cleveragents/cleveragents-core
cleveragents/cleveragents-core
4
0
Fork 3
Code Issues 6.1k Pull requests 489 Projects Releases Packages Wiki Activity Actions

fix(test): skip redundant Alembic migration check for existing test databases #727

Merged
CoreRasurae merged 1 commit from fix/test-db-performance-regression into master 2026-03-12 13:20:14 +00:00
Conversation 4 Commits 1 Files changed 1 +6 -1
CoreRasurae commented 2026-03-12 12:34:24 +00:00
Member
Copy link

Summary

Fix a performance regression in the BDD test infrastructure where _fast_init_or_upgrade in features/environment.py fell through to the original _original_init_or_upgrade() for existing non-empty test databases, triggering redundant Alembic migration checks on every CLI command invocation within a scenario.

Closes #726

Changes

features/environment.py

Single change in _fast_init_or_upgrade() (line 221-222):

When a scenario test database already exists and is non-empty (created by a prior step like I have initialized a project), the function now returns immediately instead of delegating to the original migration runner:

# BEFORE — triggers full Alembic migration check every time:
if db_path.exists() and db_path.stat().st_size > 0:
    return _original_init_or_upgrade(self, **kwargs)

# AFTER — skip check for already-migrated test databases:
if db_path.exists() and db_path.stat().st_size > 0:
    return

Why this is safe

  • Template-copied databases are already at Alembic HEAD (stamped by scripts/create_template_db.py)
  • Databases created by prior steps (e.g., init_command) already ran the full migration during creation
  • The _SCENARIO_DB_PREFIXES guard above this check ensures only scenario test databases are affected — migration-runner unit tests that use custom URLs still go through the original path

What the bug caused

  1. Redundant Alembic migration checks — 7+ pairs of INFO [alembic.runtime.migration] log lines per scenario for every CLI command after init
  2. SQLite lock contention — Multiple SQLAlchemy engines opening connections to the same file under parallel execution (16 workers via behave-parallel)
  3. Cascading retry overhead — Lock contention triggered @database_retry decorators (wait_fixed(0.5) × 3 attempts) on ~100 repository methods
  4. Intermittent CI failures — Cumulative overhead across 280+ feature files caused hangs and timeouts

Affected scenarios (all now passing)

All 11 previously-failing scenarios in features/core_cli_commands.feature that invoke CLI commands after a prior step already created a database.

Verification

Mode Result
nox -s unit_tests -- features/core_cli_commands.feature --processes 1 15/15 pass, ~1.7s
nox -s unit_tests -- features/core_cli_commands.feature (16 processes) 15/15 pass, ~1.7s

Quality Checks

  • Single minimal edit to features/environment.py
  • No production code changes
  • No new dependencies
## Summary Fix a performance regression in the BDD test infrastructure where `_fast_init_or_upgrade` in `features/environment.py` fell through to the original `_original_init_or_upgrade()` for existing non-empty test databases, triggering redundant Alembic migration checks on every CLI command invocation within a scenario. Closes #726 ## Changes ### `features/environment.py` **Single change in `_fast_init_or_upgrade()`** (line 221-222): When a scenario test database already exists and is non-empty (created by a prior step like `I have initialized a project`), the function now returns immediately instead of delegating to the original migration runner: ```python # BEFORE — triggers full Alembic migration check every time: if db_path.exists() and db_path.stat().st_size > 0: return _original_init_or_upgrade(self, **kwargs) # AFTER — skip check for already-migrated test databases: if db_path.exists() and db_path.stat().st_size > 0: return ``` ### Why this is safe - **Template-copied databases** are already at Alembic HEAD (stamped by `scripts/create_template_db.py`) - **Databases created by prior steps** (e.g., `init_command`) already ran the full migration during creation - The `_SCENARIO_DB_PREFIXES` guard above this check ensures only scenario test databases are affected — migration-runner unit tests that use custom URLs still go through the original path ### What the bug caused 1. **Redundant Alembic migration checks** — 7+ pairs of `INFO [alembic.runtime.migration]` log lines per scenario for every CLI command after init 2. **SQLite lock contention** — Multiple SQLAlchemy engines opening connections to the same file under parallel execution (16 workers via `behave-parallel`) 3. **Cascading retry overhead** — Lock contention triggered `@database_retry` decorators (`wait_fixed(0.5)` × 3 attempts) on ~100 repository methods 4. **Intermittent CI failures** — Cumulative overhead across 280+ feature files caused hangs and timeouts ### Affected scenarios (all now passing) All 11 previously-failing scenarios in `features/core_cli_commands.feature` that invoke CLI commands after a prior step already created a database. ## Verification | Mode | Result | |------|--------| | `nox -s unit_tests -- features/core_cli_commands.feature --processes 1` | 15/15 pass, ~1.7s | | `nox -s unit_tests -- features/core_cli_commands.feature` (16 processes) | 15/15 pass, ~1.7s | ## Quality Checks - Single minimal edit to `features/environment.py` - No production code changes - No new dependencies
CoreRasurae force-pushed fix/test-db-performance-regression from 7ba0a7f30d
Some checks failed
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / lint (pull_request) Successful in 13s
Details
CI / build (pull_request) Successful in 15s
Details
CI / quality (pull_request) Successful in 17s
Details
CI / security (pull_request) Successful in 35s
Details
CI / typecheck (pull_request) Successful in 42s
Details
CI / unit_tests (pull_request) Successful in 3m13s
Details
CI / integration_tests (pull_request) Successful in 3m22s
Details
CI / docker (pull_request) Successful in 39s
Details
CI / benchmark-regression (pull_request) Has been cancelled
Details
CI / coverage (pull_request) Has been cancelled
Details
to 1ec525599b
All checks were successful
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / lint (pull_request) Successful in 14s
Details
CI / build (pull_request) Successful in 16s
Details
CI / quality (pull_request) Successful in 19s
Details
CI / security (pull_request) Successful in 36s
Details
CI / typecheck (pull_request) Successful in 38s
Details
CI / unit_tests (pull_request) Successful in 2m59s
Details
CI / docker (pull_request) Successful in 10s
Details
CI / integration_tests (pull_request) Successful in 3m28s
Details
CI / coverage (pull_request) Successful in 6m35s
Details
CI / benchmark-regression (pull_request) Successful in 35m34s
Details
CI / lint (push) Successful in 12s
Details
CI / build (push) Successful in 14s
Details
CI / quality (push) Successful in 16s
Details
CI / security (push) Successful in 35s
Details
CI / typecheck (push) Successful in 36s
Details
CI / benchmark-regression (push) Has been skipped
Details
CI / unit_tests (push) Successful in 3m6s
Details
CI / docker (push) Successful in 10s
Details
CI / integration_tests (push) Successful in 3m26s
Details
CI / coverage (push) Successful in 5m22s
Details
CI / benchmark-publish (push) Successful in 19m46s
Details
2026-03-12 12:39:57 +00:00 Compare
hurui200320 reviewed 2026-03-12 12:43:22 +00:00
hurui200320 left a comment
Copy link

Security Review — PR #727

Scope

Reviewed the single-file change in features/environment.py (the PR diff), plus the broader security posture of related files: features/steps/cli_plan_context_commands_steps.py, scripts/create_template_db.py, src/cleveragents/infrastructure/database/migration_runner.py, src/cleveragents/core/retry_patterns.py, test step files, and pyproject.toml dependencies.

Verdict: No security blockers introduced by this PR

The change replaces return _original_init_or_upgrade(self, **kwargs) with a bare return in the test-only monkey-patched _fast_init_or_upgrade. This is scoped entirely to test infrastructure and does not touch production code. No new security vulnerabilities are introduced.

Findings

Finding 1 — TOCTOU race on file existence check (PR change context)
File features/environment.py:221
Severity Low (Informational)
Introduced by PR No — pre-existing; PR only changes the return branch

The check if db_path.exists() and db_path.stat().st_size > 0 followed by either returning or copying the template has a theoretical TOCTOU window: another parallel test worker could delete or replace the file between the stat() call and subsequent use by SQLAlchemy. In practice, the window is sub-microsecond and the worst outcome is a test failure (not a security breach). The same race existed before this PR — the change merely swaps what happens in the "true" branch.

Recommendation: No action needed for security. If test stability under heavy parallelism becomes an issue, consider catching FileNotFoundError in the calling code.

Finding 2 — tempfile.mktemp() usage (pre-existing, 16 call sites)
Files features/environment.py:48,52,292 plus 13 other step files
Severity Low
Introduced by PR No — pre-existing across the test suite

tempfile.mktemp() is deprecated by Python docs because of a symlink race: between name generation and file creation, an attacker could place a symlink at the predicted path. In this codebase, all 16 call sites are in test infrastructure generating SQLite DB paths or scratch files, and the paths use unpredictable prefixes in system temp directories. The practical risk in a CI/test context is negligible, but it remains a code quality concern.

Recommendation: When convenient, migrate to tempfile.mkstemp() (returns an fd + path atomically) or tempfile.NamedTemporaryFile(delete=False). This is not urgent and should not block this PR.

Finding 3 — shell=True in subprocess call (pre-existing)
File features/steps/cli_coverage_steps.py:44
Severity Low
Introduced by PR No

subprocess.run(command, ..., shell=True) where command is a string built from BDD step definitions (@when('I run shell command "{command}"')). The command strings originate from .feature files authored by the development team, not from runtime user input. However, shell=True with string input is a well-known command injection vector and violates defense-in-depth.

Recommendation: Convert to shlex.split(command) + shell=False (as already done in cli_plan_context_commands_steps.py:351). Not a blocker for this PR.

