Coderabbit config test

[i7an]

Motivation

Test new coderabbit config

Changes

• Added new API

Summary by CodeRabbit

Release Notes

• New Features
  • Added sandbox attachments API enabling users to retrieve and list attachments associated with sandbox messages. Users can now fetch specific attachment details and view all attachments for a given sandbox message.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

This change introduces a new Sandbox Attachments API feature to the Mailtrap library, including a data model, API client methods for retrieving attachments, comprehensive test coverage with VCR cassettes, and CodeRabbit configuration for privacy review of sensitive data in fixtures.

Changes

Cohort / File(s)	Summary
Configuration .coderabbit.yaml	Adds CodeRabbit configuration to review VCR cassettes as a data privacy officer, identifying sensitive data like PII and credentials in test fixtures.
Library Setup lib/mailtrap.rb	Adds require_relative for the new sandbox_attachments_api module.
Data Model lib/mailtrap/sandbox_attachment.rb	Introduces SandboxAttachment Struct with fields for attachment metadata (id, message_id, filename, content_type, size, timestamps, download_path, etc.) and a to_h method returning a compact hash.
API Client lib/mailtrap/sandbox_attachments_api.rb	Adds SandboxAttachmentsAPI class with get() and list() methods to fetch individual or multiple attachments from the Mailtrap API, with standard error handling.
VCR Test Fixtures spec/fixtures/vcr_cassettes/Mailtrap_SandboxAttachmentsAPI/*	Four cassette files capturing HTTP interactions: successful get/list operations, 404 not found error, and 401 authorization error scenarios.
Test Specifications spec/mailtrap/sandbox_attachment_spec.rb, spec/mailtrap/sandbox_attachments_api_spec.rb	RSpec test suites verifying SandboxAttachment initialization and hash conversion, plus SandboxAttachmentsAPI get/list methods with error handling and response mapping.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

• IgorDobryn
• mklocek
• DagonWat

Poem

🐰 A sandbox of attachments, so neat and so fine,
With fixtures and cassettes all perfectly aligned,
The API takes flight, with get and with list,
Data privacy guarded—no details are missed!
Hop along, test suite bright, let the rabbits review! 📎

🚥 Pre-merge checks | ❌ 3

❌ Failed checks (3 warnings)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The title 'Coderabbit config test' is vague and misleading; it refers only to the configuration file added, not the main change which is adding a new Sandbox Attachments API.	Revise the title to reflect the primary change: 'Add Sandbox Attachments API' or similar, describing the main feature introduced rather than the test configuration aspect.
Description check	⚠️ Warning	The description is largely incomplete; it lacks critical sections like 'How to test' and provides minimal detail about the actual changes beyond a single vague bullet point.	Expand the description with detailed change explanations, testing instructions with checkboxes, and more specific information about the Sandbox Attachments API implementation and validation steps.
Docstring Coverage	⚠️ Warning	Docstring coverage is 75.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[i7an]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 6

🤖 Fix all issues with AI agents

In `@lib/mailtrap/sandbox_attachment.rb`:
- Around line 4-36: The docstrings for the SandboxAttachment Struct incorrectly
refer to "project" (e.g. "@attr_reader id [Integer] The project ID" and the
"Project attributes" in the to_h comment); update those descriptions to
reference "attachment" instead (e.g. "The attachment ID" and "The Attachment
attributes as a hash") so they accurately describe SandboxAttachment and its
to_h method; locate the comments around the SandboxAttachment definition and the
to_h docstring and replace "project"/"Project" with "attachment"/"Attachment".

In `@lib/mailtrap/sandbox_attachments_api.rb`:
- Around line 25-32: The method list(inbox_id, sandbox_message_id) has an
incorrect summary saying it lists "sandbox messages" — change the docstring to
correctly state it lists sandbox attachments (e.g., "Lists all sandbox
attachments for the account, limited up to 30 at once"), and ensure any
param/return commentary refers to attachments where appropriate; update the
comment above the list method in lib/mailtrap/sandbox_attachments_api.rb so it
accurately describes the behavior of
client.get("#{base_path}/inboxes/#{inbox_id}/messages/#{sandbox_message_id}/attachments")
and the returned Array<SandboxAttachment] objects handled by handle_response.

In
`@spec/fixtures/vcr_cassettes/Mailtrap_SandboxAttachmentsAPI/_get/maps_response_data_to_SandboxAttachment_object.yml`:
- Around line 78-80: The fixture contains an opaque signed token in the
"download_path" value (and non-placeholder numeric IDs like "id" and
"message_id"); update the YAML cassette to redact/sanitize sensitive values by
replacing the full download_path token with a stable placeholder (e.g.,
"/api/testing_message_parts/<REDACTED_TOKEN>/attachment_download") and replace
real IDs (fields "id" and "message_id") with deterministic test IDs (e.g., 1, 2
or "<REDACTED_ID>") while keeping other fields like "filename" and
"content_type" intact so tests still map to the SandboxAttachment object.

In
`@spec/fixtures/vcr_cassettes/Mailtrap_SandboxAttachmentsAPI/_list/maps_response_data_to_SandboxAttachment_objects.yml`:
- Around line 79-82: The fixture contains real/opaque values for download_path
and possibly real IDs; locate the JSON string in the YAML (look for keys
"download_path", "id" and "message_id" inside the string value) and replace each
download_path value with a stable placeholder (e.g.
"/api/testing_message_parts/REDACTED/attachment_download") and sanitize numeric
IDs (replace "id" and "message_id" values with deterministic fake IDs like 1 and
1001 or a clearly marked REDACTED_ID) so the fixture contains no sensitive
tokens but preserves structure and filenames (e.g., "filename":"example.txt").

In
`@spec/fixtures/vcr_cassettes/Mailtrap_SandboxAttachmentsAPI/_list/when_api_key_is_incorrect/raises_authorization_error.yml`:
- Around line 5-72: Redact sensitive telemetry and real IDs in the cassette by
replacing header values for X-Request-Id, X-Cloud-Trace-Context, and Cf-Ray with
deterministic placeholders (e.g., <REQUEST_ID>, <CLOUD_TRACE>, <CF_RAY>), and
replace numeric resource IDs in the URI path
(accounts/1111111/inboxes/4288340/messages/5274457639) with placeholders like
<ACCOUNT_ID>, <INBOX_ID>, <MESSAGE_ID>; update the Authorization header token to
<BEARER_TOKEN> if not already, and ensure the YAML still parses (keep
quotes/formatting intact) so tests use scrubbed, deterministic values.

In `@spec/mailtrap/sandbox_attachment_spec.rb`:
- Line 24: Update the test description string in the RSpec example that
currently reads "creates a attachment with all attributes" to use correct
grammar by changing it to "creates an attachment with all attributes" (look for
the it block containing that exact description in
spec/mailtrap/sandbox_attachment_spec.rb).

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix docstrings that reference “project” instead of attachment.

The DTO docs mention “project” for id and to_h, which conflicts with the attachment model.

✏️ Suggested docstring correction

-  # `@attr_reader` id [Integer] The project ID
+  # `@attr_reader` id [Integer] The attachment ID
@@
-    # `@return` [Hash] The Project attributes as a hash
+    # `@return` [Hash] The attachment attributes as a hash

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# Data Transfer Object for SandboxAttachment
	# @see https://docs.mailtrap.io/developers/email-sandbox/email-sandbox-api/attachments
	# @attr_reader id [Integer] The project ID
	# @attr_reader message_id [Integer] The message ID
	# @attr_reader filename [String] The attachment filename
	# @attr_reader attachment_type [String] The attachment type
	# @attr_reader content_type [String] The attachment content type
	# @attr_reader content_id [String] The attachment content ID
	# @attr_reader transfer_encoding [String] The attachment transfer encoding
	# @attr_reader attachment_size [Integer] The attachment size in bytes
	# @attr_reader created_at [String] The attachment creation timestamp
	# @attr_reader updated_at [String] The attachment update timestamp
	# @attr_reader attachment_human_size [String] The attachment size in human-readable format
	# @attr_reader download_path [String] The attachment download path
	#
	SandboxAttachment = Struct.new(
	:id,
	:message_id,
	:filename,
	:attachment_type,
	:content_type,
	:content_id,
	:transfer_encoding,
	:attachment_size,
	:created_at,
	:updated_at,
	:attachment_human_size,
	:download_path,
	keyword_init: true
	) do
	# @return [Hash] The Project attributes as a hash
	def to_h
	super.compact
	# Data Transfer Object for SandboxAttachment
	# `@see` https://docs.mailtrap.io/developers/email-sandbox/email-sandbox-api/attachments
	# `@attr_reader` id [Integer] The attachment ID
	# `@attr_reader` message_id [Integer] The message ID
	# `@attr_reader` filename [String] The attachment filename
	# `@attr_reader` attachment_type [String] The attachment type
	# `@attr_reader` content_type [String] The attachment content type
	# `@attr_reader` content_id [String] The attachment content ID
	# `@attr_reader` transfer_encoding [String] The attachment transfer encoding
	# `@attr_reader` attachment_size [Integer] The attachment size in bytes
	# `@attr_reader` created_at [String] The attachment creation timestamp
	# `@attr_reader` updated_at [String] The attachment update timestamp
	# `@attr_reader` attachment_human_size [String] The attachment size in human-readable format
	# `@attr_reader` download_path [String] The attachment download path
	#
	SandboxAttachment = Struct.new(
	:id,
	:message_id,
	:filename,
	:attachment_type,
	:content_type,
	:content_id,
	:transfer_encoding,
	:attachment_size,
	:created_at,
	:updated_at,
	:attachment_human_size,
	:download_path,
	keyword_init: true
	) do
	# `@return` [Hash] The attachment attributes as a hash
	def to_h
	super.compact

