codeant-ai-for-open-source[bot] commented on code in PR #35009:
URL: https://github.com/apache/superset/pull/35009#discussion_r2622626077
##########
superset/jinja_context.py:
##########
@@ -768,6 +775,14 @@ def process_template(self, sql: str, **kwargs: Any) -> str:
raise SupersetTemplateException(
"Infinite recursion detected in template"
) from ex
+ except UndefinedError as ex:
+ match = re.search(r"'([^']+)'\s+is undefined", str(ex))
Review Comment:
**Suggestion:** The regex that extracts the undefined identifier from the
UndefinedError message only matches single-quoted names and will fail if the
message uses double quotes; update the regex to accept either single or double
quotes to robustly extract the identifier. [possible bug]
**Severity Level:** Critical 🚨
```suggestion
match = re.search(r'["\']([^"\']+)["\']\s+is undefined', str(ex))
```
<details>
<summary><b>Why it matters? ⭐ </b></summary>
The current pattern only matches single-quoted identifiers. Jinja's error
messages could use double quotes in some contexts/locales, so accepting either
quote character makes the extraction more robust. The suggested regex is a
straightforward, safe improvement that doesn't affect other logic.
</details>
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:** superset/jinja_context.py
**Line:** 779:779
**Comment:**
*Possible Bug: The regex that extracts the undefined identifier from
the UndefinedError message only matches single-quoted names and will fail if
the message uses double quotes; update the regex to accept either single or
double quotes to robustly extract the identifier.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
```
</details>
##########
superset/jinja_context.py:
##########
@@ -768,6 +775,14 @@ def process_template(self, sql: str, **kwargs: Any) -> str:
raise SupersetTemplateException(
"Infinite recursion detected in template"
) from ex
+ except UndefinedError as ex:
+ match = re.search(r"'([^']+)'\s+is undefined", str(ex))
+ undefined_name = match.group(1) if match else None
+ if undefined_name and re.search(
+ r"\{\{\s*" + re.escape(undefined_name) + r"\s*\(", sql
Review Comment:
**Suggestion:** The check for a function-like invocation in the template
looks only for `{{ name(` and will miss namespaced or attribute calls like `{{
namespace.name(`; broaden the pattern to allow optional namespace/attribute
prefixes (dot-separated) before the identifier so namespaced function calls are
detected correctly. [logic error]
**Severity Level:** Minor ⚠️
```suggestion
r"\{\{\s*(?:[\w\.]*\.)?" + re.escape(undefined_name) +
r"\s*\(", sql
```
<details>
<summary><b>Why it matters? ⭐ </b></summary>
The existing check only matches bare identifiers like {{ foo( ) }} and will
miss namespaced/attribute calls such as {{ ns.foo( ) }} or {{ a.b.foo( ) }}.
The proposed broader pattern that allows dot-separated prefixes before the
identifier correctly catches such cases and improves the detection of
function-like undefined names.
</details>
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:** superset/jinja_context.py
**Line:** 782:782
**Comment:**
*Logic Error: The check for a function-like invocation in the template
looks only for `{{ name(` and will miss namespaced or attribute calls like `{{
namespace.name(`; broaden the pattern to allow optional namespace/attribute
prefixes (dot-separated) before the identifier so namespaced function calls are
detected correctly.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
```
</details>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
