codeant-ai-for-open-source[bot] commented on PR #36813: URL: https://github.com/apache/superset/pull/36813#issuecomment-3686720016
## Nitpicks 🔍 <table> <tr><td>🔒 <strong>No security issues identified</strong></td></tr> <tr><td>⚡ <strong>Recommended areas for review</strong><br><br> - [ ] <a href='https://github.com/apache/superset/pull/36813/files#diff-af8f0100b11495932024f0d23d98b6bb84113b49eef0033a8f8dfacfd48aac60R63-R70'><strong>Immutable ID overwrite</strong></a><br>The merge of `unsavedQueryEditor` into `editor` with a shallow spread may unintentionally override critical properties such as `immutableId` (or `id`) if the unsaved object contains undefined or different values. This can break predicate-based filtering and event routing that relies on immutable IDs.<br> - [ ] <a href='https://github.com/apache/superset/pull/36813/files#diff-af8f0100b11495932024f0d23d98b6bb84113b49eef0033a8f8dfacfd48aac60R63-R70'><strong>Partial unsaved state</strong></a><br>If `unsavedQueryEditor` is partial (only contains `content` or `name`), the current merge is fine; but verify all callers expect the merged shape. Some callers rely on `dbId`/`catalog`/`schema` being present — ensure merging preserves those from the saved editor and does not create undefined values.<br> - [ ] <a href='https://github.com/apache/superset/pull/36813/files#diff-af8f0100b11495932024f0d23d98b6bb84113b49eef0033a8f8dfacfd48aac60R63-R70'><strong>Over-broad merge</strong></a><br>Spreading the entire `unsavedQueryEditor` into `editor` may copy fields that are not intended to be surfaced (internal metadata), potentially exposing or altering state beyond editor content. Consider merging only the specific editor fields that represent user edits.<br> </td></tr> </table> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
