Add chunk sidecar snapshot list command#337
Conversation
Extract hook context setup (applyHookContext), hook early-exit checks (checkHookEarlyExit), and sidecar resolution (resolveSidecarForRun) into standalone helper functions. This brings the complexity of newValidateCmd's RunE closure from 31 down to the allowed limit of 30.
Fix: reduce cyclomatic complexity of newValidateCmd (gocyclo lint failure)
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Risk Assessment
Overall: Low — the change is scoped to a new read-only snapshot listing command plus a small client method, with acceptance coverage for core flows and no breaking or security-sensitive behavior changes; remaining concerns are minor docs/error-handling/test gaps.
| Dimension | Finding |
|---|---|
| Blast radius | Low-to-moderate surface because this adds the public chunk sidecar snapshot list command and a new CircleCI API client method, and also includes an unrelated validate refactor. No dependency-boundary violations found. |
| Test coverage | Core acceptance coverage exists for happy path, empty list, and missing token. Gaps: no --json coverage for the new machine-readable output and no list API error/auth-specific acceptance case. Focused test run was attempted but blocked by the local Go toolchain (go1.26 unavailable). |
| Breaking changes | No concerns. The PR adds a subcommand and does not change existing command names, flags, defaults, .chunk/ file structure, or existing output contracts. |
| Security | No concerns. The new path is a read-only authenticated GET using existing token handling, with no new dependencies, shell execution, or file-permission changes. |
| Complexity | Low. The new command follows existing sidecar command patterns and respects cmd/ -> internal/ layering. The unrelated validate extraction appears behavior-preserving, but it broadens review scope. |
Recommendations: update
docs/CLI.md:102anddocs/GETTING_STARTED.md:208so the new public command is discoverable; add coverage forchunk sidecar snapshot list --jsonfrominternal/cmd/sidecar.go:784; and consider mirroringsidecar listauth handling for snapshot list atinternal/cmd/sidecar.go:776becauseinternal/circleci/client.go:149maps 401/403 toErrNotAuthorized, but the command currently reports all failures as retryable list errors.
Sent by Cursor Automation: chunk-cli risk assessment
| // applyHookContext sets up the context and streams for hook invocations. | ||
| // It returns the updated context and streams, and resets per-session state | ||
| // when the hook is running for the first time (not a retry). | ||
| func applyHookContext(ctx context.Context, hook *hookContext, streams iostream.Streams) (context.Context, iostream.Streams) { |
There was a problem hiding this comment.
why is this included?
There was a problem hiding this comment.
It got added to fix a lint failure on the original commit. newValidateCmd was pushed over the gocyclo complexity limit.
2 participants
Adds
chunk sidecar snapshot list --org-id <id>so users can see existing snapshots before creating new ones, avoiding 409 name-conflict errors.Changes
ListSnapshotsclient method hittingGET /api/v2/sidecar/snapshotschunk sidecar snapshot listsubcommand with--org-idand--jsonflags