You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
scripts/test_sandbox_write.sh and scripts/sandbox_write_live.py hard-fail when YANDEX_DIRECT_TOKEN / YANDEX_DIRECT_LOGIN are missing from env, even when an active OAuth profile resolved via direct auth login is available. Sister script scripts/test_safe_commands.sh already supports profile fallback (test_safe_commands.sh:46–56). Same issue affects tests/test_v4_live_contracts.py::_credentials() — manual pytest -m v4_live_read silently skips for profile-only users.
Reproduce
direct auth login
direct auth status # has_token=yes, login=...unset YANDEX_DIRECT_TOKEN YANDEX_DIRECT_LOGIN
bash scripts/test_sandbox_write.sh
# → ERROR: YANDEX_DIRECT_TOKEN and YANDEX_DIRECT_LOGIN are required.
Expected
The runner should resolve credentials via direct_cli.auth.get_credentials() (which already handles profile → env → .env → vault priority) when env vars are absent, matching the behaviour of test_safe_commands.sh.
Affected files
scripts/test_sandbox_write.sh:14–17 — hard exit 1 on missing env.
scripts/sandbox_write_live.py:1471–1478 — validate_environment() duplicates the check at Python level.
tests/test_v4_live_contracts.py:17–22 — _credentials() silently pytest.skip for profile-only setups (not blocking but misleading).
Impact
Blocks one of the three documented smoke-test categories from CLAUDE.md (WRITE_SANDBOX) for OAuth-profile users.
CI is not affected — these runners are manual-only, not invoked from .github/workflows.
Fix plan
Symmetric fix at both shell and Python layers:
test_sandbox_write.sh — fallback block that calls direct auth status and injects resolved credentials into env via eval, so the Python child sees them.
sandbox_write_live.py:validate_environment() — defensive fallback to get_credentials(None, None) for direct Python invocations.
Summary
scripts/test_sandbox_write.shandscripts/sandbox_write_live.pyhard-fail whenYANDEX_DIRECT_TOKEN/YANDEX_DIRECT_LOGINare missing from env, even when an active OAuth profile resolved viadirect auth loginis available. Sister scriptscripts/test_safe_commands.shalready supports profile fallback (test_safe_commands.sh:46–56). Same issue affectstests/test_v4_live_contracts.py::_credentials()— manualpytest -m v4_live_readsilently skips for profile-only users.Reproduce
Expected
The runner should resolve credentials via
direct_cli.auth.get_credentials()(which already handles profile → env → .env → vault priority) when env vars are absent, matching the behaviour oftest_safe_commands.sh.Affected files
scripts/test_sandbox_write.sh:14–17— hardexit 1on missing env.scripts/sandbox_write_live.py:1471–1478—validate_environment()duplicates the check at Python level.tests/test_v4_live_contracts.py:17–22—_credentials()silentlypytest.skipfor profile-only setups (not blocking but misleading).Impact
CLAUDE.md(WRITE_SANDBOX) for OAuth-profile users.CI is not affected — these runners are manual-only, not invoked from
.github/workflows.Fix plan
Symmetric fix at both shell and Python layers:
test_sandbox_write.sh— fallback block that callsdirect auth statusand injects resolved credentials into env viaeval, so the Python child sees them.sandbox_write_live.py:validate_environment()— defensive fallback toget_credentials(None, None)for direct Python invocations.tests/test_v4_live_contracts.py:_credentials()— same fallback, with a self-explanatory skip message. Goes into test(v4_live): add live contracts for v4forecast, v4tags, v4wordstat #177 directly (not this PR) to avoid cross-PR conflict.Refs:
CLAUDE.md→ Dangerous Commands section (smoke matrix).