Finding 4 — Skipping migration validation in tests
File features/environment.py:221-222 (the PR change)
Severity Low
Introduced by PR Modified behavior (bare return vs. calling original)

By returning immediately for non-empty test DBs, the monkey-patched path now skips Alembic migration validation entirely. Previously it delegated to the original init_or_upgrade() which would verify the DB was at HEAD. The risk is that a test could silently pass with a stale or partially-migrated schema that would fail in production.

Mitigating factors:

  • Template DBs are stamped at Alembic HEAD by scripts/create_template_db.py:53-60
  • DBs created by prior steps already ran full migration during creation
  • The _SCENARIO_DB_PREFIXES guard (line 211) limits this to known test DB names
  • Production MigrationRunner.init_or_upgrade() is never monkey-patched

Recommendation: Acceptable as-is for a test performance fix. Consider adding a CI gate that verifies the template DB's Alembic revision matches HEAD (a simple SELECT version_num FROM alembic_version assertion in a nox session) to catch template staleness.

Finding 5 — Test credential handling (pre-existing, no issues)
Files Various step files
Severity Informational — no issue found

Searched for hardcoded credentials across all feature/step files. Found only clearly-fake test fixtures: "my-secret-value-here", "plan-service-api-key", "ls-fake-key-for-coverage", "behave-context-api-key". These are used in mock/stub contexts and do not represent real credentials. No .env files with secrets, no real API keys, no connection strings with embedded passwords.

Finding 6 — Database connection string in environment variable (pre-existing)
File migration_runner.py:121
Severity Low
Introduced by PR No

MigrationRunner.run_migrations() temporarily sets os.environ["CLEVERAGENTS_DATABASE_URL"] to the database URL for Alembic's env.py to read. The value is restored in a finally block. For non-SQLite databases, connection strings could contain credentials that would be visible to child processes or /proc/self/environ readers during that window. The restoration is properly handled; the risk is inherent to Alembic's configuration model.

Recommendation: No action needed for this PR. For hardening, consider using alembic_cfg.attributes["connection"] exclusively (as already done for the engine-based path on line 128) to avoid env var exposure.

Finding 7 — Credential sanitization in retry logging (pre-existing, positive finding)
File retry_patterns.py:349-397
Severity Positive — good security practice

_sanitize_error_message() properly redacts URLs with embedded credentials, API key assignments, auth headers, and dict-format secrets before logging. The pre-truncation to 2000 chars (_MAX_SANITIZE_INPUT, line 388) bounds regex CPU time, preventing ReDoS. This is a well-implemented defense.

Finding 8 — Supply chain / dependency review
Severity Informational — no issues

Reviewed pyproject.toml dependencies. All packages are mainstream ecosystem libraries (alembic, sqlalchemy, tenacity, langchain, pydantic, typer, etc.). Security tooling is included in dev dependencies (bandit, semgrep). RestrictedPython for sandboxing is a positive signal. No suspicious or typosquatting-candidate packages detected. No pinned commit hashes that could mask substitution.

Summary Table

# Finding Severity Introduced by PR Action
1 TOCTOU on file check Low No (pre-existing) No action
2 tempfile.mktemp() usage Low No (pre-existing) Migrate when convenient
3 shell=True subprocess Low No (pre-existing) Convert to shell=False
4 Skipping migration validation Low Modified behavior Consider CI template-freshness gate
5 Test credentials Informational N/A No issues found
6 DB URL in env var Low No (pre-existing) No action for this PR
7 Credential sanitization Positive N/A Good practice
8 Supply chain Informational N/A No issues

No critical, high, or medium severity security findings. No blockers for merge from a security perspective.

# Security Review — PR #727 ## Scope Reviewed the single-file change in `features/environment.py` (the PR diff), plus the broader security posture of related files: `features/steps/cli_plan_context_commands_steps.py`, `scripts/create_template_db.py`, `src/cleveragents/infrastructure/database/migration_runner.py`, `src/cleveragents/core/retry_patterns.py`, test step files, and `pyproject.toml` dependencies. ## Verdict: No security blockers introduced by this PR The change replaces `return _original_init_or_upgrade(self, **kwargs)` with a bare `return` in the test-only monkey-patched `_fast_init_or_upgrade`. This is scoped entirely to test infrastructure and does not touch production code. No new security vulnerabilities are introduced. --- ## Findings ### Finding 1 — TOCTOU race on file existence check (PR change context) | | | |---|---| | **File** | `features/environment.py:221` | | **Severity** | Low (Informational) | | **Introduced by PR** | No — pre-existing; PR only changes the `return` branch | The check `if db_path.exists() and db_path.stat().st_size > 0` followed by either returning or copying the template has a theoretical TOCTOU window: another parallel test worker could delete or replace the file between the `stat()` call and subsequent use by SQLAlchemy. In practice, the window is sub-microsecond and the worst outcome is a test failure (not a security breach). The same race existed before this PR — the change merely swaps what happens in the "true" branch. **Recommendation:** No action needed for security. If test stability under heavy parallelism becomes an issue, consider catching `FileNotFoundError` in the calling code. --- ### Finding 2 — `tempfile.mktemp()` usage (pre-existing, 16 call sites) | | | |---|---| | **Files** | `features/environment.py:48,52,292` plus 13 other step files | | **Severity** | Low | | **Introduced by PR** | No — pre-existing across the test suite | `tempfile.mktemp()` is [deprecated by Python docs](https://docs.python.org/3/library/tempfile.html#tempfile.mktemp) because of a symlink race: between name generation and file creation, an attacker could place a symlink at the predicted path. In this codebase, all 16 call sites are in test infrastructure generating SQLite DB paths or scratch files, and the paths use unpredictable prefixes in system temp directories. The practical risk in a CI/test context is negligible, but it remains a code quality concern. **Recommendation:** When convenient, migrate to `tempfile.mkstemp()` (returns an fd + path atomically) or `tempfile.NamedTemporaryFile(delete=False)`. This is not urgent and should not block this PR. --- ### Finding 3 — `shell=True` in subprocess call (pre-existing) | | | |---|---| | **File** | `features/steps/cli_coverage_steps.py:44` | | **Severity** | Low | | **Introduced by PR** | No | `subprocess.run(command, ..., shell=True)` where `command` is a string built from BDD step definitions (`@when('I run shell command "{command}"')`). The command strings originate from `.feature` files authored by the development team, not from runtime user input. However, `shell=True` with string input is a well-known command injection vector and violates defense-in-depth. **Recommendation:** Convert to `shlex.split(command)` + `shell=False` (as already done in `cli_plan_context_commands_steps.py:351`). Not a blocker for this PR. --- ### Finding 4 — Skipping migration validation in tests | | | |---|---| | **File** | `features/environment.py:221-222` (the PR change) | | **Severity** | Low | | **Introduced by PR** | Modified behavior (bare `return` vs. calling original) | By returning immediately for non-empty test DBs, the monkey-patched path now skips Alembic migration validation entirely. Previously it delegated to the original `init_or_upgrade()` which would verify the DB was at HEAD. The risk is that a test could silently pass with a stale or partially-migrated schema that would fail in production. Mitigating factors: - Template DBs are stamped at Alembic HEAD by `scripts/create_template_db.py:53-60` - DBs created by prior steps already ran full migration during creation - The `_SCENARIO_DB_PREFIXES` guard (line 211) limits this to known test DB names - Production `MigrationRunner.init_or_upgrade()` is never monkey-patched **Recommendation:** Acceptable as-is for a test performance fix. Consider adding a CI gate that verifies the template DB's Alembic revision matches HEAD (a simple `SELECT version_num FROM alembic_version` assertion in a nox session) to catch template staleness. --- ### Finding 5 — Test credential handling (pre-existing, no issues) | | | |---|---| | **Files** | Various step files | | **Severity** | Informational — no issue found | Searched for hardcoded credentials across all feature/step files. Found only clearly-fake test fixtures: `"my-secret-value-here"`, `"plan-service-api-key"`, `"ls-fake-key-for-coverage"`, `"behave-context-api-key"`. These are used in mock/stub contexts and do not represent real credentials. No `.env` files with secrets, no real API keys, no connection strings with embedded passwords. --- ### Finding 6 — Database connection string in environment variable (pre-existing) | | | |---|---| | **File** | `migration_runner.py:121` | | **Severity** | Low | | **Introduced by PR** | No | `MigrationRunner.run_migrations()` temporarily sets `os.environ["CLEVERAGENTS_DATABASE_URL"]` to the database URL for Alembic's `env.py` to read. The value is restored in a `finally` block. For non-SQLite databases, connection strings could contain credentials that would be visible to child processes or `/proc/self/environ` readers during that window. The restoration is properly handled; the risk is inherent to Alembic's configuration model. **Recommendation:** No action needed for this PR. For hardening, consider using `alembic_cfg.attributes["connection"]` exclusively (as already done for the engine-based path on line 128) to avoid env var exposure. --- ### Finding 7 — Credential sanitization in retry logging (pre-existing, positive finding) | | | |---|---| | **File** | `retry_patterns.py:349-397` | | **Severity** | Positive — good security practice | `_sanitize_error_message()` properly redacts URLs with embedded credentials, API key assignments, auth headers, and dict-format secrets before logging. The pre-truncation to 2000 chars (`_MAX_SANITIZE_INPUT`, line 388) bounds regex CPU time, preventing ReDoS. This is a well-implemented defense. --- ### Finding 8 — Supply chain / dependency review | | | |---|---| | **Severity** | Informational — no issues | Reviewed `pyproject.toml` dependencies. All packages are mainstream ecosystem libraries (alembic, sqlalchemy, tenacity, langchain, pydantic, typer, etc.). Security tooling is included in dev dependencies (`bandit`, `semgrep`). `RestrictedPython` for sandboxing is a positive signal. No suspicious or typosquatting-candidate packages detected. No pinned commit hashes that could mask substitution. --- ## Summary Table | # | Finding | Severity | Introduced by PR | Action | |---|---------|----------|------------------|--------| | 1 | TOCTOU on file check | Low | No (pre-existing) | No action | | 2 | `tempfile.mktemp()` usage | Low | No (pre-existing) | Migrate when convenient | | 3 | `shell=True` subprocess | Low | No (pre-existing) | Convert to `shell=False` | | 4 | Skipping migration validation | Low | Modified behavior | Consider CI template-freshness gate | | 5 | Test credentials | Informational | N/A | No issues found | | 6 | DB URL in env var | Low | No (pre-existing) | No action for this PR | | 7 | Credential sanitization | Positive | N/A | Good practice | | 8 | Supply chain | Informational | N/A | No issues | **No critical, high, or medium severity security findings. No blockers for merge from a security perspective.**
features/environment.py
hurui200320 commented 2026-03-12 12:43:22 +00:00
Member
Copy link

