Skip to content

[superlog] Accept null values in website settings and integrations output schema#542

Open
superlog-app[bot] wants to merge 1 commit into
stagingfrom
superlog/fix-website-output-schema-nullish
Open

[superlog] Accept null values in website settings and integrations output schema#542
superlog-app[bot] wants to merge 1 commit into
stagingfrom
superlog/fix-website-output-schema-nullish

Conversation

@superlog-app

@superlog-app superlog-app Bot commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

Summary

Users calling websites.transferToOrganization receive an Internal Server Error on every attempt, even though the database UPDATE succeeds and the website is transferred. The error is caused by oRPC's output validation rejecting the returned Website object when the website's settings JSONB field has a property explicitly set to null (e.g., {"allowedOrigins": null}).

websiteSettingsSchema used .optional() for each inner field, which Zod 4 maps to T | undefined — it does not accept null. A JSONB column that stores {"allowedOrigins": null} in PostgreSQL delivers that null value at runtime, causing the schema to throw "expected array, received null". Because oRPC validates the handler's return value in a microtask after the async handler resolves, the resulting ORPCError(INTERNAL_SERVER_ERROR) carries only oRPC stack frames (no user-land frames), which is how the error was identified as an output-validation failure rather than a thrown exception from user code.

This patch changes each inner settings field from .optional() to .nullish() (accepting both undefined and null), changes the outer type from .nullable() to .nullish(), and defensively applies the same to integrations. No existing valid-data behaviour changes — null and undefined are both accepted, valid arrays still validate normally.

An alternative approach would be to sanitize the JSONB data at write-time (disallowing null-valued optional fields in the updateWebsiteSettings handler) or to add a migration that cleans existing null values. The schema fix chosen here is lower-risk and immediately unblocks affected users.

Incident on Superlog


Was this PR helpful? Leave feedback — goes straight to the Superlog team.


Summary by cubic

Fixes Internal Server Error from oRPC output validation when website settings or integrations contain null values. Endpoints returning Website (e.g., websites.transferToOrganization) no longer fail on nulls.

  • Bug Fixes
    • Changed inner fields in websiteSettingsSchema to .nullish() and the outer object to .nullish().
    • Set integrations in websiteOutputSchema to .nullish().
    • Now accepts both null and undefined; valid arrays/booleans still validate normally.

Written for commit b85423b. Summary will update on new commits.

Review in cubic

@vercel

vercel Bot commented Jul 5, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
dashboard Error Error Jul 5, 2026 6:57pm
databuddy-status Ready Ready Preview, Comment Jul 5, 2026 6:57pm
1 Skipped Deployment
Project Deployment Actions Updated (UTC)
documentation Skipped Skipped Jul 5, 2026 6:57pm

@unkey-deploy

unkey-deploy Bot commented Jul 5, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Unkey Deploy

Name Status Preview Inspect Updated (UTC)
api (preview) Ready Visit Preview Inspect Jul 5, 2026 6:56pm

@greptile-apps

greptile-apps Bot commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR fixes an output-validation crash in websites.ts caused by Zod 4 treating .optional() as T | undefined (not T | null), while PostgreSQL JSONB columns can deliver null-valued keys at runtime. The change replaces .optional() / .nullable() with .nullish() on the websiteSettingsSchema inner fields and outer wrapper, and defensively applies the same to integrations.

  • Inner fields of websiteSettingsSchema (allowedOrigins, allowedIps, ignoredTrackingOrigins, trackingIssueWarningsDisabled) are changed from .optional() to .nullish(), fixing the crash when JSONB stores {\"allowedOrigins\": null}.
  • The outer websiteSettingsSchema wrapper and the integrations field are widened from .nullable() to .nullish(), which is safe — all callers already use optional chaining or ?? {} and the dashboard's readSecuritySettings accepts unknown.

Confidence Score: 5/5

Safe to merge — the change is a targeted schema relaxation on output-only validation with no effect on data writes or input validation.

The fix is correct and minimal. All downstream consumers of WebsiteOutput already guard against both null and undefined. No input schemas are touched, so write paths are unaffected.

No files require special attention. The single changed file has a well-understood and isolated fix.

Important Files Changed

Filename Overview
packages/rpc/src/routers/websites.ts Schema fields updated from .optional()/.nullable() to .nullish() to accept both null and undefined; fix is correctly scoped to output schemas only with no change to input validation.

Reviews (1): Last reviewed commit: "[superlog] Accept null values in website..." | Re-trigger Greptile

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants