test(backend): harden silent failures + pin revenue-path behavior#203
Conversation
Observability for previously-silent error swallows (no control-flow change): - caching.py: log the Redis DEL swallow - seo_routes.py: log catch-and-ignore in homes/JSON-LD/shell/SPA render - mira_routes.py: log silent swallows in installations/feedback helpers New/converted tests (no application behavior change): - test_crm.py: legacy import-time script -> 5 assertion tests (was appending a fake lead to data/leads.json on every collection) - test_contact_lead_capture.py: contact form -> Lead creation + bad-phone reject - test_form_extraction.py: SSN/DOB/income never reach the LLM payload - test_social_publishers.py: fail-closed draft gating, readiness, UTM CTA builder - test_lead_attribution.py: utm:/referrer: source bucketing Full suite: 1018 passed, 11 skipped, 0 failed. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b6b9fe578f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| field_list_region = prompt.split("Conversation:")[0] | ||
| fields_to_look_for = field_list_region.split("Fields to look for:")[-1] |
There was a problem hiding this comment.
This test is meant to enforce the “never send PII to Gemini” contract, but it only inspects the section before Conversation:. In this same test _get_conversation_text returns CONVERSATION, so captured["contents"] still includes the raw SSN/DOB/income values in the conversation section and the test passes while the actual Gemini payload contains PII; assert/redact the full prompt so the safety check fails on that leak.
Useful? React with 👍 / 👎.
test_lead_attribution.py imported `main` at module top, which instantiates a Firestore client at import — failing collection in CI's no-creds "no Firestore/ GCS" job (passed locally only because of developer ADC). Route the import through create_client(monkeypatch) like the rest of the suite, so main loads with Firestore stubbed. Verified: 9 passed with GCP credentials unset. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
1 participant
Wave 1 of the "finish & perfect" campaign — backend hardening + missing revenue-path tests. Surgical, observability-only on prod code; everything else is new/converted tests.
Hardening (no control-flow change — added logging only)
caching.py— log the previously-silent RedisDELswallowseo_routes.py— log the 4 catch-and-ignore blocks (homes fetch, product JSON-LD, index shell, SPA render)mira_routes.py— log silent swallows in the installations/feedback helper functionsTests (no application behavior change)
test_crm.py— legacy import-time script → 5 real assertion tests. The old file calledsave_lead()at module top level, appending a fake lead todata/leads.jsonon every pytest collection.test_contact_lead_capture.py—/api/contact→Leadcreation + short-phone rejectiontest_form_extraction.py(new) — proves SSN / DOB / income never reach the LLM payloadtest_social_publishers.py(new) — fail-closed draft gating,social_readiness, UTM CTA buildertest_lead_attribution.py(new) —utm:/referrer:lead-source bucketingVerification
Full suite (project venv): 1018 passed, 11 skipped, 0 failed. The 11 skips are pre-existing env-gated (GCS creds, time-sensitive, migration).
Notes
form_extractionagent surfaced a latent fragility:buyer_incomeis PII-flagged but excluded only by absence from templates (not the explicit filter) — now pinned by a test. Worth a follow-up to add it to the explicit allowlist filter.🤖 Generated with Claude Code