TOCTOU (Time-of-check-time-of-use): The exists() + stat().st_size check followed by the bare return has a theoretical race window under parallel execution — another worker could delete the DB between this check and the subsequent SQLAlchemy open. Pre-existing condition (the check was here before this PR), and worst-case outcome is a test failure, not a security issue. Severity: Low/Informational.

**TOCTOU (Time-of-check-time-of-use):** The `exists()` + `stat().st_size` check followed by the bare `return` has a theoretical race window under parallel execution — another worker could delete the DB between this check and the subsequent SQLAlchemy open. Pre-existing condition (the check was here before this PR), and worst-case outcome is a test failure, not a security issue. Severity: **Low/Informational**.
features/environment.py
hurui200320 commented 2026-03-12 12:43:22 +00:00
Member
Copy link

Migration validation skip: The change from return _original_init_or_upgrade(self, **kwargs) to bare return means existing non-empty test DBs now bypass Alembic validation entirely. This is safe because: (1) template DBs are stamped at HEAD, (2) DBs from prior steps already ran migration, (3) production code is unaffected. Consider a CI gate that asserts the template DB revision matches HEAD to prevent silent staleness.

**Migration validation skip:** The change from `return _original_init_or_upgrade(self, **kwargs)` to bare `return` means existing non-empty test DBs now bypass Alembic validation entirely. This is safe because: (1) template DBs are stamped at HEAD, (2) DBs from prior steps already ran migration, (3) production code is unaffected. Consider a CI gate that asserts the template DB revision matches HEAD to prevent silent staleness.
hurui200320 reviewed 2026-03-12 12:43:37 +00:00
hurui200320 left a comment
Copy link

Performance Review — PR #727

Summary

The core change (replacing _original_init_or_upgrade(self, **kwargs) with return for non-empty DBs) is an effective performance fix. The PR's claims are substantiated by the code. Below is a detailed analysis of both the fix and remaining performance concerns in the broader test infrastructure.

1. Verification of PR Performance Claims

Claim: Redundant Alembic migration checks (7+ pairs per scenario)

Verdict: CONFIRMED

MigrationRunner.init_or_upgrade() (migration_runner.py:189-309) performs expensive work on every call:

  1. create_engine() — new SQLAlchemy engine
  2. engine.connect() — opens a connection/file handle
  3. inspect(engine).get_table_names() — queries sqlite_master
  4. get_pending_migrations() — reads Alembic script directory, compares against DB state
  5. command.upgrade() or command.stamp() — Alembic operations
  6. engine.dispose() — cleanup

Multiple UnitOfWork instances are created per scenario (35 call-sites across step files), each calling _ensure_database_initialized()init_or_upgrade(). The _database_initialized flag at unit_of_work.py:55 is per-instance, not global, so new UnitOfWork objects targeting the same DB file will re-trigger the full check. The claim of 7+ redundant checks per scenario is entirely plausible.

Estimated savings: ~0.5-3s per redundant check × 7+ checks × thousands of scenarios = minutes of aggregate savings.

Claim: SQLite lock contention under parallel execution

Verdict: CONFIRMED

Each redundant init_or_upgrade() call creates an engine and opens a connection to the SQLite file. Under 16-worker parallel execution (behave-parallel), even though workers use unique DB paths, the I/O pressure from thousands of unnecessary create_engine + connect + inspect cycles contributes to system-level contention (file descriptor pressure, inode cache pressure). If any edge case causes path collision, actual SQLite SQLITE_BUSY locks would occur.

Claim: Cascading retry overhead

Verdict: CONFIRMED

The database retry category (retry_patterns.py:128-132) uses wait_fixed(0.5) × 3 attempts. There are 107+ methods decorated with @database_retry across repositories.py and changeset_repository.py. While the sleep cap at environment.py:109 limits waits to 10ms, the per-attempt overhead (exception creation, tenacity state machine, structlog logging in log_before_retry/log_after_retry) still multiplies across 100+ decorated methods. The fix removes the root cause (lock contention) rather than treating the symptom.

Claim: Intermittent CI failures across 280+ feature files

Verdict: PLAUSIBLE

The repo contains 374 feature files with ~10,700 scenarios. At 7+ redundant migration checks per scenario, that's ~75,000+ unnecessary engine creation + Alembic inspection cycles per full test run. Under parallel execution, cumulative I/O pressure causing timeouts is a reasonable failure mode.

2. The Fix Itself — Performance Assessment

Severity: The fix is correct and effective.

The change is safe because:

  • Template-copied DBs are stamped at Alembic HEAD by create_template_db.py:58-61
  • DBs created by prior steps already ran full migrations during creation
  • The _SCENARIO_DB_PREFIXES guard at line 211 ensures only test DBs are affected
  • Non-SQLite and in-memory paths still fall through to original behavior

3. Remaining Performance Concerns

Finding P1: Double syscall in existence check

  • File: features/environment.py:221
  • Severity: Low
  • Description: db_path.exists() and db_path.stat().st_size > 0 issues two stat() syscalls (Python's Path.exists() calls os.stat() internally). Can be consolidated to one: 
    try:
    if os.stat(db_file_path).st_size > 0:
        return
except OSError:
    pass
  • Impact: ~10,700 scenarios × ~7 calls = ~75,000 unnecessary extra syscalls per run. At ~1μs each, this is ~75ms total — negligible in isolation but a clean micro-optimization.
  • Recommendation: Low priority. Consider consolidating in a follow-up.

Finding P2: TOCTOU race on stat() in parallel execution

  • File: features/environment.py:221
  • Severity: Low
  • Description: Between db_path.exists() and db_path.stat(), the file could theoretically be deleted by another process. However, this is mitigated by:
    • Each worker gets unique DB paths via tempfile.mktemp() (line 292)
    • Cleanup (after_scenario, lines 507-510) only runs after engine disposal in the same process
    • No cross-worker file sharing by design
  • Impact: Near-zero practical risk in current architecture.
  • Recommendation: No action needed. The single-stat pattern from P1 would eliminate this concern as a side effect.

Finding P3: tempfile.mktemp() is deprecated

  • File: features/environment.py:48-49, 292
  • Severity: Medium (correctness + minor perf)
  • Description: tempfile.mktemp() is deprecated since Python 2.3 due to TOCTOU race conditions. Under high concurrency (16 workers), two workers could theoretically receive the same path before either creates the file. tempfile.mkstemp() atomically creates the file, but returns a file descriptor for a file that already exists — which conflicts with the template-copy approach. The correct alternative is tempfile.NamedTemporaryFile(delete=False, suffix='.db', prefix=prefix) followed by closing the file, or using tempfile.mkdtemp() + a fixed filename inside it.
  • Impact: Extremely unlikely collision at 16 workers, but the deprecation warning is a code quality concern.
  • Recommendation: Consider replacing with tempfile.mkstemp() + os.close(fd) to get an atomically-created unique path, then overwrite with template copy.

Finding P4: shutil.copy2 vs shutil.copy for template

  • File: features/environment.py:226
  • Severity: Low
  • Description: shutil.copy2() preserves file metadata (timestamps, permissions) via an extra os.utime() + os.chmod() call. For temp test databases, metadata preservation is unnecessary. shutil.copy() or even shutil.copyfile() (which skips permission copying too) would be marginally faster.
  • Impact: ~2 extra syscalls × 10,700 scenarios ≈ 21,400 unnecessary syscalls. At ~1μs each, ~21ms total — negligible.
  • Recommendation: No action required. Could use shutil.copyfile() in a follow-up for cleanliness.

Finding P5: Per-instance _database_initialized flag remains a structural inefficiency

  • File: src/cleveragents/infrastructure/database/unit_of_work.py:55
  • Severity: Medium
  • Description: Even with the PR fix (early return for non-empty DBs), the monkey-patched _fast_init_or_upgrade still executes on every new UnitOfWork instance: it parses the URL, extracts the path, checks prefixes, and calls stat(). A process-global or thread-local set of "already-initialized" DB paths would skip all of this work for repeated calls to the same path. 
    _INITIALIZED_DBS: set[str] = set()

def _fast_init_or_upgrade(self, **kwargs):
    db_url = getattr(self, "database_url", "")
    if db_url in _INITIALIZED_DBS:
        return
    # ... existing logic ...
    _INITIALIZED_DBS.add(db_url)
  • Impact: Would eliminate all per-call overhead (URL parsing, path extraction, prefix matching, stat syscall) for subsequent calls. With ~7 calls per scenario × 10,700 scenarios, this removes ~65,000 unnecessary function-body executions.
  • Recommendation: Consider as a follow-up optimization. The current PR already eliminates the expensive init_or_upgrade delegation, so the remaining per-call overhead is small.

