Fix python error messages by jmthomas · Pull Request #2633 · OpenC3/cosmos

jmthomas · 2025-12-13T19:12:25Z

We updated the Python logging to do full stack traces. This caused the frontend to display this ugly stack trace. We're still logging the full stack error but the frontend should only get the message.

Before:

After:

This reverts commit e8721f9.

socket-security · 2025-12-13T19:13:09Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	single-spa-vue@3.0.1
	ace-builds@1.43.5
	@types/systemjs@6.15.4
	eslint-config-prettier@9.1.2
	@angular/platform-browser-dynamic@18.2.14
	vite-plugin-style-inject@0.0.1
	@angular/platform-browser@18.2.14
	@angular/compiler-cli@18.2.14
	@angular/cli@18.2.21
	@angular/material@18.2.14
	@angular/animations@18.2.14
	@angular/forms@18.2.14
	@angular/router@18.2.14
	@dagrejs/dagre@1.1.8
	@angular/common@18.2.14
	@angular/compiler@18.2.14
	@angular/cdk@18.2.14
	sprintf-js@1.1.3
	@vue-flow/background@1.3.2
	muuri@0.9.5
	@vue-flow/node-toolbar@1.1.1
	@vue-flow/controls@1.1.3
	@vue-flow/node-resizer@1.5.0
	@angular/core@18.2.14
	systemjs@6.15.1
	@angular-devkit/build-angular@18.2.21
	@vue-flow/minimap@1.5.4
	import-map-overrides@6.1.0
	vite@6.4.1
	vite@5.4.21
	dompurify@3.3.1
	@vue/eslint-config-prettier@9.0.0
	@vue/eslint-config-prettier@10.2.0
See 25 more rows in the dashboard

View full report

socket-security · 2025-12-13T19:13:11Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		Obfuscated code: npm `ace-builds` is 95.0% likely obfuscated Confidence: 0.95 Location: Package overview From: `?` → `npm/@openc3/[email protected]` → `npm/[email protected]` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `[email protected]`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/[email protected]`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `ace-builds` is 95.0% likely obfuscated Confidence: 0.95 Location: Package overview From: openc3-cosmos-init/plugins/packages/openc3-cosmos-tool-admin/package.json → `npm/[email protected]` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `[email protected]`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/[email protected]`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `registry-auth-token` is 94.0% likely obfuscated Confidence: 0.94 Location: Package overview From: openc3-cosmos-init/plugins/pnpm-lock.yaml → `npm/[email protected]` → `npm/[email protected]` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `[email protected]`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/[email protected]`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

codecov · 2025-12-13T19:13:23Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 79.08%. Comparing base (27e1f1a) to head (c0be9f9).
⚠️ Report is 9 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2633   +/-   ##
=======================================
  Coverage   79.08%   79.08%           
=======================================
  Files         661      661           
  Lines       51990    51989    -1     
  Branches      732      732           
=======================================
  Hits        41114    41114           
+ Misses      10796    10795    -1     
  Partials       80       80

Flag	Coverage Δ
python	`81.05% <ø> (+<0.01%)`	⬆️
ruby-api	`84.43% <ø> (ø)`
ruby-backend	`82.05% <ø> (ø)`

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

mcosgriff

Would it be beneficial to instead return an object that can be serialized to the front-end, that way the message is what's displayed by default but the user can get the whole stack trace without looking into the log files?

jmthomas · 2025-12-15T15:52:19Z

Perhaps but we have to match the behavior in both the Ruby and the Python. For now let's merge and fix this bug.

jmthomas added 2 commits December 13, 2025 11:43

Revert "Bump react from 19.2.0 to 19.2.1 in /docs.openc3.com"

c896595

This reverts commit e8721f9.

Return error message not full stack in Python

c0be9f9

jmthomas requested a review from mcosgriff December 13, 2025 19:12

jmthomas requested a review from ryanmelt December 13, 2025 19:20

mcosgriff approved these changes Dec 15, 2025

View reviewed changes

jmthomas merged commit b9bd7ce into main Dec 15, 2025
28 of 32 checks passed

jmthomas deleted the py_cmd_range branch December 15, 2025 15:52

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix python error messages#2633

Fix python error messages#2633
jmthomas merged 2 commits intomainfrom
py_cmd_range

jmthomas commented Dec 13, 2025

Uh oh!

socket-security bot commented Dec 13, 2025

Uh oh!

socket-security bot commented Dec 13, 2025

Uh oh!

codecov bot commented Dec 13, 2025 •

edited

Loading

Uh oh!

mcosgriff left a comment

Uh oh!

jmthomas commented Dec 15, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

jmthomas commented Dec 13, 2025

Uh oh!

socket-security bot commented Dec 13, 2025

Uh oh!

socket-security bot commented Dec 13, 2025

Uh oh!

codecov bot commented Dec 13, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

mcosgriff left a comment

Choose a reason for hiding this comment

Uh oh!

jmthomas commented Dec 15, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

codecov bot commented Dec 13, 2025 •

edited

Loading