🤖 Prompt for AI Agents

In `@lib/mailtrap/sandbox_attachment.rb` around lines 4 - 36, The docstrings for
the SandboxAttachment Struct incorrectly refer to "project" (e.g. "@attr_reader
id [Integer] The project ID" and the "Project attributes" in the to_h comment);
update those descriptions to reference "attachment" instead (e.g. "The
attachment ID" and "The Attachment attributes as a hash") so they accurately
describe SandboxAttachment and its to_h method; locate the comments around the
SandboxAttachment definition and the to_h docstring and replace
"project"/"Project" with "attachment"/"Attachment".

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Correct docstring to reference attachments (not messages).

Line 25 says “sandbox messages” but this method lists attachments.

✏️ Proposed fix

-    # Lists all sandbox messages for the account, limited up to 30 at once
+    # Lists all sandbox attachments for the account, limited up to 30 at once

🤖 Prompt for AI Agents

In `@lib/mailtrap/sandbox_attachments_api.rb` around lines 25 - 32, The method
list(inbox_id, sandbox_message_id) has an incorrect summary saying it lists
"sandbox messages" — change the docstring to correctly state it lists sandbox
attachments (e.g., "Lists all sandbox attachments for the account, limited up to
30 at once"), and ensure any param/return commentary refers to attachments where
appropriate; update the comment above the list method in
lib/mailtrap/sandbox_attachments_api.rb so it accurately describes the behavior
of
client.get("#{base_path}/inboxes/#{inbox_id}/messages/#{sandbox_message_id}/attachments")
and the returned Array<SandboxAttachment] objects handled by handle_response.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Redact opaque download tokens (and sanitize IDs if real).

The download_path looks like a signed/opaque token and should not be stored in fixtures. Also consider replacing non-placeholder IDs if they come from real accounts.

🛡️ Suggested redaction

-      string: '{"id":790295400,"message_id":5274457639,"filename":"example_2.txt","attachment_type":"attachment","content_type":"application/octet-stream","content_id":"","transfer_encoding":"base64","attachment_size":9,"created_at":"2026-01-05T10:44:19.915Z","updated_at":"2026-01-05T10:44:19.915Z","attachment_human_size":"9
-        Bytes","download_path":"/api/testing_message_parts/QEVuQwFAEADbV34oPszsE53vA%2FO6HEkR7zkAak6XtHMNostw8J7Jn4ZGVywFbPzBDyYyWrfpm9ZjSvpIGcQfj%2FfEUcM9NQXo0qUcdURrLINzsk+umUeKXdHF2vSM8n8se5cGms9onw7h+uKmi42Lt+dlI7gfyA6+D5sJgq8E%2FUnn8y+1R6PGrQ==/attachment_download"}'
+      string: '{"id":123456,"message_id":654321,"filename":"example_2.txt","attachment_type":"attachment","content_type":"application/octet-stream","content_id":"","transfer_encoding":"base64","attachment_size":9,"created_at":"2026-01-05T10:44:19.915Z","updated_at":"2026-01-05T10:44:19.915Z","attachment_human_size":"9
+        Bytes","download_path":"<REDACTED_DOWNLOAD_PATH>"}'

🤖 Prompt for AI Agents

In
`@spec/fixtures/vcr_cassettes/Mailtrap_SandboxAttachmentsAPI/_get/maps_response_data_to_SandboxAttachment_object.yml`
around lines 78 - 80, The fixture contains an opaque signed token in the
"download_path" value (and non-placeholder numeric IDs like "id" and
"message_id"); update the YAML cassette to redact/sanitize sensitive values by
replacing the full download_path token with a stable placeholder (e.g.,
"/api/testing_message_parts/<REDACTED_TOKEN>/attachment_download") and replace
real IDs (fields "id" and "message_id") with deterministic test IDs (e.g., 1, 2
or "<REDACTED_ID>") while keeping other fields like "filename" and
"content_type" intact so tests still map to the SandboxAttachment object.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Redact download_path tokens in list fixtures.

