fix(versioning): reject create-segment-override on v2 environments#7494
Merged
Conversation
Direct writes through the legacy feature-state CRUD endpoints mutated
the live FeatureState row in place on v2-versioned environments,
bypassing the version graph: no new EnvironmentFeatureVersion, no audit
row, no NEW_VERSION_PUBLISHED webhook, and the change was lost on
rollback to a prior version.
Reject these calls with 400 and point callers at the versioning
endpoint. Identity overrides stay allowed since they are not part of
the version graph.
Affected endpoints:
- POST/PUT/PATCH /api/v1/environments/{api_key}/featurestates/[{id}/]
- POST/PUT/PATCH /api/v1/features/featurestates/[{id}/]
for more information, see https://pre-commit.ci
DELETE on the nested feature-state endpoint had the same version-graph bypass as POST/PUT/PATCH: removing the live FS for an env or segment override silently mutated the live EnvironmentFeatureVersion's row set. Reject these calls with 400 too; identity-override deletes stay allowed.
Co-locate the guard with update_flag() and the other v2-versioning policy in features/versioning/versioning_service.py, and move the exception alongside the other versioning errors. Rename the helpers to require_direct_state_write/_for_state to signal that they raise. Trim the exception message to a static one-liner.
for more information, see https://pre-commit.ci
Drop the orienting comment from require_direct_state_write; the function name and exception class carry the meaning. Add the "v2 feature versioning" detail assertion to the three blocking tests that were missing it for consistency.
The guard was too aggressive and rejected supported v2 flows where the caller participates in the version graph explicitly. Two refinements: - POST on the simple endpoint with environment_feature_version in the body is the supported way to create a segment override on a draft EFV. Skip the guard in that case. - PUT/PATCH/DELETE against a FeatureState attached to an unpublished (draft) EnvironmentFeatureVersion is modifying a draft, not bypassing the version graph. Skip the guard in that case too. Unblocks test_4eyes_workflow_with_v2_versioning. Adds two unit tests covering both new allow paths.
The `POST /environments/{api_key}/features/{feature_pk}/create-segment-override/`
view never threaded `environment_feature_version` into the serializer context,
so on v2 environments the nested `CustomCreateSegmentOverrideFeatureSegmentSerializer`
hit an `AssertionError` and returned HTTP 500.
Reuse `require_direct_state_write` from the v2 direct-write guard to return a
documented HTTP 400 instead, and convert the now-unreachable `assert` in the
nested serializer to a `ValidationError` so any future v2 caller that forgets
the context still gets a 400 rather than a 500.
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
There was a problem hiding this comment.
Claude Code Review
This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.
Tip: disable this comment in your organization's Code Review settings.
|
The latest updates on your projects. Learn more about Vercel for GitHub. 3 Skipped Deployments
|
Contributor
Docker builds report
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## worktree-block-v2-fs-direct-put #7494 +/- ##
===================================================================
- Coverage 98.44% 98.44% -0.01%
===================================================================
Files 1399 1398 -1
Lines 52764 52749 -15
===================================================================
- Hits 51944 51929 -15
Misses 820 820 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Contributor
Playwright Test Results (oss - depot-ubuntu-latest-arm-16)
Details
Playwright Test Results (oss - depot-ubuntu-latest-16)
Details
Playwright Test Results (private-cloud - depot-ubuntu-latest-16)
Details
Playwright Test Results (private-cloud - depot-ubuntu-latest-arm-16)
Details
Playwright Test Results (oss - depot-ubuntu-latest-arm-16)
Details
Playwright Test Results (oss - depot-ubuntu-latest-16)
Details
Playwright Test Results (private-cloud - depot-ubuntu-latest-arm-16)
Details
Playwright Test Results (private-cloud - depot-ubuntu-latest-16)
Details
|
Contributor
Visual Regression16 screenshots compared. See report for details. |
…ializer With the view-layer guard in `create_segment_override` and the always-set context in `EnvironmentFeatureVersionFeatureStatesViewSet`, no caller can reach the nested serializer's save without `environment_feature_version` on a v2 environment.
Zaimwa9
previously approved these changes
May 13, 2026
Zaimwa9
approved these changes
May 13, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Thanks for submitting a PR! Please check the boxes below:
docs/if required so people know about the feature.Changes
Closes #7493
POST /api/v1/environments/{api_key}/features/{feature_pk}/create-segment-override/raised an unhandledAssertionError(HTTP 500) on Feature Versioning v2 environments. The view never threadedenvironment_feature_versioninto the serializer context, so the nestedCustomCreateSegmentOverrideFeatureSegmentSerializerhit a# pragma: no coverassertion. Customers calling this endpoint directly (CI scripts, Terraform, custom tooling) saw an opaque 500 with no actionable body. The dashboard itself was unaffected — it branches onuse_v2_feature_versioninginfeature-list-store.tsand uses the versioned feature-state endpoints instead.This PR:
require_direct_state_write(added in fix(versioning): reject legacy feature-state writes on v2 environments #7488) from thecreate_segment_overrideview, returning HTTP 400 withDirectFeatureStateWriteNotAllowedError's documented detail message on v2 environments.assertinCustomCreateSegmentOverrideFeatureSegmentSerializer.saveto aserializers.ValidationError, so any future caller that forgets to threadenvironment_feature_versionstill gets a 400 rather than a 500.The supported path on v2 environments remains the
EnvironmentFeatureVersionFeatureStatesViewSet(POST /environments/{env}/features/{feature}/versions/{uuid}/featurestates/).How did you test this code?
Added
test_create_segment_override__v2_versioning_environment__returns_400inapi/tests/unit/features/test_unit_features_views.py, parametrised overadmin_client_new(user + master API key). The test asserts:FeatureStaterow is createdRan the full
create_segment_overridesuite (16 tests) and thefeature_segmentssuite (52 passed, 2 pre-existing skips) — all green.