audit: add optional WSDL field gate (#239)#248
Conversation
|
@claude review. Focus on critical issues: bugs, security vulnerabilities, logical errors, data loss risks, performance problems, stale audit links, and false closure of #239. Do NOT nitpick style, naming conventions, minor formatting, or subjective preferences — only flag issues that could break functionality, make the optional-field audit misleading, or cause real harm in production. |
|
Claude finished @axisrow's task in 4m 54s —— View job Claude Code Review — PR #248Todo
SummaryThis is a well-scoped, soft-gate audit. No bugs, security issues, data‑loss risks, or production hazards found. The changes are read-only (audit + tests + docs) and cannot affect any mutating CLI path. Below are a few real risks that could make the audit misleading over time, plus one minor non-issue. Critical-ish findings1.
In reality there is only one 2. return f"[{issue}](https://github.com/axisrow/direct-cli/issues/{issue[1:]})"If the repo is ever renamed/transferred, every 3. Soft cache fallback to live WSDL inside the audit gate. Minor / non-blocking4. 5. 6. Determinism of 7. Hard-gate coverage of nested required fields is still missing, e.g. #239 closureThe PR description claims Things I checked and found no issue with
· Branch: |
There was a problem hiding this comment.
Pull request overview
Adds a soft “optional WSDL field” visibility gate to the existing WSDL parity tooling so minOccurs=0 and nested item fields are enumerated, snapshotted, and tracked via follow-up issues instead of being silently skipped.
Changes:
- Add recursive WSDL item-field traversal (
iter_container_item_fields) and cache-only WSDL/XSD readers for offline parity gates. - Introduce
scripts/build_wsdl_optional_field_audit.pyto generate/checktests/WSDL_OPTIONAL_FIELD_AUDIT.mdand fail on any unclassified row. - Extend
tests/test_wsdl_parity_gate.pywith optional-field audit registries/mappings plus tests that validate audit entries, Click option references, cache-only imports, and snapshot freshness.
Reviewed changes
Copilot reviewed 5 out of 6 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/test_wsdl_parity_gate.py | Adds optional-field audit registries and new tests to validate audit correctness, cache-only behavior, and report freshness. |
| scripts/build_wsdl_optional_field_audit.py | New script to build/check the optional-field audit markdown snapshot and enforce “no unclassified rows”. |
| direct_cli/wsdl_coverage.py | Adds cache-only WSDL/XSD fetch helpers and a recursive item-field traversal helper used by the audit. |
| CLAUDE.md | Documents the new optional-field soft gate as part of the WSDL parity gate description. |
| CHANGELOG.md | Notes the addition of the optional-field audit in 0.3.12. |
| 2. *Silent data loss* — a typed flag that does not belong to the chosen `--type` must raise `UsageError`, not be dropped. | ||
| 3. *WSDL `minOccurs=1` not validated* — every required WSDL item field must be enforced either via Click `required=True` *or* a documented `UsageError` body check (listed in `INTERNAL_VALIDATION`). | ||
| 4. *Strategy enum drift* — `STRATEGY_TYPES` (`direct_cli/commands/strategies.py`) must equal the subtype-of-one field names in `StrategyAddItem`. | ||
| 5. *Optional-field visibility* — `scripts/build_wsdl_optional_field_audit.py --check` compares cached WSDL item fields (including `minOccurs=0`, nested to depth 2) with `tests/WSDL_OPTIONAL_FIELD_AUDIT.md`. Confirmed misses stay soft-gated as `missing_followup` rows linked to GitHub issues; they do not fail CI as missing CLI flags until implemented. |
| - WSDL parity now includes a soft optional-field audit for issue #239. | ||
| `scripts/build_wsdl_optional_field_audit.py --check` regenerates and | ||
| compares `tests/WSDL_OPTIONAL_FIELD_AUDIT.md`, covering cached mutating | ||
| WSDL item fields through nesting depth 2. Confirmed `minOccurs=0` |
Summary
Closes #239.
Follow-up issues filed
Test plan
Notes
A full black --check direct_cli tests scripts still reports pre-existing formatting drift in unrelated vendor/legacy files. This PR formats only the files it changes.