fold gitar Edge-Cases on merged app-perms PRs (#1404, #1405)

[jaylfc]

Two gitar Edge-Case findings on the merged app-permissions PRs, fixed forward.

#1404 broker best-effort

The decision-24 ledger merge in the userspace broker route called granted_capabilities unguarded. An uninitialised store (raises RuntimeError) or a query error would 500 the broker, contradicting the best-effort comment. Now wrapped in try/except that logs and falls back to the per-app granted set.

#1405 network origin validation

The grant API accepted any network: prefix, including network: (empty) or a malformed origin, recording a meaningless ledger row. Centralised the strict origin pattern as NET_ORIGIN_RE in capabilities.py (single source of truth, reused by the package parser) plus an is_valid_network_grant helper, and the grant API now rejects malformed network grants with a 400.

Tests

New: broker falls back instead of 500 when the ledger raises; malformed network origins rejected (parametrized); package origin test uses the shared pattern. 203 passed across the userspace + app-perms suites.

[qodo-code-review]

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

[coderabbitai]

Warning

Review limit reached

@jaylfc, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 24 minutes and 58 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate.

For paid Pro and Pro+ PR reviews, CodeRabbit uses rolling per-developer review limits. Reviews become available again as older review attempts age out of the rolling limit window.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: e22b02cb-07a8-4423-9f58-5fb1d44e95e5

📥 Commits

Reviewing files that changed from the base of the PR and between 03d32bf and 83f572e.

📒 Files selected for processing (7)

• tests/test_routes_app_permissions.py
• tests/test_routes_userspace_apps.py
• tests/userspace/test_package.py
• tinyagentos/routes/app_permissions.py
• tinyagentos/routes/userspace_apps.py
• tinyagentos/userspace/capabilities.py
• tinyagentos/userspace/package.py

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/gitar-app-perms-edgecases

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[gitar-bot]

Note

Your trial team has used its Gitar budget, so automatic reviews are paused. Upgrade now to unlock full capacity. Comment "Gitar review" to trigger a review manually.
Learn more about usage limits

Code Review ✅ Approved

Adds exception handling to the broker's capability lookup and enforces strict network origin validation via a centralized regex. Both issues are resolved, preventing 500 errors and meaningless ledger entries.

Options

Display: compact → Showing less information.

Comment with these commands to change:

Compact

gitar display:verbose

---

Important

Your trial ends in 3 days — upgrade now to keep code review, CI analysis, auto-apply, custom automations, and more.

_{Was this helpful? React with 👍 / 👎 | Gitar}