fix(auth): preserve typed API error envelope when setup key verification fails#38
fix(auth): preserve typed API error envelope when setup key verification fails#38lxcario wants to merge 1 commit into
Conversation
|
@coderabbitai review |
✅ Action performedReview finished.
|
|
Warning Review limit reached
Next review available in: 59 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (2)
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
What
When
setup --from-env --output jsonverifies an API key and the key is rejected (e.g. invalid or revoked), the JSON output is a bare{"error":"...string..."}instead of the typed envelope withcode,nextAction,requestId, anddetails.Why this matters
Machine consumers (coding agents, CI scripts) that
JSON.parse(stderr)expect the typed envelope shape documented in DOCUMENTATION.md. A bare string error gives them nocodeto branch on, nonextActionto surface, and norequestIdfor support. Every other API error path in the CLI already emits the full typed envelope; this is the sole exception.Reproduction
Root cause
src/commands/auth.ts,runConfigure, line 157-168. The key-verification catch block wraps the originalApiErrorin aCLIError:CLIErrorhas onlymessageandexitCode. Inindex.ts, theCLIErrorpath renders viaoutput.error(err.message)which produces{"error":"...string..."}-- losing the full typed envelope that theApiErrorpath would have rendered.Fix
When
erris anApiError, augment its.messagewith the endpoint context (so text-mode users still see which host rejected them), then re-throw it directly. TheApiErrorcatch path inindex.tsrenders the full typed envelope. Non-ApiErrorthrows (truly unexpected errors) still wrap inCLIErrorfor a clean exit 3.This mirrors how every other command path that catches and re-throws API errors already works (the error carries its own envelope; the CLI just sets exit code from it).
Tests
Added 1 regression test to
src/commands/auth.test.tsasserting the thrown error is anApiErrorwithcode: 'AUTH_INVALID',exitCode: 3,nextAction, andrequestIdintact. Fails onmainbefore this fix; passes after.main):Tests 16 failed | 1359 passed | 72 skippedTests 16 failed | 1360 passed | 72 skipped(+1 new test)The 16 failures are pre-existing and environment-specific (Windows path/line-ending), unrelated -- see #4.
Verification
npm test: same 16 pre-existing (environment-specific) failures as baseline, zero newnpm run typecheck: passnpm run lint: pass