codeant-ai-for-open-source[bot] commented on code in PR #38360:
URL: https://github.com/apache/superset/pull/38360#discussion_r2877121122
##########
superset-extensions-cli/src/superset_extensions_cli/cli.py:
##########
@@ -217,17 +218,36 @@ def copy_frontend_dist(cwd: Path) -> str:
def copy_backend_files(cwd: Path) -> None:
+ """Copy backend files based on pyproject.toml build configuration
(validation already passed)."""
dist_dir = cwd / "dist"
- extension = read_json(cwd / "extension.json")
- if not extension:
- click.secho("❌ No extension.json file found.", err=True, fg="red")
- sys.exit(1)
+ backend_dir = cwd / "backend"
- for pat in extension.get("backend", {}).get("files", []):
- for f in cwd.glob(pat):
+ # Read build config from pyproject.toml
+ pyproject = read_toml(backend_dir / "pyproject.toml")
+ assert pyproject
Review Comment:
**Suggestion:** Using a bare `assert pyproject` after reading
`backend/pyproject.toml` can raise an unhandled AssertionError (for example
when the file is missing or unreadable), causing the CLI to crash with a stack
trace instead of showing a clear error message, especially in `dev` mode where
no prior validation is performed. Replace the assertion with an explicit check
that prints a helpful error via `click.secho` and exits with a non-zero status
using `sys.exit(1)` so that misconfigured or missing `pyproject.toml` for the
backend is handled consistently and gracefully. [logic error]
<details>
<summary><b>Severity Level:</b> Major ⚠️</summary>
```mdx
- ❌ `dev` watch command crashes on invalid backend pyproject.toml.
- ⚠️ Extension developers see raw AssertionError stack trace.
- ⚠️ Watch mode unusable until config issue diagnosed manually.
```
</details>
```suggestion
if not pyproject:
click.secho(
"❌ Failed to read backend pyproject.toml",
err=True,
fg="red",
)
sys.exit(1)
```
<details>
<summary><b>Steps of Reproduction ✅ </b></summary>
```mdx
1. In an extension project, ensure a `backend/` directory exists but make
`backend/pyproject.toml` unreadable or invalid so that `read_toml()` returns
a falsy value
(e.g., delete the file or empty it). This is the directory inspected in
`superset-extensions-cli/src/superset_extensions_cli/cli.py` by
`copy_backend_files()` at
lines 220–252.
2. From that project root, run the CLI `dev` command
(`superset-extensions-cli dev`),
which maps to the `dev()` function in
`superset-extensions-cli/src/superset_extensions_cli/cli.py` (defined after
the `bundle()`
and `build()` commands) and is the primary watch-mode entry point for
extension
development.
3. Inside `dev()`, when `backend_dir = cwd / "backend"` exists, it calls
`rebuild_backend(cwd)`, which in turn calls `copy_backend_files(cwd)` (same
file,
`rebuild_backend()` defined immediately after `rebuild_frontend()` and
before the Click
commands).
4. `copy_backend_files()` executes `pyproject = read_toml(backend_dir /
"pyproject.toml");
assert pyproject` at lines 226–227. Because `pyproject` is falsy, Python
raises an
unhandled `AssertionError`, causing the `dev` command to crash with a stack
trace instead
of a user-friendly `click.secho` error, unlike the `validate()` and
`build()` paths which
explicitly check `pyproject` and exit cleanly.
```
</details>
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:** superset-extensions-cli/src/superset_extensions_cli/cli.py
**Line:** 227:227
**Comment:**
*Logic Error: Using a bare `assert pyproject` after reading
`backend/pyproject.toml` can raise an unhandled AssertionError (for example
when the file is missing or unreadable), causing the CLI to crash with a stack
trace instead of showing a clear error message, especially in `dev` mode where
no prior validation is performed. Replace the assertion with an explicit check
that prints a helpful error via `click.secho` and exits with a non-zero status
using `sys.exit(1)` so that misconfigured or missing `pyproject.toml` for the
backend is handled consistently and gracefully.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
```
</details>
<a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F38360&comment_hash=5df94a1f35551c2b4f0af6c839454e8695dc2522da1ed8e8091b07540943875b&reaction=like'>👍</a>
| <a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F38360&comment_hash=5df94a1f35551c2b4f0af6c839454e8695dc2522da1ed8e8091b07540943875b&reaction=dislike'>👎</a>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
