Fix GitHub Action Docker build and push

[j4ys0n]

This commit addresses four critical issues:

1. Docker build failure: Made llama.cpp extraction more robust by automatically detecting the extracted directory name instead of hardcoding it. This prevents failures when the directory structure doesn't match expectations.

2. Security: Removed sanitize=False from ui.html() in configure.py. The HTML content is purely static with no user input, so sanitization can be safely enabled to prevent potential XSS risks.

3. GGUF cleanup logic: Improved intermediate file cleanup to properly check if files are the same using os.path.samefile(), preventing issues on case-insensitive filesystems and avoiding deletion of files that shouldn't be removed.

4. Error handling: Added comprehensive error handling for HuggingFace model downloads with specific error messages for common failure scenarios (authentication, gated repos, network issues, etc.).

Files changed:

• docker/Dockerfile.gpu: Robust llama.cpp extraction
• src/msquant/app/pages/configure.py: Remove sanitize=False
• src/msquant/core/quantizer/engine.py: Improve cleanup logic and error handling

[j4ys0n]

Automated review 🤖

Summary of Changes
This PR fixes critical issues in the Docker build process, improves security by enabling HTML sanitization, enhances GGUF file cleanup logic for cross-platform compatibility, and adds robust error handling for HuggingFace model downloads. These changes improve reliability, security, and user experience.

Key Changes & Positives

• 🟢 Dockerfile.gpu: Robust extraction of llama.cpp binaries using dynamic directory detection instead of hardcoded paths.
• 🟢 configure.py: Re-enabled HTML sanitization for static content, improving XSS protection.
• 🟢 engine.py: Added comprehensive error handling for HuggingFace downloads with user-friendly messages.
• 🟢 engine.py: Improved cleanup logic using os.path.samefile() to prevent accidental file deletion on case-insensitive systems.

Potential Issues & Recommendations

1. Issue / Risk: The Dockerfile uses find with head -1 to detect extracted directory, which may fail if multiple matches exist.
   Impact: Could lead to incorrect directory being moved.
   Recommendation: Add a check to ensure only one matching directory exists.
   Status: 🟡 Needs review

2. Issue / Risk: The fallback logic in cleanup uses string comparison if os.path.samefile() fails.
   Impact: May not correctly identify same files on some systems.
   Recommendation: Ensure consistent behavior across platforms by testing edge cases.
   Status: 🟡 Needs review

3. Issue / Risk: Error messages for HuggingFace downloads are generic in some cases.
   Impact: May not provide enough context for troubleshooting.
   Recommendation: Include more detailed error information (e.g., full traceback or request details).
   Status: 🟡 Needs review

Language/Framework Checks

• Python: Exception handling is improved with specific error types; logging and type hints are used appropriately.
• Dockerfile: Shell scripting is robust with error checks and cleanup.

Security & Privacy

• 🟢 HTML sanitization is re-enabled, mitigating potential XSS risks.
• 🟢 No secrets or sensitive data exposed in the diff.

Build/CI & Ops

• 🟢 Docker build logic is more resilient to version changes.
• 🟢 Error handling in model download improves robustness.

Tests

• No test changes included. Consider adding unit tests for:
  • HuggingFace error scenarios
  • File cleanup logic on case-sensitive and insensitive filesystems
  • Docker build edge cases

Approval Recommendation
Approve with caveats

• Verify Docker build behavior with multiple directory matches
• Confirm cleanup logic works correctly across filesystem types
• Ensure error messages are sufficiently informative for debugging

[Copilot]

Pull Request Overview

This PR improves error handling, file system handling, and Docker installation robustness for the GGUF quantization functionality.

• Enhanced error handling in _download_model() with specific exception types and user-friendly error messages
• Fixed GGUF quantization logic to properly handle case-insensitive filesystems and format matching
• Improved Docker installation script to handle potential variations in llama.cpp directory structure

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File	Description
src/msquant/core/quantizer/engine.py	Added detailed exception handling for model downloads, improved format comparison logic, and fixed cleanup logic for case-insensitive filesystems
src/msquant/app/pages/configure.py	Removed deprecated sanitize=False parameter from ui.html() call
docker/Dockerfile.gpu	Enhanced llama.cpp installation to be more robust against directory name variations

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This comparison may fail when intermediate_format could have values like 'q8_0' (lowercase with underscore) but quant_type could be 'Q8_0' (uppercase). The comparison should normalize the format strings by converting to a consistent case and handling underscores and hyphens uniformly, or by checking both uppercase and lowercase variants.

[Copilot]

[nitpick] The fallback logic duplicates the cleanup code from lines 500-501. Consider extracting the cleanup logic into a helper function or restructuring to avoid duplication.

[Copilot]

[nitpick] The error handling combines multiple operations on a single line with &&, making it harder to read and debug. Consider splitting into multiple RUN commands or separate lines within the same RUN for better clarity.

[j4ys0n]

Automated review 🤖

Summary of Changes
This PR fixes critical issues in the Docker build process, improves security by enabling HTML sanitization, enhances GGUF cleanup logic for cross-platform compatibility, and adds robust error handling for HuggingFace model downloads. These changes improve reliability, security, and maintainability.

