mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
dfd6a962edb4ade3160aa01b8e7cf5d83271a5df
stack/docs/scratchpads/281-fix-broad-exception-catching.md
Jason Woltje a1973e6419
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
Fix QA validation issues and add M7.1 security fixes (#318) 
Co-authored-by: Jason Woltje <jason@diversecanvas.com>
Co-committed-by: Jason Woltje <jason@diversecanvas.com>
2026-02-04 03:08:09 +00:00

60 lines
2.1 KiB
Markdown
Raw Blame History

# Issue #281: Fix broad exception catching hiding system errors
## Objective
Fix broad try-catch blocks in command.service.ts that catch ALL errors including system failures (OOM, DB failures, etc.), making debugging impossible.
## Location
apps/api/src/federation/command.service.ts:168-194
## Problem
The current implementation catches all errors in a broad try-catch block, which masks critical system errors as business logic failures. This makes debugging impossible and can hide serious issues like:
- Out of memory errors
- Database connection failures
- Network failures
- Module loading failures
## Approach
1. Define specific error types for expected business logic errors
2. Only catch expected errors (e.g., module not found, command validation failures)
3. Let system errors (OOM, DB failures, network issues) propagate naturally
4. Add structured logging for business logic errors
5. Add comprehensive tests for both business and system error scenarios
## Implementation Plan
- [x] Create custom error classes for expected business errors
- [x] Update handleIncomingCommand to only catch expected errors
- [x] Add structured logging for security events
- [x] Write tests for business logic errors (should be caught)
- [x] Write tests for system errors (should propagate)
- [x] Verify all tests pass
- [x] Run quality gates (lint, typecheck, build)
## Testing
- Test business logic errors are caught and handled gracefully ✅
- Test system errors propagate correctly ✅
- Test error logging includes appropriate context ✅
- Maintain 85%+ coverage ✅
## Results
- Created CommandProcessingError hierarchy in apps/api/src/federation/errors/command.errors.ts
- System errors now propagate correctly (no longer caught)
- Business logic errors handled gracefully with error responses
- All 286 federation tests pass
- Lint, typecheck, build all pass
- Commit: f53f310
## Notes
- This is a P0 security issue - proper error handling is critical for production debugging
- Follow patterns from other federation services
- Ensure backward compatibility with existing error handling flows
- COMPLETED ✅
Reference in New Issue View Git Blame Copy Permalink