fix(cwv): only exclude genuinely-gone (404/410) URLs, not bot-blocked ones#2734
fix(cwv): only exclude genuinely-gone (404/410) URLs, not bot-blocked ones#2734habansal wants to merge 5 commits into
Conversation
… ones CWV candidates come from RUM field data — real users load these pages — so a request our infrastructure cannot complete (403 bot-block, 429, 5xx, timeout) does NOT mean the page is gone. The previous filter dropped any URL returning 4xx or failing the HEAD check, so a site that bot-blocks our crawler lost ALL of its valid CWV opportunities (empty result that then reads as "resolved"). - isUrl4xxOrFailed -> isUrlGone: only 404/410 are treated as "gone"; 403/4xx/ 5xx/transient failures keep the URL. - Add a site-wide safety guard: if EVERY candidate URL reports gone, keep them all and warn (almost certainly a block/routing issue, not mass page deletion) rather than emit an empty CWV that masquerades as resolved. Preserves the original 404/clientlib filtering intent (SITES-40803) without the over-suppression. Refs SITES-47218. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
There was a problem hiding this comment.
Hey @habansal,
Verdict: Approve - well-scoped bug fix with clear rationale, good test coverage, and a thoughtful safety guard.
Complexity: LOW - small diff, single module, no risk signals.
Changes: Narrows URL exclusion logic from "any 4xx or failure" to "only 404/410" and adds a safety guard that retains all URLs when every candidate reports gone (2 files).
Non-blocking (2): minor issues and suggestions
- suggestion: The
allGoneguard requiresurlEntries.length > 1, so a site with exactly 1 URL entry that returns 404 is still excluded (correct behavior), but this asymmetry has no test documenting the intent. A test likeit('excludes a single URL that is genuinely gone (guard does not apply)')would prevent accidental regressions if the guard condition is refactored. -src/cwv/cwv-audit-result.js:157 - nit: The integration-level
buildCWVAuditResulttests verify exclusion with 404 but not 410. SinceisUrlGoneunit tests cover 410, this is low-risk, but an integration case would confirm end-to-end wiring for both codes. -test/audits/cwv/cwv-audit-result.test.js:111
Skill: pr-review | Model: us.anthropic.claude-opus-4-6-v1[1m] | Duration: 1m 17s | Cost: $3.64 | Commit: 1d65a8f0a85db668a2e10ceb67fffcf6ed7274d9
If this code review was useful, please react with 👍. Otherwise, react with 👎.
Per review feedback: the guard isn't needed. The core fix (only exclude 404/410) already handles the bot-block case, since a 403 is no longer flagged. The guard only triggered when EVERY candidate URL returned 404/410 — which most likely means the pages are genuinely gone, where excluding them is the correct behaviour. Keeping them would wrongly retain dead URLs. Simpler and more correct without it. Refs SITES-47218. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
This PR will trigger a patch release when merged. |
There was a problem hiding this comment.
Hey @habansal,
⚠ Degraded review - no spec document was found for this change (searched the PR links, the touched repos' docs, the architecture/guidelines docs, and linked Jira). This review covers code-level quality but could not validate the change against an agreed design, so confidence is reduced. Add a spec link (PR template section 4) and re-request review for a full-confidence pass.
Verdict: Approve - clean bug fix, well-tested, correct semantics.
Complexity: LOW - small diff, single module, no risk signals.
Changes: Narrows URL exclusion from "any 4xx or failure" to "only 404/410 (genuinely gone)" and removes the all-gone safety guard that is no longer needed under the tightened semantics (2 files).
Non-blocking (1): minor issues and suggestions
- nit: PR description still advertises "Site-wide safety guard: if every candidate URL reports gone, keep them all and warn" but that code was added in commit 1 and removed in commit 2. A reader arriving at this PR later will be confused about what actually shipped. Consider updating the body to reflect the final state.
Previously flagged, now resolved
- Safety guard removal justified by tightened
isUrlGonesemantics (commit 2 cleanly removes it with rationale in message).
Skill: pr-review | Model: us.anthropic.claude-opus-4-6-v1[1m] | Duration: 1m 28s | Cost: $2.97 | Commit: 132ed190200956d708f71f773a9baf0521d49928
If this code review was useful, please react with 👍. Otherwise, react with 👎.
✅ Real-data validation on dev (2026-07-02)Validated end-to-end against real datacom.com traffic in the dev VPC (whose egress Cloudflare 403s exactly as prod). Method: deployed this branch to an isolated dev Lambda alias ( Step 1 — 0 excluded (no Step 2 — Same site / same 403-blocking egress / same RUM data — only the code changed; result flipped 0 → 16 and produced the previously-missing suggestions. Orthogonal note: the dev code-import step errored ( |
What & why
Implements SITES-47218 (part of the datacom.com investigation, SITES-47216).
CWV candidates come from RUM field data — real users successfully load these pages — so a request our infrastructure can't complete (a 403 bot-block, 429, 5xx, or timeout) does not mean the page is gone. The previous
isUrl4xxOrFaileddropped any URL returning 4xx or failing the HEAD check, so a site that bot-blocks our crawler (e.g. datacom.com behind Cloudflare) lost all of its valid CWV opportunities — an empty result that then reads to the customer as "resolved".Change
isUrl4xxOrFailed→isUrlGone: only 404/410 are treated as "gone". 403/401/429, 5xx, and transient/timeout failures now keep the URL.Why not switch the client to @adobe/fetch?
That would "pass" datacom today, but it's a site-specific result (N=1) and fragile (useless vs stricter configs / Akamai/Imperva). Not gating RUM CWV on reachability is the robust fix.
Test plan
isUrlGone(404/410 → gone; 403/200/500/throw → not gone);buildCWVAuditResultretains a 403 URL (regression for SITES-47218); group entries untouched. 9/9 pass locally.Real-data validation (dev, 2026-07-02)
Deployed to an isolated dev Lambda alias (
spacecat-services--audit-worker:habansal-cwv,ExecutedVersion 8343) and invoked directly against real datacom.com in the dev VPC (egress Cloudflare-403'd, same as prod):buildCWVAuditResult):Total=112, Reported=16, 0 excluded — old code loggedExcluded 16 (4xx or HEAD failed)→cwv: [].🤖 Generated with Claude Code