Skip to content

Fastapi #97

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gkorland merged 11 commits into from
Aug 21, 2025
Merged

Fastapi #97

gkorland merged 11 commits into from
Aug 21, 2025

Conversation

@gkorland
Copy link
Contributor

@gkorland gkorland commented Aug 21, 2025

No description provided.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Aug 21, 2025

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing Touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch fastapi

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

  • Visit our Status Page to check the current availability of CodeRabbit.
  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@vercel
Copy link

vercel bot commented Aug 21, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
queryweaver Ready Ready Preview Comment Aug 21, 2025 2:42pm

github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 21, 2025
View reviewed changes
api/routes/graphs.py
) + MESSAGE_DELIMITER

return Response(stream_with_context(generate()), content_type="application/json")
return StreamingResponse(generate(), media_type="application/json")

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
Loading
flows to this location and may be exposed to an external user.
Stack trace information
Loading
flows to this location and may be exposed to an external user.
Stack trace information
Loading
flows to this location and may be exposed to an external user.
Stack trace information
Loading
flows to this location and may be exposed to an external user.
Stack trace information
Loading
flows to this location and may be exposed to an external user.

Copilot Autofix

AI 5 months ago

To fix the problem, we need to ensure that any error messages returned from the loader (specifically, those from MySQLLoader.load and MySQLLoader.refresh_graph_schema) are not sent directly to the user if they may contain sensitive information. Instead, we should log the detailed error message on the server and return a generic error message to the user.

The main region to change is in api/routes/graphs.py, inside the generate() function, where the result of loader_class.refresh_graph_schema(graph_id, db_url) is handled. If refresh_success is False, we should log refresh_message and return a generic error message in the response.

No changes are needed in api/loaders/mysql_loader.py unless you want to further sanitize error messages at the source, but the main exposure is in the API response.

Required changes:

  • In api/routes/graphs.py, inside the generate() function, update the block that handles schema refresh failures to log the detailed error and return a generic message to the user.
  • Ensure logging is done using the existing logging module.
Suggested changeset 1
api/routes/graphs.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/api/routes/graphs.py b/api/routes/graphs.py
--- a/api/routes/graphs.py
+++ b/api/routes/graphs.py
@@ -464,8 +464,9 @@
                                 }
                             ) + MESSAGE_DELIMITER
                         else:
-                            failure_msg = (f"⚠️ Schema was modified but graph "
-                                         f"refresh failed: {refresh_message}")
+                            # Log the detailed error message server-side
+                            logging.error("Graph schema refresh failed: %s", str(refresh_message))
+                            failure_msg = ("⚠️ Schema was modified but graph refresh failed due to an internal error. Please contact support or try again later.")
                             yield json.dumps(
                                 {
                                     "type": "schema_refresh",
EOF
@@ -464,8 +464,9 @@
}
) + MESSAGE_DELIMITER
else:
failure_msg = (f"⚠️ Schema was modified but graph "
f"refresh failed: {refresh_message}")
# Log the detailed error message server-side
logging.error("Graph schema refresh failed: %s", str(refresh_message))
failure_msg = ("⚠️ Schema was modified but graph refresh failed due to an internal error. Please contact support or try again later.")
yield json.dumps(
{
"type": "schema_refresh",
Copilot is powered by AI and may make mistakes. Always verify output.
api/routes/graphs.py
) + MESSAGE_DELIMITER

return Response(stream_with_context(generate_confirmation()), content_type="application/json")
return StreamingResponse(generate_confirmation(), media_type="application/json")

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
Loading
flows to this location and may be exposed to an external user.
Stack trace information
Loading
flows to this location and may be exposed to an external user.
Stack trace information
Loading
flows to this location and may be exposed to an external user.
Stack trace information
Loading
flows to this location and may be exposed to an external user.

Copilot Autofix

AI 5 months ago

To fix the problem, we need to ensure that any error messages returned from the loader (specifically, refresh_message from loader_class.refresh_graph_schema) are not sent directly to the user if the operation fails. Instead, we should log the detailed error message on the server and return a generic error message in the API response. This change should be made in api/routes/graphs.py, in the confirm_destructive_operation function, specifically in the generator function generate_confirmation, where the schema refresh failure message is yielded to the user. The fix involves replacing the use of refresh_message in the response with a generic message, while logging the actual error for debugging purposes.

Suggested changeset 1
api/routes/graphs.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/api/routes/graphs.py b/api/routes/graphs.py
--- a/api/routes/graphs.py
+++ b/api/routes/graphs.py
@@ -573,11 +573,11 @@
                             }
                         ) + MESSAGE_DELIMITER
                     else:
+                        logging.error("Schema was modified but graph refresh failed: %s", refresh_message)
                         yield json.dumps(
                             {
                                 "type": "schema_refresh",
-                                "message": (f"⚠️ Schema was modified but graph refresh failed: "
-                                          f"{refresh_message}"),
+                                "message": "⚠️ Schema was modified but graph refresh failed due to an internal error.",
                                 "refresh_status": "failed"
                             }
                         ) + MESSAGE_DELIMITER
EOF
@@ -573,11 +573,11 @@
}
) + MESSAGE_DELIMITER
else:
logging.error("Schema was modified but graph refresh failed: %s", refresh_message)
yield json.dumps(
{
"type": "schema_refresh",
"message": (f"⚠️ Schema was modified but graph refresh failed: "
f"{refresh_message}"),
"message": "⚠️ Schema was modified but graph refresh failed due to an internal error.",
"refresh_status": "failed"
}
) + MESSAGE_DELIMITER
Copilot is powered by AI and may make mistakes. Always verify output.
@galshubeli galshubeli self-requested a review August 21, 2025 14:46
@gkorland gkorland merged commit 1f04885 into staging Aug 21, 2025
6 of 8 checks passed
@gkorland gkorland deleted the fastapi branch August 21, 2025 14:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@galshubeli galshubeli galshubeli approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@gkorland @galshubeli