feat: add chat debug HTTP handlers and API docs#23918
Conversation
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 71a8438230
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
ThomasK33
force-pushed
the
devtools/06-http-handlers-api-docs
branch
from
71a8438 to
d6da1db
Compare
ThomasK33
force-pushed
the
devtools/05-chat-lifecycle-wiring
branch
from
1af282f to
3b28ca3
Compare
ThomasK33
force-pushed
the
devtools/06-http-handlers-api-docs
branch
from
d6da1db to
764e78c
Compare
ThomasK33
force-pushed
the
devtools/05-chat-lifecycle-wiring
branch
from
3b28ca3 to
667de76
Compare
ThomasK33
force-pushed
the
devtools/06-http-handlers-api-docs
branch
from
764e78c to
579e483
Compare
ThomasK33
force-pushed
the
devtools/05-chat-lifecycle-wiring
branch
from
667de76 to
4bbd4ec
Compare
|
@codex review |
|
Codex Review: Didn't find any major issues. 👍 ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
ThomasK33
force-pushed
the
devtools/06-http-handlers-api-docs
branch
from
579e483 to
d06c9e8
Compare
ThomasK33
force-pushed
the
devtools/05-chat-lifecycle-wiring
branch
2 times, most recently
from
7936c1c to
fc75844
Compare
ThomasK33
force-pushed
the
devtools/06-http-handlers-api-docs
branch
from
d06c9e8 to
648c30f
Compare
ThomasK33
changed the title
ThomasK33
force-pushed
the
devtools/05-chat-lifecycle-wiring
branch
from
fc75844 to
48874e2
Compare
ThomasK33
force-pushed
the
devtools/06-http-handlers-api-docs
branch
from
648c30f to
7a26ad4
Compare
ThomasK33
force-pushed
the
devtools/05-chat-lifecycle-wiring
branch
from
48874e2 to
a7ff31c
Compare
ThomasK33
force-pushed
the
devtools/06-http-handlers-api-docs
branch
from
7a26ad4 to
3894e00
Compare
ThomasK33
force-pushed
the
devtools/05-chat-lifecycle-wiring
branch
from
a7ff31c to
4f145c1
Compare
|
@codex review |
|
Codex Review: Didn't find any major issues. 🚀 ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
|
@codex review |
|
Codex Review: Didn't find any major issues. Can't wait for the next one! ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
|
@codex review |
|
Codex Review: Didn't find any major issues. Delightful! ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
|
@codex review |
|
Codex Review: Didn't find any major issues. Already looking forward to the next diff. ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
|
@codex review |
|
Codex Review: Didn't find any major issues. Breezy! ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
mafredri
left a comment
mafredri
left a comment
There was a problem hiding this comment.
Round 29. Full panel (14 reviewers) on a substantially rebuilt PR (+510 lines since R28). Churn guard: PROCEED. Netero first pass: 1 P1, 1 P2. Panel: 8 additional findings.
Severity summary: 1 P1, 3 P2, 2 P3, 3 Nit.
The three-tier debug logging policy (deployment > user > per-chat) is well-tested. TestChatDebugLoggingSettings has six subtests covering admin lifecycle, user-write-blocked, non-admin authz, force-enable conflict, and unauthenticated access. The getChatDebugRun handler has three independent authorization gates (middleware, dbauthz, explicit chat-ID check). Good defense-in-depth.
PR description is stale: (1) claims "Swagger annotations" but none exist (correct per AGENTS.md, but the description should say so), (2) lists two endpoints that don't exist (PUT /{chat}/debug-logging and GET /runs/{run}/steps). The description should match the actual change.
Hisoka on the divergent debug-logging logic: "Both paths check DB tables and agree today, but they don't know each other exists. Next PR adding per-chat override must update both; updating only one creates inconsistency (UI lies or nothing records)."
codersdk/chats.go:718
P2 [DEREM-4] Stale forward-declaration comment on ChatDebugRun.
