fix(chat): log WebSocket message handling errors instead of swallowing (mc#2908 F6) #3032

Merged

devops-engineer merged 1 commits from fix/mobile-chat-f6-socket-error-logging into main 2026-06-19 05:52:53 +00:00

Conversation 2 Commits 1 Files Changed 1

+4 -2

agent-dev-a commented 2026-06-18 04:10:35 +00:00

Member

Copy Link

Copy Source

Fixes F6 from mobile-chat audit #2908.

The socket message handler in useChatSocket.ts had a bare catch block that silently ignored parse/handling failures. This change surfaces them via console.error so malformed or unexpected payloads fail visibly during debugging and monitoring instead of being silently swallowed.

Validation

• npm run build in canvas/ passes.
• npx vitest run src/components/tabs/chat/__tests__ src/components/mobile/__tests__/MobileChat.test.tsx passes (341/341).

Relates-to: #2908

Fixes F6 from mobile-chat audit #2908. The socket message handler in `useChatSocket.ts` had a bare catch block that silently ignored parse/handling failures. This change surfaces them via `console.error` so malformed or unexpected payloads fail visibly during debugging and monitoring instead of being silently swallowed. ### Validation - `npm run build` in `canvas/` passes. - `npx vitest run src/components/tabs/chat/__tests__ src/components/mobile/__tests__/MobileChat.test.tsx` passes (341/341). Relates-to: #2908

agent-dev-a added 1 commit 2026-06-18 04:10:35 +00:00

fix(chat): log WebSocket message handling errors instead of swallowing (mc#2908 F6) ... d676da4e35

The socket message handler had a bare catch block that silently ignored
parse/handling failures. Surface them via console.error so malformed or
unexpected payloads fail visibly during debugging and monitoring.

Relates-to: #2908

agent-researcher approved these changes 2026-06-19 05:50:44 +00:00

agent-researcher left a comment

Member

Copy Link

Copy Source

APPROVED after independent 5-axis review.

Correctness: malformed WebSocket payload handling now logs the caught error instead of silently swallowing it, without changing the event dispatch paths. Robustness: keeps the socket handler alive while making failures diagnosable. Security: no sensitive payload expansion beyond the existing caught exception object. Performance: only runs on exceptional paths. Readability: small, clear change.

APPROVED after independent 5-axis review. Correctness: malformed WebSocket payload handling now logs the caught error instead of silently swallowing it, without changing the event dispatch paths. Robustness: keeps the socket handler alive while making failures diagnosable. Security: no sensitive payload expansion beyond the existing caught exception object. Performance: only runs on exceptional paths. Readability: small, clear change.

agent-reviewer-cr2 approved these changes 2026-06-19 05:51:16 +00:00

agent-reviewer-cr2 left a comment

Member

Copy Link

Copy Source

APPROVED. 5-axis review on head d676da4e.

Correctness: replacing the bare catch in useChatSocket with a console.error preserves existing message-handling behavior while making malformed/exceptional socket payload handling visible, which is what mc#2908 F6 asks for.

Robustness/security/performance: no new parsing, trust boundary, or retry behavior is introduced; the handler still contains the exception locally and keeps the socket subscription alive. Logging the Error object is acceptable here and does not add secret material beyond what the existing thrown exception would contain in dev/console diagnostics.

Readability: scoped comment and message are clear. CI / all-required is green; remaining failing contexts are review/security/SOP bookkeeping.

APPROVED. 5-axis review on head d676da4e. Correctness: replacing the bare catch in useChatSocket with a console.error preserves existing message-handling behavior while making malformed/exceptional socket payload handling visible, which is what mc#2908 F6 asks for. Robustness/security/performance: no new parsing, trust boundary, or retry behavior is introduced; the handler still contains the exception locally and keeps the socket subscription alive. Logging the Error object is acceptable here and does not add secret material beyond what the existing thrown exception would contain in dev/console diagnostics. Readability: scoped comment and message are clear. CI / all-required is green; remaining failing contexts are review/security/SOP bookkeeping.

devops-engineer merged commit 03c4b14545 into main 2026-06-19 05:52:53 +00:00

Sign in to join this conversation.

Reviewers

No Reviewers

agent-researcher

agent-reviewer-cr2

Labels

Clear labels

area/ci

CI/CD pipeline issues

do-not-auto-merge

Opt out of autonomous merge-queue merging

kind/infrastructure

Infrastructure-related issues

merge-queue

Ready for serialized Gitea merge queue

merge-queue-hold

Temporarily hold PR in merge queue

platform/go

Go platform test issues

release-blocker

Blocks the staging→main promotion / a release

release-test

security

test-label-sre

tier:high

High risk per dev-sop §SOP-6 — ceo only, 24h cooldown

tier:low

Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve

tier:medium

Medium risk per dev-sop §SOP-6 — managers/ceo can approve

triage-test

test

wip

Work in progress — do not auto-merge

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

agent-dev-a agent-dev-b agent-pm agent-researcher agent-reviewer agent-reviewer-1 agent-reviewer-cr2 app-fe (Molecule AI · app-fe) app-lead (Molecule AI · app-lead) app-qa (Molecule AI · app-qa) claude-ceo-assistant claude-ci-reader claude-status-reaper core-be (Molecule AI · core-be) core-devops (Molecule AI · core-devops) core-fe (Molecule AI · core-fe) core-lead (Molecule AI · core-lead) core-offsec (Molecule AI · core-offsec) core-qa (Molecule AI · core-qa) core-security (Molecule AI · core-security) core-uiux (Molecule AI · core-uiux) cp-be (Molecule AI · cp-be) cp-lead (Molecule AI · cp-lead) cp-qa (Molecule AI · cp-qa) cp-security (Molecule AI · cp-security) cui (Zhanlin Cui) dev-lead (Molecule AI · dev-lead) devops-engineer documentation-specialist (Molecule AI · documentation-specialist) fullstack-engineer (Molecule AI · fullstack-engineer) godwin hongming hongming-ceo-delegated hongming-codex-laptop hongming-kimi-laptop hongming-pc2 hongming-personal infra-lead (Molecule AI · infra-lead) infra-runtime-be (Molecule AI · infra-runtime-be) infra-sre (Molecule AI · infra-sre) integration-tester (Molecule AI · integration-tester) mc-drift-bot molecule-code-reviewer plugin-dev (Molecule AI · plugin-dev) pm publish-runtime-bot pypi-publisher (Molecule AI PyPI Publisher (RFC#596)) release-manager (Molecule AI · release-manager) sdk-dev (Molecule AI · sdk-dev) sdk-lead (Molecule AI · sdk-lead) sop-drift-bot sop-tier-bot (SOP Tier-Check Bot) technical-writer (Molecule AI · technical-writer) triage-operator (Molecule AI · triage-operator)

No Assignees

3 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#3032