codeant-ai-for-open-source[bot] commented on code in PR #40097:
URL: https://github.com/apache/superset/pull/40097#discussion_r3243946360
##########
superset/templates/superset/oauth2.html:
##########
@@ -22,8 +22,15 @@
<meta charset="utf-8">
</head>
<body>
- <script>
- window.opener.postMessage({ tabId: '{{ tab_id }}' });
+ <script nonce="{{ csp_nonce() }}">
+ const message = { tabId: '{{ tab_id }}' };
+ if (typeof BroadcastChannel !== 'undefined') {
+ const channel = new BroadcastChannel('oauth');
+ channel.postMessage(message);
+ channel.close();
+ }
+ localStorage.setItem('oauth2_auth_complete', JSON.stringify(message));
+ localStorage.removeItem('oauth2_auth_complete');
Review Comment:
**Suggestion:** The callback page writes to `localStorage` without error
handling; in browsers/modes where storage access is blocked or throws
(quota/security restrictions), this script will throw and stop before reliably
finishing the callback flow. Guard `localStorage` writes/removal with
`try/catch` so the tab can still close and the BroadcastChannel path can still
succeed. [possible bug]
<details>
<summary><b>Severity Level:</b> Major ⚠️</summary>
```mdx
- ❌ OAuth callback tab may not close in restricted browsers.
- ❌ Storage-based fallback notification can fail entirely.
- ⚠️ SQL Lab/Explore OAuth flows less reliable cross-browser.
```
</details>
<details>
<summary><b>Steps of Reproduction ✅ </b></summary>
```mdx
1. Configure an OAuth2-enabled database and complete the provider's auth
flow so the
OAuth2 callback endpoint in `superset/superset/databases/api.py:1445-26` is
invoked; this
endpoint calls `render_template('superset/oauth2.html', tab_id=tab_id)` to
serve the
self-closing callback page.
2. Load that callback page in a browser context where `window.localStorage`
exists but
`localStorage.setItem` throws (for example, in environments where storage is
disabled or
heavily restricted) while `BroadcastChannel` may or may not be available.
3. When the script in `superset/templates/superset/oauth2.html:25-35` runs,
it first posts
a `{ tabId }` message over a BroadcastChannel if available at `27-30`, and
then
unconditionally calls `localStorage.setItem('oauth2_auth_complete',
JSON.stringify(message));` and
`localStorage.removeItem('oauth2_auth_complete');` at
`32-33`; if `setItem` throws a `DOMException`, the script aborts before
`window.close()`
at `34`.
4. In environments without BroadcastChannel support, this exception prevents
both the
storage-based cross-tab notification and `window.close()` from running, so
the original
tab never receives the storage event that the `OAuth2RedirectMessage`
listener at
`superset-frontend/src/components/ErrorMessage/OAuth2RedirectMessage.tsx:127-140`
relies
on, and the user is left with a non-closing callback tab and no automatic
re-run of the
SQL Lab / Explore / dashboard query.
```
</details>
[Fix in
Cursor](https://app.codeant.ai/fix-in-ide?tool=cursor&prompt=This%20is%20a%20comment%20left%20during%20a%20code%20review.%0A%0A%2A%2APath%3A%2A%2A%20superset%2Ftemplates%2Fsuperset%2Foauth2.html%0A%2A%2ALine%3A%2A%2A%2032%3A33%0A%2A%2AComment%3A%2A%2A%0A%09%2APossible%20Bug%3A%20The%20callback%20page%20writes%20to%20%60localStorage%60%20without%20error%20handling%3B%20in%20browsers%2Fmodes%20where%20storage%20access%20is%20blocked%20or%20throws%20%28quota%2Fsecurity%20restrictions%29%2C%20this%20script%20will%20throw%20and%20stop%20before%20reliably%20finishing%20the%20callback%20flow.%20Guard%20%60localStorage%60%20writes%2Fremoval%20with%20%60try%2Fcatch%60%20so%20the%20tab%20can%20still%20close%20and%20the%20BroadcastChannel%20path%20can%20still%20succeed.%0A%0AValidate%20the%20correctness%20of%20the%20flagged%20issue.%20If%20correct%2C%20How%20can%20I%20resolve%20this%3F%20If%20you%20propose%20a%20fix%2C%20implement%20it%20and%20please%20make%20it%20concise.%0AOnce%20f
ix%20is%20implemented%2C%20also%20check%20other%20comments%20on%20the%20same%20PR%2C%20and%20ask%20user%20if%20the%20user%20wants%20to%20fix%20the%20rest%20of%20the%20comments%20as%20well.%20if%20said%20yes%2C%20then%20fetch%20all%20the%20comments%20validate%20the%20correctness%20and%20implement%20a%20minimal%20fix%0A)
| [Fix in VSCode
