fix: 3 edge cases -- clear stale include_paths, invalidate dep cache, sanitize corrupt DB data

DevanshuNEU · DevanshuNEU · commit 04ac019c69ec · 2026-03-06T18:28:22.000-05:00
Adversarial review found 3 bugs:

1. CRITICAL: Re-indexing full repo didn't clear old include_paths.
   if include_paths was truthy before save, re-index with None skipped
   the DB update. Now ALWAYS writes include_paths (None clears it).

2. HIGH: Stale dep cache after re-index with different include_paths.
   Dependency cache persisted across re-indexes. Now clear_file_dependencies
   runs at start of every re-index so graph rebuilds with new include_paths.

3. MEDIUM: Corrupt jsonb from DB (e.g. [123, null]) crashed Path().parts.
   build_dependency_graph now filters non-string entries and falls back to
   full scan if all entries are invalid.

3 new tests:
- test_include_paths_with_corrupt_data: mixed valid/invalid entries
- test_include_paths_all_corrupt_scans_everything: all invalid -&gt; full scan
- test_include_paths_empty_list_scans_everything: [] same as None
diff --git a/backend/routes/repos.py b/backend/routes/repos.py
@@ -602,10 +602,13 @@ async def _run_async_indexing(
         
         repo_manager.update_status(repo_id, "indexing")
         
-        # Persist include_paths so dependency analyzer and other tools use the subset
-        if include_paths:
-            from services.supabase_service import get_supabase_service
-            get_supabase_service().update_repository(repo_id, {"include_paths": include_paths})
+        # Persist include_paths (or clear it if re-indexing full repo)
+        from services.supabase_service import get_supabase_service
+        db = get_supabase_service()
+        db.update_repository(repo_id, {"include_paths": include_paths})
+
+        # Clear stale dependency cache so next graph build uses new include_paths
+        db.clear_file_dependencies(repo_id)
         
         # Publish initial progress to confirm connection
         if publisher:
diff --git a/backend/services/dependency_analyzer.py b/backend/services/dependency_analyzer.py
@@ -142,6 +142,12 @@ def build_dependency_graph(self, repo_path: str, include_paths: List[str] = None
         """Build dependency graph. If include_paths set, only analyze those dirs."""
         repo_path = Path(repo_path)
         
+        # Sanitize include_paths from DB (could be corrupt jsonb)
+        if include_paths:
+            include_paths = [p for p in include_paths if isinstance(p, str) and p.strip()]
+            if not include_paths:
+                include_paths = None
+        
         # Discover code files
         code_files = []
         extensions = {'.py', '.js', '.jsx', '.ts', '.tsx'}
diff --git a/backend/tests/test_dependency_analyzer.py b/backend/tests/test_dependency_analyzer.py
@@ -280,6 +280,34 @@ def test_include_paths_multiple_dirs(self, analyzer, ts_repo):
         assert any('packages/schema' in f for f in file_paths)
         assert not any('backend' in f for f in file_paths)
 
+    def test_include_paths_with_corrupt_data(self, analyzer, ts_repo):
+        """Corrupt jsonb from DB should not crash -- non-strings are filtered out"""
+        graph = analyzer.build_dependency_graph(
+            str(ts_repo),
+            include_paths=[123, None, '', 'packages/effect', True]
+        )
+        file_paths = set(graph['dependencies'].keys())
+        # Should only include effect files, corrupt entries filtered
+        assert all('packages/effect' in f for f in file_paths)
+        assert len(file_paths) > 0
+
+    def test_include_paths_all_corrupt_scans_everything(self, analyzer, ts_repo):
+        """If all include_paths entries are invalid, fall back to full scan"""
+        graph = analyzer.build_dependency_graph(
+            str(ts_repo),
+            include_paths=[123, None, '', False]
+        )
+        file_paths = set(graph['dependencies'].keys())
+        # Should fall back to scanning everything
+        assert any('backend' in f for f in file_paths)
+        assert any('packages/effect' in f for f in file_paths)
+
+    def test_include_paths_empty_list_scans_everything(self, analyzer, ts_repo):
+        """Empty list should be treated same as None"""
+        graph = analyzer.build_dependency_graph(str(ts_repo), include_paths=[])
+        file_paths = set(graph['dependencies'].keys())
+        assert any('backend' in f for f in file_paths)
+
 
 class TestGraphMetrics:
     """Verify graph statistics are correct"""
