Skip to content

[codex] Harden terminal error responses#218

Open
pq198363-ops wants to merge 1 commit into
Agentpay-Org:mainfrom
pq198363-ops:bounty-138-139-error-hardening
Open

[codex] Harden terminal error responses#218
pq198363-ops wants to merge 1 commit into
Agentpay-Org:mainfrom
pq198363-ops:bounty-138-139-error-hardening

Conversation

@pq198363-ops

Copy link
Copy Markdown

Summary

  • return a stable 400 invalid_request envelope for malformed JSON bodies without echoing parser text or request body fragments
  • keep oversized JSON mapped to 413 payload_too_large while preserving X-Request-Id correlation for parser-stage failures
  • redact client-facing 500 internal_error messages and log the internal error details with requestId/method/path for operators

Closes #138
Closes #139

Verification

  • RED before implementation: npm run build; $env:NODE_ENV='test'; node --test dist/error-handling.test.js failed because malformed JSON returned 500, oversized parser errors lacked the request id, and 500 responses leaked err.message.
  • GREEN focused: npm run build; $env:NODE_ENV='test'; node --test dist/error-handling.test.js passed 4 tests.
  • Full: npx prettier --check README.md src/routes/errors.ts src/error-handling.test.ts
  • Full: npm run lint
  • Full: clean dist/, then npm run build
  • Full: $env:NODE_ENV='test'; node --test dist/*.test.js dist/**/*.test.js passed 93 tests across 11 suites.
  • Full: git diff --check

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Stop leaking the raw error message in the 500 internal_error response body Return a structured 400 for malformed JSON bodies instead of a generic 500

1 participant