Finding P6: _find_alembic_ini() filesystem traversal in fallback paths

  • File: src/cleveragents/infrastructure/database/migration_runner.py:35-89
  • Severity: Low (mitigated by PR)
  • Description: _find_alembic_ini() walks up to 10 directory levels from two starting points, calling candidate.exists() at each level. This runs on every init_or_upgrade() call via the alembic_cfg property. The PR's early return prevents this from executing for the common case, but the fallback paths (non-SQLite, in-memory, non-prefix DBs) still hit it.
  • Impact: Mitigated by this PR for the hot path. Residual impact is low.
  • Recommendation: No action needed for this PR.

Finding P7: No template DB cache invalidation

  • File: features/environment.py:140-144
  • Severity: Low
  • Description: _ensure_template_db() reuses an existing template if template_path.is_file() returns true, with no staleness check. If the Alembic migration set changes between runs without cleaning build/, the template will be outdated. This wouldn't cause a performance regression but could cause test failures.
  • Impact: Functional correctness concern, not performance. The nox session (noxfile.py:74-81) always recreates the template, so this only affects direct behave invocations.
  • Recommendation: Consider checking template mtime against alembic/versions/ mtime, or always recreating in _ensure_template_db(). Low priority.

4. Broader Test Infrastructure Performance

Finding P8: behave-parallel chunk granularity

  • File: noxfile.py:400-404 (inline CLI source)
  • Severity: Low
  • Description: Features are split into equal-size chunks (chunk_size = max(1, (len(feature_paths) + processes - 1) // processes)). This means a chunk with one very slow feature file will become the bottleneck while other workers sit idle. Work-stealing or per-feature dispatch would improve load balancing.
  • Impact: Depends on variance in feature file execution times. With 374 files across 16 workers, chunks of ~23 files each, one slow feature could add seconds of idle time per worker.
  • Recommendation: Consider switching from pool.map to pool.imap_unordered with per-feature granularity for better load balancing. This is outside the scope of this PR.

Finding P9: Engine cache cleared twice per scenario

  • File: features/environment.py:259-266 (before_scenario) and features/environment.py:494-503 (after_scenario)
  • Severity: Low
  • Description: MEMORY_ENGINES is cleared and engines disposed in both before_scenario and after_scenario. The double-clear is defensive but means every scenario pays the cost of iterating and disposing cached engines twice.
  • Impact: Minimal — MEMORY_ENGINES is typically small. Defensive programming trade-off.
  • Recommendation: No action needed.

Overall Assessment

Category Verdict
Core fix correctness Sound — early return is safe for template-copied and step-created DBs
Performance improvement Significant — eliminates ~75,000 redundant Alembic checks per full run
Risk of regression Low — guarded by prefix check, only affects test infrastructure
Remaining perf debt Medium — P3 (mktemp deprecation) and P5 (per-instance flag) warrant follow-up tickets

The fix directly addresses the root cause and the change is minimal and well-scoped. Approve from a performance perspective.

## Performance Review — PR #727 ### Summary The core change (replacing `_original_init_or_upgrade(self, **kwargs)` with `return` for non-empty DBs) is an effective performance fix. The PR's claims are substantiated by the code. Below is a detailed analysis of both the fix and remaining performance concerns in the broader test infrastructure. --- ### 1. Verification of PR Performance Claims #### Claim: Redundant Alembic migration checks (7+ pairs per scenario) **Verdict: CONFIRMED** `MigrationRunner.init_or_upgrade()` (`migration_runner.py:189-309`) performs expensive work on every call: 1. `create_engine()` — new SQLAlchemy engine 2. `engine.connect()` — opens a connection/file handle 3. `inspect(engine).get_table_names()` — queries `sqlite_master` 4. `get_pending_migrations()` — reads Alembic script directory, compares against DB state 5. `command.upgrade()` or `command.stamp()` — Alembic operations 6. `engine.dispose()` — cleanup Multiple `UnitOfWork` instances are created per scenario (35 call-sites across step files), each calling `_ensure_database_initialized()` → `init_or_upgrade()`. The `_database_initialized` flag at `unit_of_work.py:55` is **per-instance**, not global, so new `UnitOfWork` objects targeting the same DB file will re-trigger the full check. The claim of 7+ redundant checks per scenario is entirely plausible. **Estimated savings**: ~0.5-3s per redundant check × 7+ checks × thousands of scenarios = minutes of aggregate savings. #### Claim: SQLite lock contention under parallel execution **Verdict: CONFIRMED** Each redundant `init_or_upgrade()` call creates an engine and opens a connection to the SQLite file. Under 16-worker parallel execution (`behave-parallel`), even though workers use unique DB paths, the I/O pressure from thousands of unnecessary `create_engine` + `connect` + `inspect` cycles contributes to system-level contention (file descriptor pressure, inode cache pressure). If any edge case causes path collision, actual SQLite `SQLITE_BUSY` locks would occur. #### Claim: Cascading retry overhead **Verdict: CONFIRMED** The `database` retry category (`retry_patterns.py:128-132`) uses `wait_fixed(0.5)` × 3 attempts. There are **107+ methods** decorated with `@database_retry` across `repositories.py` and `changeset_repository.py`. While the sleep cap at `environment.py:109` limits waits to 10ms, the per-attempt overhead (exception creation, tenacity state machine, structlog logging in `log_before_retry`/`log_after_retry`) still multiplies across 100+ decorated methods. The fix removes the root cause (lock contention) rather than treating the symptom. #### Claim: Intermittent CI failures across 280+ feature files **Verdict: PLAUSIBLE** The repo contains **374 feature files** with **~10,700 scenarios**. At 7+ redundant migration checks per scenario, that's ~75,000+ unnecessary engine creation + Alembic inspection cycles per full test run. Under parallel execution, cumulative I/O pressure causing timeouts is a reasonable failure mode. --- ### 2. The Fix Itself — Performance Assessment **Severity: The fix is correct and effective.** The change is safe because: - Template-copied DBs are stamped at Alembic HEAD by `create_template_db.py:58-61` - DBs created by prior steps already ran full migrations during creation - The `_SCENARIO_DB_PREFIXES` guard at line 211 ensures only test DBs are affected - Non-SQLite and in-memory paths still fall through to original behavior --- ### 3. Remaining Performance Concerns #### Finding P1: Double syscall in existence check - **File**: `features/environment.py:221` - **Severity**: Low - **Description**: `db_path.exists() and db_path.stat().st_size > 0` issues two `stat()` syscalls (Python's `Path.exists()` calls `os.stat()` internally). Can be consolidated to one: ```python try: if os.stat(db_file_path).st_size > 0: return except OSError: pass ``` - **Impact**: ~10,700 scenarios × ~7 calls = ~75,000 unnecessary extra syscalls per run. At ~1μs each, this is ~75ms total — negligible in isolation but a clean micro-optimization. - **Recommendation**: Low priority. Consider consolidating in a follow-up. #### Finding P2: TOCTOU race on stat() in parallel execution - **File**: `features/environment.py:221` - **Severity**: Low - **Description**: Between `db_path.exists()` and `db_path.stat()`, the file could theoretically be deleted by another process. However, this is mitigated by: - Each worker gets unique DB paths via `tempfile.mktemp()` (line 292) - Cleanup (`after_scenario`, lines 507-510) only runs after engine disposal in the same process - No cross-worker file sharing by design - **Impact**: Near-zero practical risk in current architecture. - **Recommendation**: No action needed. The single-stat pattern from P1 would eliminate this concern as a side effect. #### Finding P3: `tempfile.mktemp()` is deprecated - **File**: `features/environment.py:48-49, 292` - **Severity**: Medium (correctness + minor perf) - **Description**: `tempfile.mktemp()` is [deprecated since Python 2.3](https://docs.python.org/3/library/tempfile.html#tempfile.mktemp) due to TOCTOU race conditions. Under high concurrency (16 workers), two workers could theoretically receive the same path before either creates the file. `tempfile.mkstemp()` atomically creates the file, but returns a file descriptor for a file that already exists — which conflicts with the template-copy approach. The correct alternative is `tempfile.NamedTemporaryFile(delete=False, suffix='.db', prefix=prefix)` followed by closing the file, or using `tempfile.mkdtemp()` + a fixed filename inside it. - **Impact**: Extremely unlikely collision at 16 workers, but the deprecation warning is a code quality concern. - **Recommendation**: Consider replacing with `tempfile.mkstemp()` + `os.close(fd)` to get an atomically-created unique path, then overwrite with template copy. #### Finding P4: `shutil.copy2` vs `shutil.copy` for template - **File**: `features/environment.py:226` - **Severity**: Low - **Description**: `shutil.copy2()` preserves file metadata (timestamps, permissions) via an extra `os.utime()` + `os.chmod()` call. For temp test databases, metadata preservation is unnecessary. `shutil.copy()` or even `shutil.copyfile()` (which skips permission copying too) would be marginally faster. - **Impact**: ~2 extra syscalls × 10,700 scenarios ≈ 21,400 unnecessary syscalls. At ~1μs each, ~21ms total — negligible. - **Recommendation**: No action required. Could use `shutil.copyfile()` in a follow-up for cleanliness. #### Finding P5: Per-instance `_database_initialized` flag remains a structural inefficiency - **File**: `src/cleveragents/infrastructure/database/unit_of_work.py:55` - **Severity**: Medium - **Description**: Even with the PR fix (early return for non-empty DBs), the monkey-patched `_fast_init_or_upgrade` still executes on every new `UnitOfWork` instance: it parses the URL, extracts the path, checks prefixes, and calls `stat()`. A process-global or thread-local set of "already-initialized" DB paths would skip all of this work for repeated calls to the same path. ```python _INITIALIZED_DBS: set[str] = set() def _fast_init_or_upgrade(self, **kwargs): db_url = getattr(self, "database_url", "") if db_url in _INITIALIZED_DBS: return # ... existing logic ... _INITIALIZED_DBS.add(db_url) ``` - **Impact**: Would eliminate all per-call overhead (URL parsing, path extraction, prefix matching, stat syscall) for subsequent calls. With ~7 calls per scenario × 10,700 scenarios, this removes ~65,000 unnecessary function-body executions. - **Recommendation**: Consider as a follow-up optimization. The current PR already eliminates the expensive `init_or_upgrade` delegation, so the remaining per-call overhead is small. #### Finding P6: `_find_alembic_ini()` filesystem traversal in fallback paths - **File**: `src/cleveragents/infrastructure/database/migration_runner.py:35-89` - **Severity**: Low (mitigated by PR) - **Description**: `_find_alembic_ini()` walks up to 10 directory levels from two starting points, calling `candidate.exists()` at each level. This runs on every `init_or_upgrade()` call via the `alembic_cfg` property. The PR's early return prevents this from executing for the common case, but the fallback paths (non-SQLite, in-memory, non-prefix DBs) still hit it. - **Impact**: Mitigated by this PR for the hot path. Residual impact is low. - **Recommendation**: No action needed for this PR. #### Finding P7: No template DB cache invalidation - **File**: `features/environment.py:140-144` - **Severity**: Low - **Description**: `_ensure_template_db()` reuses an existing template if `template_path.is_file()` returns true, with no staleness check. If the Alembic migration set changes between runs without cleaning `build/`, the template will be outdated. This wouldn't cause a performance regression but could cause test failures. - **Impact**: Functional correctness concern, not performance. The nox session (`noxfile.py:74-81`) always recreates the template, so this only affects direct `behave` invocations. - **Recommendation**: Consider checking template mtime against `alembic/versions/` mtime, or always recreating in `_ensure_template_db()`. Low priority. --- ### 4. Broader Test Infrastructure Performance #### Finding P8: `behave-parallel` chunk granularity - **File**: `noxfile.py:400-404` (inline CLI source) - **Severity**: Low - **Description**: Features are split into equal-size chunks (`chunk_size = max(1, (len(feature_paths) + processes - 1) // processes)`). This means a chunk with one very slow feature file will become the bottleneck while other workers sit idle. Work-stealing or per-feature dispatch would improve load balancing. - **Impact**: Depends on variance in feature file execution times. With 374 files across 16 workers, chunks of ~23 files each, one slow feature could add seconds of idle time per worker. - **Recommendation**: Consider switching from `pool.map` to `pool.imap_unordered` with per-feature granularity for better load balancing. This is outside the scope of this PR. #### Finding P9: Engine cache cleared twice per scenario - **File**: `features/environment.py:259-266` (before_scenario) and `features/environment.py:494-503` (after_scenario) - **Severity**: Low - **Description**: `MEMORY_ENGINES` is cleared and engines disposed in both `before_scenario` and `after_scenario`. The double-clear is defensive but means every scenario pays the cost of iterating and disposing cached engines twice. - **Impact**: Minimal — `MEMORY_ENGINES` is typically small. Defensive programming trade-off. - **Recommendation**: No action needed. --- ### Overall Assessment | Category | Verdict | |----------|---------| | Core fix correctness | Sound — early return is safe for template-copied and step-created DBs | | Performance improvement | Significant — eliminates ~75,000 redundant Alembic checks per full run | | Risk of regression | Low — guarded by prefix check, only affects test infrastructure | | Remaining perf debt | Medium — P3 (mktemp deprecation) and P5 (per-instance flag) warrant follow-up tickets | The fix directly addresses the root cause and the change is minimal and well-scoped. Approve from a performance perspective.
features/environment.py
@ -218,3 +222,4 @@
return
# Copy the template — creates a fully-migrated DB in ~1ms
db_path.parent.mkdir(parents=True, exist_ok=True)
hurui200320 commented 2026-03-12 12:43:37 +00:00
Member
Copy link

