Skip to content

Comments

Fix: Invalid JSON on gc-stats (#1801)#4

Open
MitchLewis930 wants to merge 1 commit intopr_054_beforefrom
pr_054_after
Open

Fix: Invalid JSON on gc-stats (#1801)#4
MitchLewis930 wants to merge 1 commit intopr_054_beforefrom
pr_054_after

Conversation

@MitchLewis930
Copy link

@MitchLewis930 MitchLewis930 commented Jan 30, 2026
edited by qodo-code-review bot
Loading

User description

PR_054

PR Type

Bug fix

Description

  • Fix invalid JSON generation in gc-stats endpoint

  • Replace manual string concatenation with proper JSON serialization

  • Simplify test parsing using standard JSON library

  • Add JSON require statement to status module

Diagram Walkthrough

flowchart LR
  A["Manual JSON string<br/>concatenation"] -->|"Replace with"| B["GC.stat.to_json<br/>proper serialization"]
  C["Regex-based JSON<br/>parsing in tests"] -->|"Simplify to"| D["JSON.parse<br/>standard library"]
Loading

File Walkthrough
Relevant files
Bug fix
status.rb
Use proper JSON serialization for gc-stats                             

lib/puma/app/status.rb

  • Add require 'json' at module top
  • Replace manual JSON string building with GC.stat.to_json
  • Simplify gc-stats endpoint response generation
 +3/-2     
Tests
test_cli.rb
Simplify JSON parsing in gc-stats test                                     

test/test_cli.rb

  • Add require "json" to test file
  • Replace regex-based JSON parsing with JSON.parse()
  • Remove manual key-value pair extraction logic
  • Simplify gc_stats hash population
 +2/-6     

@Jesus @nateberkopec
Fix: Invalid JSON on gc-stats (puma#1801)
2db1ef1 
* Fix: Invalid JSON on gc-stats

Credits of this patch should be for @jdsundberg, who reported the issue
but never sent a patch. Link to his bug report is below.

Closes puma#1687.

* Update tests so JSON response is correctly parsed

JSON without a whitespace between key and values wasn't being correctly
parsed (for example: `key: 'value'` was processed ok, but `key:'value'`
wasn't).
@qodo-code-review
Copy link

qodo-code-review bot commented Jan 30, 2026

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢
No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
🎫 No ticket provided
  • Create ticket/issue
Codebase Duplication Compliance
Codebase context is not defined

Follow the guide to enable codebase context checks.

Custom Compliance
🟢
Generic: Comprehensive Audit Trails

Objective: To create a detailed and reliable record of critical system actions for security analysis
and compliance.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Meaningful Naming and Self-Documenting Code

Objective: Ensure all identifiers clearly express their purpose and intent, making code
self-documenting

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Robust Error Handling and Edge Case Management

Objective: Ensure comprehensive error handling that provides meaningful context and graceful
degradation

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Error Handling

Objective: To prevent the leakage of sensitive system information through error messages while
providing sufficient detail for internal debugging.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Logging Practices

Objective: To ensure logs are useful for debugging and auditing without exposing sensitive
information like PII, PHI, or cardholder data.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Security-First Input Validation and Data Handling

Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent
vulnerabilities

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules
Compliance status legend 🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

@qodo-code-review
Copy link

qodo-code-review bot commented Jan 30, 2026

PR Code Suggestions ✨

Explore these optional code suggestions:

CategorySuggestion                                                                                                                                    Impact
General
Robustly extract JSON body

Improve JSON body extraction from the HTTP response by splitting on the \r\n\r\n
delimiter instead of searching for a line starting with '{'.

test/test_cli.rb [197-199]

-lines = body.split("\r\n")
-json_line = lines.detect { |l| l[0] == "{" }
-gc_stats = JSON.parse(json_line)
+raw_body = body.split("\r\n\r\n", 2).last
+gc_stats = JSON.parse(raw_body)
  • Apply / Chat
Suggestion importance[1-10]: 7

__

Why: This suggestion significantly improves the robustness of the test by using the standard HTTP method to separate headers from the body, which is more reliable than the current line-by-line detection logic.

Medium
Make JSON require idempotent

Conditionally require the 'json' library by adding unless defined?(JSON) to
prevent it from being reloaded if it's already defined.

lib/puma/app/status.rb [1]

-require 'json'
+require 'json' unless defined?(JSON)
  • Apply / Chat
Suggestion importance[1-10]: 3

__

Why: This is a minor improvement for idempotency. While require itself is idempotent in modern Ruby, this change adds a defensive check that can prevent potential issues in complex loading scenarios, though its practical impact is minimal.

Low
  • More

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Review effort 1/5

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MitchLewis930 @Jesus