fix: resolve merge commit detection and add production safety features #115
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
🔧 Fixed Git Show Bug: - Removed --format=%n from all git show calls (was producing ['', ''] empty arrays) - Added merge-aware fallback: git diff --name-only <parent^1> <commit> for merge commits 🚀 Customer Guidance: - Buildkite users: Keep CI_PIPELINE_SOURCE=merge_request_event override for GitLab-triggered pipelines - Squash merge opt-out: SOCKET_GIT_DISABLE_SQUASH_HEURISTIC=1 available if heuristic detection causes false positives (default: heuristic enabled)⚠️ Enhanced Warnings: - Octopus merges log a first-parent warning when 3+ parents detected - Clear messaging about limitations: 'Using first-parent diff only - may not show all changes from all branches' 📊 Detection Transparency: - Frozen DETECTION SUMMARY log schema for monitoring integration - Method tracking: mr-diff | merge-diff | single-commit-show - Git command logging for debugging support escalations 🛡️ Production Safety: - Parent commit validation prevents accidental huge diffs - Graceful error handling with clear failure messages - Lazy loading for improved performance ✅ What This Fixes: - Empty file detection on merge commits (['', ''] → actual changed files) - Incorrect API mode fallbacks on merge commits - Missing transparency in file detection logic - No guardrails against dangerous Git operations Real Detection Examples: - Single Commit: DETECTION SUMMARY: method=single-commit-show files=11 sha=095b0ccc cmd="git show --name-only 095b0cc..." - Merge Commit: DETECTION SUMMARY: method=merge-diff files=1 sha=b459b2e3 cmd="git diff --name-only 89ca8e3a..b459b2e3"
dachi-dev
requested review from
BarrensZeppelin and
hemanthkini
and removed request for
a team
|
🚀 Preview package published! Install with: pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple socketsecurity==2.3.0.dev1Docker image: |
dacoburn
approved these changes
Aug 26, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR fixes critical issues with merge commit file detection that was causing incorrect fallbacks to API mode and adds comprehensive production safety features.
Key Issues Resolved
Git Show Bug Fixed
Customer Guidance:
Enhanced Warnings:
Detection Transparency:
Production Safety:
What This Fixes
Real Detection Examples
Single Commit:
DETECTION SUMMARY: method=single-commit-show files=11 sha=095b0ccc cmd="git show --name-only 095b0ccc..."Merge Commit:
DETECTION SUMMARY: method=merge-diff files=1 sha=b459b2e3 cmd="git diff --name-only 89ca8e3a..b459b2e3"Testing
Public Changelog
N/A