BUG-HUNT: [error-handling] Silent failure in template rendering can mask errors #1774

New issue

Open

opened 2026-04-02 23:47:08 +00:00 by freemo · 1 comment

freemo commented

2026-04-02 23:47:08 +00:00

Owner

Metadata

Branch: fix/template-renderer-silent-failure
Commit Message: fix(templates): re-raise TemplateError in TemplateRenderer.render instead of returning raw template
Milestone: v3.7.0
Parent Epic: #1674

Subtasks

Update TemplateRenderer.render in src/cleveragents/templates/renderer.py (lines 40–51) to re-raise TemplateError instead of silently returning the raw template string
Decide on exception strategy: re-raise the original TemplateError directly, or wrap it in a new TemplateRenderError (inheriting from TemplateError) for a more specific public API
If a new TemplateRenderError is introduced, define it in the templates module and export it from the package's __init__.py
Remove the silent fallback return template path from the except TemplateError block
Update or add logger.error / logger.exception call to log the full exception details before re-raising (replacing the current logger.warning)
Tests (Behave): Add scenario verifying that TemplateRenderer.render raises TemplateError (or TemplateRenderError) when given a malformed template
Tests (Behave): Add scenario verifying that a valid template still renders correctly (regression guard)
Tests (Behave): Verify the exception message / context contains useful diagnostic information
Run nox -e typecheck — confirm no Pyright errors introduced
Run nox -e unit_tests — confirm all tests pass
Run nox -e coverage_report — confirm coverage remains >= 97%
Run nox (all default sessions) — confirm all stages pass

Definition of Done

All subtasks above are completed and checked off
TemplateRenderer.render no longer silently swallows TemplateError — the exception propagates to the caller
No bare except or overly broad except Exception introduced — only TemplateError (or its subclass) is caught for re-raising
A Git commit is created where the first line of the commit message matches the Commit Message in Metadata exactly, followed by a blank line, then additional lines providing relevant details about the implementation
The commit is pushed to the remote on the branch matching the Branch in Metadata exactly
The commit is submitted as a pull request to master, reviewed, and merged before this issue is marked done
All nox stages pass
Coverage >= 97%

Bug Report: [error-handling] — Silent failure in template rendering can mask errors

Severity Assessment

Impact: Malformed or invalid templates can lead to silent failures, where raw template code is propagated through the system, potentially causing unexpected behavior or displaying raw template code to end-users.
Likelihood: High, as any error in template rendering will trigger this behavior.
Priority: Medium

Location

File: src/cleveragents/templates/renderer.py
Function/Class: TemplateRenderer.render
Lines: 40-51

Description

The render method in TemplateRenderer catches all TemplateError exceptions and returns the raw, unrendered template. This can lead to silent failures where malformed or invalid templates are not caught, and the raw template string is propagated through the system, potentially causing unexpected behavior or displaying raw template code to end-users.

Evidence

def render(self, template: str, context: dict[str, Any] | None = None) -> str:
    """Render *template* with *context*, returning raw on error."""
    context = context or {}
    try:
        return self._secure.render(template, context)
    except TemplateError:
        logger.warning(
            "Template rendering failed; returning raw template "
            "(length=%d). Enable DEBUG logging for details.",
            len(template),
        )
        logger.debug("Suppressed TemplateError for template: %r", template)
        return template

Expected Behavior

The method should re-raise the TemplateError or a new, more specific exception to ensure that rendering failures are handled explicitly.

Actual Behavior

The method silently swallows the TemplateError and returns the original, unrendered template string.

Suggested Fix

Instead of returning the raw template, the method should re-raise the TemplateError or a new, more specific exception. If backward compatibility is a concern, this behavior could be controlled by a configuration flag.

Category

error-handling

Automated by CleverAgents Bot
Supervisor: Bug Hunting | Agent: ca-new-issue-creator

