fix(validation): reject whitespace-only text in sentiment analyze endpoint#29
Open
Kunal-Somani wants to merge 1 commit intoruxailab:mainfrom
Open
Conversation
…point The original input guard used 'if not text' which correctly rejects None and empty strings but silently passes whitespace-only input (e.g. ' ') straight to the ML model as valid text. This causes the model to run inference on meaningless input with no error returned to the caller. Fix: replace 'if not text' with 'if not text or not text.strip()' so whitespace-only strings are rejected with a 400 Bad Request — consistent with how missing and empty text is already handled. Also fix logger.error() f-string anti-pattern in the exception handler, replacing it with % formatting for consistency with the rest of the service layer (PRs ruxailab#27, ruxailab#28). Tests added: - test_sentiment_analyze_whitespace_only_text: verifies ' ' returns 400 and service is never called - test_sentiment_analyze_empty_string_text: verifies '' returns 400 and service is never called
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Found a input validation bug in the
/sentiment/analyzeendpoint.The Bug
The original guard clause:
correctly rejects
Noneand""but silently passes whitespace-only strings like" "straight to the ML model as valid input. The model runs inference on meaningless content and returns a confident but meaningless prediction — with no error signalled to the caller.The Fix
Whitespace-only strings now return a
400 Bad Request— consistent with how missing and empty text is already handled.Tests Added
Two new tests in
TestSentimentAnalyze:test_sentiment_analyze_whitespace_only_text: verifies" "returns400and the service layer is never calledtest_sentiment_analyze_empty_string_text: verifies""returns400and the service layer is never calledAlso fixes the
logger.error()f-string anti-pattern in the exception handler — consistent with fixes applied across the service layer in PRs #27 and #28.Files Changed
app/routes/sentiment_routes.pytests/unit/test_routes/test_sentiment_routes.py