Skip to content

ref(preprod): Add data_retention checks for all size analysis endpoint related reads #107891

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
NicoHinderling wants to merge 1 commit into
base: 02-09-ref_preprod_extract_artifact_search_functions_to_artifact_search_module
Choose a base branch
from
Open

ref(preprod): Add data_retention checks for all size analysis endpoint related reads #107891

NicoHinderling wants to merge 1 commit into from

Conversation

@NicoHinderling
Copy link
Contributor

@NicoHinderling NicoHinderling commented Feb 9, 2026
edited
Loading

Closes EME-724

@NicoHinderling NicoHinderling mentioned this pull request Feb 9, 2026
Open
@NicoHinderling Graphite App
Copy link
Contributor Author

NicoHinderling commented Feb 9, 2026

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

This stack of pull requests is managed by Graphite. Learn more about stacking.

@github-actions github-actions bot added the Scope: Backend Automatically applied to PRs that change backend components label Feb 9, 2026
@NicoHinderling NicoHinderling marked this pull request as ready for review February 9, 2026 23:05
@NicoHinderling NicoHinderling requested a review from a team as a code owner February 9, 2026 23:05
@linear
Copy link

linear bot commented Feb 9, 2026

EME-724 [Data Retention] Ensure that all read endpoints check the org's billing retention values

cursor[bot]
cursor bot reviewed Feb 9, 2026
View reviewed changes
Copy link
Contributor

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.

...sentry/preprod/api/endpoints/size_analysis/project_preprod_size_analysis_compare_download.py
cutoff = get_size_retention_cutoff(project.organization)
artifact = comparison_obj.head_size_analysis.preprod_artifact
if artifact.date_added < cutoff:
return Response({"detail": "This build's size data has expired."}, status=404)
Copy link
Contributor

@cursor cursor bot Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Compare download only checks head artifact retention, not base

Medium Severity

The retention check in the compare download endpoint only validates the head artifact's date_added against the cutoff, while the sibling compare endpoint at project_preprod_size_analysis_compare.py correctly checks both head_artifact.date_added < cutoff or base_artifact.date_added < cutoff. If the base artifact's data has expired but the head hasn't, this endpoint will still serve the comparison data, bypassing the intended data retention policy.

Additional Locations (1)

Fix in Cursor Fix in Web

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

Scope: Backend Automatically applied to PRs that change backend components

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@NicoHinderling