fix(cli): validate and sanitize env package list on managed env update

Copilot · MervinPraison · web-flow · commit aebff2661900 · 2026-04-17T05:58:01.000Z
Agent-Logs-Url: https://github.com/MervinPraison/PraisonAI/sessions/1b7812ec-b08b-493c-a403-53a33364cc7a Co-authored-by: MervinPraison <454862+MervinPraison@users.noreply.github.com>
diff --git a/src/praisonai/praisonai/cli/commands/managed.py b/src/praisonai/praisonai/cli/commands/managed.py
@@ -509,7 +509,10 @@ def envs_update(
     kwargs = {}
     
     if packages:
-        pkg_list = [p.strip() for p in packages.split(",")]
+        pkg_list = [p.strip() for p in packages.split(",") if p.strip()]
+        if not pkg_list:
+            typer.echo("Error: --packages must include at least one package name")
+            raise typer.Exit(1)
         kwargs["packages"] = {"pip": pkg_list}
     
     if networking:
diff --git a/src/praisonai/tests/unit/cli/test_managed_cli_destructive.py b/src/praisonai/tests/unit/cli/test_managed_cli_destructive.py
@@ -167,6 +167,32 @@ def test_envs_update_networking_success(self, cli_runner, mock_anthropic_client)
             networking={"type": "limited"}
         )
 
+    def test_envs_update_packages_filters_empty_values(self, cli_runner, mock_anthropic_client):
+        """Test package parsing removes empty entries."""
+        mock_env = Mock()
+        mock_env.id = "env_01test123"
+        mock_anthropic_client.beta.environments.update.return_value = mock_env
+
+        result = cli_runner.invoke(envs_app, [
+            "update", "env_01test123", "--packages", "numpy, ,pandas,,"
+        ])
+
+        assert result.exit_code == 0
+        mock_anthropic_client.beta.environments.update.assert_called_once_with(
+            "env_01test123",
+            packages={"pip": ["numpy", "pandas"]}
+        )
+
+    def test_envs_update_packages_all_empty_values_error(self, cli_runner, mock_anthropic_client):
+        """Test package parsing rejects all-empty package input."""
+        result = cli_runner.invoke(envs_app, [
+            "update", "env_01test123", "--packages", " , , "
+        ])
+
+        assert result.exit_code == 1
+        assert "--packages must include at least one package name" in result.stdout
+        mock_anthropic_client.beta.environments.update.assert_not_called()
+
     def test_envs_update_both_options(self, cli_runner, mock_anthropic_client):
         """Test environment update with both packages and networking."""
         mock_env = Mock()
@@ -326,4 +352,4 @@ def fake_import(name, *args, **kwargs):
             assert exc_info.value.exit_code == 1
         finally:
             if saved is not None:
-                sys.modules['anthropic'] = saved
+                sys.modules['anthropic'] = saved
