fix(workflows): render gate show_file contents in the interactive prompt#2810
fix(workflows): render gate show_file contents in the interactive prompt#2810doquanghuy wants to merge 10 commits into
Conversation
doquanghuy
force-pushed
the
fix/2809-gate-show-file
branch
from
b43191b to
5412c47
Compare
There was a problem hiding this comment.
Pull request overview
This PR fixes the built-in workflow gate step so that a configured show_file is actually rendered in the interactive prompt, allowing operators to review the referenced file contents before choosing approve/reject. It adds a bounded, non-throwing file-read helper and extends test coverage around the interactive/non-interactive behaviors.
Changes:
- Render
show_filecontents inside the interactive gate prompt (before the options). - Add
_read_show_file()helper that caps output length and degrades to a one-line notice on read/decode errors. - Add targeted tests covering interactive rendering, missing files, non-interactive pause behavior, empty files, and truncation.
Show a summary per file
| File | Description |
|---|---|
src/specify_cli/workflows/steps/gate/__init__.py |
Passes show_file into the gate prompt and safely renders file contents with truncation/error notices. |
tests/test_workflows.py |
Adds regression tests for interactive rendering and safe behavior across missing/empty/large files and non-interactive runs. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 2/2 changed files
- Comments generated: 1
The gate step read and recorded `show_file` but never displayed its contents at the interactive prompt, so the operator approved/rejected without seeing the referenced file. Render the file inside the prompt when stdin is a TTY, with a graceful notice for missing/unreadable files. Non-interactive PAUSED behaviour, exit codes, resume semantics, and no-`show_file` output are unchanged. Closes github#2809. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
doquanghuy
force-pushed
the
fix/2809-gate-show-file
branch
from
5412c47 to
bf2f25c
Compare
|
Thanks @copilot — fixed in the latest push.
@mnriem ready for another look when you have a moment. |
…le reads The gate prompt rendered show_file by passing it as a third positional argument to _prompt. A test that stubs _prompt with a two-argument lambda (test_gate_abort_still_halts_with_continue_on_error) then failed once the branch caught up to main, because the call site passed three arguments to the two-argument stub. Compose the show_file material into the displayed message in execute() and keep _prompt to its (message, options) contract. Display data no longer widens the interactive seam, so stubbing _prompt stays stable and future review material can be added without breaking callers. _prompt now renders a multi-line message inside the gate box. Also catch ValueError in _read_show_file so a path the OS rejects outright (e.g. an embedded NUL byte) degrades to a notice instead of crashing the prompt, matching the helper's stated contract. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Pushed a fix that also brings the branch up to date with CI failure (the merge-time Rather than patch the stub, I kept Copilot's open note. Local: full @mnriem ready for another look when you have a moment. |
The multi-line render loop split the message on newlines, which assumes a str. A non-string message (e.g. a YAML numeric literal) previously rendered fine through the old f-string and would now raise on .split. Coerce with str() to preserve that tolerance, and add a regression test. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
… typing Address review feedback on the gate tests and helper: - Swap the gate module's sys.stdin for a fixed-isatty stub (shared _StubStdin / _force_gate_stdin helpers) instead of setattr on sys.stdin.isatty, which is not assignable under some pytest capture modes. This also forces the non-interactive tests to a non-TTY so they cannot block on input() when run in a real terminal. - The non-interactive show_file test now hard-fails if _read_show_file is called, proving the file is not read on the PAUSED path. - _compose_prompt accepts a non-string message (e.g. a YAML numeric literal) and always returns str via str(message), keeping its annotation and docstring accurate; the redundant coercion in _prompt is removed. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Pushed 06bcd43 addressing Copilot's latest review.
