Skip to content

Update Scheduled Mail Handler#80

Open
sevivenegas wants to merge 6 commits into
previewfrom
scheduled-mail-handler-fix
Open

Update Scheduled Mail Handler#80
sevivenegas wants to merge 6 commits into
previewfrom
scheduled-mail-handler-fix

Conversation

@sevivenegas

@sevivenegas sevivenegas commented Apr 2, 2026

Copy link
Copy Markdown

References

  • Linear:

Proposed Changes

Summary

Implemented the handler to update a scheduled mail, allowing users to modify when a scheduled email will be sent.

Changes

  • Added logic to update scheduled send time in the backend
  • Integrated update functionality into existing mail handler

Notes

  • Needs to be tested as I could not on my laptop

Spencer04Hire and others added 5 commits September 10, 2025 18:49
@Spencer04Hire
Merge pull request #38 from HoagieClub/preview
4b95f3a 
App Router migration and other updates
@Spencer04Hire
Merge pull request #42 from HoagieClub/preview
2321463 
Add test email feature, fix email styling
@Spencer04Hire
Merge pull request #47 from HoagieClub/preview
7e0dd14 
Update set up repo setup
@Spencer04Hire
Merge pull request #59 from HoagieClub/preview
44ef51c 
 Merge to Main 12/6/2025
@jfmath04
Merge pull request #67 from HoagieClub/preview
a7fad96 
Merge to main 02/02/26
@vercel

vercel Bot commented Apr 2, 2026
edited
Loading

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
mail Ready Ready Preview, Comment Apr 2, 2026 1:36am

Request Review

github-advanced-security[bot]
github-advanced-security AI found potential problems Apr 2, 2026
View reviewed changes
Comment thread .github/workflows/lint.yml Outdated
Comment on lines +30 to +53
name: Ruff (backend)
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./backend

steps:
- name: Check out Git repository
uses: actions/checkout@v5

- name: Install uv
uses: astral-sh/setup-uv@v4

- name: Set up Python
run: uv python install

- name: Install backend dependencies
run: uv sync --group dev

- name: Run Ruff lint check
run: uv run ruff check

- name: Run Ruff format check
run: uv run ruff format --check

Check warning

Code scanning / CodeQL

Workflow does not contain permissions

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}

Copilot Autofix

AI 3 months ago

In general, the fix is to add an explicit permissions block that restricts the GITHUB_TOKEN to the minimal scope required. For pure linting jobs that only need to read repository contents, contents: read is sufficient. Since both run-linters and ruff are lint jobs and do not perform write operations to the repo or GitHub APIs, they can share a global minimal permissions block.

The best way to fix this without changing existing functionality is to add a top-level permissions block after the on: trigger. This will apply to all jobs (including ruff) that don’t define their own permissions. We’ll set contents: read, which is the minimal recommended starting point and matches CodeQL’s suggestion. No imports or additional methods are needed; this is entirely a YAML configuration change in .github/workflows/lint.yml, within the shown snippet.

Concretely, in .github/workflows/lint.yml, insert:

permissions:
    contents: read

between lines 2 and 3 (after on: pull_request and before jobs:), maintaining the existing indentation style.

Suggested changeset 1
.github/workflows/lint.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -1,5 +1,7 @@
 name: Lint
 on: pull_request
+permissions:
+    contents: read
 jobs:
     run-linters:
         name: Run linters
EOF
@@ -1,5 +1,7 @@
name: Lint
on: pull_request
permissions:
contents: read
jobs:
run-linters:
name: Run linters
Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
github-advanced-security[bot]
github-advanced-security AI found potential problems Apr 2, 2026
View reviewed changes
Comment thread backend/hoagiemail/api/stuff_posts_view.py Outdated
logger.error(f"Unexpected error retrieving posts: {e}")

return Response(
{"error": f"Unexpected error retrieving posts: {e}"}, status=status.HTTP_500_INTERNAL_SERVER_ERROR

Check warning

Code scanning / CodeQL

Information exposure through an exception

[Stack trace information](1) flows to this location and may be exposed to an external user.

Copilot Autofix

AI 3 months ago

In general, this should be fixed by ensuring that detailed exception information (including raw exception messages) is logged only on the server and not returned to the client. The client should receive a generic, non-sensitive error message and, if needed, a generic error code that can be correlated with server logs.

For this specific view, the best minimal fix without changing existing functionality is to keep the logging line as-is (so developers still see the detailed error in logs) but change the HTTP response body in the broad except Exception as e: handler to a generic message that does not include e. That means editing backend/hoagiemail/api/stuff_posts_view.py at lines 46–48 to remove the f-string with {e} and replace it with a constant message like "Unexpected error retrieving posts.". No new imports or helper methods are required.

Suggested changeset 1
backend/hoagiemail/api/stuff_posts_view.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/backend/hoagiemail/api/stuff_posts_view.py b/backend/hoagiemail/api/stuff_posts_view.py
--- a/backend/hoagiemail/api/stuff_posts_view.py
+++ b/backend/hoagiemail/api/stuff_posts_view.py
@@ -44,5 +44,5 @@
 			logger.error(f"Unexpected error retrieving posts: {e}")
 
 			return Response(
-				{"error": f"Unexpected error retrieving posts: {e}"}, status=status.HTTP_500_INTERNAL_SERVER_ERROR
+				{"error": "Unexpected error retrieving posts."}, status=status.HTTP_500_INTERNAL_SERVER_ERROR
 			)
EOF
@@ -44,5 +44,5 @@
logger.error(f"Unexpected error retrieving posts: {e}")

return Response(
{"error": f"Unexpected error retrieving posts: {e}"}, status=status.HTTP_500_INTERNAL_SERVER_ERROR
{"error": "Unexpected error retrieving posts."}, status=status.HTTP_500_INTERNAL_SERVER_ERROR
)
Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
@jfmath04 jfmath04 self-requested a review April 2, 2026 01:03
@jfmath04 jfmath04 changed the base branch from main to preview April 2, 2026 01:03
@sevivenegas sevivenegas force-pushed the scheduled-mail-handler-fix branch from 13fc827 to a7fad96 Compare April 2, 2026 01:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jfmath04 jfmath04 Awaiting requested review from jfmath04

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sevivenegas @github-advanced-security @Spencer04Hire @jfmath04