cal/paper-dynasty-discord
1
0
Fork 0
Code Issues 14 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

fix: exclude utilities/supabase.py from production Docker image (#41) #51

Merged
cal merged 1 commits from ai/paper-dynasty-discord-41 into main 2026-03-07 07:38:19 +00:00
Conversation 0 Commits 1 Files Changed 1 +2 -1
cal commented 2026-03-05 05:02:04 +00:00
Owner
Copy Link

Summary

  • Adds utilities/supabase.py to .dockerignore so it is excluded from production Docker builds
  • The file is a standalone diagnostic/development script that uses low-security generic env var names (user, password, host) and attempts no connection at module load time — but it has no place in the production image
  • No imports of this file exist anywhere in the codebase, so exclusion has zero runtime impact

Files changed

  • .dockerignore — added utilities/supabase.py entry

Test results

No test suite. Change verified by reviewing .dockerignore diff — the new entry follows the same pattern as other exclusions in the file.

🤖 Generated with Claude Code

## Summary - Adds `utilities/supabase.py` to `.dockerignore` so it is excluded from production Docker builds - The file is a standalone diagnostic/development script that uses low-security generic env var names (`user`, `password`, `host`) and attempts no connection at module load time — but it has no place in the production image - No imports of this file exist anywhere in the codebase, so exclusion has zero runtime impact ## Files changed - `.dockerignore` — added `utilities/supabase.py` entry ## Test results No test suite. Change verified by reviewing `.dockerignore` diff — the new entry follows the same pattern as other exclusions in the file. 🤖 Generated with [Claude Code](https://claude.com/claude-code)
cal added 1 commit 2026-03-05 05:02:05 +00:00
fix: exclude utilities/supabase.py from production Docker image (#41)
All checks were successful
Build Docker Image / build (pull_request) Successful in 1m15s
Details
9f6ec947e1 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
cal added the
ai-reviewing
 label 2026-03-05 05:15:31 +00:00
cal reviewed 2026-03-05 05:16:52 +00:00
cal left a comment
Author
Owner
Copy Link

AI Code Review

Files Reviewed

  • .dockerignore (modified)
  • utilities/supabase.py (read for context — not changed)

Findings

Correctness

  • The .dockerignore entry utilities/supabase.py uses the correct relative path format and will properly exclude the file from the Docker build context.
  • Confirmed via grep: no Python files in the codebase import utilities/supabase.py, so exclusion has zero runtime impact as claimed.
  • The diff also implicitly fixes a missing newline at end of file on the previous last line (**/.claude), which is a minor correctness improvement.

Security

  • No issues. This change is a net security improvement: utilities/supabase.py reads env vars with generic names (user, password, host, database) that could collide with legitimate production env vars. Keeping it out of the production image is the right call.
  • The file only attempts a DB connection inside get_connection(), which is only called via main() under if __name__ == "__main__". It does not auto-connect on import. That said, load_dotenv() and the os.getenv() calls run at module load time — not a runtime risk if the file isn't present in the image.

Style & Conventions

  • The new entry follows the same file-specific exclusion pattern used by pytest.ini and CLAUDE.md already in .dockerignore. No issues.

Suggestions

  • None.

Verdict: APPROVED ✓

Single-line .dockerignore change that is correct, well-scoped, and a minor security improvement. The PR's claims are verified: no imports of the file exist, and the exclusion pattern matches existing conventions. (Note: Gitea does not allow self-approval — posting as COMMENT instead of APPROVED.)

Automated review by Claude PR Reviewer

## AI Code Review ### Files Reviewed - `.dockerignore` (modified) - `utilities/supabase.py` (read for context — not changed) ### Findings #### Correctness - The `.dockerignore` entry `utilities/supabase.py` uses the correct relative path format and will properly exclude the file from the Docker build context. - Confirmed via grep: no Python files in the codebase import `utilities/supabase.py`, so exclusion has zero runtime impact as claimed. - The diff also implicitly fixes a missing newline at end of file on the previous last line (`**/.claude`), which is a minor correctness improvement. #### Security - No issues. This change is a net security improvement: `utilities/supabase.py` reads env vars with generic names (`user`, `password`, `host`, `database`) that could collide with legitimate production env vars. Keeping it out of the production image is the right call. - The file only attempts a DB connection inside `get_connection()`, which is only called via `main()` under `if __name__ == "__main__"`. It does not auto-connect on import. That said, `load_dotenv()` and the `os.getenv()` calls run at module load time — not a runtime risk if the file isn't present in the image. #### Style & Conventions - The new entry follows the same file-specific exclusion pattern used by `pytest.ini` and `CLAUDE.md` already in `.dockerignore`. No issues. #### Suggestions - None. ### Verdict: APPROVED ✓ Single-line `.dockerignore` change that is correct, well-scoped, and a minor security improvement. The PR's claims are verified: no imports of the file exist, and the exclusion pattern matches existing conventions. (Note: Gitea does not allow self-approval — posting as COMMENT instead of APPROVED.) --- *Automated review by Claude PR Reviewer*
cal added
ai-reviewed
 and removed
ai-reviewing
 labels 2026-03-05 05:17:01 +00:00
cal merged commit a1b0e676c2 into main 2026-03-07 07:38:19 +00:00
cal deleted branch ai/paper-dynasty-discord-41 2026-03-07 07:38:20 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
ai-changes-requested

   
ai-failed

   
ai-pr-opened

   
ai-reviewed

   
ai-reviewing

   
ai-working

   
ai-working

   
bug

   
enhancement

   
feature

New feature proposal

  
in-queue

Approved for development

  
performance

   
security

   
tech-debt

   
todo
No Label
ai-changes-requested
ai-failed
ai-pr-opened
ai-reviewed
ai-reviewing
ai-working
ai-working
bug
enhancement
feature
in-queue
performance
security
tech-debt
todo
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: cal/paper-dynasty-discord#51
No description provided.
Delete Branch "ai/paper-dynasty-discord-41"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?