Claude](https://app.codeant.ai/fix-in-ide?tool=vscode-claude&prompt=This%20is%20a%20comment%20left%20during%20a%20code%20review.%0A%0A%2A%2APath%3A%2A%2A%20superset%2Ftemplates%2Fsuperset%2Foauth2.html%0A%2A%2ALine%3A%2A%2A%2032%3A33%0A%2A%2AComment%3A%2A%2A%0A%09%2APossible%20Bug%3A%20The%20callback%20page%20writes%20to%20%60localStorage%60%20without%20error%20handling%3B%20in%20browsers%2Fmodes%20where%20storage%20access%20is%20blocked%20or%20throws%20%28quota%2Fsecurity%20restrictions%29%2C%20this%20script%20will%20throw%20and%20stop%20before%20reliably%20finishing%20the%20callback%20flow.%20Guard%20%60localStorage%60%20writes%2Fremoval%20with%20%6
0try%2Fcatch%60%20so%20the%20tab%20can%20still%20close%20and%20the%20BroadcastChannel%20path%20can%20still%20succeed.%0A%0AValidate%20the%20correctness%20of%20the%20flagged%20issue.%20If%20correct%2C%20How%20can%20I%20resolve%20this%3F%20If%20you%20propose%20a%20fix%2C%20implement%20it%20and%20please%20make%20it%20concise.%0AOnce%20fix%20is%20implemented%2C%20also%20check%20other%20comments%20on%20the%20same%20PR%2C%20and%20ask%20user%20if%20the%20user%20wants%20to%20fix%20the%20rest%20of%20the%20comments%20as%20well.%20if%20said%20yes%2C%20then%20fetch%20all%20the%20comments%20validate%20the%20correctness%20and%20implement%20a%20minimal%20fix%0A)
*(Use Cmd/Ctrl + Click for best experience)*
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:** superset/templates/superset/oauth2.html
**Line:** 32:33
**Comment:**
*Possible Bug: The callback page writes to `localStorage` without error
handling; in browsers/modes where storage access is blocked or throws
(quota/security restrictions), this script will throw and stop before reliably
finishing the callback flow. Guard `localStorage` writes/removal with
`try/catch` so the tab can still close and the BroadcastChannel path can still
succeed.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
Once fix is implemented, also check other comments on the same PR, and ask
user if the user wants to fix the rest of the comments as well. if said yes,
then fetch all the comments validate the correctness and implement a minimal fix
```
</details>
<a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40097&comment_hash=6c404a71eacdf57f93b3823cf50612c7fe631aa6b95aa7e6c87f12494d10381d&reaction=like'>👍</a>
| <a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40097&comment_hash=6c404a71eacdf57f93b3823cf50612c7fe631aa6b95aa7e6c87f12494d10381d&reaction=dislike'>👎</a>
##########
superset-frontend/src/components/ErrorMessage/OAuth2RedirectMessage.tsx:
##########
@@ -107,43 +100,50 @@ export function OAuth2RedirectMessage({
const dispatch = useDispatch();
useEffect(() => {
- /* Listen for messages from the OAuth2 tab.
- *
- * After OAuth2 is successful the opened tab will send a message before
- * closing itself. Once we receive the message we can retrigger the
- * original query in SQL Lab, explore, or in a dashboard.
- */
- const redirectUrl = new URL(extra.redirect_uri);
- const handleMessage = (event: MessageEvent) => {
- if (
- event.origin === redirectUrl.origin &&
- event.data.tabId === extra.tab_id &&
- event.source === oAuthTab.current
- ) {
- if (source === 'sqllab' && query) {
- dispatch(reRunQuery(query));
- } else if (source === 'explore' && chartId) {
- dispatch(triggerQuery(true, chartId));
- } else if (source === 'dashboard') {
- dispatch(onRefresh(chartList.map(Number), true, 0, dashboardId));
- }
+ const handleOAuthComplete = (tabId?: string) => {
+ if (tabId !== extra.tab_id) {
+ return;
+ }
+ if (source === 'sqllab' && query) {
+ dispatch(reRunQuery(query));
+ } else if (source === 'explore' && chartId) {
+ dispatch(triggerQuery(true, chartId));
+ } else if (source === 'dashboard') {
+ dispatch(onRefresh(chartList.map(Number), true, 0, dashboardId));
}
};
- window.addEventListener('message', handleMessage);
+
+ const channel =
+ typeof BroadcastChannel !== 'undefined'
+ ? new BroadcastChannel(OAUTH_CHANNEL_NAME)
+ : null;
Review Comment:
**Suggestion:** `new BroadcastChannel(...)` is only guarded by a `typeof`
check, but some environments expose `BroadcastChannel` while still throwing at
construction time (for example, restricted/opaque contexts). If that
constructor throws, the effect aborts before listeners are installed, so OAuth
completion messages are never handled. Wrap channel creation in `try/catch` and
continue with the storage-event fallback when construction fails. [possible bug]
<details>
<summary><b>Severity Level:</b> Major ⚠️</summary>
```mdx
- ❌ SQL Lab OAuth2 queries may not auto re-run.
