Skip to content

fix(cli): delete hard-fails on 426 guard; honest closing when --keep-data pointer save fails#170

Closed
LukasWodka wants to merge 1 commit into
developfrom
fix/164-bugbot-delete
Closed

fix(cli): delete hard-fails on 426 guard; honest closing when --keep-data pointer save fails#170
LukasWodka wants to merge 1 commit into
developfrom
fix/164-bugbot-delete

Conversation

@LukasWodka

Copy link
Copy Markdown
Contributor

Summary

Addresses the two Cursor Bugbot findings still live on develop — both raised on the develop → main promotion PR #164 (commit 6cfb99e). The other three findings on #164 were already resolved on develop: --kubeconfig/--context threading + the --keep-data pointer clear by #165, and the stale pointer after a failed wipe by #168. This closes the remaining two so a re-run of Bugbot on #164 comes back clean.

1. delete guard softened HTTP 426 (Medium) — now a hard failure

The pre-offboard online guard called lookupClientStatus, and on any error — including *api.UpgradeRequiredError (HTTP 426, CLI too old for the backend) — printed a soft "couldn't check — continuing" and proceeded into a destructive offboard. A too-old CLI can't reliably talk to tracebloc, so it now returns the upgrade signal immediately, matching how client status --wait treats 426 (client.go). --force still skips the whole guard by design; on that path the revoke call surfaces the same 426 as a hard error.

2. --keep-data save failure read as a clean offboard (High) — now flagged degraded

After a successful revoke, --keep-data clears the active-client pointer in memory, but a failing cfg.Save() only warned — the on-disk config still named the now-revoked client, and the closing line still claimed a clean offboard. It now marks the run degraded (parity with the wipe path, which already did this), so the closing message tells the truth.

Tests

  • TestDelete_Guard426_HardFails — 426 from the guard → hard *api.UpgradeRequiredError, no revoke, no teardown.
  • TestDelete_KeepData_SaveFails_HonestClosing — save-fail under --keep-data (config dir chmod'd read-only so Load works but Save can't CreateTemp) → degraded closing, warning present, no clean-success line.
  • Both verified to fail without the fix. Full internal/... suite + go vet green.

Not in scope (flagged separately)

removeSelf still deletes any sibling file named tb with only a tb != exe guard — no check that it's tracebloc's own symlink, so it can delete an unrelated ~/.local/bin/tb. Bugbot didn't flag this; I found it in the FR review. It needs a symlink/target guard mirroring install.sh plus a test rewrite, so I've kept it out of this Bugbot-scoped PR — happy to send it as a follow-up.

Targets develop per convention; #164 (develop → main) picks these up on its next re-sync.

🤖 Generated with Claude Code

…data pointer save fails

Addresses the two Cursor Bugbot findings still live on develop (raised on
the develop->main PR #164 at commit 6cfb99e). The other three findings on
#164 were already fixed on develop: --kubeconfig/--context threading and
the --keep-data pointer clear by #165, the stale pointer after a failed
wipe by #168.

1. HTTP 426 in the pre-offboard online guard is now a HARD failure.
   lookupClientStatus returning *api.UpgradeRequiredError was swallowed as
   a soft "couldn't check - continuing", proceeding into a destructive
   offboard on a CLI too old to talk to the backend. It now returns the
   upgrade signal immediately (mirrors `client status --wait`). --force
   still skips the whole guard by design; there the revoke call surfaces
   the same 426 as a hard error.

2. Under --keep-data, a failed cfg.Save() of the cleared active-client
   pointer now marks the offboard `degraded`, so the closing line no
   longer claims a clean offboard while the on-disk config still names the
   revoked client (parity with the wipe path, which already flagged it).

Tests: TestDelete_Guard426_HardFails (426 -> hard error, no revoke, no
teardown) and TestDelete_KeepData_SaveFails_HonestClosing (save-fail ->
degraded closing, no clean-success line); both verified to fail without
the fix. Full internal suite + go vet green.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@LukasWodka LukasWodka self-assigned this Jul 7, 2026
@LukasWodka LukasWodka requested a review from saadqbal July 7, 2026 14:56
@LukasWodka

Copy link
Copy Markdown
Contributor Author

Closing as a duplicate of #169 (Asad), which landed the identical fix — 426 guard hard-fail + --keep-data save-failure marks the offboard degraded — plus equivalent regression tests, and merged to develop first. No unique content here. The separate tb-alias wrong-target deletion (not a Bugbot finding) is being handled in its own PR.

@LukasWodka LukasWodka closed this Jul 7, 2026
@LukasWodka LukasWodka deleted the fix/164-bugbot-delete branch July 7, 2026 15:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant