fix: address review findings -- 5 code fixes, 2 test improvements

Code fixes:
1. repos.py add_repo: status 400 -> 500 (server failure, not client error)
2. repos.py _run_async_indexing: publisher.publish_error leaks str(e) to
   WebSocket clients. Now sends generic message.
3. repos.py websocket_index: send_json leaks str(e). Now generic.
4. playground.py _fetch_repo_metadata: returned raw str(e) in error dict.
   Now returns generic message, logs actual error.
5. playground.py search handler: added capture_exception (was missing entirely,
   not even imported).
6. analysis.py impact: added file_path to capture_exception kwargs
   (logger had it, Sentry didn't).

Test improvements:
7. test_repo_add: assert status 500 (was 400), assert exact detail text.
8. test_search: explicitly patch cache.get_search_results to return None
   instead of relying on conftest mock behavior.

284 tests pass.

Author: DevanshuNEU

backend/routes/analysis.py

@@ -78,7 +78,7 @@ async def analyze_impact(
         raise
     except Exception as e:
         logger.error("Impact analysis failed", repo_id=repo_id, file_path=request.file_path, error=str(e))
-        capture_exception(e, operation="impact_analysis", repo_id=repo_id)
+        capture_exception(e, operation="impact_analysis", repo_id=repo_id, file_path=request.file_path)
         raise HTTPException(status_code=500, detail="Failed to analyze impact")
 
 

backend/routes/playground.py

@@ -17,7 +17,7 @@
 from dependencies import indexer, cache, repo_manager, redis_client
 from services.input_validator import InputValidator
 from services.repo_validator import RepoValidator
-from services.observability import logger
+from services.observability import logger, capture_exception
 from services.playground_limiter import PlaygroundLimiter, get_playground_limiter, IndexedRepoData
 from services.anonymous_indexer import (
     AnonymousIndexingJob,
@@ -486,6 +486,7 @@ async def playground_search(
     except HTTPException:
         raise
     except Exception as e:
+        capture_exception(e, operation="playground_search")
         logger.error("Playground search failed", error=str(e))
         raise HTTPException(status_code=500, detail="Search failed")
 
@@ -579,7 +580,7 @@ async def _fetch_repo_metadata(owner: str, repo: str) -> dict:
             return {"error": "timeout", "message": "GitHub API request timed out"}
         except Exception as e:
             logger.error("GitHub API request failed", error=str(e))
-            return {"error": "request_failed", "message": str(e)}
+            return {"error": "request_failed", "message": "Failed to fetch repository metadata"}
 
 
 async def _count_code_files(

backend/routes/repos.py

@@ -145,7 +145,7 @@ async def add_repository(
     except Exception as e:
         logger.error("Failed to add repository", error=str(e), user_id=user_id)
         capture_exception(e)
-        raise HTTPException(status_code=400, detail="Failed to add repository")
+        raise HTTPException(status_code=500, detail="Failed to add repository")
 
 
 @router.delete("/{repo_id}")
@@ -395,7 +395,7 @@ async def progress_callback(
             publisher.publish_error(
                 repo_id,
                 error="indexing_failed",
-                message=str(e),
+                message="An error occurred during indexing",
                 recoverable=True
             )
 
@@ -573,7 +573,7 @@ async def progress_callback(files_processed: int, functions_indexed: int, total_
         logger.error("WebSocket indexing error", repo_id=repo_id, error=str(e))
         capture_exception(e, operation="websocket_indexing", repo_id=repo_id)
         try:
-            await websocket.send_json({"type": "error", "message": str(e)})
+            await websocket.send_json({"type": "error", "message": "An error occurred during indexing"})
         except Exception:
             pass
         repo_manager.update_status(repo_id, "error")

backend/tests/test_error_leaking.py

@@ -8,7 +8,9 @@ class TestErrorResponsesHideInternals:
 
     def test_search_error_hides_details(self, client, valid_headers):
         """Search failure should not expose Pinecone/OpenAI error strings."""
-        with patch("routes.search.indexer") as mock_indexer:
+        with patch("routes.search.indexer") as mock_indexer, \
+             patch("routes.search.cache") as mock_cache:
+            mock_cache.get_search_results.return_value = None
             mock_indexer.semantic_search.side_effect = RuntimeError(
                 "Pinecone connection refused at pinecone-prod.svc.us-east1.aws:443"
             )
@@ -21,9 +23,9 @@ def test_search_error_hides_details(self, client, valid_headers):
 
         assert resp.status_code == 500
         body = resp.json()["detail"]
+        assert body == "Search failed"
         assert "Pinecone" not in body
         assert "pinecone-prod" not in body
-        assert "443" not in body
 
     def test_dependency_graph_error_hides_details(self, client, valid_headers):
         """Dependency graph failure should not expose file paths."""
@@ -41,8 +43,8 @@ def test_dependency_graph_error_hides_details(self, client, valid_headers):
 
         assert resp.status_code == 500
         body = resp.json()["detail"]
+        assert body == "Failed to build dependency graph"
         assert "/srv/repos" not in body
-        assert ".git/config" not in body
 
     def test_repo_add_error_hides_details(self, client, valid_headers):
         """Add repo failure should not expose git credentials or paths."""
@@ -60,7 +62,7 @@ def test_repo_add_error_hides_details(self, client, valid_headers):
                 headers=valid_headers,
             )
 
-        assert resp.status_code == 400
+        assert resp.status_code == 500
         body = resp.json()["detail"]
+        assert body == "Failed to add repository"
         assert "ghp_secret" not in body
-        assert "Authentication failed" not in body