Full @mnriem ready for another look when you have a moment. |
…s non-TTY Address review feedback: - _read_show_file strips C0 control characters (except tab) from each line, so a show_file containing ANSI escape sequences (e.g. \x1b[2J) cannot clear the screen or spoof the prompt/options when rendered to a terminal. - Add an autouse fixture on TestGateStep that defaults every gate test to a non-TTY stdin, so no test can drop into the interactive prompt and block on input() when the suite runs under a real TTY. Interactive tests opt back in via _force_gate_stdin(tty=True); the now-redundant explicit non-TTY calls were removed. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Pushed 4d52dd9 addressing Copilot's latest review.
Full @mnriem ready for another look when you have a moment. |
_force_gate_stdin rebinds the gate module's `sys` name to a stand-in whose stdin has a fixed isatty() and which delegates every other attribute to the real sys, instead of mutating the process-wide sys.stdin. This keeps the patch local to the gate module and leaves real stdin untouched. The gate abort test, which used the same process-wide swap, now shares the helper, so the pattern exists in exactly one place. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Pushed 8b653d7 addressing Copilot's note: |
…content
Control characters were stripped from show_file *contents* but the path was
still printed verbatim as the header (`f"{show_file}:"`) and echoed in the
read-error notice, so a show_file path containing ANSI escapes could still
inject terminal sequences. Centralize stripping in `_sanitize_for_display`
and apply it to every show_file-derived string that reaches the terminal —
the displayed path, each file line, and the error notice — while still
opening the file with the original path. Add a test for path sanitization.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Pushed 4f6f843 + refreshed the PR description for Copilot's two notes. (1) The displayed |
Reuse the existing _CONTROL_CHARS regex directly at the three display sites instead of wrapping it in a one-line helper. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…play The control-char class skipped LF (so an embedded newline in a show_file path could break the boxed layout) and the C1 range (so \x9b CSI and other 8-bit controls survived). Widen the class to [\x00-\x08\x0a-\x1f\x7f-\x9f] (still keeping tab). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Pushed 3905fbc: the gate |
Description
Closes #2809.
The built-in
gatestep accepts ashow_fileconfig field. The value was read, template-expanded, and stored inoutput["show_file"], but its contents were never displayed at the interactive prompt — the operator was asked to approve/reject without seeing the referenced file.This renders
show_fileinside the interactive gate prompt, before the options. A missing, undecodable, or invalid path degrades to a short one-line notice instead of raising, so a misconfigured path never breaks the prompt.What changed
GateStep._compose_prompt(message, show_file)folds theshow_filematerial (a path header plus its contents) into the displayed message.GateStep._prompt(message, options)keeps its existing two-argument contract and simply renders the (possibly multi-line) message inside the gate box — display data does not widen the interactive seam, so stubbing_promptin tests stays stable.GateStep._read_show_file(...)reads the file as UTF-8, caps output atMAX_SHOW_FILE_LINES, and returns a(could not read file: …)/(file is empty)notice on error/empty/invalid-path (OSError,UnicodeDecodeError,ValueError) instead of raising.show_file-derived strings that reach the terminal — the displayed path, each file line, and the read-error notice — are stripped of C0 control characters (_sanitize_for_display) so neither file contents nor the path can inject ANSI escape sequences. The file is still opened with the original path.message(e.g. a YAML numeric literal) is coerced tostrfor display.Compatibility
PAUSED) path is unchanged — the file is not read when stdin is not a TTY.on_rejecthandling, and resume semantics are unchanged.show_fileproduce byte-identical output for the common single-line message; a multi-line message is now boxed on every line (previously continuation lines fell outside the box).Testing
uv run specify --helpuv sync --extra test && uv run pytest— greenTests in
tests/test_workflows.py::TestGateStepcover: interactive rendering ofshow_filecontents; missing / empty / oversized (truncated) / invalid-path files degrading to a notice; control-character stripping of both file contents and the displayed path; non-string message rendering; and the non-interactive path PAUSING and preservingoutput["show_file"]without reading the file. Gate tests force stdin determinism by rebinding the gate module'ssysreference (no process-wide mutation).AI Disclosure
Used Claude to trace the bug in
gate/__init__.py, draft the fix and tests, and write this PR body. The behaviour was reproduced and the diff reviewed locally before submission.