removed duplicate code and added zod validation for env variables#1
Open
debadithyaxd wants to merge 2 commits intosamarth3301:mainfrom
Open
removed duplicate code and added zod validation for env variables#1debadithyaxd wants to merge 2 commits intosamarth3301:mainfrom
debadithyaxd wants to merge 2 commits intosamarth3301:mainfrom
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughReplaced dotenv-based env loading with a Zod-based Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (2)
src/config/logger.ts (1)
75-80: Consider stronger typing foraddRequestIdoptions.The
optsparameter is typed asany. A more explicit type would improve type safety and IDE support.✨ Suggested improvement
-export const addRequestId = winston.format((info, opts: any) => { +export const addRequestId = winston.format((info, opts: { requestId?: string }) => { if (opts.requestId) { info.requestId = opts.requestId; } return info; });🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@src/config/logger.ts` around lines 75 - 80, The addRequestId format currently types the opts parameter as any; replace that with a concrete interface (e.g., RequestIdFormatOptions { requestId?: string }) and use the proper Winston format callback/type for the function signature so opts is typed as that interface (or as Winston's FormatOptions generic if available); update the export of addRequestId to accept the new typed opts to improve type safety and IDE autocompletion while preserving the existing behavior where info.requestId is set when opts.requestId is present.src/config/index.ts (1)
27-30: Use structured error formatting for better debugging.
parsed.error.messageprovides a less readable output. Consider usingparsed.error.format()orparsed.error.flatten()for clearer validation error messages.✨ Suggested improvement
if(!parsed.success){ console.error("❌ Invalid or missing environment variables:"); - console.log(parsed.error.message); + console.error(parsed.error.format()); process.exit(1) }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@src/config/index.ts` around lines 27 - 30, The environment validation branch that checks parsed.success logs parsed.error.message which is hard to read; update the parsed.success false branch (the block that currently calls console.error("❌ Invalid or missing environment variables:") and console.log(parsed.error.message)) to call parsed.error.format() or parsed.error.flatten() and log that structured output (e.g., console.error with the formatted/flattened result) before calling process.exit(1) so validation errors are readable; ensure you reference the existing parsed variable and parsed.error object in the revised logging.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@src/config/index.ts`:
- Line 13: Remove the insecure default JWT secret by deleting the
.default('default-secret-change-in-production') on the config schema property
named "secret" so the Zod schema requires an explicit value; update the schema
entry (the "secret" field in src/config/index.ts) to be a required
z.string().min(32) and ensure any code that reads this config handles the case
where the environment variable is missing (fail fast with a clear error) rather
than relying on a fallback.
- Around line 3-23: The configSchema currently defines nested objects (redis,
jwt, rateLimit) but you call configSchema.safeParse(process.env); transform
either the schema or the input: update configSchema to a flat schema using
env-style keys (e.g., REDIS_HOST, REDIS_PORT, JWT_SECRET, RATE_LIMIT_WINDOW_MS,
RATE_LIMIT_MAX_REQUESTS) and reference those env names in the schema, or before
calling configSchema.safeParse(map), build a nested object from process.env
(e.g., construct redis: { host: process.env.REDIS_HOST, port:
Number(process.env.REDIS_PORT), db: Number(process.env.REDIS_DB) }, jwt: {
secret: process.env.JWT_SECRET, expiresIn: process.env.JWT_EXPIRES_IN },
rateLimit: { windowMs: Number(process.env.RATE_LIMIT_WINDOW_MS), maxRequests:
Number(process.env.RATE_LIMIT_MAX_REQUESTS) }) so the parsed input matches
configSchema; adjust usages of configSchema and the parse call accordingly.
---
Nitpick comments:
In `@src/config/index.ts`:
- Around line 27-30: The environment validation branch that checks
parsed.success logs parsed.error.message which is hard to read; update the
parsed.success false branch (the block that currently calls console.error("❌
Invalid or missing environment variables:") and
console.log(parsed.error.message)) to call parsed.error.format() or
parsed.error.flatten() and log that structured output (e.g., console.error with
the formatted/flattened result) before calling process.exit(1) so validation
errors are readable; ensure you reference the existing parsed variable and
parsed.error object in the revised logging.
In `@src/config/logger.ts`:
- Around line 75-80: The addRequestId format currently types the opts parameter
as any; replace that with a concrete interface (e.g., RequestIdFormatOptions {
requestId?: string }) and use the proper Winston format callback/type for the
function signature so opts is typed as that interface (or as Winston's
FormatOptions generic if available); update the export of addRequestId to accept
the new typed opts to improve type safety and IDE autocompletion while
preserving the existing behavior where info.requestId is set when opts.requestId
is present.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 15cdf20a-f828-489a-a3d0-2de823482b5b
⛔ Files ignored due to path filters (1)
bun.lockis excluded by!**/*.lock
📒 Files selected for processing (4)
src/config/index.tssrc/config/logger.tssrc/config/preload.tssrc/index.ts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implemented Zod environment validation, inspired by samarth3301/graphQL-boilerplate
Summary by CodeRabbit