Skip to content

Comments

Fix empty list filter raising IndexError instead of WeaviateInvalidInputError#1962

Merged
dirkkul merged 3 commits intomainfrom
pr/1942
Feb 25, 2026
Merged

Fix empty list filter raising IndexError instead of WeaviateInvalidInputError#1962
dirkkul merged 3 commits intomainfrom
pr/1942

Conversation

@dirkkul
Copy link
Collaborator

@dirkkul dirkkul commented Feb 24, 2026

based on #1942

Copilot AI review requested due to automatic review settings February 24, 2026 11:06
Copy link

@orca-security-eu orca-security-eu bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Orca Security Scan Summary

Status Check Issues by priority
Passed Passed Infrastructure as Code high 0   medium 0   low 0   info 0 View in Orca
Passed Passed SAST high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Secrets high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Vulnerabilities high 0   medium 0   low 0   info 0 View in Orca

Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR prevents IndexError when filters are called with empty list values by adding client-side validation and serialization-layer guards, aligning the behavior with WeaviateInvalidInputError expectations.

Changes:

  • Add explicit empty-list validation to Filter.by_property(...).equal/not_equal/less_than/less_or_equal/greater_than/greater_or_equal.
  • Add REST serialization guard to raise WeaviateInvalidInputError for empty lists.
  • Add gRPC serialization guards to avoid indexing into empty lists, and add unit tests covering the new validations.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

File Description
weaviate/collections/filters.py Adds empty-list handling in gRPC list conversions and raises WeaviateInvalidInputError in REST parsing for empty lists.
weaviate/collections/classes/filters.py Adds empty-list validation to comparison filter builder methods to raise WeaviateInvalidInputError.
test/collection/test_filter.py Adds unit tests asserting empty-list inputs raise WeaviateInvalidInputError for the updated methods.
test/collection/test_config_methods.py Formats the test schema dict (no functional change).
Comments suppressed due to low confidence (1)

weaviate/collections/classes/filters.py:229

  • The empty-list validation checks isinstance(val, list) only. Since FilterValuesList is typed as Sequence[...], callers could pass an empty tuple/other sequence and bypass this guard, leading to a different error later (e.g., ValueError in REST parsing) instead of the intended WeaviateInvalidInputError. Consider validating Sequence (excluding str/bytes) or coercing sequences to list consistently before checking len(...) == 0.
    def equal(self, val: FilterValues) -> _Filters:
        """Filter on whether the property is equal to the given value."""
        if isinstance(val, list) and len(val) == 0:
            raise WeaviateInvalidInputError(
                "Filtering on empty lists is not supported by Weaviate. "
                "To filter by property length, use "
                "Filter.by_property('prop', length=True).equal(0)"
            )
        return _FilterValue(target=self._target_path(), value=val, operator=_Operator.EQUAL)

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated no new comments.

Comments suppressed due to low confidence (2)

integration/test_rbac.py:392

  • This change appears unrelated to the PR's stated purpose of fixing empty list filter validation. While the change itself makes sense (avoiding duplicate role names in tests), it should ideally be in a separate commit or PR, or at least mentioned in the PR description. Including unrelated changes can make code reviews more difficult and confuse the git history.
                name="AlliasRole3",

test/collection/test_filter.py:65

  • Consider adding a similar test for the REST converter to ensure the defense-in-depth empty list check in _FilterToREST.__parse_filter also works as expected. While the gRPC test covers one code path, the REST converter has its own empty list validation at line 236-241 of weaviate/collections/filters.py that should be tested independently to ensure both serialization paths handle empty lists correctly.
def test_empty_list_grpc_conversion() -> None:
    """Ensure the gRPC converter raises WeaviateInvalidInputError for empty lists."""
    fv = _FilterValue(target="test", value=[], operator=_Operator.EQUAL)
    with pytest.raises(weaviate.exceptions.WeaviateInvalidInputError):
        _FilterToGRPC.convert(fv)

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@codecov-commenter
Copy link

Codecov Report

❌ Patch coverage is 95.45455% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 87.88%. Comparing base (ed3eed2) to head (460b20b).

Files with missing lines Patch % Lines
weaviate/collections/filters.py 77.77% 2 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main    #1962      +/-   ##
==========================================
- Coverage   87.88%   87.88%   -0.01%     
==========================================
  Files         280      280              
  Lines       21347    21388      +41     
==========================================
+ Hits        18760    18796      +36     
- Misses       2587     2592       +5     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@dirkkul dirkkul merged commit 146ab23 into main Feb 25, 2026
127 checks passed
@dirkkul dirkkul deleted the pr/1942 branch February 25, 2026 13:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants