-
Notifications
You must be signed in to change notification settings - Fork 16.3k
fix(mcp): avoid mutating global SENSITIVE_FIELDS in field permissions #35934
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
@@ -142,9 +142,9 @@ def get_allowed_fields( | |||||||||||||||||
| if not user: | ||||||||||||||||||
| user = get_current_user() | ||||||||||||||||||
|
|
||||||||||||||||||
| # Get sensitive fields for this object type | ||||||||||||||||||
| sensitive_fields = SENSITIVE_FIELDS.get(object_type, set()) | ||||||||||||||||||
| sensitive_fields.update(SENSITIVE_FIELDS.get("common", set())) | ||||||||||||||||||
| base=SENSITIVE_FIELDS.get(object_type, set()) | ||||||||||||||||||
| common=SENSITIVE_FIELDS.get("common", set()) | ||||||||||||||||||
| sensitive_fields= set(base)|set(common) | ||||||||||||||||||
|
Comment on lines
+145
to
+147
|
||||||||||||||||||
| base=SENSITIVE_FIELDS.get(object_type, set()) | |
| common=SENSITIVE_FIELDS.get("common", set()) | |
| sensitive_fields= set(base)|set(common) | |
| base = SENSITIVE_FIELDS.get(object_type, set()) | |
| common = SENSITIVE_FIELDS.get("common", set()) | |
| sensitive_fields = set(base) | set(common) |
Copilot
AI
Nov 4, 2025
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Redundant set conversions. The .get(object_type, set()) calls already return sets, so wrapping them with set() again is unnecessary. Since base and common are already sets, use sensitive_fields = base | common directly.
| sensitive_fields= set(base)|set(common) | |
| sensitive_fields = base | common |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Redundant Set Conversion
Tell me more
What is the issue?
The code unnecessarily converts base and common to sets twice when they are already sets from SENSITIVE_FIELDS dictionary.
Why this matters
This creates unnecessary set conversions that impact performance and code clarity without adding any value.
Suggested change ∙ Feature Preview
Provide feedback to improve future suggestions
💬 Looking for more details? Reply to this comment to chat with Korbit.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
:(
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I understand your disappointment. Let's focus on improving the code. Would you like to discuss the suggested change or explore alternative solutions?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes do that
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Understood. Let's consider these alternatives:
Use set union directly:
Use dict.get() with default empty set:
Use dict.setdefault() to ensure sets:
Which approach do you prefer, or do you have another idea?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ask for a review