disinto

History

openhands 13bc948b1d fix: address review findings for escalation race condition, SQL injection, and sc_codes scope - Race condition: mv escalations.jsonl to a PID-stamped snapshot before processing so concurrent dev-poll appends go to a fresh file; rm snapshot after loop — no entries are ever silently dropped - SQL injection: validate ESC_PR_SHA is a 40-char hex string before interpolating into the wpdb query - sc_codes scope: compute per-file from file_errors (already filtered to that file) instead of the entire step log; also switch grep to -F so dots in filenames are not treated as regex wildcards - step_pid validation: reject non-integer values from Woodpecker API before passing as CLI argument - Fallback body now distinguishes "CI logs unavailable" from "logs found but issue creation API calls failed" - ESC_GENERIC_FAIL: avoid leading blank line by using conditional separator and fix code-block opening newline - is_escalated(): remove dead esc_file/done_file locals; add Python-level int() guard so empty/non-numeric issue or pr values fail cleanly instead of producing a syntax error suppressed by 2>/dev/null Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-17 15:11:53 +00:00
..
dev-agent.sh	Merge pull request 'fix: dev-agent merge gate blocks projects without CI' (#43 ) from fix/dev-agent-merge-no-ci into main	2026-03-17 10:49:19 +01:00
dev-poll.sh	fix: address review findings for escalation race condition, SQL injection, and sc_codes scope	2026-03-17 15:11:53 +00:00

openhands 13bc948b1d fix: address review findings for escalation race condition, SQL injection, and sc_codes scope

- Race condition: mv escalations.jsonl to a PID-stamped snapshot before
  processing so concurrent dev-poll appends go to a fresh file; rm snapshot
  after loop — no entries are ever silently dropped
- SQL injection: validate ESC_PR_SHA is a 40-char hex string before
  interpolating into the wpdb query
- sc_codes scope: compute per-file from file_errors (already filtered to
  that file) instead of the entire step log; also switch grep to -F so
  dots in filenames are not treated as regex wildcards
- step_pid validation: reject non-integer values from Woodpecker API before
  passing as CLI argument
- Fallback body now distinguishes "CI logs unavailable" from "logs found
  but issue creation API calls failed"
- ESC_GENERIC_FAIL: avoid leading blank line by using conditional separator
  and fix code-block opening newline
- is_escalated(): remove dead esc_file/done_file locals; add Python-level
  int() guard so empty/non-numeric issue or pr values fail cleanly instead
  of producing a syntax error suppressed by 2>/dev/null

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-17 15:11:53 +00:00

dev-agent.sh

Merge pull request 'fix: dev-agent merge gate blocks projects without CI' (#43 ) from fix/dev-agent-merge-no-ci into main

2026-03-17 10:49:19 +01:00

dev-poll.sh

fix: address review findings for escalation race condition, SQL injection, and sc_codes scope

2026-03-17 15:11:53 +00:00