[Performance — Low] shutil.copy2 preserves file metadata (timestamps, permissions) via extra os.utime() + os.chmod() syscalls that are unnecessary for ephemeral test databases. shutil.copyfile() would be marginally faster by skipping metadata preservation. Negligible impact at ~21ms total across a full run, but cleaner semantically.

**[Performance — Low]** `shutil.copy2` preserves file metadata (timestamps, permissions) via extra `os.utime()` + `os.chmod()` syscalls that are unnecessary for ephemeral test databases. `shutil.copyfile()` would be marginally faster by skipping metadata preservation. Negligible impact at ~21ms total across a full run, but cleaner semantically.
features/environment.py
@ -216,1 +218,4 @@
# fully migrated. Skipping the Alembic check avoids redundant engine
# creation, SQLite lock contention, and the cumulative overhead that
# causes intermittent hangs in parallel test runs.
if db_path.exists() and db_path.stat().st_size > 0:
hurui200320 commented 2026-03-12 12:43:37 +00:00
Member
Copy link

[Performance — Low] Two syscalls where one suffices.

Path.exists() internally calls os.stat(), and then Path.stat() calls os.stat() again. This can be consolidated into a single syscall:

try:
    if os.stat(db_file_path).st_size > 0:
        return
except OSError:
    pass

At ~75,000 invocations per full run this saves ~75ms total — negligible, but it also eliminates the theoretical TOCTOU race between the two calls. Consider as a follow-up micro-optimization.

**[Performance — Low]** Two syscalls where one suffices. `Path.exists()` internally calls `os.stat()`, and then `Path.stat()` calls `os.stat()` again. This can be consolidated into a single syscall: ```python try: if os.stat(db_file_path).st_size > 0: return except OSError: pass ``` At ~75,000 invocations per full run this saves ~75ms total — negligible, but it also eliminates the theoretical TOCTOU race between the two calls. Consider as a follow-up micro-optimization.
hurui200320 reviewed 2026-03-12 12:44:07 +00:00
hurui200320 left a comment
Copy link

Bug Detection Review — PR #727

Summary

I read all five files referenced in the PR description plus the surrounding context. The change replaces return _original_init_or_upgrade(self, **kwargs) with return on line 222 of features/environment.py, inside the _fast_init_or_upgrade() monkey-patch. This means that when a test DB file already exists and is non-empty, the patched function now silently returns instead of delegating to the real Alembic migration runner.

Overall assessment: No critical or high-severity bugs found. The change is safe for its intended purpose. One low-severity behavioral regression and two pre-existing issues are worth noting.

Finding 1 — Loss of stale-template migration safety net (Introduced by this PR)

File: features/environment.py:221-222
Severity: Low

Description:
Previously, when init_or_upgrade was called on a DB that already exists and is non-empty (e.g. a second init_or_upgrade call on a DB that was already set up by the template copy earlier in the same scenario), the old code delegated to the original _original_init_or_upgrade, which would:

  1. Create an engine
  2. Check for pending Alembic migrations
  3. Apply them if found

The new code returns immediately, removing this "second-chance" migration check.

When this matters: Only if the cached template DB (build/.template-migrated.db) is from a previous schema version (new Alembic migrations were added but the template was not rebuilt). In that case, the old code could detect and apply pending migrations on the second init_or_upgrade call for the same file. The new code will not.

Why this is Low severity:

  • The first call (which copies the template) never ran migrations in either the old or new code — the function returns after shutil.copy2 without calling the original.
  • The "second call" scenario requires: (a) a stale template, (b) multiple init_or_upgrade calls on the same file in the same scenario.
  • The template is created fresh during before_all() via _ensure_template_db(), so staleness only occurs in unusual local developer workflows.
  • A stale template would cause immediate, obvious test failures (missing table errors), not silent data corruption.

Recommendation: Consider adding a freshness check to _ensure_template_db() — e.g. compare the template's Alembic head stamp against the current Alembic head revision. If they differ, recreate the template. This would be a more robust fix than relying on the migration runner as a second-chance safety net.

Finding 2 — Stale cached template reuse in _ensure_template_db() (Pre-existing, NOT introduced by this PR)

File: features/environment.py:141-143
Severity: Low

Description:

if template_path.is_file():
    os.environ["CLEVERAGENTS_TEMPLATE_DB"] = str(template_path.resolve())
    return

The cached template in build/.template-migrated.db is reused without verifying it matches the current schema. If a developer adds new migrations between test runs without deleting the cache, all tests will use a stale template.

This affects both old and new code equally, but Finding 1 means the new code has one less layer of defense.

Recommendation: Same as Finding 1 — validate the template's Alembic stamp at reuse time.

Finding 3 — Return value correctness: Confirmed safe

init_or_upgrade is typed as -> None (migration_runner.py:193). Both the old return _original_init_or_upgrade(self, **kwargs) and the new return evaluate to None. No callers depend on a return value. The _database_initialized = True flag in unit_of_work.py:147 is set after init_or_upgrade returns, so it is correctly set in both old and new code.

Finding 4 — Prefix guard correctness: Confirmed safe

The _SCENARIO_DB_PREFIXES tuple at line 181 includes "db.", which matches db.sqlite from cli_plan_context_commands_steps.py:98. This is correct — db.sqlite is a test-generated DB that should use the fast path.

The migration_runner unit tests use URLs like sqlite:///:memory:, postgresql://..., or sqlite:///tmp/test-db/mydb.db — none of which match the prefix filter. So the patch correctly does NOT intercept migration_runner tests.

