feat(exec): order-failure diagnostic logging — correlation, context & TD-18 redaction#8
Merged
Merged
Conversation
…+ context) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- DRY: hoist repeated format_log_context into handler_ctx (3 handlers) - test: cover limit_order pre-submit pricing log - test: assert no-response log carries side/size; narrow secret-test docstring Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…leak) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…(TD-18) _log_invalid_json_body logged the raw request body at WARNING to aid debugging a malformed payload; a body carrying general.secret therefore leaked the credential at the production log level. Route the body through _redact_secrets, which masks any "secret":"..." field and the configured secret value before logging. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
… (TD-18 review) Review of the TD-18 fix: get_settings()/get_secret_value() sat outside the try-except, so a settings failure could turn this logging helper into a 500. Wrap the secret fetch (fall back to None — the regex still masks the field) and make the secret-field regex case-insensitive for defense-in-depth. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What & why
When an order fails, the logs now carry enough context to reconstruct the root cause. Observability only — no change to the
HyperliquidErrortaxonomy, retry policy/backoff, HTTP status codes, DB schema, or pricing/submission logic (verified end-to-end in a whole-branch review).Changes
OrderRequestcarries a newreq_id(alongsidecloid); every failure log line is tagged so it ties back to the originating webhook request and the exchange-side order id.market_order/limit_order):mid, slippage bps, aggressive price, tick-normalized price actually sent — the key diagnostic for a "bad price / could not match" reject._safe_json(falls back torepr, never masks the original failure).req_id/cloid/symbol/side(hoisted to onehandler_ctx).format_log_context(**fields)builds the uniformkey=valuecontext (no copy-pasted prefix).TD-18 (resolved on this branch)
The review surfaced a pre-existing leak: the invalid-JSON path (
_log_invalid_json_body) logged the raw body at WARNING, exposinggeneral.secreton a malformed payload. Fixed: the body is routed through_redact_secrets(masks any"secret": "…"field + the configured secret value), with the secret fetch guarded so the logging helper can never raise.Testing
Full suite: 191 passed (
python3.11 -m pytest). New tests cover correlation, submitted-pricing logs, enriched reject context, the terminal-line error, secret non-leakage (order path + invalid-JSON path), and_redact_secretsedge cases.Design:
docs/superpowers/specs/2026-06-28-order-failure-logging-design.md· Plan:docs/superpowers/plans/2026-06-28-order-failure-logging.md· Changelog:CHANGELOG.md.🤖 Generated with Claude Code