fix(trial): address subagent review findings + CTO quality pass#770
Merged
simple-agent-manager[bot] merged 2 commits intosam/trial-onboarding-mvpfrom Apr 21, 2026
Merged
Conversation
Security and correctness fixes from 7 specialist reviewers: CRITICAL: - Fix cookie domain mismatch: claim.ts clearClaimCookie and oauth-hook.ts buildClaimCookie now pass domain from BASE_DOMAIN (matching create.ts) HIGH: - TrialEventBus DO: persist `closed` flag to storage so it survives eviction - AI proxy: sanitize error bodies — log raw errors server-side, return generic messages to clients (prevents internal URL/config leakage) - Admin AI usage: sanitize CF API error responses the same way - SSE events endpoint: add per-IP rate limiting (30 req/5min via KV) - Deploy pipeline: forward ANTHROPIC_API_KEY_TRIAL as optional Worker secret - sync-wrangler-config: inject ENVIRONMENT var into generated env sections - Remove hardcoded DEFAULT_GATEWAY_ID; require AI_GATEWAY_ID from env MEDIUM: - Cron collision: move trial counter rollover from 03:00 to 05:00 UTC (avoids collision with daily analytics forward job at 03:00) - Replace magic number in create.ts with DEFAULT_TRIAL_CLAIM_TTL_MS constant - Add trial secrets to secrets-taxonomy.md and trial-configuration.md - Add comprehensive trial + AI proxy env vars to .env.example - Fix test mocks: add ctx.storage to TrialEventBus tests, add KV to SSE tests Co-Authored-By: Claude Opus 4.6 <[email protected]>
1. Reject unknown IP: SSE rate limit now returns 400 when no client IP header is present, instead of sharing a single "unknown" bucket across all headerless clients. CF-Connecting-IP is always present on Workers. 2. Document KV rate limit trade-off: added inline comment explaining why KV's non-atomic read-modify-write is acceptable here (storm prevention, not exact enforcement) vs DO-based counters for credential rotation. 3. Clean up formatSse: removed unused _eventName parameter that gave the false impression the event name was being used. Updated all call sites and tests. 4. Cookie domain consistency test: new regression test suite asserting that buildClaimCookie, clearClaimCookie, and buildFingerprintCookie produce matching Domain= attributes. Explicitly demonstrates the bug where clearing without a domain fails to delete a domain-scoped cookie. 5. AI_GATEWAY_ID self-hoster safe: returns an empty summary (zero counts) when AI_GATEWAY_ID is not configured, instead of throwing. Self-hosters who don't use AI Gateway get a clean "no data" admin dashboard. 6. Fix .env.example cron default: TRIAL_CRON_ROLLOVER_CRON now shows "0 5 1 * *" matching the actual default after the collision fix. Co-Authored-By: Claude Opus 4.6 <[email protected]>
simple-agent-manager
bot
merged commit dc973c7
into
sam/trial-onboarding-mvp
3 checks passed
|
3 tasks
simple-agent-manager bot
added a commit
that referenced
this pull request
Apr 21, 2026
Covers the trial onboarding MVP (PR #758), AI proxy Anthropic routing, Codex scope validation backfire (PR #772), and the seven-reviewer cleanup (PR #770). Co-authored-by: Raphaël Titsworth-Morin <[email protected]> Co-authored-by: Claude Opus 4.6 <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
closedflag to DO storage (survives eviction)_eventNameparam in formatSseTest plan
🤖 Generated with Claude Code