fix(backend): stop authenticateRequest from consuming the request body#8708
Open
jacekradko wants to merge 1 commit into
Open
fix(backend): stop authenticateRequest from consuming the request body#8708jacekradko wants to merge 1 commit into
jacekradko wants to merge 1 commit into
Conversation
🦋 Changeset detectedLatest commit: b21dca3 The changes in this PR will be included in the next version bump. This PR includes changesets to release 10 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
|
Snapi: no API changes detected in |
@clerk/astro
@clerk/backend
@clerk/chrome-extension
@clerk/clerk-js
@clerk/expo
@clerk/expo-passkeys
@clerk/express
@clerk/fastify
@clerk/hono
@clerk/localizations
@clerk/nextjs
@clerk/nuxt
@clerk/react
@clerk/react-router
@clerk/shared
@clerk/tanstack-react-start
@clerk/testing
@clerk/ui
@clerk/upgrade
@clerk/vue
commit: |
Contributor
📝 WalkthroughWalkthroughThis PR fixes a bug where Estimated code review effort🎯 2 (Simple) | ⏱️ ~8 minutes 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Comment |
jacekradko
force-pushed
the
jacek/fix-clerkrequest-body-consume
branch
from
87212c5 to
b21dca3
Compare
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
🧹 Nitpick comments (1)
packages/backend/src/tokens/__tests__/clerkRequest.test.ts (1)
7-18: 💤 Low valueConsider adding an explicit return type annotation for clarity.
While the return type is easily inferred as
boolean, adding an explicit annotation would improve readability and document the intent.📝 Optional enhancement
-const supportsStreamConstruction = (() => { +const supportsStreamConstruction = ((): boolean => { try { new ReadableStream({🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@packages/backend/src/tokens/__tests__/clerkRequest.test.ts` around lines 7 - 18, The IIFE assigned to supportsStreamConstruction should have an explicit boolean return type for clarity; update the constant declaration for supportsStreamConstruction (the immediately-invoked function expression that constructs a ReadableStream) to include a : boolean return type annotation so the intent is documented and the inferred type is explicit.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@packages/backend/src/tokens/__tests__/clerkRequest.test.ts`:
- Around line 7-18: The IIFE assigned to supportsStreamConstruction should have
an explicit boolean return type for clarity; update the constant declaration for
supportsStreamConstruction (the immediately-invoked function expression that
constructs a ReadableStream) to include a : boolean return type annotation so
the intent is documented and the inferred type is explicit.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Organization UI (inherited)
Review profile: CHILL
Plan: Pro
Run ID: 1cd5ed60-34a6-444e-b621-8de615e4db09
📒 Files selected for processing (3)
.changeset/clerkrequest-omit-body.mdpackages/backend/src/tokens/__tests__/clerkRequest.test.tspackages/backend/src/tokens/clerkRequest.ts
🚧 Files skipped from review as they are similar to previous changes (2)
- packages/backend/src/tokens/clerkRequest.ts
- .changeset/clerkrequest-omit-body.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
ClerkRequestclones the incoming request to read headers, cookies, and URL, but the clone was also forwarding the body. On Node/undici that body is a single-use stream shared with the original, so once anything reads the clone the original throws "Body is unusable" downstream (#8305, e.g. a Hono POST handler callingc.req.json()).The clone now hides
bodynext tosignalin the existing Proxy. I kept the Proxy rather than an explicit RequestInit on purpose: that shape was reverted in e9f8d1a because eagerly readingcachebreaks Cloudflare Workers. Auth never touches the body, so dropping it from the clone is safe. Theretains the bodytest asserted the old behavior and is now a streaming-body regression test.Closes #8305.