[spark-compete] fix: redact SPARK_HOME path from purge safety error message#1421
Open
Esc1200 wants to merge 1 commit into
Open
[spark-compete] fix: redact SPARK_HOME path from purge safety error message#1421Esc1200 wants to merge 1 commit into
Esc1200 wants to merge 1 commit into
Conversation
…essage safe_spark_home_for_purge leaked the resolved internal SPARK_HOME path in its SystemExit message. Replace the f-string with a generic message that preserves the safety intent without disclosing the filesystem layout.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
spark-compete-hotfix-v1
packet: spark-compete-hotfix-v1
team: drophub_sir (esc1200, drophub_sir, spark-agent)
pr_author: Esc1200
repo: vibeforge1111/spark-cli
owner_surface: spark-cli
actual_behavior
safe_spark_home_for_purgeincli.pyline 973 raisesSystemExit(f"Refusing to purge unsafe Spark home path: {resolved}")which includes the fully resolved internal SPARK_HOME filesystem path in the error message. This leaks the user's home directory layout and internal Spark installation path to stderr.expected_behavior
The error message should indicate that the purge was refused because the configured Spark home resolves to a system-critical directory, without disclosing the actual filesystem path.
repro_steps
spark setup --purgeor any command that triggerssafe_spark_home_for_purge.Refusing to purge unsafe Spark home path: /home/user.before_after_proof
Before:
raise SystemExit(f"Refusing to purge unsafe Spark home path: {resolved}")leaks the full resolved SPARK_HOME path.After:
raise SystemExit("Refusing to purge unsafe Spark home path. The configured Spark home resolves to a system-critical directory.")uses a generic message with no path disclosure.tests_or_smoke
Verified via git diff that the single-line change replaces the path-leaking f-string with a generic message. Python syntax check passed (lint OK). No new imports required. No control flow change.
duplicate_notes
Searched open PRs and branches for a similar fix to
safe_spark_home_for_purgepath leak. Related path-leak PRs exist for other surfaces (secret-path-leak, manifest-path-leak, error-explain-path-leak) but none address this specific purge safety error message.risk_notes
Very low risk. The only change is replacing an f-string error message with a static string. The exception is still raised with the same type (SystemExit). No control flow change. No new imports required.
review_claim
impact_claim: medium
evidence_types: git_diff, lint_check
review_state_requested: pr_review