✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Thanks for contributing to Streamlit! 🎈

Please make sure you have read our Contributing Guide. You can find additional information about Streamlit development in the wiki.

The review process:

1. Initial triage: A maintainer will apply labels, approve CI to run, and trigger AI-assisted reviews. Your PR may be flagged with status:needs-product-approval if the feature requires product team sign-off.

2. Code review: A core maintainer will start reviewing your PR once:

   • It is marked as 'ready for review', not 'draft'
   • It has status:product-approved (or doesn't need it)
   • All CI checks pass
   • All AI review comments are addressed

We're receiving many contributions and have limited review bandwidth — please expect some delay. We appreciate your patience! 🙏

@cursor review

Addressed the comment

Thank you, looks like it needs security label as well. I can not edit it.

Hey, thanks for the contribution. I'm in principle OK with adding this but:

1. We should call it showErrorLinks to be consistent with the existing showErrorDetails config option.
2. Can we turn the values into "auto" (same behavior as today, shows it on localhost, hides it otherwise), true (shows it always), and false (shows it never)? I think that would be a bit nicer, wdyt?

Sounds good, I made the both changes.

Summary

This PR adds a new client.showErrorLinks configuration option that allows users to control whether external help links (Copy, Ask Google, Ask ChatGPT) are displayed in exception messages. The feature addresses privacy and security concerns for organizations that prohibit ChatGPT due to data leak risks, GDPR compliance, or IP concerns.

The implementation spans:

• Backend: New config option in config.py, protobuf enum in NewSession.proto, and config population in app_session.py
• Frontend: Context propagation through LibConfigContext, usage in ExceptionElement component
• Tests: Frontend unit tests and protobuf compatibility tests

Code Quality

Strengths

1. Follows existing patterns: The implementation closely follows the existing toolbarMode pattern for config handling.

2. Clean context propagation: The showErrorLinks value flows correctly from App.tsx → StreamlitContextProvider → LibConfigContext → ExceptionElement.

3. Type-safe enum usage: Uses protobuf enums (Config.ShowErrorLinks) consistently across frontend and backend.

4. Proper memoization: The useMemo in StreamlitContextProvider.tsx correctly includes showErrorLinks in dependencies.

Issues

1. PR Description Naming Mismatch (Minor): The PR title and description refer to client.showExceptionLinks, but the actual code uses client.showErrorLinks. The code is internally consistent; only the PR description needs updating.

2. Inaccurate JSDoc comment (LibConfigContext.tsx, line 73-74):

  /**
   * Whether to show external help links (Google, ChatGPT) in exception displays
   * when running on localhost. Defaults to true.
   *
   * Consumed by:
   * @see ExceptionElement
   */

The comment says "Defaults to true" but the actual default is SHOW_ERROR_LINKS_AUTO (shows on localhost only). This is misleading.

3. Hardcoded vs dynamic error message (app_session.py, line 1004):

    if enum_value is None:
        allowed_values = "auto, true, false"
        raise ValueError(
            f"Config {config_key!r} expects to have one of "
            f"the following values: {allowed_values}. "
            f"Current value: {config_value}"
        )

Unlike _get_toolbar_mode which dynamically generates allowed values from the enum, _get_show_error_links uses a hardcoded string. If enum values change, this could become out of sync. Consider using:

allowed_values = ", ".join(k.replace("SHOW_ERROR_LINKS_", "").lower() for k in Config.ShowErrorLinks.keys())

Test Coverage

Frontend Tests ✅

The frontend unit tests (ExceptionElement.test.tsx) are well-structured:

• Tests that links are hidden when showErrorLinks is SHOW_ERROR_LINKS_FALSE on localhost
• Tests that links are shown when showErrorLinks is SHOW_ERROR_LINKS_TRUE on non-localhost
• Uses renderWithContexts helper correctly for context-dependent testing

Python Tests ✅

• config_test.py: New option added to the config options list
• proto_compatibility_test.py: New field added to Config message schema

Missing Tests (Acceptable)

• No dedicated Python unit test for _get_show_error_links() function - but this follows the existing pattern where _get_toolbar_mode() also lacks dedicated tests
• No E2E tests - acceptable given that unit tests cover the behavior and E2E tests are expensive

Backwards Compatibility

Protobuf Changes ✅

The protobuf changes are backwards compatible:

• New optional field show_error_links (field number 9) added to Config message
• New enum ShowErrorLinks with values starting at 0 (AUTO is the default)
• No existing fields modified or removed

Config Default ✅

• Default value is "auto" which preserves existing behavior (links shown on localhost only)
• Users who don't configure this option will see no change

Security & Risk

Security Improvements ✅

This PR improves security by:

• Allowing organizations to disable external links that could expose sensitive error data
• Addressing concerns about ChatGPT data handling and GDPR compliance

Risk Assessment ✅

Low risk:

• Feature is opt-in (requires explicit configuration to change behavior)
• Default behavior unchanged
• No breaking changes to existing APIs

Recommendations

1. Update PR description to use the correct config name client.showErrorLinks (instead of client.showExceptionLinks)

2. Fix JSDoc comment in LibConfigContext.tsx line 73:

   // Change "Defaults to true." to "Defaults to AUTO (shows on localhost only)."

3. Consider dynamic error message (optional improvement): Change the hardcoded allowed values in _get_show_error_links() to dynamically generated values for maintainability.

Verdict

APPROVED: This is a well-implemented feature that addresses legitimate privacy/security concerns. The code follows existing patterns, is properly tested, and maintains backwards compatibility. The minor issues identified (PR description naming, JSDoc comment accuracy, hardcoded error message) are non-blocking and can be addressed in a follow-up if desired.

This is an automated AI review. Please verify the feedback and use your judgment.

Thanks for the comments @sfc-gh-lwilby, addressed and resolved the conflict with the last 2 commits.

Thanks @karubian ! I will try to take a look tomorrow. I have re-run your CI.

Thank you, remaining CI issue does not look related to the change.

Could you look into the permission issue in CI? Please LMK if it is related to the change.

Could you look into the permission issue in CI? Please LMK if it is related to the change.

@karubian I think Lukas merged something on Friday that should fix this permission error -- here e356d2c

Awesome, thanks for getting this merged! @karubian we'd love to send you some swag as a little thank you, feel free to fill out this form: https://docs.google.com/forms/d/e/1FAIpQLSe7cXh3H1DmrgNpVew9qViGIHX7vdEbTv5isA44_z5bgaKTKg/viewform

Thank you for your help and reviews. I filled the form.