feat(aws-lambda): validate variables + 256 KiB Step Functions input cap#976
Conversation
miguel-heygen
left a comment
miguel-heygen
left a comment
There was a problem hiding this comment.
Re-approved — same diff as #964, rebased onto main after stack merge cascade.
vanceingalls
left a comment
vanceingalls
left a comment
There was a problem hiding this comment.
Re-stamp on #976 — recreated from #964 (auto-closed when #962's base branch was deleted on merge). Same content per James, rebased onto main. Prior #964 review (4323426141) verdict + findings still apply: all 4 prior importants addressed in #964 (cycle detection via WeakSet, field="config" rename, JSON.stringify try/catch, MAX_STEP_FUNCTIONS_INPUT_BYTES JSDoc narrowed). Base now main so the stacked-PR CI gap closes; required CI workflows actually run on this head.
Re-stamp by Vai (post-#962-merge recreation)
Add client-side validation for the new config.variables field (introduced in PR 9.1) and a 256 KiB cap on the full Step Functions Standard execution input. Both checks throw a typed InvalidConfigError BEFORE the SDK calls StartExecution — catching the obvious mistakes locally instead of as a States.DataLimitExceeded 50 ms into the execution. validateVariablesPayload walks the variables tree and rejects: - functions, Symbols, BigInts, non-finite numbers - undefined leaves (silently dropped by JSON.stringify — would surprise the caller when their value doesn't show up in the render) - non-plain objects (Date, Map, class instances) — Date's toJSON does round-trip as a string, but the composition gets a string, not a Date, so explicit reject is clearer validateStepFunctionsInputSize measures the actual UTF-8 byte length of JSON.stringify(input) against the 256 KiB cap. We use Standard workflows (per the plan §6.2 / §15.2) for execution-history visibility, so the cap is 256 KiB (Express would be 32 KiB). The error message names the actual byte count, the cap, and points at the templates-on-lambda#working-with-large-variables section so users know to URL-reference media assets instead of inlining them. Both helpers are exported from @hyperframes/aws-lambda/sdk so adapters that build custom Step Functions inputs (batch verbs, future Temporal ports) can reuse the same gates. Phase 9 PR 9.2 of the distributed rendering plan.
jrusso1020
force-pushed
the
05-19-feat_aws-lambda_validate_variables_and_256_kib_step_functions_input_cap
branch
from
0310fff to
f1e22a6
Compare
miguel-heygen
left a comment
miguel-heygen
left a comment
There was a problem hiding this comment.
Re-approved — same diff, force-push dismissed prior approval.
vanceingalls
left a comment
vanceingalls
left a comment
There was a problem hiding this comment.
Re-stamp on #976 post-force-push. Same content as prior approve (4323864216) per James's note. Base main, CI all green per author. All prior #964 findings remain addressed (cycle detection, field rename, JSON.stringify try/catch, JSDoc scope narrow).
Re-stamp by Vai (post-force-push)
jrusso1020
deleted the
05-19-feat_aws-lambda_validate_variables_and_256_kib_step_functions_input_cap
branch
3 participants
What
Phase 9 PR 9.2 of the distributed rendering plan — add client-side validation for
config.variablesand a 256 KiB cap on the full Step Functions Standard execution input.Why
PR 9.1 added
variablestoDistributedRenderConfig. BecauseSerializableDistributedRenderConfig = Omit<DistributedRenderConfig, "logger" | "abortSignal" | "producerConfig">, the field automatically flows throughrenderToLambda's execution input — but the SDK didn't validate it.Two failure modes need catching at the SDK boundary, before any AWS call:
BigInt, functions, Symbols,undefinedleaves,Dateinstances) either throw atJSON.stringifytime or round-trip silently corrupted. Without validation, callers seeStates.DataLimitExceededor silently-wrong renders 50 ms after StartExecution.variablesinstead of URL-referencing assets. PR 9.5's guide will document the convention; this PR enforces the limit at the SDK so the error message names the actual byte count, the cap, and points at the docs section.How
validateVariablesPayloadwalks the variables tree and throws on functions, Symbols, BigInts, non-finite numbers,undefinedleaves, non-plain objects. Uses a typeof→message lookup table (instead of a switch) to keep cyclomatic complexity below the audit threshold.validateStepFunctionsInputSizemeasuresBuffer.byteLength(JSON.stringify(input), "utf8")againstMAX_STEP_FUNCTIONS_INPUT_BYTES = 256 * 1024. Measured in UTF-8 bytes (Step Functions' wire format), not UTF-16 code units.renderToLambdacalls both validators beforesfn.send(new StartExecutionCommand(…)).@hyperframes/aws-lambda/sdkso adapters that build custom Step Functions inputs (PR 9.4's batch verb, future Temporal port) can reuse the gates.The error message for the size violation links to the
templates-on-lambda#working-with-large-variablesdocs section (lands in PR 9.5) so callers know to URL-reference media assets instead of inlining bytes.Test plan
undefinedleaves,Dateinstances, nested arrays/objects, happy-path JSON round-trip).validateStepFunctionsInputSizecovering under-cap accept, over-cap reject with byte-count in message, the 256-KiB constant, and non-serializable root.renderToLambdacovering variables-through-Step-Functions-input roundtrip, oversize-input early-reject, BigInt-in-variables early-reject.bun test packages/aws-lambda/src— 100 pass (was 83, +17 new tests in PR 9.2).bunx oxlint+bunx oxfmt --checkclean on changed files.bun run --cwd packages/aws-lambda typecheckclean.bunx fallow audit --base origin/main --fail-on-issuespasses (no new findings beyondvalidateDistributedRenderConfig's pre-existing complexity warning).This is part of a stack of 5 (+1 optional) PRs (9.1–9.6); this is PR 9.2.
🤖 Generated with Claude Code
Replaces #964 (auto-closed when its base branch was deleted during the squash-merge of #962).