Comment says "consumed by the run-detail handler added in a later PR in this stack; it is forward-declared here so that all SDK types live in the same schema-layer commit." This PR adds that handler (getChatDebugRun). The comment is a ghost referral suggesting the handler lives elsewhere.
Fix: delete lines 718-720 or rewrite to describe the type as-is.
(Gon, Meruem, Razor)
🤖
🤖 This review was automatically generated with Coder Agents.
|
@codex review |
|
Codex Review: Didn't find any major issues. 🚀 ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
mafredri
left a comment
mafredri
left a comment
There was a problem hiding this comment.
Round 30. Excellent author responsiveness: 7 of 9 R29 findings addressed in one push (tests added, ActionRead fix, stale comment updated, variable renamed, doc comment rewritten, converter tested). Two contested P3s (DEREM-5 pagination, DEREM-9 divergent logic) evaluated by all 5 panel reviewers -- both defenses accepted unanimously. CI: only gen failing.
Severity summary: 0 P0, 0 P1, 0 P2, 2 P3 (new). Both are test quality items.
Bisky on the new test suite: "TestChatDebugRunDetail asserts specific field mappings including nullable pointers, type conversions, and step ordering. TestChatDebugRuns and TestChatDebugRun exercise HTTP round-trips against a real coderdtest server with seeded data. The assertions check concrete values. ListCapsAt100 seeds 101 runs and asserts the result is capped at 100. None of these are tautological."
PR description is still stale (claims swagger annotations and two endpoints that don't exist). Not a code issue but worth updating before merge.
[DEREM-4] Stale forward-declaration comment on ChatDebugRun: verified fixed. Comment rewritten to describe the type as-is.
🤖 This review was automatically generated with Coder Agents.
|
@codex review |
|
Codex Review: Didn't find any major issues. Keep them coming! ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
mafredri
left a comment
mafredri
left a comment
There was a problem hiding this comment.
Round 31. BLOCKED. Two P3 findings from round 30 have no author response and no code changes.
DEREM-12 (P3): ListCapsAt100 test asserts length but not ordering. Thread unresolved, no reply.
DEREM-13 (P3): User opt-out path (false) never tested as success. Thread unresolved, no reply.
Further review is blocked until the author responds to these findings: fix in this PR, file a GitHub issue, or explain why they should not be fixed.
[DEREM-4] Stale comment on ChatDebugRun: resolved in R30.
🤖 This review was automatically generated with Coder Agents.
|
@codex review |
|
Codex Review: Didn't find any major issues. Another round soon, please! ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
mafredri
left a comment
mafredri
left a comment
There was a problem hiding this comment.
Round 32. DEREM-12 and DEREM-13 both addressed (ordering assertions added, opt-out path tested). Netero clean. Panel (4 reviewers): 3 clean, Bisky found 1 P3 and 1 Nit.
All prior P0-P2 findings resolved. Two minor new items below. The PR is in excellent shape -- 13 findings raised across 4 panel rounds, all addressed or panel-closed. Test coverage is comprehensive.
[DEREM-4] Stale comment: resolved.
Bisky: "TestChatDebugRunDetail asserts specific field mappings including nullable pointers, type conversions, and step ordering. None of these are tautological."
🤖 This review was automatically generated with Coder Agents.
|
@codex review |
|
Codex Review: Didn't find any major issues. 🚀 ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
mafredri
left a comment
mafredri
left a comment
There was a problem hiding this comment.
Round 33. DEREM-14 and DEREM-15 both addressed. Netero clean (1 Nit). Panel (4 reviewers): 3 clean, Bisky found 1 P3.
All P0-P2 findings resolved across 33 rounds (15 findings total: 10 fixed, 2 panel-closed, 1 deferred with ticket, 1 dropped, 1 cosmetic). The author has been consistently responsive.
Knov on the authorization model: "Three independent gates on getChatDebugRun: ExtractChatParam middleware, dbauthz re-fetch in GetChatDebugRunByID, explicit run.ChatID != chat.ID check. Correct defense-in-depth."
