fix: custom header precedence

[evansims]

This PR addresses a bug in which, when calling a Client API method with custom headers, those headers may not be sent as expected. An issue related to the way header merging was occurring could result in custom headers being dropped.

Before:

# User sets a default header
client.set_default_header("X-Custom-Header", "default-value")

# User makes a request with per-request header
response = client.check(body, _headers={"X-Custom-Header": "per-request-value"})

# Old code would NOT override because "default-value" is type str
# Result: Request uses "default-value" (wrong)

After:

# User sets a default header
client.set_default_header("X-Custom-Header", "default-value")

# User makes a request with per-request header
response = client.check(body, _headers={"X-Custom-Header": "per-request-value"})

# New code checks if header is None, sees it's already set to "per-request-value"
# Result: Request uses "per-request-value" (correct)

References

Builds from → openfga/sdk-generator#627

Review Checklist

• I have clicked on "allow edits by maintainers".
• I have added documentation for new/changed functionality in this PR or in a PR to openfga.dev [Provide a link to any relevant PRs in the references section above]
• The correct base branch is being used, if not main
• I have added tests to validate that the change in functionality is working as expected

Summary by CodeRabbit

• Documentation

  • Updated branding in README from Twitter to X, including badge and resource link.

• Bug Fixes

  • Per-request headers now correctly override default headers when both are provided.
  • Existing header values are preserved and no longer overwritten unless absent.

• Tests

  • Added unit tests to verify per-request header override behavior and coexistence with defaults across client and API calls (sync and async).
  • Expanded coverage for header handling across various scenarios, including data types, case sensitivity, and batch operations.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Updates README branding from Twitter to X. Adjusts header precedence in API clients so per-request headers override defaults. Modifies client header-setting logic to only set when missing (None). Adds unit tests covering per-request/default header merge and override behaviors across async/sync clients and API calls.

Changes

Cohort / File(s)	Summary
Docs branding update README.md	Rename Twitter → X in badge text, logo param, and Resources link.
API clients: header precedence openfga_sdk/api_client.py, openfga_sdk/sync/api_client.py	Change header merge to {**default_headers, **(header_params or {})} so per-request headers override defaults; cookie handling unchanged.
Clients: header overwrite condition openfga_sdk/client/client.py, openfga_sdk/sync/client/client.py	Update set_heading_if_not_set to only set when current value is None; no overwrite for existing non-None values.
API tests (async/sync): per-request headers test/api/open_fga_api_test.py, test/sync/open_fga_api_test.py	Add tests verifying per-request header overrides default and coexistence/merge with defaults.
Client tests (async/sync): header helper and propagation test/client/client_test.py, test/sync/client/client_test.py	Add extensive tests for set_heading_if_not_set, header merge/override, propagation across API methods, immutability cases, and edge cases (types, unicode, case).

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant User as Caller
  participant Client as OpenFgaClient
  participant Api as OpenFgaApi
  participant Http as RESTClientObject

  rect rgba(200,220,255,0.25)
    note right of Client: Prepare request
    User->>Client: call (e.g., check) with params + optional _headers
    Client->>Client: set_heading_if_not_set(req.headers, key, value)<br/>Only set if existing is None
  end

  rect rgba(200,255,200,0.25)
    note right of Api: Merge headers
    Client->>Api: invoke API method with header_params
    Api->>Api: header_params = {**default_headers,<br/> **(header_params or {})}
    Api->>Api: Inject Cookie if configured
  end

  Api->>Http: request(method, url, headers=merged)
  Http-->>Api: response
  Api-->>Client: result
  Client-->>User: result

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related issues

• Default headers incorrectly override per-request custom headers #219 — Changes header merge order so per-request headers override defaults, matching the described issue.

Suggested reviewers

• ttrzeng

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title succinctly describes the primary change—correcting the precedence logic for custom headers—and is concise, specific, and directly related to the main fix introduced by the pull request.
Docstring Coverage	✅ Passed	Docstring coverage is 91.23% which is sufficient. The required threshold is 80.00%.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	mypy@​1.18.1 ⏵ 1.18.2	+1
	coverage@​7.10.6 ⏵ 7.10.7	+1
	ruff@​0.13.0 ⏵ 0.13.3

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2/LICENSE) From: uv.lock → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a License Policy Violation. License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) License: Python-2.0.1 (mypy-1.18.2.dist-info/licenses/LICENSE) From: ? → pypi/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore pypi/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
See 10 more rows in the dashboard

View full report

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 70.73%. Comparing base (5bdc932) to head (57b4424).

❌ Your project status has failed because the head coverage (70.73%) is below the target coverage (80.00%). You can increase the head coverage or adjust the target coverage.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #230      +/-   ##
==========================================
- Coverage   70.73%   70.73%   -0.01%     
==========================================
  Files         134      134              
  Lines       10884    10882       -2     
==========================================
- Hits         7699     7697       -2     
  Misses       3185     3185              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[evansims]

Note: the failing CodeQL status check is unrelated to this PR

[evansims]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[rhamzeh]

Fixed the CodeQL issue - the reason was we had both custom and default setups. Disabled the default one