You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Eight findings from Brad's review, addressed together. Recurring shape:
broad ``except Exception`` blocks were swallowing not just the realistic
failure (KeyError on missing dict field, sqlite3.Error on corrupt table,
OSError on missing file) but also bugs we'd want to know about. Each
catch is now narrowed to the actual failure mode the surrounding code
intends to handle, with regression coverage to pin the contract.
1. services/workspace_db.py:_build_composer_id_to_workspace_id —
narrow sqlite3.Error catch on the per-workspace state.vscdb open,
json.JSONDecodeError / ValueError catch on the row parse. Round-3
work; one site Brad flagged in the same pass.
Test: tests/test_workspace_db_special_paths.py::
TestBuildComposerMappingCorruptDb.
2. services/workspace_resolver.py:_infer_workspace_name_from_context —
same narrowing on the local-DB query (lconn.execute fetchone).
Test: tests/test_workspace_name_db_errors.py::
TestLocalQueryErrorSwallowed.
3. services/workspace_listing.py:list_workspace_projects — local
_safe_fetchall(query, params=()) helper routes the three
cursorDiskKV LIKE queries (composerData, messageRequestContext,
bubbleId) through sqlite3.Error → []. Same pattern as
workspace_tabs.py round 4.
Test: tests/test_workspace_listing_sql_errors.py.
4. api/workspaces.py:get_workspace CLI branch — replaced
cp["workspace_name"] / cp["last_updated_ms"] / cp["workspace_path"]
with .get(); added isinstance(cp, dict) skip to the lookup
generator. Brad's "unsafe dict access in CLI branch" finding.
Test: tests/test_get_workspace_cli_malformed.py (two cases).
5. services/workspace_listing.py CLI section — the projects loop now
guards cp non-dict, missing project_id, non-list sessions, and
non-dict session entries. Brad's "unsafe dict access in CLI
project loop" finding.
Test: tests/test_workspace_listing_cli.py::
TestMalformedCliProjectRecordSkipped.
6. services/cli_tabs.py:_get_cli_workspace_tabs — lookup generator
filters isinstance(cp, dict); project field access switched to
.get(); session iteration uses isinstance(session, dict). Brad's
"unsafe dict access in project lookup" finding on lines 17/22/25.
Test: tests/test_cli_tabs.py::TestMalformedCliProjectsListLookup.
7. services/workspace_tabs.py — diffs no longer double-represented.
Previously each diff was emitted both as ``tab.codeBlockDiffs``
(which the frontend at dashboard/static/js/download.js:128,274
and templates/workspace.html:135 actually reads) AND as a
synthetic ``**Tool Action:**`` AI bubble in ``tab.bubbles`` (no
consumer). Dropped the synthesis loop + the now-unused
``synthetic`` flag and its filter in the response-time pass.
Brad's "diffs double-represented" finding.
Test: tests/test_workspace_tabs_malformed_nested.py::
TestDiffsEmittedOnlyAsCodeBlockDiffs replaces the prior
synthetic-timestamp tests.
8. services/workspace_tabs.py — merged the two
``messageRequestContext:%`` LIKE queries (built message_request_
context_map and project_layouts_map respectively) into a single
pass that fills both maps. Brad's "messageRequestContext queried
twice" finding.
9. services/workspace_db.py — narrowed the two remaining broad
excepts: _collect_workspace_entries → OSError;
_collect_invalid_workspace_ids → (OSError, ValueError, KeyError,
TypeError). Brad's "broad silent except Exception: pass" finding.
207 tests pass (was 196; +11 across this round). The recurring
heuristic across all four rounds on this PR: every nested iteration
site needs ``isinstance(..., dict)``, every DB read needs
``sqlite3.Error`` catch, and broad excepts swallow the bugs we want
to know about.
0 commit comments