Skip to content

fix: co-int/str for CELs #5109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 28, 2025
Merged

fix: co-int/str for CELs #5109

merged 2 commits into from
Jun 28, 2025

Conversation

@shahargl
Copy link
Member

close #5107

@vercel
Copy link

vercel bot commented Jun 28, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
keep ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jun 28, 2025 3:16pm

@dosubot dosubot bot added size:L This PR changes 100-499 lines, ignoring generated files. Bug Something isn't working labels Jun 28, 2025
cursor[bot]
cursor bot reviewed Jun 28, 2025
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: CEL Type Coercion Fails with `None` Values

The _coerce_eq_type_error method, intended for CEL type coercion, has multiple issues. Its get_nested helper function incorrectly attempts to access celpy activation objects as standard dictionaries, leading to None values and silent coercion failures. Additionally, the comparison logic is redundant: it always converts both values to strings for comparison, even after a specific check for mixed int/str types, rendering the initial check superfluous. Consequently, if get_nested returns None (e.g., for non-existent fields), str(None) is used in comparisons, potentially causing unintended matches with the literal string 'None'.

keep/rulesengine/rulesengine.py#L517-L549

keep/keep/rulesengine/rulesengine.py

Lines 517 to 549 in 655106f

def get_nested(d, path):
for part in path.split("."):
if isinstance(d, dict):
d = d.get(part)
else:
return None
return d
left_val = get_nested(activation, left)
try:
right_val = int(right)
except Exception:
try:
right_val = float(right)
except Exception:
right_val = right
# If one is str and the other is int/float, compare as str
if (isinstance(left_val, (int, float)) and isinstance(right_val, str)) or (
isinstance(left_val, str) and isinstance(right_val, (int, float))
):
if op == "==":
return str(left_val) == str(right_val)
else:
return str(left_val) != str(right_val)
# Also handle both as str for robustness
if op == "==":
return str(left_val) == str(right_val)
else:
return str(left_val) != str(right_val)
except Exception:
pass
return False

Fix in Cursor

Bug: Regex Greediness Causes Incorrect Parsing

The regex pattern r"([a-zA-Z0-9_\.]+)\s*([!=]=)\s*(.+)" used in the _coerce_eq_type_error function incorrectly parses complex CEL expressions. The greedy .+ capture group causes the right operand of a comparison (e.g., field == "value") to incorrectly include subsequent parts of the expression (e.g., "value" && other == 2). This leads to incorrect type coercion for == and != operators in such compound expressions.

keep/rulesengine/rulesengine.py#L505-L506

keep/keep/rulesengine/rulesengine.py

Lines 505 to 506 in 655106f

m = re.match(r"([a-zA-Z0-9_\.]+)\s*([!=]=)\s*(.+)", cel)

Fix in Cursor

Was this report helpful? Give feedback by reacting with 👍 or 👎

@codecov
Copy link

codecov bot commented Jun 28, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 2.04082% with 48 lines in your changes missing coverage. Please review.

Project coverage is 30.77%. Comparing base (0026346) to head (655106f).
Report is 3 commits behind head on main.

Files with missing lines Patch % Lines
keep/rulesengine/rulesengine.py 2.04% 48 Missing ⚠️
Additional details and impacted files 
@@             Coverage Diff             @@
##             main    #5109       +/-   ##
===========================================
- Coverage   46.18%   30.77%   -15.41%     
===========================================
  Files         173      100       -73     
  Lines       17970    11454     -6516     
===========================================
- Hits         8299     3525     -4774     
+ Misses       9671     7929     -1742

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Jun 28, 2025
@shahargl shahargl merged commit 4d07f64 into main Jun 28, 2025
18 of 20 checks passed
@shahargl shahargl deleted the bugfix/5107 branch June 28, 2025 17:23
@dosubot dosubot bot mentioned this pull request Jul 4, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@talboren talboren talboren approved these changes

Assignees

No one assigned

Labels

Bug Something isn't working lgtm This PR has been approved by a maintainer size:L This PR changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[🐛 Bug]: CEL Evaluation Failed for nested json for int

2 participants

@shahargl @talboren