Fix five code review issues

1. Seeder pause/resume: only resume after prompt execution if pause() returned True, preventing undo of user-initiated pauses. 2. Missing rollback in enrich_assets_batch: add sess.rollback() in exception handler to prevent broken session state for subsequent batch operations. 3. Hash checkpoint validation: store mtime_ns/file_size in HashCheckpoint and re-stat on resume instead of comparing the same stat result to itself. 4. Scan progress preserved: save _last_progress before clearing _progress in finally blocks so wait=true endpoint returns final stats instead of zeros. 5. Download XSS hardening: block dangerous MIME types (matching server.py) and add X-Content-Type-Options: nosniff header to asset content endpoint. Amp-Thread-ID: https://ampcode.com/threads/T-019cbb6b-e97b-776d-8c43-2de8acd0d09e Co-authored-by: Amp <amp@ampcode.com>
2026-03-09 15:20:06 +00:00 · 2026-03-04 16:49:44 -08:00
parent 781d451355
commit 731a95eb13
5 changed files with 52 additions and 17 deletions
--- a/main.py
+++ b/main.py
@@ -261,11 +261,12 @@ def prompt_worker(q, server_instance):
            for k in sensitive:
                extra_data[k] = sensitive[k]

-            asset_seeder.pause()
+            was_paused = asset_seeder.pause()
            try:
                e.execute(item[2], prompt_id, extra_data, item[4])
            finally:
-                asset_seeder.resume()
+                if was_paused:
+                    asset_seeder.resume()
            need_gc = True

            remove_sensitive = lambda prompt: prompt[:5] + prompt[6:]