fix: Various security patches#376
Open
driaug wants to merge 2 commits into
Open
Conversation
driaug
changed the title
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds cache invalidation around project auth-affecting changes, canonicalizes domain handling, and limits stored webhook response bodies to reduce memory risk.
Changes:
- Adds
ProjectService.invalidateand calls it after project disables, Stripe updates, project edits, and key regeneration. - Canonicalizes domains and uses
tldtsfor registrable root-domain detection. - Caps workflow webhook response bodies and invalidates email-based user cache after password resets.
Reviewed changes
Copilot reviewed 9 out of 10 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
apps/api/src/services/WorkflowExecutionService.ts |
Adds capped webhook response body reading. |
apps/api/src/services/SecurityService.ts |
Invalidates project cache after security/phishing disables. |
apps/api/src/services/ProjectService.ts |
Adds project cache invalidation helper. |
apps/api/src/services/keys.ts |
Normalizes user email cache keys. |
apps/api/src/services/DomainService.ts |
Adds domain canonicalization and PSL-based root-domain logic. |
apps/api/src/controllers/Webhooks.ts |
Invalidates project caches after Stripe webhook updates. |
apps/api/src/controllers/Users.ts |
Invalidates project caches after project updates/key regeneration. |
apps/api/src/controllers/Auth.ts |
Clears email cache on password reset. |
apps/api/package.json |
Adds tldts dependency. |
yarn.lock |
Locks tldts and tldts-core. |
Comments suppressed due to low confidence (1)
apps/api/src/services/WorkflowExecutionService.ts:1008
- When the response reaches the byte cap exactly, this loop exits without reading again, so
truncatedremains false even if more data is available in the next chunk. Oversized webhook responses whose chunks align to 64 KiB will be returned as capped but not marked truncated; read one extra chunk/byte (or settruncatedwhen the cap is hit before EOF is observed) to report this accurately.
while (received < maxBytes) {
const {done, value} = await reader.read();
if (done) break;
if (!value) continue;
const remaining = maxBytes - received;
if (value.byteLength > remaining) {
chunks.push(value.subarray(0, remaining));
received += remaining;
truncated = true;
break;
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+24
to
+25
| public static canonicalize(domain: string): string { | ||
| return domain.trim().toLowerCase().replace(/\.$/, ''); |
| } | ||
| await Promise.all([...cacheKeys].map(key => redis.del(key))); | ||
| } catch (error) { | ||
| signale.warn(`[PROJECT] Failed to invalidate cache for ${projectId}:`, error); |
Comment on lines
+956
to
+959
| const {body: responseData, truncated} = await WorkflowExecutionService.readBodyCapped( | ||
| response, | ||
| WorkflowExecutionService.WEBHOOK_RESPONSE_MAX_BYTES, | ||
| ); |
| private static rootDomain(domain: string): string { | ||
| const parts = domain.split('.'); | ||
| return parts.length > 2 ? parts.slice(-2).join('.') : domain; | ||
| return getRegistrableDomain(domain) ?? domain; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Type of Change
feat:New feature (MINOR version bump)fix:Bug fix (PATCH version bump)feat!:Breaking change - new feature (MAJOR version bump)fix!:Breaking change - bug fix (MAJOR version bump)docs:Documentation update (no version bump)chore:Maintenance/dependencies (no version bump)refactor:Code refactoring (no version bump)test:Adding tests (no version bump)perf:Performance improvement (PATCH version bump)PR Title Format
Testing
Checklist
Related Issues
Closes #