Skip to content

refactor: split dashboard.py into package#98

Merged
pratyush618 merged 2 commits intomasterfrom
refactor/dashboard-package-split
May 1, 2026
Merged

refactor: split dashboard.py into package#98
pratyush618 merged 2 commits intomasterfrom
refactor/dashboard-package-split

Conversation

@pratyush618
Copy link
Copy Markdown
Collaborator

@pratyush618 pratyush618 commented May 1, 2026

Summary

  • Convert flat 572-line dashboard.py into a dashboard/ package
  • Per-feature handlers under dashboard/handlers/ (jobs, dead_letters, metrics, logs, queues, scaler)
  • Server, routing tables, static asset serving, and exception sentinels split out
  • Largest file in the new package: server.py at 218 lines

Layout

  • dashboard/__init__.py — re-exports the public API (serve_dashboard, build_scaler_response, StaticAssets, plus the test-internals _make_handler, _content_type_for, _resolve_static_node)
  • dashboard/errors.py_BadRequest, _NotFound
  • dashboard/static.pyStaticAssets, _get_default_assets, content-type table, missing-assets HTML
  • dashboard/routes.pyGET_ROUTES, GET_PARAM_ROUTES, POST_ROUTES, POST_PARAM_ROUTES
  • dashboard/server.pyDashboardHandler, serve_dashboard, _make_handler
  • dashboard/handlers/ — per-feature handler functions

Why

  • Prep for the upcoming dashboard-settings feature so new endpoints land in handlers/settings.py instead of stretching the single file
  • Each handler can grow without bloating one giant file

Test plan

  • uv run ruff check py_src/
  • uv run mypy py_src/taskito/ --no-incremental
  • uv run python -m pytest tests/python/test_dashboard.py tests/python/test_dashboard_static.py tests/python/test_keda.py -v — 64 passed
  • uv run python -m pytest tests/python/ -v — 465 passed, 9 skipped
  • All existing imports (from taskito.dashboard import serve_dashboard, build_scaler_response, StaticAssets, _content_type_for, _resolve_static_node, _make_handler) keep working — verified by test suite

@pratyush618
refactor: split dashboard.py into package
6d719ce 
Move the 572-line single-file dashboard into a dashboard/ package with
errors, static, routes, server, and per-feature handlers/ submodules.
Public API (serve_dashboard, build_scaler_response, StaticAssets) stays
at taskito.dashboard via re-exports. No behavior changes.
@github-actions github-actions Bot added the python label May 1, 2026
github-advanced-security[bot]
github-advanced-security AI found potential problems May 1, 2026
View reviewed changes
Comment thread py_src/taskito/dashboard/server.py Fixed
Comment thread py_src/taskito/dashboard/server.py Fixed
@pratyush618
fix: sanitize user-controlled path before logging
87ece48 
Strip ASCII control characters (CR, LF, null, etc.) and cap length
before passing self.path to logger.exception, defeating log-forging
via crafted request URLs. Addresses CodeQL log-injection alerts on
do_GET / do_POST exception paths.
@github-actions github-actions Bot added the tests label May 1, 2026
@pratyush618
Copy link
Copy Markdown
Collaborator Author

pratyush618 commented May 1, 2026

Fixed CodeQL log-injection alerts: added _safe_path() that strips ASCII control characters (CR/LF/null/etc.) and truncates to 256 chars before passing self.path to logger.exception in the do_GET/do_POST exception paths. Plus regression tests in tests/python/test_dashboard_static.py.

@pratyush618 pratyush618 merged commit e8ee523 into master May 1, 2026
19 checks passed
@pratyush618 pratyush618 deleted the refactor/dashboard-package-split branch May 2, 2026 05:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

python tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pratyush618 @github-advanced-security