- ❌ Explore OAuth2-triggered chart refresh can silently fail.
- ⚠️ Dashboard OAuth2 refresh relies on brittle listener setup.
```
</details>
<details>
<summary><b>Steps of Reproduction ✅ </b></summary>
```mdx
1. Configure a database to use OAuth2 so that when a user without stored
credentials
queries it, the backend raises `OAuth2RedirectError` (defined at
`superset/superset/exceptions.py:12-39`), returning an error with
`error_type=SupersetErrorType.OAUTH2_REDIRECT`.
2. In the frontend, trigger that flow from SQL Lab/Explore/Dashboard so the
`OAuth2RedirectMessage` React component at
`superset-frontend/src/components/ErrorMessage/OAuth2RedirectMessage.tsx:64-174`
is
rendered with the error's `extra` payload (including `tab_id`) and `source`
set
appropriately.
3. Run the app (or a Jest test) in an environment where
`window.BroadcastChannel` exists
but `new BroadcastChannel('oauth')` throws at construction time (e.g., by
stubbing
`global.BroadcastChannel = jest.fn(() => { throw new Error('blocked'); });`
before
rendering `OAuth2RedirectMessage`; the test scaffold in
`superset-frontend/src/components/ErrorMessage/OAuth2RedirectMessage.test.tsx:21-44`
already renders this component).
4. When the component's `useEffect` at `OAuth2RedirectMessage.tsx:102-146`
runs, the line
`new BroadcastChannel(OAUTH_CHANNEL_NAME)` at `116-119` throws, so the
effect aborts
before executing `window.addEventListener('storage', handleStorage)` at
`140` and before
setting `channel.onmessage` at `121-125`; later, when the OAuth callback page
`superset/templates/superset/oauth2.html:25-34` posts the `{ tabId }` via
BroadcastChannel/localStorage, the original tab no longer has any listener
installed, so
`handleOAuthComplete` is never invoked and the query/chart/dashboard is not
automatically
re-run.
```
</details>
[Fix in
Cursor](https://app.codeant.ai/fix-in-ide?tool=cursor&prompt=This%20is%20a%20comment%20left%20during%20a%20code%20review.%0A%0A%2A%2APath%3A%2A%2A%20superset-frontend%2Fsrc%2Fcomponents%2FErrorMessage%2FOAuth2RedirectMessage.tsx%0A%2A%2ALine%3A%2A%2A%20116%3A119%0A%2A%2AComment%3A%2A%2A%0A%09%2APossible%20Bug%3A%20%60new%20BroadcastChannel%28...%29%60%20is%20only%20guarded%20by%20a%20%60typeof%60%20check%2C%20but%20some%20environments%20expose%20%60BroadcastChannel%60%20while%20still%20throwing%20at%20construction%20time%20%28for%20example%2C%20restricted%2Fopaque%20contexts%29.%20If%20that%20constructor%20throws%2C%20the%20effect%20aborts%20before%20listeners%20are%20installed%2C%20so%20OAuth%20completion%20messages%20are%20never%20handled.%20Wrap%20channel%20creation%20in%20%60try%2Fcatch%60%20and%20continue%20with%20the%20storage-event%20fallback%20when%20construction%20fails.%0A%0AValidate%20the%20correctness%20of%20the%20flagged%20issue.%20If%20correct%2C%20How%20can%
20I%20resolve%20this%3F%20If%20you%20propose%20a%20fix%2C%20implement%20it%20and%20please%20make%20it%20concise.%0AOnce%20fix%20is%20implemented%2C%20also%20check%20other%20comments%20on%20the%20same%20PR%2C%20and%20ask%20user%20if%20the%20user%20wants%20to%20fix%20the%20rest%20of%20the%20comments%20as%20well.%20if%20said%20yes%2C%20then%20fetch%20all%20the%20comments%20validate%20the%20correctness%20and%20implement%20a%20minimal%20fix%0A)
