fix: capture exception details and fix inconsistent error response fields

[shruthipavalavel]

Fixes #46

What this PR does

Two bugs fixed in src/index.py:

Bug 1: Silent exception handling
Both handle_sol_balance and handle_token_supply were catching exceptions without capturing the error message, returning a generic "Internal error" with no debugging information.

Changed except Exception to except Exception as e and return str(e) so the actual error is surfaced in the response.

Bug 2: Inconsistent error response field
The except block in handle_token_supply was returning 'balance': None instead of 'supply': None, which was inconsistent with its success response format.

Changes

• src/index.py: capture exception details in both handlers
• src/index.py: fix error response key in handle_token_supply from 'balance' to 'supply'

Summary by CodeRabbit

• Bug Fixes
  • Improved API error messages to display detailed error information instead of generic messages, helping users better understand issues when requests fail.

[owasp-blt]

📊 Monthly Leaderboard

Hi @shruthipavalavel! Here's how you rank for March 2026:

Rank	User	Open PRs	PRs (merged)	PRs (closed)	Reviews	Comments	Total
133	@SahilDhillon21	1	0	0	0	0	1
134	@shruthipavalavel ✨	1	0	0	0	0	1
135	@SuyashJain17	1	0	0	0	0	1

---

Scoring this month (across OWASP-BLT org): Open PRs (+1 each), Merged PRs (+10), Closed (not merged) (−2), Reviews (+5; first two per PR in-month), Comments (+2, excludes CodeRabbit). Run /leaderboard on any issue or PR to see your rank!

[owasp-blt]

👋 Hi @shruthipavalavel!

This pull request needs a peer review before it can be merged. Please request a review from a team member who is not:

• The PR author
• coderabbitai
• copilot

Once a valid peer review is submitted, this check will pass automatically. Thank you!

⚠️ Peer review enforcement is active.

[coderabbitai]

Walkthrough

Exception handling in two API endpoint handlers was improved to capture and return actual error details instead of generic messages. Explanatory comments were removed, and file formatting was adjusted.

Changes

Cohort / File(s)	Summary
Exception Handling Improvements src/index.py	Updated handle_sol_balance and handle_token_supply to capture exceptions as e and return str(e) in error responses instead of fixed 'Internal error' strings. Removed explanatory comments and adjusted file formatting.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested labels

quality: medium

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main changes: capturing exception details and fixing the inconsistent error response field in handle_token_supply.
Linked Issues check	✅ Passed	The PR addresses both objectives from issue #46: capturing exception details with str(e) in both handlers and fixing the error response field from 'balance' to 'supply' in handle_token_supply.
Out of Scope Changes check	✅ Passed	All changes are directly related to issue #46 requirements. Comment removal and whitespace adjustments are minor cleanup supporting the bug fixes.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/index.py`:
- Around line 116-119: The exception-handling paths currently reuse
response_headers (which contains "Cache-Control: public, max-age=30") when
returning Response.new, causing error responses with exception details to be
publicly cached; update the except block(s) that call Response.new (referencing
Response.new and response_headers) to use a non-cacheable header set — e.g.,
clone response_headers then override "Cache-Control" to "no-store" (and
optionally add "Pragma: no-cache" and "Expires: 0") — and apply the same change
to the other error return around lines 171-175 so all error responses containing
str(e) are not cached.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 12278b77-175b-4b0b-b0af-591bb8ef94fb

📥 Commits

Reviewing files that changed from the base of the PR and between 99e6b27 and 87fb047.

📒 Files selected for processing (1)

• src/index.py

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Don’t cache 500 responses that now include exception details.

Line 119 and Line 174 reuse response_headers (Cache-Control: public, max-age=30) for exception paths. Since error now includes str(e), these failures can be publicly cached and replayed to other clients for 30s. Use non-cacheable headers on error responses.

Suggested patch

@@
     except Exception as e:
+        error_headers = {
+            **cors_headers,
+            'Content-Type': 'application/json',
+            'Cache-Control': 'no-store',
+        }
         return Response.new(
             json.dumps({'balance': None, 'error': str(e)}),
-            {'status': 500, 'headers': response_headers}
+            {'status': 500, 'headers': error_headers}
         )
@@
     except Exception as e:
+        error_headers = {
+            **cors_headers,
+            'Content-Type': 'application/json',
+            'Cache-Control': 'no-store',
+        }
         return Response.new(
             json.dumps({'supply': None, 'error': str(e)}),
-            {'status': 500, 'headers': response_headers}
+            {'status': 500, 'headers': error_headers}
         )

Also applies to: 171-175

🧰 Tools

🪛 Ruff (0.15.7)

[warning] 116-116: Do not catch blind exception: Exception

(BLE001)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/index.py` around lines 116 - 119, The exception-handling paths currently
reuse response_headers (which contains "Cache-Control: public, max-age=30") when
returning Response.new, causing error responses with exception details to be
publicly cached; update the except block(s) that call Response.new (referencing
Response.new and response_headers) to use a non-cacheable header set — e.g.,
clone response_headers then override "Cache-Control" to "no-store" (and
optionally add "Pragma: no-cache" and "Expires: 0") — and apply the same change
to the other error return around lines 171-175 so all error responses containing
str(e) are not cached.

[owasp-blt]

⚠️ This pull request has 1 unresolved review conversation that must be resolved before merging.