Finding 5 — No race conditions in template copy logic

  • db_path.parent.mkdir(parents=True, exist_ok=True) (line 225) is safe for concurrent use.
  • shutil.copy2 (line 226) is not atomic, but each scenario/process gets unique DB paths via tempfile.mktemp(), so concurrent copies to the same destination don't occur.
  • The db_path.exists() and db_path.stat().st_size > 0 check (line 221) has a TOCTOU window, but this is benign in the test environment since no other process is racing to create the same temp file.

Finding 6 — No regression risk to production code

The monkey-patch in _install_template_db_patch() is only installed during before_all() in Behave tests. It modifies MigrationRunner.init_or_upgrade only within the test process. Production code is unaffected.

Verdict

No critical or high-severity bugs. The change is a safe optimization for its stated goal (eliminating redundant engine creation and SQLite lock contention in parallel test runs). The one low-severity finding (loss of stale-template safety net) is a minor reduction in defense-in-depth that could be addressed independently by adding template freshness validation to _ensure_template_db().

## Bug Detection Review — PR #727 ### Summary I read all five files referenced in the PR description plus the surrounding context. The change replaces `return _original_init_or_upgrade(self, **kwargs)` with `return` on line 222 of `features/environment.py`, inside the `_fast_init_or_upgrade()` monkey-patch. This means that when a test DB file already exists and is non-empty, the patched function now silently returns instead of delegating to the real Alembic migration runner. **Overall assessment: No critical or high-severity bugs found.** The change is safe for its intended purpose. One low-severity behavioral regression and two pre-existing issues are worth noting. --- ### Finding 1 — Loss of stale-template migration safety net (Introduced by this PR) **File:** `features/environment.py:221-222` **Severity:** Low **Description:** Previously, when `init_or_upgrade` was called on a DB that already exists and is non-empty (e.g. a second `init_or_upgrade` call on a DB that was already set up by the template copy earlier in the same scenario), the old code delegated to the original `_original_init_or_upgrade`, which would: 1. Create an engine 2. Check for pending Alembic migrations 3. Apply them if found The new code returns immediately, removing this "second-chance" migration check. **When this matters:** Only if the cached template DB (`build/.template-migrated.db`) is from a previous schema version (new Alembic migrations were added but the template was not rebuilt). In that case, the old code could detect and apply pending migrations on the second `init_or_upgrade` call for the same file. The new code will not. **Why this is Low severity:** - The first call (which copies the template) **never** ran migrations in either the old or new code — the function returns after `shutil.copy2` without calling the original. - The "second call" scenario requires: (a) a stale template, (b) multiple `init_or_upgrade` calls on the same file in the same scenario. - The template is created fresh during `before_all()` via `_ensure_template_db()`, so staleness only occurs in unusual local developer workflows. - A stale template would cause immediate, obvious test failures (missing table errors), not silent data corruption. **Recommendation:** Consider adding a freshness check to `_ensure_template_db()` — e.g. compare the template's Alembic `head` stamp against the current Alembic head revision. If they differ, recreate the template. This would be a more robust fix than relying on the migration runner as a second-chance safety net. --- ### Finding 2 — Stale cached template reuse in `_ensure_template_db()` (Pre-existing, NOT introduced by this PR) **File:** `features/environment.py:141-143` **Severity:** Low **Description:** ```python if template_path.is_file(): os.environ["CLEVERAGENTS_TEMPLATE_DB"] = str(template_path.resolve()) return ``` The cached template in `build/.template-migrated.db` is reused without verifying it matches the current schema. If a developer adds new migrations between test runs without deleting the cache, all tests will use a stale template. This affects both old and new code equally, but Finding 1 means the new code has one less layer of defense. **Recommendation:** Same as Finding 1 — validate the template's Alembic stamp at reuse time. --- ### Finding 3 — Return value correctness: Confirmed safe `init_or_upgrade` is typed as `-> None` (`migration_runner.py:193`). Both the old `return _original_init_or_upgrade(self, **kwargs)` and the new `return` evaluate to `None`. No callers depend on a return value. The `_database_initialized = True` flag in `unit_of_work.py:147` is set *after* `init_or_upgrade` returns, so it is correctly set in both old and new code. --- ### Finding 4 — Prefix guard correctness: Confirmed safe The `_SCENARIO_DB_PREFIXES` tuple at line 181 includes `"db."`, which matches `db.sqlite` from `cli_plan_context_commands_steps.py:98`. This is correct — `db.sqlite` is a test-generated DB that should use the fast path. The migration_runner unit tests use URLs like `sqlite:///:memory:`, `postgresql://...`, or `sqlite:///tmp/test-db/mydb.db` — none of which match the prefix filter. So the patch correctly does NOT intercept migration_runner tests. --- ### Finding 5 — No race conditions in template copy logic - `db_path.parent.mkdir(parents=True, exist_ok=True)` (line 225) is safe for concurrent use. - `shutil.copy2` (line 226) is not atomic, but each scenario/process gets unique DB paths via `tempfile.mktemp()`, so concurrent copies to the same destination don't occur. - The `db_path.exists() and db_path.stat().st_size > 0` check (line 221) has a TOCTOU window, but this is benign in the test environment since no other process is racing to create the same temp file. --- ### Finding 6 — No regression risk to production code The monkey-patch in `_install_template_db_patch()` is only installed during `before_all()` in Behave tests. It modifies `MigrationRunner.init_or_upgrade` only within the test process. Production code is unaffected. --- ### Verdict **No critical or high-severity bugs.** The change is a safe optimization for its stated goal (eliminating redundant engine creation and SQLite lock contention in parallel test runs). The one low-severity finding (loss of stale-template safety net) is a minor reduction in defense-in-depth that could be addressed independently by adding template freshness validation to `_ensure_template_db()`.
features/environment.py
hurui200320 commented 2026-03-12 12:44:07 +00:00
Member
Copy link

Bug Detection — Finding 2 (Low, pre-existing): The cached template is reused without validating that its Alembic revision stamp matches the current head. If a developer adds new migrations between test runs without deleting build/.template-migrated.db, all tests silently use the stale schema.

This is pre-existing and not introduced by this PR, but Finding 1 removes one layer of defense that previously (partially) mitigated it.

**Bug Detection — Finding 2 (Low, pre-existing):** The cached template is reused without validating that its Alembic revision stamp matches the current head. If a developer adds new migrations between test runs without deleting `build/.template-migrated.db`, all tests silently use the stale schema. This is pre-existing and not introduced by this PR, but Finding 1 removes one layer of defense that previously (partially) mitigated it.
features/environment.py
@ -216,2 +220,3 @@
# causes intermittent hangs in parallel test runs.
if db_path.exists() and db_path.stat().st_size > 0:
return _original_init_or_upgrade(self, **kwargs)
return
hurui200320 commented 2026-03-12 12:44:07 +00:00
Member
Copy link

Bug Detection — Finding 1 (Low): Replacing _original_init_or_upgrade(self, **kwargs) with a bare return removes the safety net that would catch a stale template DB on subsequent init_or_upgrade calls within the same scenario.

When this matters: Only if build/.template-migrated.db was cached from a previous schema version (developer adds migrations but doesn't rebuild template). The original code would have detected pending migrations on the second call and applied them.

Why Low severity: The first call (which copies the template at line 226) never ran the original migration runner in either version — so this safety net was always incomplete. A stale template would cause immediate test failures, not silent data corruption.

Suggestion: Consider adding a freshness check in _ensure_template_db() (e.g. compare the template's Alembic stamp against ScriptDirectory.get_current_head()) to proactively detect stale templates, rather than relying on the migration runner as a fallback.

**Bug Detection — Finding 1 (Low):** Replacing `_original_init_or_upgrade(self, **kwargs)` with a bare `return` removes the safety net that would catch a stale template DB on subsequent `init_or_upgrade` calls within the same scenario. **When this matters:** Only if `build/.template-migrated.db` was cached from a previous schema version (developer adds migrations but doesn't rebuild template). The original code would have detected pending migrations on the second call and applied them. **Why Low severity:** The first call (which copies the template at line 226) never ran the original migration runner in either version — so this safety net was always incomplete. A stale template would cause immediate test failures, not silent data corruption. **Suggestion:** Consider adding a freshness check in `_ensure_template_db()` (e.g. compare the template's Alembic stamp against `ScriptDirectory.get_current_head()`) to proactively detect stale templates, rather than relying on the migration runner as a fallback.
hurui200320 approved these changes 2026-03-12 12:46:32 +00:00
hurui200320 left a comment
Copy link

Code Review — PR #727

Verdict: APPROVED

The change is correct, minimal, well-scoped, and satisfies all ticket #726 acceptance criteria. No bugs, no security issues, no regressions. Performance claims are verified. Approving with findings noted below.

Findings Requiring Action on This PR

1. Missing Milestone — High

CONTRIBUTING.md requires every PR to be assigned the same milestone as its linked issue. Issue #726 is on milestone v3.2.0, but this PR has no milestone.
Action: Assign this PR to milestone v3.2.0.

2. No Direct Test for the New Early-Return Behavior — Medium

File: features/environment.py:221-222

The PR's behavioral change (skip Alembic for existing non-empty databases) is not directly tested by any scenario. The 15 scenarios pass because of the change (no more hangs), but none verify the early-return logic explicitly. A search for _fast_init_or_upgrade across all .feature files returns zero matches.

Recommendation: Consider a follow-up ticket to add a scenario that creates a non-empty DB, calls _fast_init_or_upgrade, and asserts _original_init_or_upgrade is NOT invoked. Not blocking since this is test infrastructure excluded from coverage measurement.

