Skip to content

Surface decrypt errors after recording persistent ids#15

Merged
cassiostp merged 2 commits into
masterfrom
raise-decrypt-errors
Jun 22, 2026
Merged

Surface decrypt errors after recording persistent ids#15
cassiostp merged 2 commits into
masterfrom
raise-decrypt-errors

Conversation

@cassiostp

@cassiostp cassiostp commented Jun 16, 2026

Copy link
Copy Markdown

Summary

  • Stop _onDataMessage from silently warning and returning for decryption failures that should be visible to consumers.
  • Keep recording the message persistentId for known undecryptable messages so reconnects do not redeliver the same packet.
  • Surface all decrypt failures through the client error path, deferred until the next turn so the parser can advance before app-level error handling reports the failure.
  • Add focused Jest coverage for known undecryptable errors, unrelated decrypt failures, and successful notification delivery.
  • Carry forward the existing two-semicolon GCM lint fix needed for yarn lint on master.

Requested from Brian review on #13. I checked the desktop native path: a synchronous throw from message handling would reach desktop uncaught-error reporting, but it can interrupt parser advancement. This keeps the change inside push-receiver and does not require electron-push-receiver to take on extra responsibility.

Validation

  • yarn test test/client.test.js --runInBand
  • yarn lint
  • ./node_modules/.bin/eslint test/client.test.js

@cassiostp cassiostp force-pushed the raise-decrypt-errors branch 2 times, most recently from bc8a421 to f0e3323 Compare June 17, 2026 17:29
@cassiostp cassiostp changed the title Raise decrypt errors after recording persistent ids Surface decrypt errors after recording persistent ids Jun 17, 2026
Stop silently dropping decryption failures in the push receiver client. Known undecryptable messages still record their persistent id before reporting so reconnects do not redeliver the same packet.

Surface all decrypt failures through the client error path on the next turn, which lets the parser advance before desktop app-level error handling reports the failure.

Also carries forward the existing GCM semicolon lint fix needed for yarn lint on master.

CLI-801
@cassiostp cassiostp force-pushed the raise-decrypt-errors branch from f0e3323 to c91eee2 Compare June 17, 2026 20:36
@cassiostp cassiostp marked this pull request as ready for review June 18, 2026 16:24
Comment thread src/client.js Outdated
};

function isReportableDecryptionError(error) {
return DECRYPTION_ERRORS_TO_REPORT.some(message =>

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would inline DECRYPTION_ERRORS_TO_REPORT here or define DECRYPTION_ERRORS_TO_REPORT right above isReportableDecryptionError. Right now reader has to jump back up to top of fine to find out what errors we're actually filtering on.

Comment thread src/client.js
if (isReportableDecryptionError(error)) {
this._persistentIds.push(object.persistentId);
}
this._emitError(error);

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wait actually don't we want to throw an error?

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we want to keep the throwing behaviour here

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we're listening for this error anywhere. So you would need to add handling to pass a listener in electron push receiver. Doesn't seem worth it since we're currently logging the raised errors.

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The idea of using the delayed emit was to not crash the push receiver client/parser when an error happens.
I thought it wouldn't be too much of a change to support it on the desktop side. I don't think we need to listen for it in the electron-push-receiver lib.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

crash the push receiver client/parser why would it crash anything? Its just raising an exception in the onmessage handler right now it doesn't seem like that would lead to a crash.

@cassiostp cassiostp Jun 19, 2026

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I misunderstood how the pieces interact here then.
In Parser._onGotMessageBytes the _getNextMessage() function probably won't be reached for the cases in DECRYPTION_ERRORS_TO_REPORT if we throw, and that is a change in behavior. I'm not sure if it can recover on its own when the _getNextMessage() isn't called. That's what I was calling crash in that context.
I might be wrong there though. I'll try doing some testing to confirm what really happens.

@zindlerb zindlerb Jun 19, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah I see what you're saying now. Sorry I was misunderstanding. I think you're likely right here but would double check

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I confirmed it stops getting new messages we throw at that point. That's why the old switch was just returning for the known cases.
One benefit of using this slightly hacky emit setup is that we would be able to log extra metadata into the bugsnag/honeycomb events.
The "best" approach would be to handle errors locally in the library, but that seems like too much work.
Maybe we should just always emit a non error event and deal with it on Desktop native side to avoid any unnecessary changes to the library.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree emit makes sense here then. Good find!

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think keeping your emit change and listening for the error emit should be pretty easy change. But defer to you

Comment thread src/client.js
}

_emitError(error) {
// Let Parser advance past this packet before consumers handle the error.

@zindlerb zindlerb Jun 18, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't understand this comment. Why not just emit immediately? EDIT: see my other comment lets just drop the error emit entirely.

@cassiostp cassiostp merged commit 2d234c2 into master Jun 22, 2026
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants