Skip to content

fix: exclude structurally quarantined events from incremental projection#135

Merged
erskingardner merged 1 commit into
masterfrom
fix/incremental-projection-quarantine-exclusion
Jun 29, 2026
Merged

fix: exclude structurally quarantined events from incremental projection#135
erskingardner merged 1 commit into
masterfrom
fix/incremental-projection-quarantine-exclusion

Conversation

@erskingardner

@erskingardner erskingardner commented Jun 29, 2026

Copy link
Copy Markdown
Member

Problem

Master CI is red on test_rebuild_skips_structurally_quarantined_v2_files:

AssertionError: 1 != 0
DeliveryArtifact.objects.filter(group=group).count() == 1, expected 0

The first failing run was #133 ("project uploaded audit events incrementally"), which switched the ingest hot path from a full rebuild_group_projections (clear + re-project) to the new incremental project_file_events.

Cause

The full-rebuild path (rebuild_locked_group_projections) filters its events with structural_quarantine_exclusion(), which drops every event belonging to a structurally quarantined upload (multiple engine_ids / account_refs — the whole file's attribution is untrustworthy). The new incremental path filtered only on parse_status=VALID, so a quarantined upload's events were still projected, leaking DeliveryArtifact (and other projection rows) for the group.

Fix

Add structural_quarantine_exclusion() to the project_file_events event query so the incremental path drops quarantined uploads wholesale, exactly as the full rebuild does.

Verification

  • test_rebuild_skips_structurally_quarantined_v2_files now passes.
  • Full just check green (194 tests, ruff, format, migrations check).

🤖 Generated with Claude Code


Open in Stage

Summary by CodeRabbit

  • Bug Fixes
    • Improved event projection during uploads by excluding quarantined structural events, so only eligible events are processed.

The incremental projection path added in #133 (project_file_events)
filtered only on parse_status=VALID, missing the
structural_quarantine_exclusion() that the full-rebuild path applies.
A structurally quarantined v2 upload (multiple engine_ids/account_refs)
therefore leaked projection rows — DeliveryArtifact and friends — for
the group, even though its events must be dropped wholesale.

Apply the same exclusion on the ingest hot path so quarantined uploads
project nothing, matching rebuild_locked_group_projections.

Fixes the master CI failure in
test_rebuild_skips_structurally_quarantined_v2_files.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@stage-review

stage-review Bot commented Jun 29, 2026

Copy link
Copy Markdown

Ready to review this PR? Stage has broken it down into 1 individual chapter for you:

Title
1 Exclude quarantined events from incremental projection
Open in Stage

Chapters generated by Stage for commit 7243f4e on Jun 29, 2026 12:56pm UTC.

@coderabbitai

coderabbitai Bot commented Jun 29, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4d383732-d547-4db3-a8a3-ac746bd08e86

📥 Commits

Reviewing files that changed from the base of the PR and between ad56682 and 7243f4e.

📒 Files selected for processing (1)
  • forensics/projections.py

Walkthrough

Adds structural_quarantine_exclusion() as an additional filter to the incremental AuditEvent queryset inside project_file_events in forensics/projections.py, changing which events are selected during upload projection.

Changes

Incremental projection filter update

Layer / File(s) Summary
Add structural_quarantine_exclusion filter
forensics/projections.py
structural_quarantine_exclusion() is added to the incremental AuditEvent queryset filters in project_file_events, excluding structurally quarantined events from projection.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

  • marmot-protocol/goggles#133: Directly modifies the same incremental project_file_events queryset logic in forensics/projections.py, introducing the filtered queryset that this PR further constrains.
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and concisely summarizes the main change: excluding structurally quarantined events from incremental projection.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/incremental-projection-quarantine-exclusion

Comment @coderabbitai help to get the list of available commands.

@erskingardner erskingardner merged commit 951c990 into master Jun 29, 2026
3 checks passed
@erskingardner erskingardner deleted the fix/incremental-projection-quarantine-exclusion branch June 29, 2026 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant