Catch Toml overwrite error in PythonPoetryLock config file parsing

What does this MR do and why?

Background

The Repository X-Ray scans a project's repository for dependency config files and then parses a list of libraries from the file content. The libraries are then included into the code generation prompt to improve code suggestions. This feature was converted from a CI job to an internal Sidekiq job, and is currently rolled out at 100% in #483928 (closed).

This MR

While monitoring the Sidekiq failed job logs, we noticed the following error:

• json.exception.class: TomlRB::ValueOverwriteError
• json.exception.message: Key "version" is defined more than once

This error occurs in PythonPoetryLock here when the TOML content contains a duplicate key.

In this MR, we handle the error so that it doesn't bubble up as a Sidekiq job error. Specifically, we:

• Updated PythonPoetryLock parsing logic so that it catches other errors (not just ParseError).
• Also did a minor refactor: moved the TOML example in the spec into a fixture file for clarity.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Error reproduced locally with new spec test	Spec test passes after change

Related to #483928 (closed)

changed milestone to %17.6

added Category:Code Suggestions devopscreate feature flagexists groupcode creation sectiondev typebug workflowin review labels

assigned to @lma-git

marked this merge request as ready

added 1 commit

• dd0685b3 - Fix Toml duplicate key error

Compare with previous version

added backend label

	1 Message
	CHANGELOG missing: If this merge request needs a changelog entry, add the Changelog trailer to the commit message you want to add to the changelog. If this merge request doesn't need a CHANGELOG entry, feel free to ignore this message.

Reviewer roulette

Category	Reviewer	Maintainer
backend	@ssuman3 (UTC+5.5, 12.5 hours ahead of author)	@stanhu (UTC-7, same timezone as author)

Please refer to documentation page for guidance on how you can benefit from the Reviewer Roulette, or use the GitLab Review Workload Dashboard to find other available reviewers.

If needed, you can retry the danger-review job that generated this comment.

Generated by Danger

Hi @ssuman3! Could you please do the first backend review here? Please send to any available maintainer if it looks okay to you. Thank you!

requested review from @ssuman3

mentioned in issue #483928 (closed)

mentioned in issue #500575 (closed)

approved this merge request

added pipeline:mr-approved label

added pipelinetier-2 label

requested review from @stanhu

approved this merge request

resolved all threads

added pipelinetier-3 pipeline:run-e2e-omnibus-once labels and removed pipelinetier-2 label

Before you set this MR to auto-merge

This merge request will progress on pipeline tiers until it reaches the last tier: pipelinetier-3. We will trigger a new pipeline for each transition to a higher tier.

Before you set this MR to auto-merge, please check the following:

• You are the last maintainer of this merge request
• The latest pipeline for this merge request is pipelinetier-3 (You can find which tier it is in the pipeline name)
• This pipeline is recent enough (created in the last 8 hours)

If all the criteria above apply, please set auto-merge for this merge request.

See pipeline tiers and merging a merge request for more details.