Both objects include opaque download_path values that should be replaced with placeholders; also sanitize IDs if derived from real data.

🛡️ Suggested redaction

-      string: '[{"id":790295400,"message_id":5274457639,"filename":"example_2.txt","attachment_type":"attachment","content_type":"application/octet-stream","content_id":"","transfer_encoding":"base64","attachment_size":9,"created_at":"2026-01-05T10:44:19.915Z","updated_at":"2026-01-05T10:44:19.915Z","attachment_human_size":"9
-        Bytes","download_path":"/api/testing_message_parts/QEVuQwFAEACixobzUmrJNY+KT5L8UUkg+k9FAWP2RDrWZp+ZEisZmau7qFIg38B6nQdqghtYIHzGRRCKcdkqpmF+PbGGSf10PxzR8i0H3DY6k8YVWs+01%2F7nWHA10xA5zBSP7dkFpt0b4y0JihqDvAPEmvxnMyU67Tc%2FHu3HpgmfcPw1UDq3ag==/attachment_download"},{"id":790295399,"message_id":5274457639,"filename":"example.txt","attachment_type":"attachment","content_type":"application/octet-stream","content_id":"","transfer_encoding":"base64","attachment_size":9,"created_at":"2026-01-05T10:44:19.893Z","updated_at":"2026-01-05T10:44:19.893Z","attachment_human_size":"9
-        Bytes","download_path":"/api/testing_message_parts/QEVuQwFAEAAFj4E1onOmSa%2FI4FadW%2FqPUD%2F87dOIguUfn2QeMKayajWVAJMGNYg1Nhag4hP2SWbwfcBEF1hQfL2z4hE22CSUe2hjhJsWuQ1ALH6H9uExLFi2L1YNqBk3Vzff%2FM4fekaz3lVxNzqiTCTked69gOxminZi+GbmoVhabGKh2768QA==/attachment_download"}]'
+      string: '[{"id":123456,"message_id":654321,"filename":"example_2.txt","attachment_type":"attachment","content_type":"application/octet-stream","content_id":"","transfer_encoding":"base64","attachment_size":9,"created_at":"2026-01-05T10:44:19.915Z","updated_at":"2026-01-05T10:44:19.915Z","attachment_human_size":"9
+        Bytes","download_path":"<REDACTED_DOWNLOAD_PATH>"},{"id":123455,"message_id":654321,"filename":"example.txt","attachment_type":"attachment","content_type":"application/octet-stream","content_id":"","transfer_encoding":"base64","attachment_size":9,"created_at":"2026-01-05T10:44:19.893Z","updated_at":"2026-01-05T10:44:19.893Z","attachment_human_size":"9
+        Bytes","download_path":"<REDACTED_DOWNLOAD_PATH>"}]'

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	encoding: ASCII-8BIT
	string: '[{"id":790295400,"message_id":5274457639,"filename":"example_2.txt","attachment_type":"attachment","content_type":"application/octet-stream","content_id":"","transfer_encoding":"base64","attachment_size":9,"created_at":"2026-01-05T10:44:19.915Z","updated_at":"2026-01-05T10:44:19.915Z","attachment_human_size":"9
	Bytes","download_path":"/api/testing_message_parts/QEVuQwFAEACixobzUmrJNY+KT5L8UUkg+k9FAWP2RDrWZp+ZEisZmau7qFIg38B6nQdqghtYIHzGRRCKcdkqpmF+PbGGSf10PxzR8i0H3DY6k8YVWs+01%2F7nWHA10xA5zBSP7dkFpt0b4y0JihqDvAPEmvxnMyU67Tc%2FHu3HpgmfcPw1UDq3ag==/attachment_download"},{"id":790295399,"message_id":5274457639,"filename":"example.txt","attachment_type":"attachment","content_type":"application/octet-stream","content_id":"","transfer_encoding":"base64","attachment_size":9,"created_at":"2026-01-05T10:44:19.893Z","updated_at":"2026-01-05T10:44:19.893Z","attachment_human_size":"9
	Bytes","download_path":"/api/testing_message_parts/QEVuQwFAEAAFj4E1onOmSa%2FI4FadW%2FqPUD%2F87dOIguUfn2QeMKayajWVAJMGNYg1Nhag4hP2SWbwfcBEF1hQfL2z4hE22CSUe2hjhJsWuQ1ALH6H9uExLFi2L1YNqBk3Vzff%2FM4fekaz3lVxNzqiTCTked69gOxminZi+GbmoVhabGKh2768QA==/attachment_download"}]'
	encoding: ASCII-8BIT
	string: '[{"id":123456,"message_id":654321,"filename":"example_2.txt","attachment_type":"attachment","content_type":"application/octet-stream","content_id":"","transfer_encoding":"base64","attachment_size":9,"created_at":"2026-01-05T10:44:19.915Z","updated_at":"2026-01-05T10:44:19.915Z","attachment_human_size":"9
	Bytes","download_path":"<REDACTED_DOWNLOAD_PATH>"},{"id":123455,"message_id":654321,"filename":"example.txt","attachment_type":"attachment","content_type":"application/octet-stream","content_id":"","transfer_encoding":"base64","attachment_size":9,"created_at":"2026-01-05T10:44:19.893Z","updated_at":"2026-01-05T10:44:19.893Z","attachment_human_size":"9
	Bytes","download_path":"<REDACTED_DOWNLOAD_PATH>"}]'

