codeant-ai-for-open-source[bot] commented on code in PR #41285:
URL: https://github.com/apache/superset/pull/41285#discussion_r3454043415
##########
superset-frontend/src/SqlLab/components/SqlEditor/index.tsx:
##########
@@ -271,6 +279,50 @@ const SqlEditor: FC<Props> = ({
const logAction = useLogAction({ queryEditorId: queryEditor.id });
const isActive = currentQueryEditorId === queryEditor.id;
+
+ // Re-renders when an extension registers a northPane view after async load.
+ const northPaneViews = useViews(ViewLocations.sqllab.northPane) || [];
+
+ // Resolve the per-tab localStorage key the same way every other SQL Lab
+ // consumer does (`tabViewId ?? id`), so the value written, read back, and
+ // observed via the `storage` event all agree once a tab is
backend-persisted.
+ const northPaneStorageId = queryEditor.tabViewId ?? queryEditor.id;
+
+ // ID of the northPane view active for this tab, or null for the default
+ // SQL editor layout. Set by an extension via PENDING_NORTH_PANE_VIEW_KEY
+ // before calling createTab(); persisted per-tab in localStorage.
+ const [northPaneViewId, setNorthPaneViewId] = useState<string | null>(() => {
+ const pendingViewId = localStorage.getItem(PENDING_NORTH_PANE_VIEW_KEY);
+ if (pendingViewId) {
+ localStorage.removeItem(PENDING_NORTH_PANE_VIEW_KEY);
+ localStorage.setItem(
+ NORTH_PANE_VIEW_KEY(northPaneStorageId),
+ pendingViewId,
+ );
+ return pendingViewId;
+ }
+ return localStorage.getItem(NORTH_PANE_VIEW_KEY(northPaneStorageId));
+ });
+
+ useEffect(() => {
+ const persistKey = NORTH_PANE_VIEW_KEY(northPaneStorageId);
+ if (northPaneViewId) {
+ localStorage.setItem(persistKey, northPaneViewId);
+ } else {
+ localStorage.removeItem(persistKey);
+ }
+ }, [northPaneStorageId, northPaneViewId]);
Review Comment:
**Suggestion:** Direct `localStorage` reads/writes in render-time
initialization and effects can throw (e.g., storage blocked/quota/security
errors), which would crash the editor path. This file already uses storage
helper utilities elsewhere that guard failures; these new accesses should use
guarded helpers or `try/catch` to avoid runtime crashes. [possible bug]
<details>
<summary><b>Severity Level:</b> Critical 🚨</summary>
```mdx
- ❌ SQL Lab editor can crash on storage-restricted browsers.
- ⚠️ NorthPane layout persistence unreliable when storage errors occur.
```
</details>
<details>
<summary><b>Steps of Reproduction ✅ </b></summary>
```mdx
1. Run Superset in a browser/environment where `localStorage` access may
throw (for
example, storage disabled, blocked by policy, or in a strict private mode),
so calls to
`localStorage.getItem` or `setItem` can raise a `DOMException`.
2. Navigate to SQL Lab so `SqlEditor` mounts
(`superset-frontend/src/SqlLab/components/SqlEditor/index.tsx`, lines 1-22),
which
immediately evaluates the `useState` initializer for `northPaneViewId` at
lines 55-65.
3. In that initializer, `localStorage.getItem(PENDING_NORTH_PANE_VIEW_KEY)`
and
`localStorage.getItem(NORTH_PANE_VIEW_KEY(northPaneStorageId))` are called
directly
without try/catch or helper wrappers (lines 55, 65); if `localStorage`
throws here, the
exception bubbles and prevents the component from mounting, crashing the SQL
Lab editor
view.
4. Even if initialization succeeds, subsequent renders run the `useEffect`
at lines 68-75,
which directly invokes `localStorage.setItem` and `localStorage.removeItem`;
any storage
error here similarly propagates, while other parts of this file and nearby
code (e.g.,
`getItem`/`setItem` from `src/utils/localStorageHelpers.ts` used at lines
92-97)
demonstrate an established pattern of guarding `localStorage` access,
confirming this new
unguarded usage is inconsistent and can realistically break the editor for
affected users.
```
</details>
[](https://app.codeant.ai/fix-in-ide?tool=cursor&prompt_id=64fc89c00bfa4462906b3083646d487b&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset)
[](https://app.codeant.ai/fix-in-ide?tool=vscode-claude&prompt_id=64fc89c00bfa4462906b3083646d487b&service=github&base_url=https%3A%2F%2Fgithub.com&org=apache&repo=apache%2Fsuperset)
*(Use Cmd/Ctrl + Click for best experience)*
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:** superset-frontend/src/SqlLab/components/SqlEditor/index.tsx
**Line:** 294:314
**Comment:**
*Possible Bug: Direct `localStorage` reads/writes in render-time
initialization and effects can throw (e.g., storage blocked/quota/security
errors), which would crash the editor path. This file already uses storage
helper utilities elsewhere that guard failures; these new accesses should use
guarded helpers or `try/catch` to avoid runtime crashes.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
Once fix is implemented, also check other comments on the same PR, and ask
user if the user wants to fix the rest of the comments as well. if said yes,
then fetch all the comments validate the correctness and implement a minimal fix
```
</details>
<a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F41285&comment_hash=7503a995bcfedd5cf083f689fbbdd4e0a4e6a1da166bac3349af4b3c51270f7f&reaction=like'>👍</a>
| <a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F41285&comment_hash=7503a995bcfedd5cf083f689fbbdd4e0a4e6a1da166bac3349af4b3c51270f7f&reaction=dislike'>👎</a>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
