Address PR review feedback: improve error handling and dependency management#265
Merged
Address PR review feedback: improve error handling and dependency management#265
Conversation
Merged
Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com>
Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Update dependencies and improve error handling
Address PR review feedback: improve error handling and dependency management
Feb 5, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request addresses feedback from PR #264 by improving error handling robustness, updating dependency version constraints, and fixing environment variable access for client-side code. The changes focus on distinguishing between authentication errors and transient network failures, using proper type guards for error handling, and ensuring service worker configuration is accessible in the browser environment.
Changes:
- Enhanced error handling in middleware to distinguish authentication errors (which clear cookies) from transient network failures (which preserve cookies)
- Improved error handling in save-token route with proper
isAxiosErrortype guard and expanded network error code detection - Fixed service worker environment variable to use
NEXT_PUBLIC_prefix for browser access - Updated dependency versions from pinned to caret ranges for @redocly/cli and jsdom, and migrated source-map from deprecated beta version to stable release
Reviewed changes
Copilot reviewed 4 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| src/lib/supabase/middleware.ts | Implements logic to distinguish auth errors from transient failures with selective cookie clearing |
| src/components/sw-register.tsx | Updates environment variable to NEXT_PUBLIC_ENABLE_SW_IN_DEV for proper client-side access |
| src/app/api/auth/save-token/route.ts | Adds isAxiosError type guard and expands network error code handling |
| package.json | Updates dependency versions to use caret ranges and migrates source-map to stable version |
| package-lock.json | Reflects dependency version updates with consistent lock file changes |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+56
to
+58
| lowerErrorMsg.includes('access') || | ||
| lowerErrorMsg.includes('invalid') || | ||
| lowerErrorMsg.includes('expired') |
There was a problem hiding this comment.
The nested condition contains redundant checks for 'invalid' and 'expired'. Lines 57-58 check for lowerErrorMsg.includes('invalid') and lowerErrorMsg.includes('expired') within a block that only executes when lowerErrorMsg.includes('token') is true. However, these same checks are already performed at the top level on lines 50-51. This means if the error message contains 'invalid' or 'expired' without 'token', it would already be caught. If it contains 'token' AND 'invalid'/'expired', the top-level check would have already succeeded. These nested checks can never add value and should be removed for clarity.
Suggested change
| lowerErrorMsg.includes('access') || | |
| lowerErrorMsg.includes('invalid') || | |
| lowerErrorMsg.includes('expired') | |
| lowerErrorMsg.includes('access') |
| "serwist": "^9.5.4", | ||
| "sonner": "^2.0.3", | ||
| "source-map": "^0.8.0-beta.0", | ||
| "source-map": "^0.7.4", |
There was a problem hiding this comment.
The package.json specifies source-map version ^0.7.4, but package-lock.json resolves to 0.7.6. While this is technically correct behavior for semver (^ allows compatible updates), it suggests version 0.7.4 may not exist or is not the latest patch version. Consider updating package.json to specify ^0.7.6 for clarity and to match what's actually being installed, or verify that 0.7.4 exists as a valid version.
Suggested change
| "source-map": "^0.7.4", | |
| "source-map": "^0.7.6", |
devakesu
added a commit
that referenced
this pull request
Feb 6, 2026
* chore: update dependencies and improve error handling - Updated package dependencies in package.json: - Upgraded @redocly/cli from ^1.31.0 to 2.15.1 - Upgraded jsdom from ^27.4.0 to 28.0.0 - Added glob as a dependency with version ^13.0.1 - Added node-domexception as a dependency with version ^2.0.2 - Added source-map as a dependency with version ^0.8.0-beta.0 - Increased timeout for authentication service requests from 5s to 15s in save-token route to handle slow backends and network latency. - Enhanced error handling for connection issues in save-token route, logging specific error codes and providing user-friendly messages. - Added conditional service worker registration in development mode based on ENABLE_SW_IN_DEV environment variable. - Improved session management in Supabase middleware by clearing invalid session cookies when token refresh fails and logging the error. * Address PR review feedback: improve error handling and dependency management (#265) * Initial plan * fix: address PR review feedback on error handling and dependencies Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> * refactor: optimize middleware error detection Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> * Address PR review feedback: enhance error handling and fix redundant logic (#266) * Initial plan * Address PR review: add ECONNREFUSED error code and remove redundant checks Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> * Address review feedback: safe error handling and remove deprecated dependency (#267) * Initial plan * fix: improve error handling and remove deprecated package Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> * Replace string-based error matching with structured error detection in middleware (#268) * Initial plan * Improve error handling with structured properties and add npm version requirement Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> * Optimize error handling: move constants to module scope and improve type safety Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> * Unify service worker environment variable to NEXT_PUBLIC_ENABLE_SW_IN_DEV (#269) * Initial plan * Fix environment variable inconsistency in service worker registration - Check both ENABLE_SW_IN_DEV and NEXT_PUBLIC_ENABLE_SW_IN_DEV - Prioritize ENABLE_SW_IN_DEV (matching next.config.ts) with NEXT_PUBLIC_ as fallback - Update logger message to document both options for backwards compatibility Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> * Use consistent environment variable NEXT_PUBLIC_ENABLE_SW_IN_DEV in both config and component - Update next.config.ts to use NEXT_PUBLIC_ENABLE_SW_IN_DEV instead of ENABLE_SW_IN_DEV - Update comments in next.config.ts to reflect the correct variable name - Simplify sw-register.tsx to only check NEXT_PUBLIC_ENABLE_SW_IN_DEV - This ensures users only need to set one environment variable for both build-time and runtime SW control Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> * Fix environment variable documentation and glob version mismatch (#270) * Initial plan * Fix README and package.json per review feedback Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: devakesu <61821107+devakesu@users.noreply.github.com> --------- Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Addresses review comments from PR #264 regarding error handling robustness, dependency version constraints, and runtime environment variable access.
Error Handling
save-token route: Added
ECONNRESETandENETUNREACHto network error detection. ImplementedisAxiosErrortype guard for safer error property access:middleware: Distinguish auth errors from transient failures. Only clear session cookies for invalid/expired tokens, preserve them for network issues:
Dependencies
@redocly/cli:2.15.1→^2.15.1(enable patch/minor updates)jsdom:28.0.0→^28.0.0(enable security patches)source-map:^0.8.0-beta.0→^0.7.4(avoid beta in production)Service Worker
Changed
ENABLE_SW_IN_DEVtoNEXT_PUBLIC_ENABLE_SW_IN_DEV. Next.js requiresNEXT_PUBLIC_prefix for client-side environment variables. Removed redundanttypeof processchecks.✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.