feat(webapp): dashboard parity for mollifier-buffered runs#3757
Draft
d-cs wants to merge 2 commits into
Draft
Conversation
|
Contributor
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Repository UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
d-cs
commented
May 26, 2026
d-cs
commented
May 26, 2026
d-cs
commented
May 26, 2026
d-cs
force-pushed
the
mollifier-phase-3-mutations
branch
from
b8ead31 to
109fbd7
Compare
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
dd31d60 to
ba09531
Compare
d-cs
force-pushed
the
mollifier-phase-3-mutations
branch
from
109fbd7 to
c7a66bd
Compare
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
ba09531 to
1de95f4
Compare
d-cs
added a commit
that referenced
this pull request
May 26, 2026
…ity envId from realtime counter Three CodeRabbit findings from #3709, re-raised on #3757: - resources.taskruns.$runParam.debug.ts: buffered fallback returned the run's queue / concurrencyKey / queueTimestamp from the snapshot without verifying org membership. Any authenticated user who knew a friendlyId could read those fields across orgs. Now joins through orgMember the same way the PG path does and 404s on miss. - resources.runs.$runParam.logs.download.ts: same shape — the buffered placeholder leaked runId existence to non-members on direct URL access. Same orgMember check now gates the buffered branch. - mollifierTelemetry.server.ts: recordRealtimeBufferedSubscription was attaching envId (a UUID) as an OTEL counter dimension, violating the project's "no high-cardinality IDs in metric attributes" guideline. Dropped the parameter; the call site's logger.info still emits envId. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d-cs
added a commit
that referenced
this pull request
May 26, 2026
…ity envId from realtime counter Three CodeRabbit findings from #3709, re-raised on #3757: - resources.taskruns.$runParam.debug.ts: buffered fallback returned the run's queue / concurrencyKey / queueTimestamp from the snapshot without verifying org membership. Any authenticated user who knew a friendlyId could read those fields across orgs. Now joins through orgMember the same way the PG path does and 404s on miss. - resources.runs.$runParam.logs.download.ts: same shape — the buffered placeholder leaked runId existence to non-members on direct URL access. Same orgMember check now gates the buffered branch. - mollifierTelemetry.server.ts: recordRealtimeBufferedSubscription was attaching envId (a UUID) as an OTEL counter dimension, violating the project's "no high-cardinality IDs in metric attributes" guideline. Dropped the parameter; the call site's logger.info still emits envId. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
3157546 to
432f81a
Compare
d-cs
force-pushed
the
mollifier-phase-3-mutations
branch
from
c7a66bd to
094d006
Compare
d-cs
added a commit
that referenced
this pull request
May 26, 2026
…ity envId from realtime counter Three CodeRabbit findings from #3709, re-raised on #3757: - resources.taskruns.$runParam.debug.ts: buffered fallback returned the run's queue / concurrencyKey / queueTimestamp from the snapshot without verifying org membership. Any authenticated user who knew a friendlyId could read those fields across orgs. Now joins through orgMember the same way the PG path does and 404s on miss. - resources.runs.$runParam.logs.download.ts: same shape — the buffered placeholder leaked runId existence to non-members on direct URL access. Same orgMember check now gates the buffered branch. - mollifierTelemetry.server.ts: recordRealtimeBufferedSubscription was attaching envId (a UUID) as an OTEL counter dimension, violating the project's "no high-cardinality IDs in metric attributes" guideline. Dropped the parameter; the call site's logger.info still emits envId. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
432f81a to
8c19830
Compare
d-cs
force-pushed
the
mollifier-phase-3-mutations
branch
from
094d006 to
9914976
Compare
d-cs
added a commit
that referenced
this pull request
May 26, 2026
…ity envId from realtime counter Three CodeRabbit findings from #3709, re-raised on #3757: - resources.taskruns.$runParam.debug.ts: buffered fallback returned the run's queue / concurrencyKey / queueTimestamp from the snapshot without verifying org membership. Any authenticated user who knew a friendlyId could read those fields across orgs. Now joins through orgMember the same way the PG path does and 404s on miss. - resources.runs.$runParam.logs.download.ts: same shape — the buffered placeholder leaked runId existence to non-members on direct URL access. Same orgMember check now gates the buffered branch. - mollifierTelemetry.server.ts: recordRealtimeBufferedSubscription was attaching envId (a UUID) as an OTEL counter dimension, violating the project's "no high-cardinality IDs in metric attributes" guideline. Dropped the parameter; the call site's logger.info still emits envId. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
8c19830 to
fd7e01d
Compare
d-cs
force-pushed
the
mollifier-phase-3-mutations
branch
from
9914976 to
2ee45a8
Compare
d-cs
added a commit
that referenced
this pull request
May 26, 2026
