Fix auth JSON datetime decoding#2871
Conversation
|
Important Review skippedAuto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Repository UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
github-actions
Bot
added
vouch:unvouched
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Updates auth contract timestamp handling to decode/encode UTC timestamps as ISO strings (suitable for JSON over HTTP), and adds contract-level tests to validate round-tripping and cross-payload decoding.
Changes:
- Introduce a shared
AuthDateTimeUtcschema alias usingSchema.DateTimeUtcFromString. - Replace
Schema.DateTimeUtcusages in auth contract structs with the new string-based UTC datetime schema. - Add Vitest coverage for decoding/encoding timestamp fields in multiple auth-related payloads.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| packages/contracts/src/auth.ts | Switches auth contract datetime fields to a shared DateTimeUtcFromString schema for JSON-friendly timestamps. |
| packages/contracts/src/auth.test.ts | Adds tests to ensure timestamp fields decode/encode correctly across auth payloads. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| import { AuthSessionId, TrimmedNonEmptyString } from "./baseSchemas.ts"; | ||
|
|
||
| const AuthDateTimeUtc = Schema.DateTimeUtcFromString; |
| const decoded = decodeBearerBootstrap(payload); | ||
| const encoded = encodeBearerBootstrap(decoded); | ||
|
|
||
| expect(encoded).toEqual(payload); |
ApprovabilityVerdict: Needs human review This is a straightforward schema fix for datetime parsing, but it modifies auth contract schemas which are treated as sensitive. Human review recommended to verify the schema type change has no unintended effects on auth validation. You can customize Macroscope's approvability policy. Learn more. |
Summary
Schema.DateTimeUtcFromStringTesting
bun run --filter @t3tools/contracts test -- auth.test.tsbun run --filter @t3tools/contracts testbun run --filter @t3tools/contracts typecheckbun fmtbun lintbun typecheckContext
Desktop SSH environment bootstrap can receive a successful
/api/auth/bootstrap/bearerresponse with an ISO stringexpiresAt, then fail local schema decoding withExpected DateTime.Utc. The auth response contracts are JSON boundaries, so these timestamp fields should use the string codec.Note
Low Risk
Contract-layer codec alignment for JSON timestamps; low risk with targeted tests and no auth logic changes.
Overview
Auth contract schemas now decode and encode UTC timestamps from ISO 8601 strings at JSON boundaries, fixing failures (e.g. bearer bootstrap
expiresAt) where remote HTTP responses were valid but local decoding expectedDateTime.Utcobjects.A shared
AuthDateTimeUtccodec replaces directSchema.DateTimeUtcon bootstrap, session, WebSocket token, pairing, and access snapshot fields. Regression tests cover bearer bootstrap round-trip encoding and session/access payloads with string timestamps.Reviewed by Cursor Bugbot for commit c0d60ed. Bugbot is set up for automated code reviews on this repo. Configure here.
Note
Fix auth JSON datetime decoding by using
Schema.DateTimeUtcFromStringfor all timestamp fieldsAll datetime fields in the auth contract schemas (
expiresAt,createdAt,issuedAt,lastConnectedAt) now decode from and encode to ISO-8601 strings instead of requiringDateinstances. A sharedAuthDateTimeUtcalias forSchema.DateTimeUtcFromStringis introduced in auth.ts and applied acrossAuthBootstrapResult,AuthBearerBootstrapResult,AuthWebSocketTokenResult,AuthPairingLink,AuthClientSession, andAuthSessionState. Tests in auth.test.ts cover round-trip encode/decode for all affected schemas.Macroscope summarized c0d60ed.