fix: guard non-positive session limit in AdvancedSQLiteSession.get_items#3416
Closed
rmotgi1227 wants to merge 1 commit into
Closed
fix: guard non-positive session limit in AdvancedSQLiteSession.get_items#3416rmotgi1227 wants to merge 1 commit into
rmotgi1227 wants to merge 1 commit into
Conversation
AdvancedSQLiteSession.get_items() passed the resolved session_limit
directly to SQL LIMIT without checking whether the value is non-positive.
MongoDBSession, RedisSession, DaprSession, AsyncSQLiteSession, and
SQLAlchemySession all guard this with:
if session_limit is not None and session_limit <= 0:
return []
AdvancedSQLiteSession was the only SQLite-backed implementation missing
the guard. SQLite treats LIMIT -1 as 'no limit', so passing limit=-1
would return the full conversation history instead of an empty list,
diverging from every other backend.
Adds limit=0 and limit=-1 assertions to the existing explicit-limit
override test so the behaviour is pinned.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
AdvancedSQLiteSession.get_items()was the only SQLite-backed session implementation missing the non-positive limit guard that all other backends enforce.Root cause
Five backends already short-circuit with
return []whensession_limit <= 0:MongoDBSession—if session_limit is not None and session_limit <= 0: return []RedisSession—if session_limit <= 0: return []DaprSession—if session_limit <= 0: return []AsyncSQLiteSession— fixed in fix: guard non-positive session limits and close() race in SQLite sessions #3413SQLAlchemySession— fixed in fix: guard non-positive session limits and close() race in SQLite sessions #3413AdvancedSQLiteSessionpassed the resolved limit directly toLIMIT ?without this guard. SQLite interpretsLIMIT -1as "no limit" (SQLite docs), soget_items(limit=-1)silently returned the full conversation history instead of[].Fix
Add the same early-return guard before the SQL branch:
Test plan
Extended the existing
test_get_items_explicit_limit_overrides_session_settingstest with:These pin the correct behaviour (empty list for any non-positive limit) and would have caught the LIMIT -1 bug.
Issue number
Companion to #3413 (same root cause, different file).
Checks
make lintandmake format