🤖 This review was automatically generated with Coder Agents.
|
@codex review |
|
Codex Review: Didn't find any major issues. Breezy! ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
mafredri
left a comment
mafredri
left a comment
There was a problem hiding this comment.
Status: APPROVED
Round 34. All findings resolved. DEREM-16 (comment fix) and DEREM-17 (test isolation fix) both addressed. Netero and panel (4 reviewers) clean. One Nit below.
17 findings raised across 7 panel rounds. 12 fixed by author, 2 closed by panel (5/5), 1 deferred with ticket (#24137), 1 dropped, 1 Nit remaining. Test-to-code ratio is 1.8:1. Authorization is correct with defense-in-depth. The PR is ready for human review.
Bisky: "State machine coverage, IDOR guard, nil serialization, and lifecycle all verified. Exceptional test quality."
🤖 This review was automatically generated with Coder Agents.
mafredri
left a comment
mafredri
left a comment
There was a problem hiding this comment.
Status: APPROVED
Round 35. All 18 findings resolved. DEREM-18 (doc comment "embeds" vs "includes") addressed. Netero clean. Panel (4 reviewers) clean -- zero findings from any reviewer.
18 findings raised across 8 panel rounds: 14 fixed by author, 2 closed by panel (5/5 unanimous), 1 deferred with ticket (#24137), 1 dropped (scope creep). The author addressed every finding, often in the next push. Test-to-code ratio is 1.6:1 (544 test lines for 336 handler lines). Authorization is correct with defense-in-depth. CI passing except gen (pre-existing).
Bisky: "Comprehensive test suite across 18 test cases with proper lifecycle coverage, authorization paths, ordering verification, and serialization guards."
🤖 This review was automatically generated with Coder Agents.
Change-Id: I6bf0033957b41d0562c0788abba462d5cb79dde5 Signed-off-by: Thomas Kosiewski <tk@coder.com>
Addresses DEREM findings from PR review round 29. - DEREM-3: use ActionRead on the admin GET (was ActionUpdate), matching sibling admin read handlers. - DEREM-4: drop stale forward-declaration comment on ChatDebugRun; the run-detail handler is added in this PR. - DEREM-6: rename shadowing loop var `r` to `run` in getChatDebugRuns. - DEREM-7: clarify the GetChatDebugRun SDK doc comment. - DEREM-1/DEREM-2: HTTP-level tests for getChatDebugRuns and getChatDebugRun (list ordering, 100-cap, 404 on unknown chat, cross- chat isolation, bad UUID 400, missing-run 404, run-on-other-chat 404, empty-steps response). - DEREM-10: db2sdk tests for ChatDebugRunDetail covering all 16 mapped fields including the nullable UUID/time/int columns and the nested step slice. Change-Id: I1fa863fba2195f7ab8a257bdc447a33089a542ee Signed-off-by: Thomas Kosiewski <tk@coder.com>
3 participants
Summary
Add REST endpoints for listing debug runs by chat, fetching a single debug run with its steps, and managing the deployment-wide and per-user debug logging settings. Register the routes in the experimental chats route group.
This is PR 6/9 in the chat debug logging stack.
Changes
coderd/exp_chats.go):GET /api/experimental/chats/config/debug-logging/PUT— deployment-wide admin toggle that controls whether users may opt into debug logging.GET /api/experimental/chats/config/user-debug-logging/PUT— per-user opt-in (also reports whether the deployment forces it on or admins disallow it).GET /api/experimental/chats/{chat}/debug/runs— list debug run summaries for a chat (capped at 100, ordered most-recent first).GET /api/experimental/chats/{chat}/debug/runs/{run}— fetch a single debug run with its full step history embedded.codersdk/chats.go): typedExperimentalClientmethods for each new endpoint.coderd/coderd.go): wires the new endpoints into the experimental chats route group.httpmw.ExtractChatParamanddbauthzre-authorization on read for chat ownership.Stack overview
Generated with
mux• Model:anthropic:claude-opus-4-6• Thinking:xhigh