Skip to content

🐛 Raise a YAMLRocksError, not a bare ValueError, on malformed input encoding#175

Merged
frenck merged 1 commit into
mainfrom
frenck/ffi-decode-error-type
Jul 2, 2026
Merged

🐛 Raise a YAMLRocksError, not a bare ValueError, on malformed input encoding#175
frenck merged 1 commit into
mainfrom
frenck/ffi-decode-error-type

Conversation

@frenck

@frenck frenck commented Jul 2, 2026

Copy link
Copy Markdown
Owner

Breaking change

None. YAMLRocksDecodeError is a subclass of both YAMLRocksError and ValueError, so any existing except ValueError keeps catching these malformed-encoding failures; they now also fall under except YAMLRocksError.

Proposed change

A malformed byte encoding (a lone UTF-8 surrogate, odd-length or unpaired UTF-16, a non-scalar UTF-32 code point) was rejected with a raw PyO3 ValueError from bytes_to_string, outside the library's exception hierarchy. A caller catching yamlrocks.YAMLRocksError would miss it, and the error carried none of the library's attributes.

This routes the four decode-failure sites through errors::decode_message, raising a YAMLRocksDecodeError, which is inside the YAMLRocksError hierarchy and still a ValueError subclass. Added a parametrized regression test over the malformed-encoding cases across the read entry points.

Type of change

  • Dependency or tooling upgrade
  • Bugfix (non-breaking change that fixes an issue)
  • New feature (non-breaking change that adds functionality)
  • Deprecation (replaces or removes a feature, with a migration path)
  • Breaking change (a fix or feature that changes existing behavior)
  • Code quality, refactor, or test-only change
  • Documentation only

Additional information

  • This PR fixes or closes issue: None
  • This PR is related to: None
  • Link to a separate documentation pull request: None

Checklist

  • I have read the AI Policy, and this pull request was not created by an autonomous agent.
  • I fully understand the code in this pull request and can explain every line, including any AI-assisted changes.
  • The change is covered by tests, and uv run pytest passes locally. A pull request cannot be merged unless CI is green.
  • uv run ruff check . and uv run ruff format --check . pass.
  • cargo fmt --check and cargo clippy --all-targets -- -D warnings pass.
  • Round-trip fidelity is preserved: an unmodified document still re-emits byte-for-byte.
  • No commented-out or dead code is left in the pull request.

…ncoding

A malformed byte encoding (a lone UTF-8 surrogate, odd-length or unpaired
UTF-16, a non-scalar UTF-32 code point) was rejected with a raw PyO3
`ValueError` from `bytes_to_string`, outside the library's exception
hierarchy. A caller doing `except yamlrocks.YAMLRocksError` would not catch it,
and it carried none of the library's location attributes.

Route the four decode-failure sites through `errors::decode_message`, which
raises a `YAMLRocksDecodeError`. That stays inside the `YAMLRocksError`
hierarchy while remaining a `ValueError` subclass, so existing
`except ValueError` callers keep working too.
Copilot AI review requested due to automatic review settings July 2, 2026 22:35
@frenck frenck added the bugfix Inconsistencies or issues which will cause a problem for users or implementers. label Jul 2, 2026
@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown

Warning

Review limit reached

@frenck, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 8 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: c9884db8-e6f1-474e-a1b8-ddf769cc7d80

📥 Commits

Reviewing files that changed from the base of the PR and between 5932e3e and ea471a5.

📒 Files selected for processing (2)
  • src/ffi/mod.rs
  • tests/core/test_exceptions.py

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@codspeed-hq

codspeed-hq Bot commented Jul 2, 2026

Copy link
Copy Markdown

Merging this PR will not alter performance

✅ 16 untouched benchmarks


Comparing frenck/ffi-decode-error-type (ea471a5) with main (5932e3e)

Open in CodSpeed

@codecov-commenter

codecov-commenter commented Jul 2, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 80.00000% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 92.55%. Comparing base (98592c0) to head (ea471a5).
⚠️ Report is 2 commits behind head on main.

Files with missing lines Patch % Lines
src/ffi/mod.rs 80.00% 1 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main     #175      +/-   ##
==========================================
+ Coverage   92.37%   92.55%   +0.18%     
==========================================
  Files          40       40              
  Lines       11201    11432     +231     
==========================================
+ Hits        10347    10581     +234     
+ Misses        854      851       -3     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes an exception-hierarchy leak: malformed byte-encoding input (lone UTF-8 surrogates, odd-length/unpaired UTF-16, out-of-range UTF-32) previously raised a bare PyO3 ValueError from bytes_to_string, which fell outside the library's YAMLRocksError hierarchy. It routes those failures through errors::decode_message, raising YAMLRocksDecodeError (a subclass of both YAMLRocksError and ValueError), so except YAMLRocksError now catches them while existing except ValueError callers are unaffected. This aligns the read path with the rest of the library's error model and improves the file-origin tagging and PyYAML-compat shim behavior for these cases.

Changes:

  • Replaced bare PyValueError::new_err(...) with errors::decode_message(...) at the five encoding decode-failure sites.
  • Updated the bytes_to_string rustdoc to describe the new YAMLRocksDecodeError behavior.
  • Added a parametrized regression test asserting malformed encodings raise YAMLRocksError while staying ValueError-compatible.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
src/ffi/mod.rs Routes UTF-8/16/32 decode failures through errors::decode_message (→ YAMLRocksDecodeError) and updates the bytes_to_string docstring.
tests/core/test_exceptions.py Adds a parametrized test verifying malformed encodings raise YAMLRocksError and remain ValueError-compatible.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread tests/core/test_exceptions.py
@frenck frenck merged commit 18bee68 into main Jul 2, 2026
74 of 75 checks passed
@frenck frenck deleted the frenck/ffi-decode-error-type branch July 2, 2026 23:04
@github-actions github-actions Bot locked as resolved and limited conversation to collaborators Jul 4, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

bugfix Inconsistencies or issues which will cause a problem for users or implementers.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants