Skip to content

fix: validate sophia maintenance limits#5720

Merged
Scottcjn merged 2 commits into
Scottcjn:mainfrom
william08190:fix/sophia-review-maintenance-limit-4400
May 19, 2026
Merged

fix: validate sophia maintenance limits#5720
Scottcjn merged 2 commits into
Scottcjn:mainfrom
william08190:fix/sophia-review-maintenance-limit-4400

Conversation

@william08190
Copy link
Copy Markdown
Contributor

@william08190 william08190 commented May 19, 2026

Summary

  • validate maintenance route limit values before calling Sophia review helpers
  • return 400 for malformed, zero, or negative limits on backfill and normalize routes
  • add regression coverage for both maintenance endpoints

Closes #4400

Tests

  • uv run --with pytest --with flask --with requests python -B -m pytest -q node/tests/test_sophia_governor_review_service.py --tb=short -p no:cacheprovider
  • python3 -B -m py_compile node/sophia_governor_review_service.py node/tests/test_sophia_governor_review_service.py
  • git diff --check

@github-actions github-actions Bot added BCOS-L1 Beacon Certified Open Source tier BCOS-L1 (required for non-doc PRs) node Node server related tests Test suite changes size/S PR: 11-50 lines labels May 19, 2026
@william08190 william08190 mentioned this pull request May 19, 2026
Open
TJCurnutte
TJCurnutte approved these changes May 19, 2026
View reviewed changes
Copy link
Copy Markdown

@TJCurnutte TJCurnutte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved. The maintenance routes now validate limit before invoking the review backfill/normalization helpers, so bad client input returns a controlled 400 instead of leaking into helper-side coercion or silently accepting zero/negative limits.

Validation run on detached PR worktree at dcb08cabd67c963d98ebf5c22e35138f0f5bc64b:

git diff --check origin/main...HEAD -- node/sophia_governor_review_service.py node/tests/test_sophia_governor_review_service.py
python3 -B -m py_compile node/sophia_governor_review_service.py node/tests/test_sophia_governor_review_service.py
RC_ADMIN_KEY=test-admin PYTHONPATH=node python3 -B -m pytest -q node/tests/test_sophia_governor_review_service.py --tb=short -p no:cacheprovider

Result: 25 passed, 1 warning in 0.19s.

I also ran direct temp-DB Flask probes against both /api/sophia/governor/review/backfill-missing and /api/sophia/governor/review/normalize-existing: limit="abc" and limit="10.5" now return HTTP 400 limit must be an integer; limit=0 and limit=-1 return HTTP 400 limit must be at least 1; valid/capped values (1, 250) still return HTTP 200. The same probe on origin/main returned HTTP 500 for malformed string limits and accepted 0/-1 with HTTP 200, so this is a concrete stability/validation improvement.

@TJCurnutte TJCurnutte mentioned this pull request May 19, 2026
Open
minyanyi
minyanyi approved these changes May 19, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@minyanyi minyanyi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Validated the maintenance-limit normalization on current head.

What I checked on dcb08ca:

  • both maintenance endpoints now route through the same integer clamp/validation helper instead of accepting arbitrary JSON values
  • non-integer values ("abc", "10.5") and non-positive values (0, -1) now fail fast with explicit 400 errors
  • the targeted regression suite passes locally: python -B -m pytest -q node/tests/test_sophia_governor_review_service.py --tb=short -> 25 passed

The scope is tight and the test coverage matches the behavior change. LGTM.

@minyanyi minyanyi mentioned this pull request May 19, 2026
Open
jaxint
jaxint approved these changes May 19, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@jaxint jaxint left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Great work on this PR. 🚀

@jaxint jaxint mentioned this pull request May 19, 2026
Open
@wybbb123123
Copy link
Copy Markdown
Contributor

wybbb123123 commented May 19, 2026

Review: changes requested

I reviewed PR #5720 (fix: validate sophia maintenance limits) and ran the Sophia governor review service tests locally.

Validation run:

  • python3 -B -m py_compile node/sophia_governor_review_service.py node/tests/test_sophia_governor_review_service.py
  • uv run --with pytest --with flask --with flask-cors python -B -m pytest -q node/tests/test_sophia_governor_review_service.py --tb=short -p no:cacheprovider
  • Result: 25 passed

Finding:

The new _normalize_maintenance_limit() still accepts some non-integer JSON values because it normalizes with int(value) directly.

Minimal repro:

10.5 -> 10
True -> 1
False ERR limit must be at least 1
'10.5' ERR limit must be an integer

So a JSON numeric float such as {"limit": 10.5} is silently truncated to 10, and {"limit": true} is accepted as 1. That does not match the route's validation contract or error message (limit must be an integer), and it leaves the admin maintenance endpoints with inconsistent behavior depending on whether the client sends a JSON number, boolean, or string.

Suggested fix:

  • Reject bool explicitly before numeric conversion.
  • Accept int values directly.
  • For strings, accept only integer-form strings, e.g. optional sign plus digits.
  • Reject JSON floats unless there is a deliberate API decision to allow truncation, in which case the behavior should be documented and tested.

Please add regression coverage for at least limit: 10.5 and limit: true on both maintenance routes.

@wybbb123123 wybbb123123 mentioned this pull request May 19, 2026
Open
@JeremyZeng77
Copy link
Copy Markdown
Contributor

JeremyZeng77 commented May 19, 2026

Reviewed the Sophia governor review maintenance limit validation change.

What I verified:

python -B -m pytest -q node/tests/test_sophia_governor_review_service.py --tb=short -p no:cacheprovider
25 passed, 1 warning

git diff --check origin/main...HEAD
python -B -m py_compile node/sophia_governor_review_service.py node/tests/test_sophia_governor_review_service.py

The new helper rejects malformed and non-positive maintenance limits before calling the backfill/normalize routines, while preserving the existing default and upper clamp behavior. The route-level coverage checks both maintenance endpoints. No blocker found in this pass.

@JeremyZeng77 JeremyZeng77 mentioned this pull request May 19, 2026
Open
@github-actions github-actions Bot added size/M PR: 51-200 lines and removed size/S PR: 11-50 lines labels May 19, 2026
@Scottcjn Scottcjn merged commit cb12799 into Scottcjn:main May 19, 2026
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

3 more reviewers

@minyanyi minyanyi minyanyi approved these changes

@jaxint jaxint jaxint approved these changes

@TJCurnutte TJCurnutte TJCurnutte approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

BCOS-L1 Beacon Certified Open Source tier BCOS-L1 (required for non-doc PRs) node Node server related size/M PR: 51-200 lines tests Test suite changes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug] Sophia review maintenance routes return 500 for invalid limits

7 participants

@william08190 @wybbb123123 @JeremyZeng77 @minyanyi @jaxint @TJCurnutte @Scottcjn