Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| } | ||
|
|
||
| entries.join(&separator.to_string()) | ||
| } |
There was a problem hiding this comment.
PYTHONPATH includes package subdirs, shadowing standard library
High Severity
build_site_packages_pythonpath adds every non-hidden subdirectory of site-packages to PYTHONPATH. Since PYTHONPATH entries are prepended to sys.path before the standard library, package directories like site-packages/django/ become top-level import sources. This causes Django's internal submodules (e.g., django/http/, django/test/) to shadow Python standard library modules of the same name. For the Django e2e test, import http would resolve to django/http/ instead of the stdlib http, breaking http.server used by Django's dev server.
Reviewed by Cursor Bugbot for commit 1317c7d. Configure here.
⏱️ Benchmark Resultsgatsby install-full-cold
📊 Raw benchmark data (gatsby install-full-cold)Base times: 2.405s, 2.450s, 2.431s, 2.512s, 2.407s, 2.450s, 2.470s, 2.442s, 2.420s, 2.408s, 2.389s, 2.434s, 2.398s, 2.478s, 2.381s, 2.432s, 2.456s, 2.463s, 2.422s, 2.468s, 2.471s, 2.412s, 2.425s, 2.439s, 2.410s, 2.421s, 2.428s, 2.431s, 2.460s, 2.430s Head times: 2.446s, 2.406s, 2.428s, 2.454s, 2.441s, 2.444s, 2.456s, 2.493s, 2.483s, 2.494s, 2.483s, 2.441s, 2.474s, 2.450s, 2.465s, 2.488s, 2.444s, 2.479s, 2.433s, 2.445s, 2.461s, 2.425s, 2.469s, 2.475s, 2.454s, 2.432s, 2.430s, 2.417s, 2.447s, 2.481s gatsby install-cache-and-lock (warm, with lockfile)
📊 Raw benchmark data (gatsby install-cache-and-lock (warm, with lockfile))Base times: 0.376s, 0.372s, 0.369s, 0.371s, 0.371s, 0.376s, 0.371s, 0.374s, 0.370s, 0.375s, 0.374s, 0.373s, 0.369s, 0.381s, 0.369s, 0.368s, 0.359s, 0.355s, 0.357s, 0.363s, 0.370s, 0.363s, 0.364s, 0.356s, 0.356s, 0.355s, 0.358s, 0.360s, 0.355s, 0.355s Head times: 0.355s, 0.362s, 0.370s, 0.368s, 0.361s, 0.360s, 0.359s, 0.373s, 0.374s, 0.366s, 0.371s, 0.372s, 0.374s, 0.371s, 0.366s, 0.381s, 0.371s, 0.368s, 0.371s, 0.378s, 0.369s, 0.375s, 0.378s, 0.377s, 0.374s, 0.373s, 0.373s, 0.377s, 0.371s, 0.366s |
| }; | ||
|
|
||
| if !file_type.is_dir() { | ||
| continue; |
There was a problem hiding this comment.
Symlinked packages excluded from PYTHONPATH construction
Medium Severity
build_site_packages_pythonpath uses entry.file_type() which does not follow symlinks — is_dir() returns false for symlinks to directories. The venv linker in venv.rs creates symlinks for PackageData::Local and Reference::Link packages via fs_symlink. Those symlinked entries under site-packages will be silently skipped and never added to PYTHONPATH, so Python won't be able to resolve imports from locally-linked packages whose importable name differs from the directory structure.
Reviewed by Cursor Bugbot for commit 92e9043. Configure here.
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
There are 4 total unresolved issues (including 2 from previous reviews).
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 1404947. Configure here.
1 participant
Working on setting up full e2e tests for popular third-party packages.
Note
Medium Risk
Adds a new GitHub Actions E2E pipeline that runs arbitrary shell tests in a Docker sandbox and can auto-create/update GitHub issues on
main, plus a small change to Python venvPYTHONPATHconstruction; misconfiguration could cause CI noise or incorrect env behavior.Overview
Adds a new
E2EGitHub Actions workflow that discoverstests/e2e/*.sh, builds and artifactsyarn-bin, runs each test in parallel inside a custom Docker action sandbox, uploads per-test logs/status artifacts, and onmainautomatically creates/updatese2e-failureGitHub issues with log tails.Introduces local e2e tooling (
scripts/e2e/run.shandyarn run e2e) plus initialsmokeanddjangoe2e scripts. Updateszpm’spythoncommand to includesite-packagessubdirectories inPYTHONPATH, and tweaksIslandDependencyProvider::fetch_dependenciesto avoid holding aRefCellborrow across subsequent work.Reviewed by Cursor Bugbot for commit 7363b59. Bugbot is set up for automated code reviews on this repo. Configure here.