Key Changes & Positives

• 🟢 Dockerfile.gpu: Robust extraction of llama.cpp binaries using dynamic directory detection instead of hardcoded paths.
• 🟢 configure.py: Enabled HTML sanitization for static content to prevent XSS vulnerabilities.
• 🟢 engine.py: Improved cleanup logic using os.path.samefile() to avoid unintended file deletions on case-insensitive filesystems.
• 🟢 engine.py: Added granular error handling for HuggingFace downloads with user-friendly messages for common failure modes.

Potential Issues & Recommendations

1. Issue / Risk: The Dockerfile uses find to detect extracted directory names, which may not be portable across all systems.
   Impact: Could cause build failures in environments with different shell or find implementations.
   Recommendation: Use a more robust method like unzip -l to list contents and parse the directory name.
   Status: 🟡 Needs review

2. Issue / Risk: The os.path.samefile() fallback in cleanup logic may still miss edge cases on some filesystems.
   Impact: Slight risk of deleting unintended files if os.path.samefile() fails.
   Recommendation: Add logging for OSError or ValueError to track such failures.
   Status: 🟡 Needs review

3. Issue / Risk: The _normalize_format function may not handle all valid GGUF format strings consistently.
   Impact: Could lead to incorrect quantization skipping logic.
   Recommendation: Add unit tests to validate format normalization behavior.
   Status: 🟡 Needs review

Language/Framework Checks

• Python: All error handling aligns with Python best practices; logging levels and exception chaining are appropriate.
• Dockerfile: Shell commands are valid, but find usage should be verified for portability.
• TypeScript/Node: Not present in diff.
• Go/Java/HCL: Not present in diff.

Security & Privacy

• 🟢 HTML sanitization is now enabled for static content, mitigating potential XSS risks.
• 🟢 No new secrets or sensitive data introduced.

Build/CI & Ops

• 🟢 Docker build logic is more resilient to upstream changes in llama.cpp release structure.
• 🟢 Error messages for HuggingFace downloads are more actionable for users.

Tests

• 🟡 No new tests included. Consider adding unit tests for:
  • _normalize_format() function
  • os.path.samefile() fallback behavior
  • HuggingFace error handling scenarios

Approval Recommendation
Approve with caveats

• Verify Docker build behavior on different environments due to find usage
• Add unit tests for format normalization and cleanup logic
• Confirm os.path.samefile() fallback is sufficient for all supported platforms

[j4ys0n]

Automated review 🤖

Summary of Changes
This PR fixes critical issues in the Docker build process, improves security by enabling HTML sanitization, enhances GGUF cleanup logic to prevent accidental file deletion, and adds robust error handling for HuggingFace model downloads. These changes improve reliability, security, and user experience.

Key Changes & Positives

• 🟢 Docker build robustness: The llama.cpp extraction in Dockerfile.gpu now dynamically detects the extracted directory name, preventing build failures due to hardcoded paths.
• 🟢 Security improvement: Removed sanitize=False in configure.py, enabling HTML sanitization for static content to mitigate XSS risks.
• 🟢 Improved cleanup logic: The engine.py now uses os.path.samefile() to safely compare files, preventing deletion of unintended files on case-insensitive filesystems.
• 🟢 Better error handling: Added specific error messages for HuggingFace download failures (auth, gated repos, network issues), improving debuggability.

Potential Issues & Recommendations

1. Issue / Risk: The Dockerfile uses find and head -1 to detect the extracted directory, which may not be reliable in all environments.
   Impact: Could lead to build failures if multiple directories match the pattern.
   Recommendation: Add a check to ensure only one matching directory exists.
   Status: 🟡 Needs review

2. Issue / Risk: The fallback logic in cleanup uses string comparison if os.path.samefile fails, which may not be fully robust.
   Impact: Slight risk of incorrect file deletion on some systems.
   Recommendation: Add logging to indicate when fallback logic is used.
   Status: 🟡 Needs review

3. Issue / Risk: The _normalize_format function may not handle all edge cases for format strings.
   Impact: Could lead to incorrect quantization skipping.
   Recommendation: Add unit tests for various format inputs.
   Status: 🟡 Needs review

Language/Framework Checks

• Python:
  • ✅ Error handling aligns with huggingface_hub and requests exceptions.
  • ✅ Logging levels and structured messages are appropriate.
  • ✅ No concurrency issues detected.
  • ✅ Type hints and imports are clean.

Security & Privacy

• 🟢 HTML sanitization is now enabled in configure.py, improving XSS protection.
• 🔴 No sensitive data or secrets found in the diff.

Build/CI & Ops

• 🟢 Docker build logic is more resilient to directory naming changes.
• 🟢 Error messages for HuggingFace downloads are user-friendly and actionable.

