chore(audit): post-merge CI fix — ruff format + DebugPage auth tests#5505
Merged
MarkusNeusinger merged 1 commit intomainfrom Apr 27, 2026
Merged
chore(audit): post-merge CI fix — ruff format + DebugPage auth tests#5505MarkusNeusinger merged 1 commit intomainfrom
MarkusNeusinger merged 1 commit intomainfrom
Conversation
CI on 4d3e5d3 failed two checks: 1. **Run Linting** — ruff format wanted `core/database/repositories.py` collapsed onto one line (the multi-line call fit within line-length after my get_all() simplification). 2. **codecov/patch/frontend** — 65.38% diff coverage (target 80%). The admin-token branch in `DebugPage.tsx` (401/503 → token form, submit flow, sessionStorage persistence, clear) had no tests. Added 4 cases to `DebugPage.test.tsx`: - 401 renders the token form with the "admin token required" hint - 503 renders it with the "not configured" hint - submit flow sends `X-Admin-Token` and persists to sessionStorage - clear-stored-token wipes sessionStorage and re-prompts Imports `fireEvent` from `@testing-library/react` directly because `test-utils.tsx` doesn't re-export it. ## Verification - `uv run ruff format --check .` — clean - `cd app && yarn tsc --noEmit` — clean - `cd app && yarn test --run` — 396 tests pass (was 392, +4) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
Contributor
There was a problem hiding this comment.
Pull request overview
Follow-up CI/lint fix for main after #5453 by applying ruff-format output in the async DB repository and adding frontend tests to cover the admin-token gate behavior on /debug/* routes.
Changes:
- Reformat a SQLAlchemy
execute(select(...))call inSpecRepository.get_all()to satisfyruff format. - Add 4 new
DebugPagetests covering the 401/503 auth-required branch plus token submit/persist/clear behavior.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| core/database/repositories.py | Collapses a multi-line AsyncSession.execute(select(...)) call to the ruff-formatted single-line form. |
| app/src/pages/DebugPage.test.tsx | Adds coverage for the admin-token UX path (401/503 prompt, submit + header send, sessionStorage persistence, and clear flow). |
Comment on lines
+115
to
+147
| it('submits the token, sends X-Admin-Token, and persists to sessionStorage', async () => { | ||
| sessionStorage.clear(); | ||
| let callIndex = 0; | ||
| const fetchMock = vi.fn((url: string, init?: RequestInit) => { | ||
| callIndex += 1; | ||
| // First /debug/status → 401 (no token yet); subsequent calls → ok. | ||
| if (url.includes('/debug/ping')) { | ||
| return Promise.resolve({ | ||
| ok: true, | ||
| json: () => Promise.resolve({ database_connected: true, response_time_ms: 10, timestamp: '2026-04-27T00:00:00Z' }), | ||
| }); | ||
| } | ||
| if (callIndex === 1) { | ||
| return Promise.resolve({ ok: false, status: 401 }); | ||
| } | ||
| // Verify the header is sent on the retry. | ||
| const hdr = (init?.headers as Record<string, string> | undefined)?.['X-Admin-Token']; | ||
| if (hdr !== 'secret-xyz') return Promise.resolve({ ok: false, status: 401 }); | ||
| return Promise.resolve({ ok: true, json: () => Promise.resolve(mockDebugData) }); | ||
| }); | ||
| vi.stubGlobal('fetch', fetchMock); | ||
|
|
||
| render(<DebugPage />); | ||
|
|
||
| const input = await screen.findByPlaceholderText('X-Admin-Token'); | ||
| fireEvent.change(input, { target: { value: 'secret-xyz' } }); | ||
| fireEvent.click(screen.getByRole('button', { name: /unlock/i })); | ||
|
|
||
| await waitFor(() => { | ||
| expect(screen.getAllByText('scatter-basic').length).toBeGreaterThan(0); | ||
| }); | ||
| expect(sessionStorage.getItem('anyplot.adminToken')).toBe('secret-xyz'); | ||
| }); |
There was a problem hiding this comment.
The "submits the token…" test writes anyplot.adminToken into sessionStorage but doesn’t clean it up afterwards. This makes the file’s tests order-dependent (a later added test could accidentally start with a token already present). Consider clearing sessionStorage in a shared beforeEach/afterEach, or explicitly removing the key at the end of this test.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Post-merge follow-up to #5453. Two checks were red on that PR (codecov-patch + Run Linting); the PR was merged anyway, so main is currently lint-broken.
core/database/repositories.py:161-165collapsed onto one line (the multi-line call fit within line-length after theget_all()simplification in 4d3e5d3).DebugPage.tsx(401/503 → token form, submit flow, sessionStorage persistence, clear) had no tests. Added 4 cases.Test plan
uv run ruff format --check .— cleancd app && yarn tsc --noEmit— cleancd app && yarn test --run— 396 tests pass (was 392, +4)🤖 Generated with Claude Code