## Metadata - **Branch**: `fix/template-renderer-silent-failure` - **Commit Message**: `fix(templates): re-raise TemplateError in TemplateRenderer.render instead of returning raw template` - **Milestone**: v3.7.0 - **Parent Epic**: #1674 ## Subtasks - [ ] Update `TemplateRenderer.render` in `src/cleveragents/templates/renderer.py` (lines 40–51) to re-raise `TemplateError` instead of silently returning the raw template string - [ ] Decide on exception strategy: re-raise the original `TemplateError` directly, or wrap it in a new `TemplateRenderError` (inheriting from `TemplateError`) for a more specific public API - [ ] If a new `TemplateRenderError` is introduced, define it in the `templates` module and export it from the package's `__init__.py` - [ ] Remove the silent fallback `return template` path from the `except TemplateError` block - [ ] Update or add `logger.error` / `logger.exception` call to log the full exception details before re-raising (replacing the current `logger.warning`) - [ ] Tests (Behave): Add scenario verifying that `TemplateRenderer.render` raises `TemplateError` (or `TemplateRenderError`) when given a malformed template - [ ] Tests (Behave): Add scenario verifying that a valid template still renders correctly (regression guard) - [ ] Tests (Behave): Verify the exception message / context contains useful diagnostic information - [ ] Run `nox -e typecheck` — confirm no Pyright errors introduced - [ ] Run `nox -e unit_tests` — confirm all tests pass - [ ] Run `nox -e coverage_report` — confirm coverage remains >= 97% - [ ] Run `nox` (all default sessions) — confirm all stages pass ## Definition of Done - [ ] All subtasks above are completed and checked off - [ ] `TemplateRenderer.render` no longer silently swallows `TemplateError` — the exception propagates to the caller - [ ] No bare `except` or overly broad `except Exception` introduced — only `TemplateError` (or its subclass) is caught for re-raising - [ ] A Git commit is created where the **first line** of the commit message matches the Commit Message in Metadata exactly, followed by a blank line, then additional lines providing relevant details about the implementation - [ ] The commit is pushed to the remote on the branch matching the **Branch** in Metadata exactly - [ ] The commit is submitted as a **pull request** to `master`, reviewed, and **merged** before this issue is marked done - [ ] All nox stages pass - [ ] Coverage >= 97% --- ## Bug Report: [error-handling] — Silent failure in template rendering can mask errors ### Severity Assessment - **Impact**: Malformed or invalid templates can lead to silent failures, where raw template code is propagated through the system, potentially causing unexpected behavior or displaying raw template code to end-users. - **Likelihood**: High, as any error in template rendering will trigger this behavior. - **Priority**: Medium ### Location - **File**: `src/cleveragents/templates/renderer.py` - **Function/Class**: `TemplateRenderer.render` - **Lines**: 40-51 ### Description The `render` method in `TemplateRenderer` catches all `TemplateError` exceptions and returns the raw, unrendered template. This can lead to silent failures where malformed or invalid templates are not caught, and the raw template string is propagated through the system, potentially causing unexpected behavior or displaying raw template code to end-users. ### Evidence ```python def render(self, template: str, context: dict[str, Any] | None = None) -> str: """Render *template* with *context*, returning raw on error.""" context = context or {} try: return self._secure.render(template, context) except TemplateError: logger.warning( "Template rendering failed; returning raw template " "(length=%d). Enable DEBUG logging for details.", len(template), ) logger.debug("Suppressed TemplateError for template: %r", template) return template ``` ### Expected Behavior The method should re-raise the `TemplateError` or a new, more specific exception to ensure that rendering failures are handled explicitly. ### Actual Behavior The method silently swallows the `TemplateError` and returns the original, unrendered template string. ### Suggested Fix Instead of returning the raw template, the method should re-raise the `TemplateError` or a new, more specific exception. If backward compatibility is a concern, this behavior could be controlled by a configuration flag. ### Category error-handling --- **Automated by CleverAgents Bot** Supervisor: Bug Hunting | Agent: ca-new-issue-creator

freemo added this to the v3.7.0 milestone

2026-04-02 23:47:31 +00:00

freemo commented

2026-04-02 23:51:08 +00:00

Author

Owner

Issue triaged by project owner:

State: Verified
MoSCoW: MoSCoW/Should Have — silent failures violate fail-fast principle.

Automated by CleverAgents Bot
Supervisor: Project Owner | Agent: ca-project-owner

Issue triaged by project owner: - **State**: Verified - **MoSCoW**: MoSCoW/Should Have — silent failures violate fail-fast principle. --- **Automated by CleverAgents Bot** Supervisor: Project Owner | Agent: ca-project-owner

freemo added a new dependency

2026-04-02 23:53:46 +00:00

#1674 Bug Hunting Coordination: templates module

freemo referenced this issue

2026-04-02 23:55:09 +00:00

BUG-HUNT: [error-handling] Broad exception in _handle_file_search #1813