fix(proposals): catch id collision in check_approvable batch precheck#470
Conversation
approve() refuses to overwrite an artifact whose id already exists (guards a crash-retry between put_<kind>() and move_proposal_to_decided silently rewriting it), but check_approvable -- the read-only precheck vouch approve a b uses to validate a whole batch before mutating anything -- never re-implemented that same guard. so a claim/entity/ relation proposal whose id collided with an existing artifact passed the precheck as approvable, then approve() raised on it anyway, breaking the documented all-or-nothing batch guarantee. factored the existing-artifact check into a shared, non-raising _existing_artifact_block_reason helper; approve()'s _ensure_no_ existing_artifact now delegates to it, and check_approvable calls the same helper for the same set of kinds (all but page and delete, same exception approve() already carves out).
|
Warning Review limit reached
Next review available in: 57 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (3)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
@coderabbitai review |
✅ Action performedReview finished.
|
summary
approve()refuses to overwrite an artifact whose id already exists (guards against a crash-retry betweenput_<kind>()andmove_proposal_to_decided()silently rewriting it), butcheck_approvable()— the read-only precheckvouch approve a buses to validate a whole batch before mutating anything — never re-implemented that same guard.what changed
so a claim/entity/relation proposal whose id collides with an existing artifact passes the precheck as approvable, then
approve()raises on it anyway — breaking the documented all-or-nothing batch guarantee (a typo or already-decided id is supposed to abort the whole batch before anything mutates; instead the batch can partially apply).factored the existing-artifact check into a shared, non-raising
_existing_artifact_block_reasonhelper insrc/vouch/proposals.py.approve()'s_ensure_no_existing_artifactnow delegates to it, andcheck_approvablecalls the same helper for the same set of kinds (all butpageanddelete— the same exceptionapprove()already carves out).test plan
new regression test
test_check_approvable_catches_id_collision_with_existing_claimintests/test_storage.py: approves a claim with idfoo-bar, files a second pending claim proposal with the same id, assertscheck_approvablenow returns a non-None "already exists" reason (fails on the old code — returnsNone), and thatapprove()still raises on it.all three clean.