Skip to content

Comments

fix(cli): Write --output file on auth error early exit#214

Draft
dcramer wants to merge 1 commit intomainfrom
warden-sweep/cd745cc3/9fff8c6a
Draft

fix(cli): Write --output file on auth error early exit#214
dcramer wants to merge 1 commit intomainfrom
warden-sweep/cd745cc3/9fff8c6a

Conversation

@dcramer
Copy link
Member

@dcramer dcramer commented Feb 23, 2026

Adds writeEmptyRunLog() call to auth error catch blocks in both runSkills() and runConfigMode(), matching the pattern used by other early-exit paths (no skills matched, no files matched).

Previously, when verifyAuth() threw, the --output file was never written. Downstream consumers (sweep scripts, CI) that depend on the output file would fail or behave unexpectedly.

Automated fix for Warden finding find-warden-bugs-9fff8c6a (high, detected by find-warden-bugs).

Ref #212

This PR was auto-generated by a Warden Sweep (run cd745cc3).
The finding has been validated through automated deep tracing,
but human confirmation is requested as this is batch work.

@dcramer dcramer added the warden Automated fix from Warden Sweep label Feb 23, 2026
@dcramer dcramer mentioned this pull request Feb 23, 2026
Open
@dcramer
fix(cli): Write --output file on auth error early exit
bfdcef1 
The auth error catch block returned without writing to the --output file,
unlike other early-exit paths that call writeEmptyRunLog(). This left
downstream consumers without the expected output file.

Warden finding find-warden-bugs-9fff8c6a
Severity: high

Co-Authored-By: Warden <noreply@getsentry.com>
@dcramer dcramer force-pushed the warden-sweep/cd745cc3/9fff8c6a branch from cfb86fa to bfdcef1 Compare February 23, 2026 07:17
sentry-warden[bot]
sentry-warden bot reviewed Feb 23, 2026
View reviewed changes
src/cli/main.ts
Comment on lines +325 to +328
} catch (error: unknown) {
reporter.error((error as WardenAuthenticationError).message);
writeEmptyRunLog(repoPath ?? cwd, { traceId: getTraceId(), outputPath: options.output });
return 1;
Copy link
Contributor

@sentry-warden sentry-warden bot Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Auth error early exit skips JSON stdout output unlike other early exit paths

The auth error catch block calls writeEmptyRunLog() but does not check options.json and write content to stdout. All other early exit paths (no skills matched, no files matched, etc.) have a pattern: if (options.json) { const { content } = writeEmptyRunLog(...); process.stdout.write(content); }. This inconsistency means when --json is used with a failing auth, the output file is written but stdout remains empty, which can break downstream consumers expecting JSON output on stdout.

Verification

Read lines 379-389, 457-466, 646-658 confirming all other early exit paths check options.json and write to stdout. The auth catch block at lines 325-328 writes the file but skips the stdout output.

Suggested fix: Match the pattern used by other early exit paths: check options.json and write content to stdout if true.

Suggested change
} catch (error: unknown) {
reporter.error((error as WardenAuthenticationError).message);
writeEmptyRunLog(repoPath ?? cwd, { traceId: getTraceId(), outputPath: options.output });
return 1;
if (options.json) {
const { content } = writeEmptyRunLog(repoPath ?? cwd, { traceId: getTraceId(), outputPath: options.output });
process.stdout.write(content);
} else {
writeEmptyRunLog(repoPath ?? cwd, { traceId: getTraceId(), outputPath: options.output });
}

Identified by Warden find-warden-bugs · YJG-694

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sentry-warden sentry-warden[bot] sentry-warden[bot] left review comments

Assignees

No one assigned

Labels

warden Automated fix from Warden Sweep

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dcramer