…ity envId from realtime counter Three CodeRabbit findings from #3709, re-raised on #3757: - resources.taskruns.$runParam.debug.ts: buffered fallback returned the run's queue / concurrencyKey / queueTimestamp from the snapshot without verifying org membership. Any authenticated user who knew a friendlyId could read those fields across orgs. Now joins through orgMember the same way the PG path does and 404s on miss. - resources.runs.$runParam.logs.download.ts: same shape — the buffered placeholder leaked runId existence to non-members on direct URL access. Same orgMember check now gates the buffered branch. - mollifierTelemetry.server.ts: recordRealtimeBufferedSubscription was attaching envId (a UUID) as an OTEL counter dimension, violating the project's "no high-cardinality IDs in metric attributes" guideline. Dropped the parameter; the call site's logger.info still emits envId. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
fd7e01d to
83880f8
Compare
d-cs
added a commit
that referenced
this pull request
May 26, 2026
…ity envId from realtime counter Three CodeRabbit findings from #3709, re-raised on #3757: - resources.taskruns.$runParam.debug.ts: buffered fallback returned the run's queue / concurrencyKey / queueTimestamp from the snapshot without verifying org membership. Any authenticated user who knew a friendlyId could read those fields across orgs. Now joins through orgMember the same way the PG path does and 404s on miss. - resources.runs.$runParam.logs.download.ts: same shape — the buffered placeholder leaked runId existence to non-members on direct URL access. Same orgMember check now gates the buffered branch. - mollifierTelemetry.server.ts: recordRealtimeBufferedSubscription was attaching envId (a UUID) as an OTEL counter dimension, violating the project's "no high-cardinality IDs in metric attributes" guideline. Dropped the parameter; the call site's logger.info still emits envId. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
83880f8 to
1a8fbc6
Compare
d-cs
force-pushed
the
mollifier-phase-3-mutations
branch
from
f4b6064 to
0547ba9
Compare
d-cs
added a commit
that referenced
this pull request
May 26, 2026
…ity envId from realtime counter Three CodeRabbit findings from #3709, re-raised on #3757: - resources.taskruns.$runParam.debug.ts: buffered fallback returned the run's queue / concurrencyKey / queueTimestamp from the snapshot without verifying org membership. Any authenticated user who knew a friendlyId could read those fields across orgs. Now joins through orgMember the same way the PG path does and 404s on miss. - resources.runs.$runParam.logs.download.ts: same shape — the buffered placeholder leaked runId existence to non-members on direct URL access. Same orgMember check now gates the buffered branch. - mollifierTelemetry.server.ts: recordRealtimeBufferedSubscription was attaching envId (a UUID) as an OTEL counter dimension, violating the project's "no high-cardinality IDs in metric attributes" guideline. Dropped the parameter; the call site's logger.info still emits envId. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
1a8fbc6 to
558703b
Compare
d-cs
force-pushed
the
mollifier-phase-3-mutations
branch
from
0547ba9 to
0708ce5
Compare
d-cs
added a commit
that referenced
this pull request
May 26, 2026
…ity envId from realtime counter Three CodeRabbit findings from #3709, re-raised on #3757: - resources.taskruns.$runParam.debug.ts: buffered fallback returned the run's queue / concurrencyKey / queueTimestamp from the snapshot without verifying org membership. Any authenticated user who knew a friendlyId could read those fields across orgs. Now joins through orgMember the same way the PG path does and 404s on miss. - resources.runs.$runParam.logs.download.ts: same shape — the buffered placeholder leaked runId existence to non-members on direct URL access. Same orgMember check now gates the buffered branch. - mollifierTelemetry.server.ts: recordRealtimeBufferedSubscription was attaching envId (a UUID) as an OTEL counter dimension, violating the project's "no high-cardinality IDs in metric attributes" guideline. Dropped the parameter; the call site's logger.info still emits envId. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
558703b to
372ca71
Compare
d-cs
force-pushed
the
mollifier-phase-3-mutations
branch
from
0708ce5 to
396552e
Compare
d-cs
added a commit
that referenced
this pull request
May 26, 2026
…ity envId from realtime counter Three CodeRabbit findings from #3709, re-raised on #3757: - resources.taskruns.$runParam.debug.ts: buffered fallback returned the run's queue / concurrencyKey / queueTimestamp from the snapshot without verifying org membership. Any authenticated user who knew a friendlyId could read those fields across orgs. Now joins through orgMember the same way the PG path does and 404s on miss. - resources.runs.$runParam.logs.download.ts: same shape — the buffered placeholder leaked runId existence to non-members on direct URL access. Same orgMember check now gates the buffered branch. - mollifierTelemetry.server.ts: recordRealtimeBufferedSubscription was attaching envId (a UUID) as an OTEL counter dimension, violating the project's "no high-cardinality IDs in metric attributes" guideline. Dropped the parameter; the call site's logger.info still emits envId. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
372ca71 to
1fd59a3
Compare
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
Comment on lines
+64
to
+66
| if (!member) { | ||
| throw new Response("Not Found", { status: 404 }); | ||
| } |
Contributor
There was a problem hiding this comment.
🟡 Bare catch {} silently swallows intentional auth-check throw new Response(...) in debug route
The org-membership auth check at line 65 uses throw new Response("Not Found", { status: 404 }) to signal an unauthorized access. However, this throw is inside a try block whose catch {} at line 93 catches all exceptions — including this intentional Remix Response throw. The Response is silently swallowed and the code falls through to the same 404 at line 97, so the end behavior is the same today. But the pattern is fragile: if the fallthrough is ever changed (e.g., to return a different status, or to add logic between the catch and the final throw), the auth check's Response would be silently lost. The return pattern used in the analogous resources.runs.$runParam.logs.download.ts:49 is the correct approach.
Suggested change
| if (!member) { | |
| throw new Response("Not Found", { status: 404 }); | |
| } | |
| if (!member) { | |
| return new Response("Not Found", { status: 404 }); | |
| } |
Was this helpful? React with 👍 or 👎 to provide feedback.
d-cs
force-pushed
the
mollifier-phase-3-mutations
branch
from
396552e to
eb2a777
Compare
d-cs
added a commit
that referenced
this pull request
May 26, 2026
…ity envId from realtime counter Three CodeRabbit findings from #3709, re-raised on #3757: - resources.taskruns.$runParam.debug.ts: buffered fallback returned the run's queue / concurrencyKey / queueTimestamp from the snapshot without verifying org membership. Any authenticated user who knew a friendlyId could read those fields across orgs. Now joins through orgMember the same way the PG path does and 404s on miss. - resources.runs.$runParam.logs.download.ts: same shape — the buffered placeholder leaked runId existence to non-members on direct URL access. Same orgMember check now gates the buffered branch. - mollifierTelemetry.server.ts: recordRealtimeBufferedSubscription was attaching envId (a UUID) as an OTEL counter dimension, violating the project's "no high-cardinality IDs in metric attributes" guideline. Dropped the parameter; the call site's logger.info still emits envId. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
1fd59a3 to
99ba3a7
Compare
Dashboard run detail, span detail, streams view, realtime subscription, redirect routes, replay/cancel/idempotency-reset action routes, the logs download route, and the cancel dialog all handle buffered runs by falling back to the mollifier snapshot. Stacked on the mutations PR. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…ity envId from realtime counter Three CodeRabbit findings from #3709, re-raised on #3757: - resources.taskruns.$runParam.debug.ts: buffered fallback returned the run's queue / concurrencyKey / queueTimestamp from the snapshot without verifying org membership. Any authenticated user who knew a friendlyId could read those fields across orgs. Now joins through orgMember the same way the PG path does and 404s on miss. - resources.runs.$runParam.logs.download.ts: same shape — the buffered placeholder leaked runId existence to non-members on direct URL access. Same orgMember check now gates the buffered branch. - mollifierTelemetry.server.ts: recordRealtimeBufferedSubscription was attaching envId (a UUID) as an OTEL counter dimension, violating the project's "no high-cardinality IDs in metric attributes" guideline. Dropped the parameter; the call site's logger.info still emits envId. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d-cs
force-pushed
the
mollifier-phase-3-dashboard
branch
from
99ba3a7 to
d6ea563
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Dashboard surfaces handle buffered runs by falling back to the mollifier snapshot:
_app.../runs.\$runParam,resources.../spans.\$spanParam,resources.../streams.\$streamKey).@.runs.\$runParam,runs.\$runParam,projects.v3.\$projectRef.runs.\$runParam).resources.taskruns/...andresources.../idempotencyKey.reset.realtime.v1.runs.\$runId,resources.../realtime.v1.*).CancelRunDialoggains anonCancelSubmittedcallback so submit isn't raced by the RadixDialogClosewrapper.Stacked on the mutations PR.
Test plan