Skip to content

fix(kiloclaw): tighten checkout guardrails#2579

Open
jeanduplessis wants to merge 2 commits intojdp/kiloclaw-spec-compliance-pr1-specsfrom
jdp/kiloclaw-spec-compliance-pr4-checkout-guardrails
Open

fix(kiloclaw): tighten checkout guardrails#2579
jeanduplessis wants to merge 2 commits intojdp/kiloclaw-spec-compliance-pr1-specsfrom
jdp/kiloclaw-spec-compliance-pr4-checkout-guardrails

Conversation

@jeanduplessis
Copy link
Copy Markdown
Contributor

@jeanduplessis jeanduplessis commented Apr 18, 2026
edited
Loading

Summary

Rejects invalid Kilo Pass upsell selections server-side while preserving standalone checkout promo-code support.

Why this change is needed

The upsell flow allowed a monthly tier 19 selection to proceed with commit hosting even though that tier cannot fund the first commit period. This rule must be enforced on the server so invalid combinations cannot slip past UI checks. Promo-code support on standalone Stripe checkout also needed to remain intact after product clarified that spec requirement.

How this is addressed

  • Reject monthly tier 19 when paired with hostingPlan='commit' before creating a Stripe checkout session.
  • Add regression coverage for the invalid monthly-19/commit combination and assert that no checkout session is created.
  • Keep standalone Stripe checkout promo-code expectations aligned with product behavior while using intro pricing for the first-month discount.

Verification

  • pnpm test -- apps/web/src/routers/kiloclaw-billing-router.test.ts
  • pnpm typecheck
  • pnpm format

Visual Changes

N/A

Reviewer Notes

Human Reviewer

  • This PR is stacked on top of docs(specs): clarify kiloclaw compliance rules #2578. Review with that base in mind.
  • Validate that the commit-hosting guard should stay tied to the current tier-to-credit relationship from the billing spec. If Kilo Pass pricing or included credits change, this validation rule will need to move with that policy.
  • Validate that preserving promo-code support on standalone Stripe checkout is intended product behavior and matches the updated spec root PR.

Code Reviewer Agent

Code Reviewer Notes - Validation lives in `createKiloPassUpsellCheckout` and intentionally rejects before Stripe session creation. - Regression coverage was added in `apps/web/src/routers/kiloclaw-billing-router.test.ts` for the invalid monthly-19/commit path. - Followed `Kilo Pass Upsell Checkout` rule 4 from the billing spec and kept standalone checkout promo-code behavior aligned with updated product guidance.

@kilo-code-bot
Copy link
Copy Markdown
Contributor

kilo-code-bot bot commented Apr 18, 2026
edited
Loading

Code Review Summary

Status: No Issues Found | Recommendation: Merge

Files Reviewed (2 files)
  • apps/web/src/routers/kiloclaw-router.ts
  • apps/web/src/routers/kiloclaw-billing-router.test.ts

Reviewed by gpt-5.4-20260305 · 230,931 tokens

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jeanduplessis