⚡ Bolt: Skip redundant DNS validation for cached blocklists

[abhimehro]

💡 What: Optimized warm_up_cache to skip DNS validation (validate_folder_url) when the blocklist is already present in the persistent disk cache and within the TTL (24h).
🎯 Why: DNS lookups are blocking I/O operations (even when threaded) and are unnecessary overhead when we serve content directly from a proven-safe local cache. This reduces startup latency for subsequent runs.
📊 Impact: Eliminates N DNS lookups on warm start, where N is the number of blocklists (default 23).
🔬 Measurement: Verified with tests/test_warm_up_cache_perf.py which confirms validate_folder_url is skipped for fresh cache entries but called for stale/missing ones.

Also fixed a syntax error/corruption in validate_folder_data.

---

PR created automatically by Jules for task 1269213969337536655 started by @abhimehro

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[trunk-io]

Merging to main in this repository is managed by Trunk.

• To merge this pull request, check the box to the left or comment /trunk merge below.

[github-actions]

👋 Development Partner is reviewing this PR. Will provide feedback shortly.

[gemini-code-assist]

Summary of Changes

Hello @abhimehro, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly improves the startup performance of the Bolt application by optimizing the warm_up_cache function. It introduces a check to bypass unnecessary DNS lookups for blocklists that are already stored in a fresh, local disk cache, thereby reducing I/O operations and startup latency. Additionally, a minor syntax error in the validate_folder_data function has been corrected for improved code robustness.

Highlights

• Performance Optimization: Implemented a mechanism to skip redundant DNS validation (validate_folder_url) during warm_up_cache if blocklist data is already present in the persistent disk cache and is within its TTL.
• Code Correction: Fixed a syntax error and formatting issues within the validate_folder_data function, specifically in the rule group validation logic.
• Testing: Added a new performance test file (tests/test_warm_up_cache_perf.py) to confirm that DNS validation is correctly skipped for fresh cache entries and performed for stale or missing ones.

Changelog

• main.py
  • Corrected indentation and syntax errors in the validate_folder_data function's loop for validating rule group rules.
  • Introduced a new private helper function _is_cache_fresh to determine if a given URL's data is present and fresh in either the in-memory or disk cache.
  • Modified the _validate_and_fetch nested function within warm_up_cache to call _is_cache_fresh and conditionally skip validate_folder_url if the cache entry is fresh.
• tests/test_warm_up_cache_perf.py
  • Added a new test file containing unittest cases to verify the performance optimization in warm_up_cache.
  • Included tests to assert that validate_folder_url is not called for fresh cache entries, but is called for stale or missing ones.

Activity

• The pull request was automatically created by Jules for a task initiated by @abhimehro.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[Copilot]

Pull request overview

Optimizes startup cache warming by avoiding redundant DNS validation when blocklist data can be served from a fresh persistent disk cache, and repairs corrupted logic in validate_folder_data.

Changes:

• Add _is_cache_fresh() and update warm_up_cache() to skip validate_folder_url() for URLs with fresh cached entries.
• Fix syntax/corruption in validate_folder_data() and ensure it returns True on the success path.
• Add tests/test_warm_up_cache_perf.py to verify validation is skipped for fresh cache entries and executed for stale/missing ones.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File	Description
main.py	Adds cache-freshness helper + warm-up optimization; fixes validation logic corruption and restores correct return behavior.
tests/test_warm_up_cache_perf.py	Adds regression tests to ensure DNS validation is skipped only when disk cache entries are within TTL.

[Copilot]

_is_cache_fresh() subtracts time.time() - last_validated without validating the type. Since load_disk_cache() only guarantees a data field, a malformed cache file could contain last_validated: null or a string, causing a TypeError and breaking warm_up_cache startup. Defensive fix: coerce/validate last_validated (int/float) before subtraction and treat invalid values as stale (same hardening should be applied in _gh_get() which uses the same subtraction).

[Copilot]

Docstring says this checks the “persistent cache”, but the function also returns True when the URL exists in the in-memory _cache. Update the docstring to reflect both caches (or drop the in-memory check if you want the helper to be strictly about disk freshness).

[Copilot]

MagicMock is imported but never used in this test file. Removing the unused import keeps the test code tidy and avoids confusing future readers about intended mocking behavior.

Suggested change

	from unittest.mock import patch, MagicMock
	from unittest.mock import patch

[gemini-code-assist]

Code Review

This pull request introduces a significant optimization by skipping redundant DNS validation for blocklists that are already present and fresh in the persistent disk cache. However, this optimization reveals a critical security control bypass: the application trusts pre-fetched data in the in-memory cache without performing necessary security validations (e.g., checking for malicious folder names). This allows potentially malicious content from remote blocklists to bypass security checks. Additionally, a critical syntax error and an incorrect variable reference in the validate_folder_data function have been fixed, improving code robustness and debuggability. New performance tests (test_warm_up_cache_perf.py) provide excellent coverage for the caching logic.

[gemini-code-assist]

The new _is_cache_fresh helper function is a well-encapsulated and clear addition. It correctly checks both the in-memory and disk caches for freshness based on the CACHE_TTL_SECONDS, which is central to the PR's optimization goal.

[gemini-code-assist]

This new test file provides excellent coverage for the cache warm-up optimization. The tests clearly verify that validate_folder_url is correctly skipped for fresh cache entries and called for stale or missing ones. This ensures the new logic behaves as intended and prevents regressions.

[abhimehro]

🤖 Automated PR Review — Closing as duplicate

This PR bundles cache warm-up optimization with the ubiquitous syntax fix. The cache warm-up concept is good but this implementation mixes concerns. The syntax fix is in #412. Closing — consider re-submitting the cache warm-up optimization as a standalone PR after the syntax fix lands on main.

[google-labs-jules]

🤖 Automated PR Review — Closing as duplicate

This PR bundles cache warm-up optimization with the ubiquitous syntax fix. The cache warm-up concept is good but this implementation mixes concerns. The syntax fix is in #412. Closing — consider re-submitting the cache warm-up optimization as a standalone PR after the syntax fix lands on main.

Understood. Acknowledging that this PR is closed due to mixed concerns with the syntax fix. I am stopping work on this task for now.