| [Fix in VSCode
Claude](https://app.codeant.ai/fix-in-ide?tool=vscode-claude&prompt=This%20is%20a%20comment%20left%20during%20a%20code%20review.%0A%0A%2A%2APath%3A%2A%2A%20superset-frontend%2Fsrc%2Fcomponents%2FErrorMessage%2FOAuth2RedirectMessage.tsx%0A%2A%2ALine%3A%2A%2A%20116%3A119%0A%2A%2AComment%3A%2A%2A%0A%09%2APossible%20Bug%3A%20%60new%20BroadcastChannel%28...%29%60%20is%20only%20guarded%20by%20a%20%60typeof%60%20check%2C%20but%20some%20environments%20expose%20%60BroadcastChannel%60%20while%20still%20throwing%20at%20construction%20time%20
%28for%20example%2C%20restricted%2Fopaque%20contexts%29.%20If%20that%20constructor%20throws%2C%20the%20effect%20aborts%20before%20listeners%20are%20installed%2C%20so%20OAuth%20completion%20messages%20are%20never%20handled.%20Wrap%20channel%20creation%20in%20%60try%2Fcatch%60%20and%20continue%20with%20the%20storage-event%20fallback%20when%20construction%20fails.%0A%0AValidate%20the%20correctness%20of%20the%20flagged%20issue.%20If%20correct%2C%20How%20can%20I%20resolve%20this%3F%20If%20you%20propose%20a%20fix%2C%20implement%20it%20and%20please%20make%20it%20concise.%0AOnce%20fix%20is%20implemented%2C%20also%20check%20other%20comments%20on%20the%20same%20PR%2C%20and%20ask%20user%20if%20the%20user%20wants%20to%20fix%20the%20rest%20of%20the%20comments%20as%20well.%20if%20said%20yes%2C%20then%20fetch%20all%20the%20comments%20validate%20the%20correctness%20and%20implement%20a%20minimal%20fix%0A)
*(Use Cmd/Ctrl + Click for best experience)*
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:**
superset-frontend/src/components/ErrorMessage/OAuth2RedirectMessage.tsx
**Line:** 116:119
**Comment:**
*Possible Bug: `new BroadcastChannel(...)` is only guarded by a
`typeof` check, but some environments expose `BroadcastChannel` while still
throwing at construction time (for example, restricted/opaque contexts). If
that constructor throws, the effect aborts before listeners are installed, so
OAuth completion messages are never handled. Wrap channel creation in
`try/catch` and continue with the storage-event fallback when construction
fails.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
Once fix is implemented, also check other comments on the same PR, and ask
user if the user wants to fix the rest of the comments as well. if said yes,
then fetch all the comments validate the correctness and implement a minimal fix
```
</details>
<a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40097&comment_hash=6d1b346e0815e19a2b60a7479fe52d62a3d6cb80c0a65393ab16aa71eebdd11f&reaction=like'>👍</a>
| <a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40097&comment_hash=6d1b346e0815e19a2b60a7479fe52d62a3d6cb80c0a65393ab16aa71eebdd11f&reaction=dislike'>👎</a>
##########
superset-frontend/src/components/ErrorMessage/OAuth2RedirectMessage.tsx:
##########
@@ -107,43 +100,50 @@ export function OAuth2RedirectMessage({
const dispatch = useDispatch();
useEffect(() => {
- /* Listen for messages from the OAuth2 tab.
- *
- * After OAuth2 is successful the opened tab will send a message before
- * closing itself. Once we receive the message we can retrigger the
- * original query in SQL Lab, explore, or in a dashboard.
