BUG-HUNT: [error-handling] Missing input validation in `create_template_db.py` can lead to unhandled exceptions #2813

New issue

Open

opened 2026-04-04 20:35:57 +00:00 by freemo · 0 comments

freemo commented

2026-04-04 20:35:57 +00:00

Owner

Metadata

Branch: fix/error-handling-create-template-db-input-validation
Commit Message: fix(error-handling): validate output_path in create_template to prevent unhandled exceptions
Milestone: v3.7.0
Parent Epic: #362

Description

The create_template function in scripts/create_template_db.py does not validate the output_path argument before use. If a user (or CI/CD pipeline) provides a path that is a directory, a file they lack write permissions for, or an empty string, the script crashes with an unhandled low-level exception (IsADirectoryError, PermissionError, FileNotFoundError) rather than a user-friendly error message.

Location

File: scripts/create_template_db.py
Function: create_template
Lines: 21–64

Evidence

def create_template(output_path: str = "build/.template-migrated.db") -> None:
    ...
    out = Path(output_path)
    out.parent.mkdir(parents=True, exist_ok=True)

    # Remove existing template so we always create fresh
    if out.exists():
        out.unlink()  # This will fail if output_path is a directory

    db_url = f"sqlite:///{out.resolve()}"
    engine = create_engine(db_url, connect_args={"check_same_thread": False})
    ...

Expected Behaviour

The script validates output_path at entry and emits a clear, actionable error message when the path is invalid (empty string, points to an existing directory, or the parent directory is not writable).

Actual Behaviour

The script crashes with an unhandled exception, producing a raw Python traceback with no user-friendly guidance.

Suggested Fix

import os
import sys
from pathlib import Path

def create_template(output_path: str = "build/.template-migrated.db") -> None:
    if not output_path:
        print("Error: Output path cannot be empty.", file=sys.stderr)
        sys.exit(1)

    out = Path(output_path)

    if out.is_dir():
        print(f"Error: Output path '{output_path}' is a directory.", file=sys.stderr)
        sys.exit(1)

    if not os.access(out.parent, os.W_OK):
        print(f"Error: No write permissions for '{out.parent}'.", file=sys.stderr)
        sys.exit(1)
    ...

Subtasks

Write a failing Behave scenario that demonstrates each invalid-path case (empty string, directory path, non-writable parent)
Add input validation logic at the top of create_template in scripts/create_template_db.py
Ensure all type annotations remain complete and pass nox -e typecheck
Confirm all new and existing Behave scenarios pass via nox -e unit_tests
Verify coverage remains ≥ 97% via nox -e coverage_report
Open a PR, link it to this issue, and obtain two approving reviews

Definition of Done

Validation logic is present at the start of create_template covering: empty string, directory path, and non-writable parent directory
Each invalid-path case produces a clear, human-readable error message on stderr and exits with a non-zero status code
A Behave feature file covers all three invalid-path scenarios (TDD: failing test written first)
No # type: ignore suppressions introduced; all code passes nox -e typecheck
All nox stages pass (nox -e lint, nox -e typecheck, nox -e unit_tests, nox -e integration_tests, nox -e coverage_report)
Coverage ≥ 97%
PR merged and this issue closed

Automated by CleverAgents Bot
Supervisor: Bug Hunting | Agent: ca-new-issue-creator

## Metadata - **Branch**: `fix/error-handling-create-template-db-input-validation` - **Commit Message**: `fix(error-handling): validate output_path in create_template to prevent unhandled exceptions` - **Milestone**: v3.7.0 - **Parent Epic**: #362 ## Description The `create_template` function in `scripts/create_template_db.py` does not validate the `output_path` argument before use. If a user (or CI/CD pipeline) provides a path that is a directory, a file they lack write permissions for, or an empty string, the script crashes with an unhandled low-level exception (`IsADirectoryError`, `PermissionError`, `FileNotFoundError`) rather than a user-friendly error message. ### Location - **File**: `scripts/create_template_db.py` - **Function**: `create_template` - **Lines**: 21–64 ### Evidence ```python def create_template(output_path: str = "build/.template-migrated.db") -> None: ... out = Path(output_path) out.parent.mkdir(parents=True, exist_ok=True) # Remove existing template so we always create fresh if out.exists(): out.unlink() # This will fail if output_path is a directory db_url = f"sqlite:///{out.resolve()}" engine = create_engine(db_url, connect_args={"check_same_thread": False}) ... ``` ### Expected Behaviour The script validates `output_path` at entry and emits a clear, actionable error message when the path is invalid (empty string, points to an existing directory, or the parent directory is not writable). ### Actual Behaviour The script crashes with an unhandled exception, producing a raw Python traceback with no user-friendly guidance. ### Suggested Fix ```python import os import sys from pathlib import Path def create_template(output_path: str = "build/.template-migrated.db") -> None: if not output_path: print("Error: Output path cannot be empty.", file=sys.stderr) sys.exit(1) out = Path(output_path) if out.is_dir(): print(f"Error: Output path '{output_path}' is a directory.", file=sys.stderr) sys.exit(1) if not os.access(out.parent, os.W_OK): print(f"Error: No write permissions for '{out.parent}'.", file=sys.stderr) sys.exit(1) ... ``` ## Subtasks - [ ] Write a failing Behave scenario that demonstrates each invalid-path case (empty string, directory path, non-writable parent) - [ ] Add input validation logic at the top of `create_template` in `scripts/create_template_db.py` - [ ] Ensure all type annotations remain complete and pass `nox -e typecheck` - [ ] Confirm all new and existing Behave scenarios pass via `nox -e unit_tests` - [ ] Verify coverage remains ≥ 97% via `nox -e coverage_report` - [ ] Open a PR, link it to this issue, and obtain two approving reviews ## Definition of Done - [ ] Validation logic is present at the start of `create_template` covering: empty string, directory path, and non-writable parent directory - [ ] Each invalid-path case produces a clear, human-readable error message on `stderr` and exits with a non-zero status code - [ ] A Behave feature file covers all three invalid-path scenarios (TDD: failing test written first) - [ ] No `# type: ignore` suppressions introduced; all code passes `nox -e typecheck` - [ ] All nox stages pass (`nox -e lint`, `nox -e typecheck`, `nox -e unit_tests`, `nox -e integration_tests`, `nox -e coverage_report`) - [ ] Coverage ≥ 97% - [ ] PR merged and this issue closed --- **Automated by CleverAgents Bot** Supervisor: Bug Hunting | Agent: ca-new-issue-creator

freemo added this to the v3.7.0 milestone

2026-04-04 20:36:04 +00:00

freemo added a new dependency

2026-04-04 20:36:11 +00:00

#362 Epic: Security & Safety Hardening

freemo added the

MoSCoW

Could have

label

2026-04-04 20:41:08 +00:00

freemo referenced this issue

2026-04-04 20:41:23 +00:00