Tests

• 🟡 No tests included in the diff.
• 🔴 Recommend adding unit tests for:
  • _normalize_format function
  • File comparison logic in cleanup
  • HuggingFace error handling scenarios

Approval Recommendation
Approve with caveats

• Verify Docker build behavior with multiple directory structures
• Confirm fallback logic in cleanup is sufficient for all filesystems
• Add unit tests for new logic in engine.py
• Validate that HTML sanitization doesn't break UI rendering

[Copilot]

Pull Request Overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Potential AttributeError if HfHubHTTPError doesn't have a response attribute or if response is None. Add a guard check: if hasattr(e, 'response') and e.response and e.response.status_code == 401:

Suggested change

	if e.response.status_code == 401:
	raise RuntimeError(
	f"Authentication failed for model '{model_id}'. "
	f"Please log in with 'huggingface-cli login'."
	) from e
	elif e.response.status_code == 403:
	raise RuntimeError(
	f"Access denied for model '{model_id}'. "
	f"You may need to accept the model's license agreement on HuggingFace Hub."
	) from e
	else:
	if hasattr(e, 'response') and e.response and e.response.status_code == 401:
	raise RuntimeError(
	f"Authentication failed for model '{model_id}'. "
	f"Please log in with 'huggingface-cli login'."
	) from e
	elif hasattr(e, 'response') and e.response and e.response.status_code == 403:
	raise RuntimeError(
	f"Access denied for model '{model_id}'. "
	f"You may need to accept the model's license agreement on HuggingFace Hub."
	) from e
	elif hasattr(e, 'response') and e.response and hasattr(e.response, 'status_code'):

[Copilot]

[nitpick] The nested condition on line 507 can be combined with line 506 for better readability: if os.path.exists(intermediate_file) and os.path.exists(final_file) and not os.path.samefile(intermediate_file, final_file):

Suggested change

	if os.path.exists(intermediate_file) and os.path.exists(final_file):
	if not os.path.samefile(intermediate_file, final_file):
	logger.info(f"Cleaning up intermediate file: {intermediate_file}")
	os.remove(intermediate_file)
	if os.path.exists(intermediate_file) and os.path.exists(final_file) and not os.path.samefile(intermediate_file, final_file):
	logger.info(f"Cleaning up intermediate file: {intermediate_file}")
	os.remove(intermediate_file)

[j4ys0n]

Automated review 🤖

Summary of Changes
This PR fixes critical issues in the Docker build process, improves error handling for HuggingFace model downloads, enhances GGUF file cleanup logic, and removes a security risk by enabling HTML sanitization. The changes improve robustness, security, and maintainability of the quantization pipeline.

Key Changes & Positives

• 🟢 Docker build robustness: The llama.cpp extraction in Dockerfile.gpu now dynamically detects the extracted directory name, preventing failures due to hardcoded paths.
• 🟢 Improved error handling: Added specific error types and messages for HuggingFace model downloads, improving diagnostics for common failure modes.
• 🟢 Security fix: Removed sanitize=False in configure.py, enabling HTML sanitization to prevent XSS.
• 🟢 Better cleanup logic: Uses os.path.samefile() to correctly detect and avoid deleting files that are the same on case-insensitive filesystems.

Potential Issues & Recommendations

1. Issue / Risk: The Dockerfile uses find to detect the extracted directory, which may fail if multiple directories match the pattern.
   Impact: Could cause build failures in edge cases.
   Recommendation: Add a check to ensure only one matching directory exists, or use a more robust extraction method.
   Status: 🟡 Needs review

2. Issue / Risk: The fallback logic in cleanup uses string comparison if os.path.samefile() fails.
   Impact: May not correctly handle symbolic links or edge cases.
   Recommendation: Ensure the fallback logic is sufficient or improve error handling for os.path.samefile() failures.
   Status: 🟡 Needs review

3. Issue / Risk: The _normalize_format function may not cover all valid GGUF format variations.
   Impact: Could lead to incorrect quantization skipping.
   Recommendation: Add unit tests for various format strings to ensure normalization works as expected.
   Status: 🟡 Needs review

Language/Framework Checks

• Python: Error handling and exception types are well-defined and aligned with HuggingFace Hub and requests libraries. Logging and type hints are used appropriately.
• Dockerfile: Shell scripting is clean and handles edge cases with find and ls for debugging.

Security & Privacy

• 🟢 HTML sanitization: Removed sanitize=False to prevent XSS vulnerabilities in static UI content.
• 🔴 Model download errors: Improved error messages for gated repos, authentication, and network issues, but no explicit token handling or retry logic added.

Build/CI & Ops

• 🟢 Docker build: Improved robustness with dynamic directory detection.
• 🟡 Error handling: Could benefit from retry logic for transient network issues during model downloads.

Tests

• 🟡 Missing tests: No unit tests added for the new error handling or normalization logic.
• Recommendation: Add tests for _normalize_format, error handling paths, and cleanup logic to ensure correctness.

Approval Recommendation
Approve with caveats

• Verify Docker build behavior with multiple matching directories in llama.zip
• Ensure fallback logic in cleanup is sufficient for all filesystem edge cases
• Add unit tests for new error handling and normalization functions
• Consider adding retry logic for transient network errors during model downloads