[codex] Structure remote pairing input errors#3393
Conversation
Co-authored-by: codex <codex@users.noreply.github.com>
|
Important Review skippedAuto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Repository UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
github-actions
Bot
added
vouch:trusted
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes using high effort and found 1 potential issue.
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: Raw host exposes pairing credentials
- Moved normalizeRemoteBaseUrl() before the pairing code check so RemotePairingCodeMissingError receives the parsed URL's .host property (hostname+port only) instead of the raw input string, preventing credential leakage.
Or push these changes by commenting:
@cursor push 56371127e7
Preview (56371127e7)
diff --git a/packages/shared/src/remote.ts b/packages/shared/src/remote.ts
--- a/packages/shared/src/remote.ts
+++ b/packages/shared/src/remote.ts
@@ -213,11 +213,10 @@
if (!host) {
throw new RemoteBackendUrlMissingError();
}
+ const normalizedHost = normalizeRemoteBaseUrl(host, "direct-host");
if (!pairingCode) {
- throw new RemotePairingCodeMissingError({ host });
+ throw new RemotePairingCodeMissingError({ host: normalizedHost.host });
}
-
- const normalizedHost = normalizeRemoteBaseUrl(host, "direct-host");
return {
credential: pairingCode,
httpBaseUrl: toHttpBaseUrl(normalizedHost),You can send follow-ups to the cloud agent here.
Reviewed by Cursor Bugbot for commit 1d1a651. Configure here.
![macroscopeapp[bot]](https://avatars.githubusercontent.com/in/900172?s=60&v=4){kind=small}
ApprovabilityVerdict: Approved Refactors error handling to use structured error classes instead of generic Error instances. The error conditions and messages are unchanged; only type information is added. Includes tests for the new error types. You can customize Macroscope's approvability policy. Learn more. |
Co-authored-by: codex <codex@users.noreply.github.com>
macroscopeapp
Bot
dismissed
their stale review
Dismissing prior approval to re-evaluate f32b4ed
1 participant
Summary
Validation
vp test packages/shared/src/remote.test.tsvp checkvp run typecheckvpr typecheckNote
Low Risk
Localized validation refactor in shared remote pairing; user-facing messages are unchanged and success paths are the same, though error instances are no longer plain
Error.Overview
Replaces generic
Errorthrows inresolveRemotePairingTargetandnormalizeRemoteBaseUrlwith Effect Schema tagged error classes for missing/invalid pairing URLs, backend URLs, tokens, and pairing codes, plus aRemotePairingTargetErrorunion.Invalid URL parsing now wraps the original
TypeErrorascause, and backend URL failures recordsource(direct-hostvshosted-pairing-host). Missing token/code errors include a normalizedhost(e.g. no credentials from messy host strings). Tests assert the new error types and preserved causes.Reviewed by Cursor Bugbot for commit f32b4ed. Bugbot is set up for automated code reviews on this repo. Configure here.
Note
Replace generic errors with structured tagged error classes in remote pairing input validation
TaggedErrorClasstypes in remote.ts:RemoteBackendUrlMissingError,RemoteBackendUrlInvalidError,RemotePairingUrlInvalidError,RemotePairingTokenMissingError, andRemotePairingCodeMissingError.RemoteBackendUrlInvalidErrorcarries asourcefield ('direct-host'|'hosted-pairing-host') to identify the origin of the invalid input; all error classes with a cause preserve the originalTypeError.normalizeRemoteBaseUrlandresolveRemotePairingTargetnow throw these structured errors instead of genericErrorinstances, with structured metadata (host, source, cause) attached.Errorobjects.Macroscope summarized f32b4ed.