- */
- const redirectUrl = new URL(extra.redirect_uri);
- const handleMessage = (event: MessageEvent) => {
- if (
- event.origin === redirectUrl.origin &&
- event.data.tabId === extra.tab_id &&
- event.source === oAuthTab.current
- ) {
- if (source === 'sqllab' && query) {
- dispatch(reRunQuery(query));
- } else if (source === 'explore' && chartId) {
- dispatch(triggerQuery(true, chartId));
- } else if (source === 'dashboard') {
- dispatch(onRefresh(chartList.map(Number), true, 0, dashboardId));
- }
+ const handleOAuthComplete = (tabId?: string) => {
+ if (tabId !== extra.tab_id) {
+ return;
+ }
+ if (source === 'sqllab' && query) {
+ dispatch(reRunQuery(query));
+ } else if (source === 'explore' && chartId) {
+ dispatch(triggerQuery(true, chartId));
+ } else if (source === 'dashboard') {
+ dispatch(onRefresh(chartList.map(Number), true, 0, dashboardId));
}
};
- window.addEventListener('message', handleMessage);
+
+ const channel =
+ typeof BroadcastChannel !== 'undefined'
+ ? new BroadcastChannel(OAUTH_CHANNEL_NAME)
+ : null;
+
+ if (channel) {
+ channel.onmessage = event => {
+ handleOAuthComplete(event.data?.tabId);
+ };
+ }
+
+ const handleStorage = (event: StorageEvent) => {
+ if (event.key !== OAUTH_STORAGE_EVENT_KEY || !event.newValue) {
+ return;
+ }
+
+ try {
+ const message = JSON.parse(event.newValue) as { tabId?: string };
+ handleOAuthComplete(message.tabId);
+ } catch {
+ // ignore malformed storage payloads
+ }
+ };
+
+ window.addEventListener('storage', handleStorage);
return () => {
- window.removeEventListener('message', handleMessage);
+ window.removeEventListener('storage', handleStorage);
+ channel?.close();
};
- }, [
- source,
- extra.redirect_uri,
- extra.tab_id,
- dispatch,
- query,
- chartId,
- chartList,
- dashboardId,
- ]);
+ }, [source, extra.tab_id, dispatch, query, chartId, chartList, dashboardId]);
Review Comment:
**Suggestion:** The effect depends on `chartList`, and this value is rebuilt
from `Object.keys(...)`, which can cause frequent teardown/recreation of the
BroadcastChannel and storage listeners as dashboard state changes. This
introduces unnecessary listener churn and a small race window where a
completion message can be missed; stabilize dependencies (e.g., memoized
IDs/ref-based handler) so the listener remains continuously attached.
[performance]
<details>
<summary><b>Severity Level:</b> Major ⚠️</summary>
```mdx
- ⚠️ Dashboard OAuth2 auto-refresh can occasionally miss completion.
- ⚠️ Extra BroadcastChannel churn on dashboards during OAuth flows.
- ⚠️ SQL Lab/Explore flows inherit unnecessary listener re-subscriptions.
```
</details>
<details>
<summary><b>Steps of Reproduction ✅ </b></summary>
```mdx
1. Open a dashboard so that the Redux `charts` slice is populated and
updated (for
example, when charts load or refresh) and then trigger an OAuth2 flow from a
dashboard
query, causing an `OAuth2RedirectError` (as defined in
`superset/superset/exceptions.py:12-39`) that results in
`OAuth2RedirectMessage` being
rendered (component at
`superset-frontend/src/components/ErrorMessage/OAuth2RedirectMessage.tsx:64-174`).
2. Observe that inside `OAuth2RedirectMessage`, `chartList` is derived from
the Redux
store via `useSelector` at `92-95` as `Object.keys(state.charts)`, which
returns a new
array whenever `state.charts` changes.
3. Because `chartList` is included in the `useEffect` dependency array at
`146`, every
change to `state.charts` while the OAuth2 prompt is visible causes React to
run the
cleanup function at `142-145` (removing the `storage` listener and closing
the current
`BroadcastChannel` instance) and then re-run the effect to create a new
`BroadcastChannel`
and reattach listeners.
4. If a dashboard chart update triggers a `chartList` change at the same
moment the OAuth
callback page `superset/templates/superset/oauth2.html:25-34` posts the `{
tabId }`
message via BroadcastChannel/localStorage, there is a small window where
neither
`channel.onmessage` (set at `121-125`) nor the `storage` listener (attached
at `140`) is
active; a message delivered in this window will be dropped and
`handleOAuthComplete` at
`102-114` will never dispatch `onRefresh`, so the dashboard does not
auto-refresh after
OAuth and the user must refresh manually.