3. No Changelog Update — Medium

CONTRIBUTING.md requires PRs to include a changelog update. No changelog file exists in the repository — this may be a project-wide gap rather than specific to this PR.
Action: Clarify whether the project maintains a changelog. If so, add an entry.

4. Stale Labels — Low

Both the PR and issue carry Needs feedback. If the PR is ready for review, this is misleading. The PR also carries State/Verified — the issue correctly has State/In Review.
Action: Remove Needs feedback if no questions remain; correct State/Verified on the PR.

Pre-Existing Issues (Not Introduced by This PR)

Worth tracking as separate tickets:

5. Vacuous Assertions in Step Definitions — High (pre-existing)

File: features/steps/cli_plan_context_commands_steps.py

Six @then step definitions contain assertions guarded by conditions that silently pass when false, or have pass as their body:

  • Lines 464-470 (step_plan_has_changes): passes if file doesn't exist
  • Lines 473-484 (step_changes_in_database): tautological assertion in else branch
  • Lines 493-499 (step_changes_marked_applied): passes if no file
  • Lines 590-595 (step_equivalent_command): body is pass
  • Lines 414-421 (step_project_named): body is pass
  • Lines 302-307 (step_plan_has_conversation): body is pass

Recommendation: Implement real assertions or mark as pending.

6. Dead after_scenario Hooks in Step Files — Medium (pre-existing)

Files: features/steps/cli_plan_context_commands_steps.py:599-613, features/steps/cli_plan_context_steps.py:129-138

Both files define after_scenario() functions, but Behave only invokes hooks from environment.py. These are dead code — the cleanup they perform is silently skipped.

7. Deprecated tempfile.mktemp() Usage — Medium (pre-existing)

File: features/environment.py:48, 52, 292 (and ~16 other call sites)

tempfile.mktemp() is deprecated due to TOCTOU race conditions. In parallel test runs with fork, this creates a non-zero risk of path collisions.
Recommendation: Replace with tempfile.mkstemp() + os.close(fd).

8. Stale Template DB Detection — Low (pre-existing)

File: features/environment.py (_ensure_template_db())

The template DB is reused without checking its Alembic revision. If schema changes are made but the template isn't regenerated, all tests silently use a stale schema.
Recommendation: Add a freshness check comparing the template's Alembic stamp against the current head revision.

9. Both DB URLs Point to Same File — Low (pre-existing)

File: features/steps/cli_plan_context_commands_steps.py:96-100

Both CLEVERAGENTS_DATABASE_URL and CLEVERAGENTS_TEST_DATABASE_URL are set to the same SQLite file, which could mask bugs where the production vs. test URL selection matters.

Verification Summary

Area Result
Bug detection No bugs found — early return is safe (template DBs at HEAD, _SCENARIO_DB_PREFIXES guard intact)
Security No blockers — test-only change, no new attack surface
Performance All 4 claims confirmed (redundant Alembic checks, SQLite contention, retry overhead, CI failures)
Requirements All ticket acceptance criteria and DoD met
Spec alignment Consistent with documented architecture
Commit format Conventional Changelog compliant, single atomic commit

Minor performance notes (non-blocking): db_path.exists() + db_path.stat() could be consolidated into one os.stat() try/except; shutil.copy2 could be shutil.copyfile since metadata preservation is unnecessary for test DBs.

# Code Review — PR #727 **Verdict: APPROVED** The change is correct, minimal, well-scoped, and satisfies all ticket #726 acceptance criteria. No bugs, no security issues, no regressions. Performance claims are verified. Approving with findings noted below. --- ## Findings Requiring Action on This PR ### 1. Missing Milestone — High CONTRIBUTING.md requires every PR to be assigned the same milestone as its linked issue. Issue #726 is on milestone `v3.2.0`, but this PR has no milestone. **Action:** Assign this PR to milestone `v3.2.0`. ### 2. No Direct Test for the New Early-Return Behavior — Medium **File:** `features/environment.py:221-222` The PR's behavioral change (skip Alembic for existing non-empty databases) is not directly tested by any scenario. The 15 scenarios pass *because of* the change (no more hangs), but none *verify* the early-return logic explicitly. A search for `_fast_init_or_upgrade` across all `.feature` files returns zero matches. **Recommendation:** Consider a follow-up ticket to add a scenario that creates a non-empty DB, calls `_fast_init_or_upgrade`, and asserts `_original_init_or_upgrade` is NOT invoked. Not blocking since this is test infrastructure excluded from coverage measurement. ### 3. No Changelog Update — Medium CONTRIBUTING.md requires PRs to include a changelog update. No changelog file exists in the repository — this may be a project-wide gap rather than specific to this PR. **Action:** Clarify whether the project maintains a changelog. If so, add an entry. ### 4. Stale Labels — Low Both the PR and issue carry `Needs feedback`. If the PR is ready for review, this is misleading. The PR also carries `State/Verified` — the issue correctly has `State/In Review`. **Action:** Remove `Needs feedback` if no questions remain; correct `State/Verified` on the PR. --- ## Pre-Existing Issues (Not Introduced by This PR) Worth tracking as separate tickets: ### 5. Vacuous Assertions in Step Definitions — High (pre-existing) **File:** `features/steps/cli_plan_context_commands_steps.py` Six `@then` step definitions contain assertions guarded by conditions that silently pass when false, or have `pass` as their body: - Lines 464-470 (`step_plan_has_changes`): passes if file doesn't exist - Lines 473-484 (`step_changes_in_database`): tautological assertion in else branch - Lines 493-499 (`step_changes_marked_applied`): passes if no file - Lines 590-595 (`step_equivalent_command`): body is `pass` - Lines 414-421 (`step_project_named`): body is `pass` - Lines 302-307 (`step_plan_has_conversation`): body is `pass` **Recommendation:** Implement real assertions or mark as `pending`. ### 6. Dead `after_scenario` Hooks in Step Files — Medium (pre-existing) **Files:** `features/steps/cli_plan_context_commands_steps.py:599-613`, `features/steps/cli_plan_context_steps.py:129-138` Both files define `after_scenario()` functions, but Behave only invokes hooks from `environment.py`. These are dead code — the cleanup they perform is silently skipped. ### 7. Deprecated `tempfile.mktemp()` Usage — Medium (pre-existing) **File:** `features/environment.py:48, 52, 292` (and ~16 other call sites) `tempfile.mktemp()` is deprecated due to TOCTOU race conditions. In parallel test runs with fork, this creates a non-zero risk of path collisions. **Recommendation:** Replace with `tempfile.mkstemp()` + `os.close(fd)`. ### 8. Stale Template DB Detection — Low (pre-existing) **File:** `features/environment.py` (`_ensure_template_db()`) The template DB is reused without checking its Alembic revision. If schema changes are made but the template isn't regenerated, all tests silently use a stale schema. **Recommendation:** Add a freshness check comparing the template's Alembic stamp against the current head revision. ### 9. Both DB URLs Point to Same File — Low (pre-existing) **File:** `features/steps/cli_plan_context_commands_steps.py:96-100` Both `CLEVERAGENTS_DATABASE_URL` and `CLEVERAGENTS_TEST_DATABASE_URL` are set to the same SQLite file, which could mask bugs where the production vs. test URL selection matters. --- ## Verification Summary | Area | Result | |------|--------| | Bug detection | No bugs found — early return is safe (template DBs at HEAD, `_SCENARIO_DB_PREFIXES` guard intact) | | Security | No blockers — test-only change, no new attack surface | | Performance | All 4 claims confirmed (redundant Alembic checks, SQLite contention, retry overhead, CI failures) | | Requirements | All ticket acceptance criteria and DoD met | | Spec alignment | Consistent with documented architecture | | Commit format | Conventional Changelog compliant, single atomic commit | Minor performance notes (non-blocking): `db_path.exists()` + `db_path.stat()` could be consolidated into one `os.stat()` try/except; `shutil.copy2` could be `shutil.copyfile` since metadata preservation is unnecessary for test DBs.
features/environment.py
@ -218,3 +222,4 @@
return
# Copy the template — creates a fully-migrated DB in ~1ms
db_path.parent.mkdir(parents=True, exist_ok=True)
hurui200320 commented 2026-03-12 12:46:32 +00:00
Member
Copy link

Consider shutil.copyfile() instead of shutil.copy2() here — metadata preservation (timestamps, permissions) is unnecessary for ephemeral test databases and copyfile is marginally faster. Not blocking.

Consider `shutil.copyfile()` instead of `shutil.copy2()` here — metadata preservation (timestamps, permissions) is unnecessary for ephemeral test databases and `copyfile` is marginally faster. Not blocking.
features/environment.py
@ -216,1 +218,4 @@
# fully migrated. Skipping the Alembic check avoids redundant engine
# creation, SQLite lock contention, and the cumulative overhead that
# causes intermittent hangs in parallel test runs.
if db_path.exists() and db_path.stat().st_size > 0:
hurui200320 commented 2026-03-12 12:46:32 +00:00
Member
Copy link

The early return here is correct and safe — existing non-empty DBs are either template-copied (already at Alembic HEAD) or created by a prior step that already ran the full migration. The _SCENARIO_DB_PREFIXES guard above ensures non-scenario DBs still go through the original path.

Minor suggestion: db_path.exists() followed by db_path.stat().st_size is two syscalls. Could consolidate to:

try:
    if os.stat(db_path).st_size > 0:
        return
except FileNotFoundError:
    pass

Not blocking — purely a micro-optimization.

