fix: add error handling to OpenAI-compatible serve endpoint#774
fix: add error handling to OpenAI-compatible serve endpoint#774psschwei merged 3 commits intogenerative-computing:mainfrom
Conversation
|
The PR description has been updated. Please fill out the template for your PR to be reviewed. |
markstur
force-pushed
the
serve_error_handling
branch
from
7646265 to
907fb78
Compare
|
Claude found a few issues to look at: Unused import (will fail
from fastapi import FastAPI, Request # Request is unused Test isolation — routes accumulate on the global Each test calls NitsDuplicate error handlers —
|
jakelorocco
left a comment
jakelorocco
left a comment
There was a problem hiding this comment.
This seems reasonable to me. I have a few concerns that maybe aren't valid / might not need to be addressed (I don't know if I'm completely up to date on the purpose of this OpenAI server, so these might have already been discussed):
- Are these errors helpful to the end user of the server? For instance, if the ValueError is raised by having some non-conforming field / input, that makes sense to me.
- Will these errors leak anything that an end user might not want leaked? This may be out of scope, but I'm not sure if we have any expectations that the names of requirements, internal mellea functionality doesn't get leaked through these endpoints. Maybe thats on the end user to implement if they need that obfuscation?
ajbozarth
left a comment
ajbozarth
left a comment
There was a problem hiding this comment.
This LGTM now, but I id discuss @jakelorocco concerns with Claude and this was what we came to, probably worth addressing in a comment before merging if Claude is correct that m serve is not designed for prod, if it it we should address it (could be in a follow up imho):
Helpfulness — The ValueError → 400 path is genuinely useful since it reflects bad input the caller can fix. The 500 path is less useful to an end user but fine for a local dev server like m serve.
Information leakage — This is the more interesting concern. The current code passes str(e) directly into the error response body. For a 500, that could expose internal details like mellea class names, attribute paths, or module
structure. For a production-facing deployment that would be a real issue, but m serve is a local developer tool, so leaking implementation details to localhost is low risk. Worth the author explicitly acknowledging that — "this
is a local dev server, not intended for production exposure" — so the reviewer knows it was considered rather than overlooked.
Add proper exception handling to the chat completion endpoint in cli/serve/app.py to prevent unhandled exceptions from crashing the server. Implements OpenAI API error format for the `m serve` endpoint to ensure compatibility with OpenAI client libraries and tools. Signed-off-by: Mark Sturdevant <mark.sturdevant@ibm.com>
* remove unused import * fix FastAPI app route accumulation * remove duplicate error handler * add types for response_model Signed-off-by: Mark Sturdevant <mark.sturdevant@ibm.com>
markstur
force-pushed
the
serve_error_handling
branch
from
e172da1 to
6c91522
Compare
|
rebased and resolved conflicts |
For the success case, return None for usage not a mock object. Signed-off-by: Mark Sturdevant <mark.sturdevant@ibm.com>
4 participants
Misc PR
Type of PR
Description
Add proper exception handling to the chat completion endpoint in cli/serve/app.py to prevent unhandled exceptions from crashing the server. Returns appropriate HTTP status codes and error messages.
Changes:
Fixes ensure the server returns OpenAI-compatible error responses instead of crashing on exceptions.
Testing