy' and 'firebase_deploy_status' MCP tools.`
`2`	`3`	- Added SSE mode support to `firebase mcp`. To use it, run `firebase mcp --mode=sse --port=3000`, and connect your client on `http://localhost:3000`.