The early return here is correct and safe — existing non-empty DBs are either template-copied (already at Alembic HEAD) or created by a prior step that already ran the full migration. The `_SCENARIO_DB_PREFIXES` guard above ensures non-scenario DBs still go through the original path. Minor suggestion: `db_path.exists()` followed by `db_path.stat().st_size` is two syscalls. Could consolidate to: ```python try: if os.stat(db_path).st_size > 0: return except FileNotFoundError: pass ``` Not blocking — purely a micro-optimization.
CoreRasurae added this to the v3.2.0 milestone 2026-03-12 13:07:17 +00:00
CoreRasurae deleted branch fix/test-db-performance-regression 2026-03-12 13:20:14 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
hurui200320
Labels
Clear labels   
auto/needs-reevaluation
Controller deferred this PR; awaiting Phase 6+ scope-evaluator or operator re-enablement.

  
controller-managed
Auto-agents controller manages this PR/issue (see tools/controller/deploy/RUNBOOK.md). Remove this label to abandon controller management.

  
auto/blocked-by-deps
PR blocked by an open issue dependency. Operator must close the dep (or remove the dependency link) before the merge driver can act. Auto-cleared by merge_drive when no open deps remain.

  
auto/ci-timeout
Most recent merge cycle hit CI timeout. Driver excludes this PR while last merge_cycle row is < 30 min old; label persists thereafter as visible history.

  
auto/claimed-implementer
Currently being processed by an implementer worker.

  
auto/claimed-merge
Currently being processed by the merge driver.

  
auto/claimed-reviewer
Currently being processed by a reviewer worker.

  
auto/driver-down
Merge driver heartbeat stale; pipeline halted. Closed automatically on next clean tick.

  
auto/invariant-violation
Detected master commit violating the strict merge invariant. Tracked as an issue (not a PR label); kept here for label completeness.

  
auto/last-attempt-tier-0
In-cycle escalation: most recent attempt ran at the Tier 0 slot (`tier-0`). Slot's model defined in .opencode/models/tiers.yaml.

  
auto/last-attempt-tier-1
In-cycle escalation: most recent attempt ran at the Tier 1 slot (`tier-1`). Slot's model defined in .opencode/models/tiers.yaml.

  
auto/last-attempt-tier-2
In-cycle escalation: most recent attempt ran at the Tier 2 slot (`tier-2`). Slot's model defined in .opencode/models/tiers.yaml. Gated behind IMPLEMENTER_ESCALATION_TIER2_ENABLED.

  
auto/last-attempt-tier-min
In-cycle escalation: most recent attempt ran at the Tier -1 slot (`tier-min`). Slot's model defined in .opencode/models/tiers.yaml. Suffix is ``-min`` (not ``--1``) so the Forgejo UI reads naturally.

  
Automation Tracking
Tracking issues used by the AI Automation system for agents to communicate and report.

  
auto/needs-conflict-resolution
Rebase conflict needs LLM conflict-resolver.

  
auto/needs-implementer
Failing CI needs implementer attention.

  
auto/postmortem
Documenting a driver incident or rollback.

  
auto/ready-to-merge
Reviewer has APPROVED this PR and no later REQUEST_CHANGES is outstanding. The merge driver requires this label to even consider a PR for merging. Set by the reviewer worker on APPROVE; cleared on REQUEST_CHANGES.

  
auto/restart-throttled
Train repeatedly lost master-tempo races. Driver excludes via merge_cycle until cooldown elapses; label persists as visible history.

  
auto/revert
Revert PR backing out an invariant violation. Fast-tracked through the merge driver.

  
auto/sentinel
Sentinel PR duplicated from upstream into a personal fork by tools/duplicate_prs_to_fork.py for pipeline testing. Lives only in the fork; the canonical pipeline never sees it.

  
auto/stale-inactivity
No implementer activity for N days. Flagged for human review. Auto-cleared on next push to head branch.

  
auto/unstable
Repeatedly fails on current master (>= 3 ci-fail-on-rebased-sha releases in 12 h). Excluded from driver until human triage.

  
Blocked
A ticket in a blocked state and unable to complete until some other task is completed first.

  
Bounty
$100
 A bounty of $100 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$1000
 A bounty of $1000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$10000
 A bounty of $10000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$20
 A bounty of $20 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$2000
 A bounty of $2000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$250
 A bounty of $250 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$50
 A bounty of $50 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$500
 A bounty of $500 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$5000
 A bounty of $5000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$750
 A bounty of $750 for any open-source contributor who provides a MR that solves this issue

  
MoSCoW
Could have
 Could have feature in order to satisfy the epic/legendary.

  
MoSCoW
Must have
 Must have feature in order to satisfy the epic/legendary.

  
MoSCoW
Should have
 Should have feature in order to satisfy the epic/legendary.

  
Needs Feedback
There are questions in the ticket that can not be completed until the project owner provides clarity.

  
Points
1
 1 man-hours worth of work for an expert with no learning curve.

  
Points
13
 13 man-hours worth of work for an expert with no learning curve.

  
Points
2
 2 man-hours worth of work for an expert with no learning curve.

  
Points
21
 21 man-hours worth of work for an expert with no learning curve.

  
Points
3
 3 man-hours worth of work for an expert with no learning curve.

  
Points
34
 34 man-hours worth of work for an expert with no learning curve.

  
Points
5
 5 man-hours worth of work for an expert with no learning curve.

  
Points
55
 55 man-hours worth of work for an expert with no learning curve.

  
Points
8
 8 man-hours worth of work for an expert with no learning curve.

  
Points
88
 88 man-hours worth of work for an expert with no learning curve.

  
Priority
Backlog
 This ticket has backlogged priority and is not to be worked on yet

  
Priority
CI Blocker
 Critical priority issue that blocks CI/CD pipeline and prevents PR merges

  
Priority
Critical
 The priority is critical

  
Priority
High
 The priority is high

  
Priority
Low
 The priority is low

  
Priority
Medium
 The priority is medium

  
Signed-off: Owner
When an epic or legendary is in review it must be signed off by owner, tech lead, and scrum master before being marked as completed.

  
Signed-off: Scrum Master
When an epic or legendary is in review it must be signed off by owner, tech lead, and scrum master before being marked as completed.

  
Signed-off: Tech Lead
When an epic or legendary is in review it must be signed off by owner, tech lead, and scrum master before being marked as completed.

  
Spike
A ticket for learning a tool or technology that is needed to be able to do future planning and design.

  
State
Completed
 The ticket has been fully implemented, completed, and merged with the source code. This label should only be applied once a ticket is closed.

  
State
Duplicate
 A ticket that represents the same content as an existing ticket.

  
State
In Progress
 A ticket that is actively being developed.

  
State
In Review
 A ticket that has had some code completed to implement but is waiting to pass peer review and is not yet merged in.

  
State
Paused
 This ticket's work started but wasn't finished. It's on hold (likely in a feature branch) and will be resumed later, either due to a blocker or a delay.

  
State
Unverified
 All new tickets start in this state. A developer may set it to show the ticket is unverified. This means we haven't agreed to work on it. It will either move to a verified state or be closed as wontdo.

  
State
Verified
 The issue has been verified by a developer as legitimate. It will be worked on and verified tickets are now considered part of the backlog.

  
State
Wont Do
 This ticket has been decided it wont be done. This may mean the bug has been determined to not be real (cant verify) or the feature is one we have decided we dont want to adopt.

  
Type
Automation
 Any edits or discussion about the AI automated coding system.

  
Type
Bug
 Something that doesnt work as intended.

  
Type
Discussion
 Anytime a ticket represents a discussion about a subject and doesnt fall into one of the other categories.

  
Type
Documentation
 An error or improvement needed in the documentation.

  
Type
Epic
 Any first tier epic. That is, an epic which contains only issues as children and will not have sub-epics.

  
Type
Feature
 Some new functionality not present.

  
Type
Legendary
 A type of Epic which will contain other Epics.

  
Type
Refactor
 A code change that restructures existing code without changing its external behavior.

  
Type
Support
 Someone needs help using the project.

  
Type
Task
 A generic task that doesnt fit into the other type categories.

  
Type
Testing
 Work exclusively focusing on fixing or expanding testing.

No labels
auto/needs-reevaluation
controller-managed
auto/blocked-by-deps
auto/ci-timeout
auto/claimed-implementer
auto/claimed-merge
auto/claimed-reviewer
auto/driver-down
auto/invariant-violation
auto/last-attempt-tier-0
auto/last-attempt-tier-1
auto/last-attempt-tier-2
auto/last-attempt-tier-min
Automation Tracking
auto/needs-conflict-resolution
auto/needs-implementer
auto/postmortem
auto/ready-to-merge
auto/restart-throttled
auto/revert
auto/sentinel
auto/stale-inactivity
auto/unstable
Blocked
Bounty
$100
Bounty
$1000
Bounty
$10000
Bounty
$20
Bounty
$2000
Bounty
$250
Bounty
$50
Bounty
$500
Bounty
$5000
Bounty
$750
MoSCoW
Could have
MoSCoW
Must have
MoSCoW
Should have
Needs Feedback
Points
1
Points
13
Points
2
Points
21
Points
3
Points
34
Points
5
Points
55
Points
8
Points
88
Priority
Backlog
Priority
CI Blocker
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Signed-off: Owner
Signed-off: Scrum Master
Signed-off: Tech Lead
Spike
State
Completed
State
Duplicate
State
In Progress
State
In Review
State
Paused
State
Unverified
State
Verified
State
Wont Do
Type
Automation
Type
Bug
Type
Discussion
Type
Documentation
Type
Epic
Type
Feature
Type
Legendary
Type
Refactor
Type
Support
Type
Task
Type
Testing
Milestone
Clear milestone
No items
No milestone
v3.2.0
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
CoreRasurae
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
cleveragents/cleveragents-core!727
No description provided.