Skip to content

feat: 401 auth-failure handling — suspend after N, typed errors (#16)#32

Merged
AndresL230 merged 11 commits into
mainfrom
feat/401-auth-failure-handling
May 13, 2026
Merged

feat: 401 auth-failure handling — suspend after N, typed errors (#16)#32
AndresL230 merged 11 commits into
mainfrom
feat/401-auth-failure-handling

Conversation

@AndresL230
Copy link
Copy Markdown
Contributor

@AndresL230 AndresL230 commented May 13, 2026

Summary

  • Adds RecostError / RecostAuthError / RecostFatalAuthError to the public API; mirrors Python's pre-declared hierarchy.
  • Suspends the cloud transport after maxConsecutiveAuthFailures (default 5) consecutive 401s. Recovery is restart-only.
  • One-time stderr warning on first 401 + second stderr line at fatal-suspend, both regardless of debug flag.
  • Existing onError(err: Error) signature is unchanged — hosts narrow via instanceof.

Closes #16.

Test plan

  • npm run test — 228/228 green (219 baseline + 9 new cases)
  • npm run lint — clean
  • npm run build — clean dual ESM + CJS + DTS
  • Manually verify a fresh consumer can import RecostAuthError from @recost-dev/node in both ESM and CJS

AndresL230 and others added 11 commits May 13, 2026 16:17
@AndresL230 @claude
docs(spec): 401 auth-failure handling design (#16)
1730138 
Captures the decisions from brainstorming: mirror Python's Error-subclass
hierarchy (RecostError / RecostAuthError / RecostFatalAuthError), suspend
cloud transport after maxConsecutiveAuthFailures (default 5) consecutive
401s, restart-only recovery, two stderr lines per episode.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@AndresL230 @claude
docs(plan): 401 auth-failure handling implementation plan (#16)
1f717b9 
12 tasks: types/error classes, public-API re-export, ResolvedConfig
wiring, transport 401 lifecycle (counter + suspend), 9 new tests + 1
audit, README updates, final verification.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@AndresL230
feat(types): add RecostError/RecostAuthError/RecostFatalAuthError hie…
6470d39 
…rarchy (#16)
@AndresL230
feat(public-api): export RecostError/RecostAuthError/RecostFatalAuthE…
ef32e7e 
…rror (#16)
@AndresL230
feat(transport): wire maxConsecutiveAuthFailures through ResolvedConf…
257f986 
…ig (#16)
@AndresL230
feat(transport): typed RecostAuthError on 401, stderr warning, counter (
dca17db 
#16)
@AndresL230
test(transport): fatal-threshold lifecycle for 5 consecutive 401s (#16)
96890fa
@AndresL230
test(transport): suspended-state is a silent no-op (#16)
b64566d
@AndresL230
test(transport): counter resets on success / 403 / 5xx / network throw (
58ee3a8 
#16)
@AndresL230
test(transport): configurable threshold + local mode never suspends (#16
4af7918 
)
@AndresL230
docs(readme): document 401 auth-failure handling, RecostAuthError hie…
b58a512 
…rarchy (#16)
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 13, 2026

Warning

Rate limit exceeded

@AndresL230 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 31 minutes and 42 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: af542290-1919-4f9d-8751-18280470badd

📥 Commits

Reviewing files that changed from the base of the PR and between 32dbbe5 and b58a512.

📒 Files selected for processing (7)
  • README.md
  • docs/superpowers/plans/2026-05-13-401-auth-failure-handling.md
  • docs/superpowers/specs/2026-05-13-401-auth-failure-handling-design.md
  • src/core/transport.ts
  • src/core/types.ts
  • src/index.ts
  • tests/transport.test.ts
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/401-auth-failure-handling

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@AndresL230 AndresL230 merged commit 3f28421 into main May 13, 2026
1 check passed
This was referenced May 13, 2026
Closed
Merged
@AndresL230 AndresL230 deleted the feat/401-auth-failure-handling branch May 21, 2026 04:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Middleware silently drops windows on 401, no escalation path

1 participant

@AndresL230