Skip to content

[slop]fix(rivetkit): surface raw error messages instead of generic#4985

Closed
abcxff wants to merge 1 commit intographite-base/4985from
05-06-_slop_fix_rivetkit_surface_raw_error_messages_instead_of_generic
Closed

[slop]fix(rivetkit): surface raw error messages instead of generic#4985
abcxff wants to merge 1 commit intographite-base/4985from
05-06-_slop_fix_rivetkit_surface_raw_error_messages_instead_of_generic

Conversation

@abcxff
Copy link
Copy Markdown
Contributor

@abcxff abcxff commented May 6, 2026

Description

Please include a summary of the changes and the related issue. Please also include relevant motivation and context.

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes.

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes

@railway-app
Copy link
Copy Markdown

railway-app Bot commented May 6, 2026
edited
Loading

🚅 Deployed to the rivet-pr-4985 environment in rivet-frontend

Service Status Web Updated (UTC)
kitchen-sink ❌ Build Failed (View Logs) Web May 7, 2026 at 5:08 pm
website 😴 Sleeping (View Logs) Web May 7, 2026 at 5:06 am
frontend-cloud ❌ Build Failed (View Logs) Web May 6, 2026 at 3:30 pm
frontend-inspector ❌ Build Failed (View Logs) Web May 6, 2026 at 3:30 pm
ladle ❌ Build Failed (View Logs) Web May 6, 2026 at 3:28 pm
mcp-hub ✅ Success (View Logs) Web May 6, 2026 at 3:28 pm

@railway-app railway-app Bot temporarily deployed to rivet-frontend / rivet-pr-4985 May 6, 2026 15:28 Destroyed
@abcxff Graphite App
Copy link
Copy Markdown
Contributor Author

abcxff commented May 6, 2026
edited
Loading

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

This stack of pull requests is managed by Graphite. Learn more about stacking.

This was referenced May 6, 2026
Open
Draft
Closed
@claude
Copy link
Copy Markdown
Contributor

claude Bot commented May 6, 2026
edited
Loading

PR #4985 Review: fix(rivetkit): surface raw error messages instead of generic

This PR makes two changes: (1) always expose raw internal error messages in build_internal instead of gating them behind RIVET_EXPOSE_ERRORS=1, and (2) introduce a new sqlite.query_failed structured error code for SQL user errors (syntax errors, constraint violations, etc.) so they surface as typed 400 responses rather than raw anyhow errors.

Issues Found

1. Security regression: internal errors always exposed (high severity)

build_internal previously gated raw error message exposure on RIVET_EXPOSE_ERRORS=1. Removing the gate means raw anyhow error messages (which can contain database connection strings, internal file paths, or other sensitive infrastructure details) are now always returned to any client receiving a core.internal_error response.

CLAUDE.md says: "The dev-mode toggle that exposes raw messages lives in core (reads env at build_internal), not in the TS bridge." This PR removes that toggle entirely. If intentional, the PR body should explain the rationale and the docs at website/src/content/docs/actors/errors.mdx and website/src/content/docs/general/production-checklist.mdx need updating.

2. SqliteWorkerCloseTimeoutError misclassified as a user SQL error (medium severity)

Before this PR, unrecognized errors in map_local_worker_error were passed through raw. After this PR they wrap as QueryFailed. But SqliteWorkerCloseTimeoutError is treated as fatal by is_fatal_worker_error yet is not matched in the Closed branch of map_local_worker_error. It therefore falls through to QueryFailed, which surfaces HTTP 400 to the caller, implying the user wrote a bad SQL query. This will mislead users debugging connectivity issues after an actor restart.

Fix: add SqliteWorkerCloseTimeoutError to the Closed branch to match the is_fatal_worker_error classification.

3. Missing trailing newline in artifact file (minor)

rivetkit-rust/engine/artifacts/errors/sqlite.query_failed.json is missing a trailing newline. If the artifact generator omits them for all files in that directory this is fine, but worth confirming.

What Looks Good

  • The SqliteRuntimeError::QueryFailed error type is well-designed: structured with a message field, correct HTTP 400 status, and an artifact file committed alongside the code change.
  • public_error_status_code is correctly placed in rivetkit-core::error.
  • No _ => enum fall-throughs, no Mutex<HashMap>, no eprintln!, no Box::leak per-request -- conventions are followed throughout.

This was referenced May 6, 2026
Open
Open
@abcxff abcxff changed the base branch from 05-06-_slop_fix_rivetkit_remove_async_drizzle_db_proxy to graphite-base/4985 May 6, 2026 21:59
@abcxff abcxff force-pushed the graphite-base/4985 branch from 1134c24 to 38d756b Compare May 7, 2026 01:27
@abcxff abcxff force-pushed the 05-06-_slop_fix_rivetkit_surface_raw_error_messages_instead_of_generic branch from e506879 to 5b11eab Compare May 7, 2026 01:27
@railway-app railway-app Bot temporarily deployed to rivet-frontend / rivet-pr-4985 May 7, 2026 01:27 Destroyed
@abcxff abcxff changed the base branch from graphite-base/4985 to 05-06-_slop_fix_rivetkit_remove_async_drizzle_db_proxy May 7, 2026 01:27
@abcxff abcxff mentioned this pull request May 7, 2026
Closed
11 tasks
@abcxff abcxff force-pushed the 05-06-_slop_fix_rivetkit_remove_async_drizzle_db_proxy branch from 38d756b to d12b4c4 Compare May 7, 2026 17:07
@abcxff abcxff force-pushed the 05-06-_slop_fix_rivetkit_surface_raw_error_messages_instead_of_generic branch from 5b11eab to 593a7ba Compare May 7, 2026 17:07
@railway-app railway-app Bot temporarily deployed to rivet-frontend / rivet-pr-4985 May 7, 2026 17:07 Destroyed
@abcxff abcxff changed the base branch from 05-06-_slop_fix_rivetkit_remove_async_drizzle_db_proxy to graphite-base/4985 May 7, 2026 17:09
@abcxff abcxff mentioned this pull request May 7, 2026
Open
@abcxff abcxff closed this May 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@abcxff