Skip to content

fix: resolve open bug issues#51

Merged
dceoy merged 5 commits into
mainfrom
bugfix/fix-open-bug-issues
Jul 6, 2026
Merged

fix: resolve open bug issues#51
dceoy merged 5 commits into
mainfrom
bugfix/fix-open-bug-issues

Conversation

@dceoy

@dceoy dceoy commented Jul 6, 2026

Copy link
Copy Markdown
Owner

Summary

  • Fix env validation so invalid MT5API_PORT fails fast and MT5API_LOG_LEVEL=trace is accepted without crashing app logging.
  • Return flat RFC 7807 Problem Details for auth and request-validation errors.
  • Make /health probe MT5 off the event loop, use pdmt5 version keys, and report unhealthy instead of 500/false healthy on MT5 probe failures.
  • Fix reconnect semantics for process-global MT5 state by avoiding old-client shutdown after successful login and preserving market-book tracking on failed reconnect.
  • Bump mt5api to 1.0.1 and require pdmt5 >= 1.1.0.

Closes #45.
Closes #46.
Closes #47.
Closes #48.

Verification

  • .agents/skills/local-qa/scripts/qa.sh
  • pre-push hook reran the same QA workflow successfully

Runtime Impact

  • Invalid MT5API_PORT and unsupported MT5API_LOG_LEVEL now raise clear configuration errors instead of falling back or crashing with raw logging errors.
  • Validation errors now return 422 RFC 7807 bodies; 401 auth errors are no longer nested under detail.
  • Manual Windows/MT5 smoke testing is still needed for real terminal reconnect behavior.

@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, you can upgrade your account or add credits to your account and enable them for code reviews in your settings.

Co-authored-by: Cursor <cursoragent@cursor.com>
@dceoy dceoy self-assigned this Jul 6, 2026
Co-authored-by: Cursor <cursoragent@cursor.com>

@dceoy dceoy left a comment

Copy link
Copy Markdown
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed the changes for #45-#48. The reconnect, config-validation, and flat Problem Details changes are directionally sound, but I found a couple of issues that should be fixed before merge.

Blocking:

  • The package version is bumped to 1.0.1, but the API still advertises 1.0.0 via API_VERSION, so /health and generated OpenAPI remain stale.
  • #47 is not fully closed yet: runtime 422 responses are now RFC 7807, but the generated OpenAPI schema will still advertise FastAPI's default HTTPValidationError unless the route responses/custom OpenAPI schema are updated. That leaves clients with the same contract mismatch at schema level.

Also consider broadening the /health MT5 probe exception handling so arbitrary MT5 DLL/IPC or pdmt5 failures cannot escape as 500s.

Comment thread pyproject.toml
Comment thread mt5api/routers/health.py
Keep runtime/OpenAPI version in sync with the package release, ensure
unexpected MT5 probe failures return unhealthy instead of 500, and
document RFC 7807 Problem Details for validation errors.

Co-authored-by: Cursor <cursoragent@cursor.com>

@dceoy dceoy left a comment

Copy link
Copy Markdown
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed the latest revision. The previously noted version/OpenAPI/health issues appear addressed, and the reconnect/config changes are directionally sound. I found one remaining blocker: the new RFC 7807 request-validation handler serializes str(exc) directly, which can echo raw request input for invalid fields. Because /connection/login includes a password, malformed password validation can leak credentials in the response body. Please sanitize validation details before merge and add a regression test for /connection/login validation errors.

Comment thread mt5api/middleware.py
Co-authored-by: Cursor <cursoragent@cursor.com>

@dceoy dceoy left a comment

Copy link
Copy Markdown
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed the latest revision.

No additional blocking code issues found. The previously raised blockers appear addressed:

  • API_VERSION is now bumped with the package version.
  • OpenAPI 422 responses are patched to advertise ErrorResponse instead of FastAPI's default validation schema.
  • /health probes MT5 through the threadpool and converts broad MT5/pdmt5 probe failures to mt5_connected=false / status=unhealthy.
  • /connection/login now replaces the singleton before clearing market-book tracking, so failed reconnects preserve existing subscription state.
  • Request-validation details are sanitized to loc+message summaries and a regression test covers password non-disclosure.

CI is still in progress on the latest head, so keep that as the remaining merge gate.

@dceoy dceoy merged commit f7af988 into main Jul 6, 2026
6 checks passed
@dceoy dceoy deleted the bugfix/fix-open-bug-issues branch July 6, 2026 18:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment