Surface report producer context safely#31
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a 'Producer Context' section to the report audit view, which displays job status, state history, and sanitized runtime output tails. The changes include new data fetching logic, UI components for rendering the context, and tests to verify that sensitive information is correctly redacted. Review feedback suggested localizing the 'Unknown' fallback state for history entries and ensuring that the primary producer status is also passed through the sanitization utility to prevent potential data leakage.
| producerStatus: "状态", | ||
| producerUpdated: "更新时间", | ||
| outputTail: "Runtime 输出尾部", | ||
| stateHistory: "状态历史", |
There was a problem hiding this comment.
The fallback string "Unknown" used for state history entries is hardcoded. It should be localized within the t translation object to maintain consistency with the rest of the UI.
| stateHistory: "状态历史", | |
| stateHistory: "状态历史", | |
| unknownState: "未知状态", |
| producerStatus: "Status", | ||
| producerUpdated: "Updated", | ||
| outputTail: "Runtime output tail", | ||
| stateHistory: "State history", |
There was a problem hiding this comment.
The fallback string "Unknown" used for state history entries is hardcoded. It should be localized within the t translation object.
| stateHistory: "State history", | |
| stateHistory: "State history", | |
| unknownState: "Unknown", |
| }; | ||
| const defendedRows = rows.filter((row) => row.defense !== "none" && row.defense !== "None").length; | ||
| const undefendedRows = rows.length - defendedRows; | ||
| const producerStatus = displayStatus(producerContext?.status); |
There was a problem hiding this comment.
The producerStatus is derived from producerContext?.status without sanitization, while other runtime-derived strings like stateHistory entries and output tails are sanitized. To ensure no sensitive information (such as local paths or tokens) is leaked, it should be passed through sanitizeRuntimeText.
| const producerStatus = displayStatus(producerContext?.status); | |
| const producerStatus = displayStatus(sanitizeRuntimeText(producerContext?.status)); |
| key={`${entry.state}-${entry.timestamp ?? "none"}-${index}`} | ||
| className="rounded-xl border border-border bg-card px-2 py-1 text-[11px] text-muted-foreground" | ||
| > | ||
| <span className="font-semibold text-foreground">{displayStatus(sanitizeRuntimeText(entry.state)) ?? "Unknown"}</span> |
There was a problem hiding this comment.
Use the localized string from the t object for the unknown state fallback.
| <span className="font-semibold text-foreground">{displayStatus(sanitizeRuntimeText(entry.state)) ?? "Unknown"}</span> | |
| <span className="font-semibold text-foreground">{displayStatus(sanitizeRuntimeText(entry.state)) ?? t.unknownState}</span> |
Summary
TDD
npm --prefix apps/web run test -- ReportAuditView.test.tsxfailed becauseProducer contextwas not rendered.npm --prefix apps/web run test -- page.test.tsxfailed because the report page did not hydrate producer context from job detail.Validation
python scripts/check_public_boundary.pynpm --prefix apps/web run lintexits 0 with 12 existing warningsnpm --prefix apps/web run test(51 passed / 143 passed)npm --prefix apps/web run buildgo -C apps/api-go test ./...go -C apps/api-go build ./cmd/platform-apigit diff --checkgit diff --cached --check