[pull] main from triggerdotdev:main#206
Merged
Merged
Conversation
…API clients (#3874) ## Summary During `trigger()` worker-queue resolution, `getWorkerQueue` wrapped any error from `getDefaultWorkerGroupForProject` into a client-facing `ServiceValidationError` (HTTP 422) carrying `error.message`. That method runs `project.findFirst` on the **writer**; when the writer is unreachable Prisma throws a connection error (P1001) whose message includes the database host, and that raw message was returned to the API client and surfaced in the run view via the SDK's `TriggerApiError`. It also mis-classifies a transient outage: a 422 is not retried by the SDK, so triggers failed permanently instead of riding out a brief writer blip. ## Design This is the only place on the trigger path that folds a *caught* error's message into a client-facing error — every other DB failure on the path propagates to the route's generic 500 handler (scrubbed, and retried by the SDK). So the fix is local: - Add `isInfrastructureError()` — true for Prisma connection-level failures (the DB-unreachable family: P1001/P1002/P1008/P1017, plus the init/panic/unknown client error classes), false for query/validation errors (e.g. P2002). - At the wrap site, rethrow infrastructure errors so they reach the generic 500 handler (no raw message, and retryable). Genuine domain failures (e.g. "Project not found.") still become a 422. Only P1001 ("can't reach database server") has been observed in practice; the rest of the connection family is included as same-class forward-proofing. ## Test plan - [x] Unit: `isInfrastructureError` classifies a P1001 (incl. the Prisma 6.x `PrismaClientKnownRequestError` shape) and init errors as infrastructure; P2002 and a plain `Error` as not - [x] `getWorkerQueue` rethrows a P1001 unchanged instead of wrapping it in a `ServiceValidationError`; still wraps a domain failure as a `ServiceValidationError` — RED on current code, GREEN after - [ ] (optional) toxiproxy e2e: trigger with the writer cut → HTTP 500 generic body, no DB host in the response --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
…nt view (#3882) ## Summary The dashboard's Agent view rendered `source-url` and `file` message parts by putting their `url` straight into an `href`/`src`. Those URLs come from streamed agent and tool data, so a tool that emitted something like `javascript:alert(1)` produced a clickable XSS payload in the dashboard. ## Fix A `toSafeUrl` helper now gates every URL before it reaches an `href`/`src`: it allows only `http:`/`https:`/`blob:` (and `data:image/...` for inline images) and returns `null` for anything else. Unsafe values render as plain text instead of a link or image, so a hostile or malformed URL degrades gracefully rather than becoming clickable. Safe URLs render exactly as before. Covered by a unit test over the allow/deny list.
…3880) ## Summary Adds `GET /api/v1/projects/{projectRef}/environments` (personal access token auth), which lists the base environments a user can access for a project — their own dev environment plus the project's staging, preview, and production environments. ## Details - Built on the PAT route builder, so it inherits org-membership auth and the per-resource ability check. - `dev` is scoped to the token owner; archived environments are excluded. - Returns the branchable **parent** preview environment — preview branch children are not included. A consumer targets the parent; branch-level overrides are handled separately. - Sorted to match the dashboard's environment switcher (dev → staging → preview → prod), and never returns API keys. Example response: ```json [ { "id": "...", "slug": "dev", "type": "DEVELOPMENT", "isBranchableEnvironment": false, "branchName": null, "paused": false }, { "id": "...", "slug": "stg", "type": "STAGING", "isBranchableEnvironment": false, "branchName": null, "paused": false }, { "id": "...", "slug": "preview", "type": "PREVIEW", "isBranchableEnvironment": true, "branchName": null, "paused": false }, { "id": "...", "slug": "prod", "type": "PRODUCTION", "isBranchableEnvironment": false, "branchName": null, "paused": false } ] ```
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )
This change is