Problem
DataflowSession handling in the CLI currently has two integrity problems:
- Session writes are non-atomic (direct write to final path).
- If an existing session file is invalid/corrupted,
read_session silently regenerates a new default session.
This can reset session identity/build context without explicit failure.
Why this matters
Session state is part of reproducibility and build/run continuity.
If corruption is silently replaced, operators lose deterministic behavior and may run with an unintended session/build context.
This is especially risky for Project #2 goals around dependency/source reproducibility and stable build metadata.
Expected behavior
- Session file updates should be crash-safe (atomic write).
- Corrupted/truncated existing session files should produce an explicit error with recovery guidance, not silent regeneration.
Actual behavior
- Session file is written directly to target path.
- Parse failures are logged as warning and replaced by a fresh default session.
Proposed fix
- Implement atomic session writes using temporary file + fsync + rename.
- Change
read_session behavior:
- If file exists and parse fails, return an explicit error.
- Include clear recovery guidance (fix/remove file and rerun build).
- Add regression tests for invalid/truncated existing session files.
Problem
DataflowSessionhandling in the CLI currently has two integrity problems:read_sessionsilently regenerates a new default session.This can reset session identity/build context without explicit failure.
Why this matters
Session state is part of reproducibility and build/run continuity.
If corruption is silently replaced, operators lose deterministic behavior and may run with an unintended session/build context.
This is especially risky for Project #2 goals around dependency/source reproducibility and stable build metadata.
Expected behavior
Actual behavior
Proposed fix
read_sessionbehavior: