Skip to content

[fix] Ensure key is reflective of data arg in CCv2 instances #12950

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sfc-gh-bnisco merged 10 commits into from
Nov 25, 2025
Merged

[fix] Ensure key is reflective of data arg in CCv2 instances #12950

sfc-gh-bnisco merged 10 commits into from
Nov 25, 2025

Conversation

@sfc-gh-bnisco
Copy link
Collaborator

@sfc-gh-bnisco sfc-gh-bnisco commented Nov 5, 2025
edited
Loading

Describe your changes

  • This fixes a few issues with how CCv2 handles the data arg, especially as it relates to creating a key.
    • Specifically, we weren't passing in the data arg to compute_and_register_element_id before this change. Now we do so, but in order to support the many different data shapes, we calculate a stable identifier for the content first before passing it in.
    • As a side-effect of ensuring the data param is stable, we move from a UUID-based placeholder to an MD5-based placeholder for serialized arrow data to ensure it is deterministic. Previously, it would be a new UUID on each run, which is inefficient.
  • Writes a bunch of unit tests that exercise the various data shapes.

GitHub Issue Link (if applicable)

Testing Plan

  • Added unit tests

Contribution License Agreement

By submitting this pull request you agree that all contributions to this project are made under the Apache 2.0 license.

@sfc-gh-bnisco sfc-gh-bnisco added security-assessment-completed Security assessment has been completed for PR impact:internal PR changes only affect internal code change:bugfix PR contains bug fix implementation impact:users PR changes affect end users and removed impact:internal PR changes only affect internal code labels Nov 5, 2025
@snyk-io
Copy link
Contributor

snyk-io bot commented Nov 5, 2025
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@github-actions
Copy link
Contributor

github-actions bot commented Nov 5, 2025
edited
Loading

✅ PR preview is ready!

Name Link
📦 Wheel file https://core-previews.s3-us-west-2.amazonaws.com/pr-12950/streamlit-1.51.0-py3-none-any.whl
📦 @streamlit/component-v2-lib Download from artifacts
🕹️ Preview app pr-12950.streamlit.app (☁️ Deploy here if not accessible)

@sfc-gh-bnisco sfc-gh-bnisco requested a review from Copilot November 5, 2025 22:07
Copilot AI reviewed Nov 5, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR implements deterministic identity computation for bidirectional components (CCv2) to ensure that unkeyed component instances change their backend ID when serialized data changes, while keyed instances maintain stable IDs regardless of data changes. This addresses component identity stability requirements for proper state management and rendering.

Key Changes

  • Introduced _build_bidi_identity_kwargs() method to construct identity parameters based on the populated protobuf's data field
  • Changed Arrow blob ref IDs from random UUIDs to content-addressed MD5 hashes for deterministic placeholders
  • Moved ID computation to occur after proto population so the serialized data can contribute to identity

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

File Description
lib/streamlit/components/v2/bidi_component/main.py Added _build_bidi_identity_kwargs() method and moved ID computation after proto population to include serialized data in identity calculation
lib/streamlit/components/v2/bidi_component/serialization.py Replaced UUID-based ref IDs with MD5-based content-addressed IDs for Arrow blob stability
lib/tests/streamlit/components/v2/test_bidi_component.py Added comprehensive test class BidiComponentIdentityTest with 11 tests covering keyed/unkeyed identity scenarios
lib/tests/streamlit/components/v2/bidi_component/test_serialization.py Added test for Arrow serialization fallback behavior

@sfc-gh-bnisco sfc-gh-bnisco requested a review from Copilot November 5, 2025 22:16
Copilot AI reviewed Nov 5, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated no new comments.

@sfc-gh-bnisco sfc-gh-bnisco marked this pull request as ready for review November 5, 2025 22:48
lukasmasuch
lukasmasuch approved these changes Nov 7, 2025
View reviewed changes
Copy link
Collaborator

@lukasmasuch lukasmasuch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

graphite-app[bot]
graphite-app bot reviewed Nov 25, 2025
View reviewed changes
@sfc-gh-bnisco sfc-gh-bnisco merged commit 1495567 into develop Nov 25, 2025
42 checks passed
@sfc-gh-bnisco sfc-gh-bnisco deleted the fix-ccv2-frontend-key branch November 25, 2025 23:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@graphite-app graphite-app[bot] graphite-app[bot] left review comments

Copilot code review Copilot Copilot left review comments

@lukasmasuch lukasmasuch lukasmasuch approved these changes

Assignees

No one assigned

Labels

change:bugfix PR contains bug fix implementation impact:users PR changes affect end users security-assessment-completed Security assessment has been completed for PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sfc-gh-bnisco @lukasmasuch