fix: add diagnostic warnings for pkill_processes validation failures

Per CodeRabbit feedback, add logger.warning calls when pkill_processes validation fails in both load_org_config and load_project_commands. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-30 14:22:04 +00:00 · 2026-01-27 07:00:16 +01:00
parent 1d67fff9e0
commit 06c0bf4fd3
1 changed files with 8 additions and 2 deletions
--- a/security.py
+++ b/security.py
@@ -544,15 +544,18 @@ def load_org_config() -> Optional[dict]:
        if "pkill_processes" in config:
            processes = config["pkill_processes"]
            if not isinstance(processes, list):
+                logger.warning(f"Org config at {config_path}: 'pkill_processes' must be a list")
                return None
            # Normalize and validate each process name against safe pattern
            normalized = []
-            for proc in processes:
+            for i, proc in enumerate(processes):
                if not isinstance(proc, str):
+                    logger.warning(f"Org config at {config_path}: pkill_processes[{i}] must be a string")
                    return None
                proc = proc.strip()
                # Block empty strings and regex metacharacters
                if not proc or not VALID_PROCESS_NAME_PATTERN.fullmatch(proc):
+                    logger.warning(f"Org config at {config_path}: pkill_processes[{i}] has invalid value '{proc}'")
                    return None
                normalized.append(proc)
            config["pkill_processes"] = normalized
@@ -626,15 +629,18 @@ def load_project_commands(project_dir: Path) -> Optional[dict]:
        if "pkill_processes" in config:
            processes = config["pkill_processes"]
            if not isinstance(processes, list):
+                logger.warning(f"Project config at {config_path}: 'pkill_processes' must be a list")
                return None
            # Normalize and validate each process name against safe pattern
            normalized = []
-            for proc in processes:
+            for i, proc in enumerate(processes):
                if not isinstance(proc, str):
+                    logger.warning(f"Project config at {config_path}: pkill_processes[{i}] must be a string")
                    return None
                proc = proc.strip()
                # Block empty strings and regex metacharacters
                if not proc or not VALID_PROCESS_NAME_PATTERN.fullmatch(proc):
+                    logger.warning(f"Project config at {config_path}: pkill_processes[{i}] has invalid value '{proc}'")
                    return None
                normalized.append(proc)
            config["pkill_processes"] = normalized