🤖 Prompt for AI Agents

In
`@spec/fixtures/vcr_cassettes/Mailtrap_SandboxAttachmentsAPI/_list/maps_response_data_to_SandboxAttachment_objects.yml`
around lines 79 - 82, The fixture contains real/opaque values for download_path
and possibly real IDs; locate the JSON string in the YAML (look for keys
"download_path", "id" and "message_id" inside the string value) and replace each
download_path value with a stable placeholder (e.g.
"/api/testing_message_parts/REDACTED/attachment_download") and sanitize numeric
IDs (replace "id" and "message_id" values with deterministic fake IDs like 1 and
1001 or a clearly marked REDACTED_ID) so the fixture contains no sensitive
tokens but preserves structure and filenames (e.g., "filename":"example.txt").

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Redact trace/request identifiers in VCR cassette.

Line 62 (X-Request-Id), Line 66 (X-Cloud-Trace-Context), and Line 72 (Cf-Ray) look like real identifiers; these are typically sensitive telemetry values and should be scrubbed. If the URI IDs are real account/inbox/message identifiers, consider replacing them with placeholders as well.

🧹 Example redactions

-      X-Request-Id:
-      - 6cb848c4-20f9-41d2-bdc8-e3246b74d1d8
+      X-Request-Id:
+      - <REQUEST_ID>
...
-      X-Cloud-Trace-Context:
-      - d49ff377d08640db8f54ed5869ae1ec0;o=0
+      X-Cloud-Trace-Context:
+      - <TRACE_CONTEXT>
...
-      Cf-Ray:
-      - 9b928e90ca5665b2-FRA
+      Cf-Ray:
+      - <CF_RAY>

As per coding guidelines, “spec/fixtures/vcr_cassettes/**/*.yml: Act as a data privacy officer. Carefully read all the vcr cassettes with recorded HTTP interactions and try to identify sensitive data that could potentially be recorded.”

🤖 Prompt for AI Agents

In
`@spec/fixtures/vcr_cassettes/Mailtrap_SandboxAttachmentsAPI/_list/when_api_key_is_incorrect/raises_authorization_error.yml`
around lines 5 - 72, Redact sensitive telemetry and real IDs in the cassette by
replacing header values for X-Request-Id, X-Cloud-Trace-Context, and Cf-Ray with
deterministic placeholders (e.g., <REQUEST_ID>, <CLOUD_TRACE>, <CF_RAY>), and
replace numeric resource IDs in the URI path
(accounts/1111111/inboxes/4288340/messages/5274457639) with placeholders like
<ACCOUNT_ID>, <INBOX_ID>, <MESSAGE_ID>; update the Authorization header token to
<BEARER_TOKEN> if not already, and ensure the YAML still parses (keep
quotes/formatting intact) so tests use scrubbed, deterministic values.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix grammar in test description.

Line 24 uses “a attachment”; it should be “an attachment”.

✏️ Proposed fix

-    it 'creates a attachment with all attributes' do
+    it 'creates an attachment with all attributes' do

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	it 'creates a attachment with all attributes' do
	it 'creates an attachment with all attributes' do

🤖 Prompt for AI Agents

In `@spec/mailtrap/sandbox_attachment_spec.rb` at line 24, Update the test
description string in the RSpec example that currently reads "creates a
attachment with all attributes" to use correct grammar by changing it to
"creates an attachment with all attributes" (look for the it block containing
that exact description in spec/mailtrap/sandbox_attachment_spec.rb).