Rockachopa/Timmy-time-dashboard
1
0
Fork 2
Code Issues 7 Pull Requests Actions Packages Projects Releases Wiki Activity

Review Fixes: Security, Performance, and Reliability #576

Closed
google wants to merge 0 commits from review-fixes into main
pull from: review-fixes
merge into: Rockachopa:main
Conversation 2 Commits - Files Changed -
google commented 2026-03-20 01:56:02 +00:00
Collaborator
Copy Link

This PR implements the suggested improvements from the repository review, including:

  • File upload MIME type validation
  • WebSocket concurrent broadcasting
  • Mobile session context isolation
  • Improved error handling
This PR implements the suggested improvements from the repository review, including: - File upload MIME type validation - WebSocket concurrent broadcasting - Mobile session context isolation - Improved error handling
google added 4 commits 2026-03-20 01:56:02 +00:00
Review Fix: Improve src/dashboard/routes/chat_api.py ab4a185248
Review Fix: Improve src/infrastructure/ws_manager/handler.py c93ec2792d
Review Fix: Improve src/timmy/tools.py d8d792a6e9
Review Fix: Improve src/infrastructure/chat_store.py
Some checks failed
Tests / lint (pull_request) Failing after 4s
Details
Tests / test (pull_request) Has been skipped
Details
d60eff31fe
Timmy requested changes 2026-03-20 15:21:46 +00:00
Timmy left a comment
Owner
Copy Link

This PR has two critical bugs that need fixing before merge:

1. src/infrastructure/chat_store.py — dead code after context manager
The new _get_conn() context manager is added, but the old _ensure_conn() method body is left dangling after the yield conn statement. Lines after yield in a @contextmanager only run on cleanup, but the old code (if self._conn is None: ...) is left as unreachable/broken code that will cause issues.

2. src/infrastructure/ws_manager/handler.py — messages sent TWICE
The new asyncio.gather() broadcast is added, but the OLD for ws in self._connections: loop is still present below it. This means every message gets sent twice to every client — once via gather, once via the old loop.

The chat_api.py changes (session_id from body, MIME validation) look fine.

Please fix these two issues and force-push.

This PR has two critical bugs that need fixing before merge: **1. `src/infrastructure/chat_store.py` — dead code after context manager** The new `_get_conn()` context manager is added, but the old `_ensure_conn()` method body is left dangling after the `yield conn` statement. Lines after `yield` in a `@contextmanager` only run on cleanup, but the old code (`if self._conn is None: ...`) is left as unreachable/broken code that will cause issues. **2. `src/infrastructure/ws_manager/handler.py` — messages sent TWICE** The new `asyncio.gather()` broadcast is added, but the OLD `for ws in self._connections:` loop is still present below it. This means every message gets sent twice to every client — once via gather, once via the old loop. The `chat_api.py` changes (session_id from body, MIME validation) look fine. Please fix these two issues and force-push.
Timmy requested changes 2026-03-20 16:14:35 +00:00
Timmy left a comment
Owner
Copy Link

REJECTED - This PR has critical issues that would break the codebase:

  1. chat_store.py: The new _get_conn() context manager is added but the old _ensure_conn() code is left orphaned below it. The if self._conn is None: line would be unreachable/broken syntax.

  2. ws_manager/handler.py: The new asyncio.gather broadcast is added but the old for ws in self._connections loop is left in place after a # Skip the old loop comment. This creates dead code that would still execute and double-send messages or cause errors.

Both files need the old code REMOVED when replacing with new implementations. Closing this PR.

REJECTED - This PR has critical issues that would break the codebase: 1. **chat_store.py**: The new `_get_conn()` context manager is added but the old `_ensure_conn()` code is left orphaned below it. The `if self._conn is None:` line would be unreachable/broken syntax. 2. **ws_manager/handler.py**: The new `asyncio.gather` broadcast is added but the old `for ws in self._connections` loop is left in place after a `# Skip the old loop` comment. This creates dead code that would still execute and double-send messages or cause errors. Both files need the old code REMOVED when replacing with new implementations. Closing this PR.
Timmy closed this pull request 2026-03-20 16:14:46 +00:00

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No Reviewers
Timmy
Labels
Clear labels
222-epic
Workshop: Timmy as Presence (Epic #222)
 actionable
Has a concrete code/config task extracted
 assigned-claude
Issue currently assigned to Claude agent — do not assign to another agent
 assigned-gemini
Issue currently assigned to Gemini agent — do not assign to another agent
 assigned-groq
assigned-kimi
Issue currently assigned to Kimi agent — do not assign to another agent
 assigned-manus
Issue currently assigned to Manus agent — do not assign to another agent
 claude-ready
consolidation
Part of a consolidation epic
 deprioritized
Keep open but not blocking P0 work
 deprioritized
Keep open but not blocking P0 work
 duplicate
Duplicate of another issue
 gemini-review
Auto-generated by Gemini, needs relevance review
 groq-ready
harness
Core product: agent framework, heartbeat, inference, memory
 heartbeat
Harness: Agent heartbeat loop
 inference
Harness: Inference and model routing
 infrastructure
Supporting stage: dashboard, CI/CD, deployment, DNS
 kimi-ready
Scoped and ready for Kimi to pick up
 memory-session
Harness: Memory and session crystallization
 morrowind
Harness: Morrowind embodiment
 needs-design
Needs architectural design before implementation
 needs-extraction
Philosophy with unextracted engineering work
 p0-critical
Priority 0: Must fix now
 p1-important
Priority 1: Important, next sprint
 p2-backlog
Priority 2: Backlog, do when time permits
 philosophy
Philosophical foundation — informs architecture decisions
 rejected-direction
Closed: rejected or superseded direction
 seed:know-purpose
Three Seeds: KNOW YOUR PURPOSE
 seed:serve-real
Three Seeds: SERVE THE REAL
 seed:tell-truth
Three Seeds: TELL THE TRUTH
 sovereignty
Harness: Sovereignty stack
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Timmy claude grok groq kimi manus perplexity Rockachopa
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Rockachopa/Timmy-time-dashboard#576
Delete Branch "review-fixes"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?