```
</details>
[Fix in
Cursor](https://app.codeant.ai/fix-in-ide?tool=cursor&prompt=This%20is%20a%20comment%20left%20during%20a%20code%20review.%0A%0A%2A%2APath%3A%2A%2A%20superset-frontend%2Fsrc%2Fcomponents%2FErrorMessage%2FOAuth2RedirectMessage.tsx%0A%2A%2ALine%3A%2A%2A%20146%3A146%0A%2A%2AComment%3A%2A%2A%0A%09%2APerformance%3A%20The%20effect%20depends%20on%20%60chartList%60%2C%20and%20this%20value%20is%20rebuilt%20from%20%60Object.keys%28...%29%60%2C%20which%20can%20cause%20frequent%20teardown%2Frecreation%20of%20the%20BroadcastChannel%20and%20storage%20listeners%20as%20dashboard%20state%20changes.%20This%20introduces%20unnecessary%20listener%20churn%20and%20a%20small%20race%20window%20where%20a%20completion%20message%20can%20be%20missed%3B%20stabilize%20dependencies%20%28e.g.%2C%20memoized%20IDs%2Fref-based%20handler%29%20so%20the%20listener%20remains%20continuously%20attached.%0A%0AValidate%20the%20correctness%20of%20the%20flagged%20issue.%20If%20correct%2C%20How%20can%20I%20resolve%20thi
s%3F%20If%20you%20propose%20a%20fix%2C%20implement%20it%20and%20please%20make%20it%20concise.%0AOnce%20fix%20is%20implemented%2C%20also%20check%20other%20comments%20on%20the%20same%20PR%2C%20and%20ask%20user%20if%20the%20user%20wants%20to%20fix%20the%20rest%20of%20the%20comments%20as%20well.%20if%20said%20yes%2C%20then%20fetch%20all%20the%20comments%20validate%20the%20correctness%20and%20implement%20a%20minimal%20fix%0A)
| [Fix in VSCode
Claude](https://app.codeant.ai/fix-in-ide?tool=vscode-claude&prompt=This%20is%20a%20comment%20left%20during%20a%20code%20review.%0A%0A%2A%2APath%3A%2A%2A%20superset-frontend%2Fsrc%2Fcomponents%2FErrorMessage%2FOAuth2RedirectMessage.tsx%0A%2A%2ALine%3A%2A%2A%20146%3A146%0A%2A%2AComment%3A%2A%2A%0A%09%2APerformance%3A%20The%20effect%20depends%20on%20%60chartList%60%2C%20and%20this%20value%20is%20rebuilt%20from%20%60Object.keys%28...%29%60%2C%20which%20can%20cause%20frequent%20teardown%2Frecreation%20of%20the%20BroadcastChannel%20and%20storage%20listen
ers%20as%20dashboard%20state%20changes.%20This%20introduces%20unnecessary%20listener%20churn%20and%20a%20small%20race%20window%20where%20a%20completion%20message%20can%20be%20missed%3B%20stabilize%20dependencies%20%28e.g.%2C%20memoized%20IDs%2Fref-based%20handler%29%20so%20the%20listener%20remains%20continuously%20attached.%0A%0AValidate%20the%20correctness%20of%20the%20flagged%20issue.%20If%20correct%2C%20How%20can%20I%20resolve%20this%3F%20If%20you%20propose%20a%20fix%2C%20implement%20it%20and%20please%20make%20it%20concise.%0AOnce%20fix%20is%20implemented%2C%20also%20check%20other%20comments%20on%20the%20same%20PR%2C%20and%20ask%20user%20if%20the%20user%20wants%20to%20fix%20the%20rest%20of%20the%20comments%20as%20well.%20if%20said%20yes%2C%20then%20fetch%20all%20the%20comments%20validate%20the%20correctness%20and%20implement%20a%20minimal%20fix%0A)
*(Use Cmd/Ctrl + Click for best experience)*
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:**
superset-frontend/src/components/ErrorMessage/OAuth2RedirectMessage.tsx
**Line:** 146:146
**Comment:**
*Performance: The effect depends on `chartList`, and this value is
rebuilt from `Object.keys(...)`, which can cause frequent teardown/recreation
of the BroadcastChannel and storage listeners as dashboard state changes. This
introduces unnecessary listener churn and a small race window where a
completion message can be missed; stabilize dependencies (e.g., memoized
IDs/ref-based handler) so the listener remains continuously attached.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
Once fix is implemented, also check other comments on the same PR, and ask
user if the user wants to fix the rest of the comments as well. if said yes,
then fetch all the comments validate the correctness and implement a minimal fix
```
</details>
<a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40097&comment_hash=35a44452ab27174cce8ddd553f02edfb797ed92faae01186a92df214d24b58f6&reaction=like'>👍</a>
| <a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F40097&comment_hash=35a44452ab27174cce8ddd553f02edfb797ed92faae01186a92df214d24b58f6&reaction=dislike'>👎</a>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
