Skip to content

fix: proxy sync-openapi GitHub fetches on v2#185

Merged
kdhillon-stripe merged 3 commits intov2from
kdhillon/v2-openapi-proxy-fetch
Mar 28, 2026
Merged

fix: proxy sync-openapi GitHub fetches on v2#185
kdhillon-stripe merged 3 commits intov2from
kdhillon/v2-openapi-proxy-fetch

Conversation

@kdhillon-stripe
Copy link
Copy Markdown
Collaborator

@kdhillon-stripe kdhillon-stripe commented Mar 28, 2026
edited
Loading

Summary

  • route all GitHub/OpenAPI fetches in @stripe/sync-openapi through a proxy-aware transport helper
  • route the dynamic Stripe API fetch path in @stripe/sync-openapi (buildListFn / buildRetrieveFn) through the same proxy-aware transport
  • make proxy selection target-aware so NO_PROXY and localhost/private IP bypasses work correctly
  • keep Stripe SDK requests proxy-aware in source-stripe, including external base_url overrides
  • proxy the actual Stripe WebSocket connection, not just the CLI session bootstrap request
  • add regression coverage around proxy env detection, bypass behavior, and dynamic list/retrieve fetches

Why

On v2, there were still a few runtime egress gaps even after the earlier proxy work:

  • @stripe/sync-openapi still used raw fetch(...) for GitHub OpenAPI resolution
  • @stripe/sync-openapi also used raw fetch(...) for the dynamic Stripe API list/retrieve path that source-stripe builds its registry from
  • proxy helpers were not target-aware, so once more calls were routed through them, NO_PROXY / localhost behavior could be wrong
  • the Stripe CLI session bootstrap request was proxied, but the follow-up new WebSocket(...) connection was still direct

This PR closes those service/runtime gaps for the Node-based v2 path used by sync-engine-srv.

Non-goals

I did not change separate runtime contexts that are not part of the Node service path:

  • browser-side fetches in apps/visualizer
  • Deno/Supabase edge-function code in apps/supabase

Those may need their own proxy strategy if they are ever run in a similarly restricted environment.

Test plan

  • pnpm --filter @stripe/sync-protocol build
  • pnpm --filter @stripe/sync-openapi build
  • pnpm --filter @stripe/sync-source-stripe build
  • compiled-output smoke test verifying:
    • external OpenAPI / Stripe targets resolve to the configured proxy
    • NO_PROXY / localhost targets bypass the proxy
    • dynamic Stripe list/retrieve fetches attach a proxy dispatcher for external targets
    • Stripe client options attach a proxy agent for external targets and skip it for localhost overrides
  • local vitest remains flaky in this shell because esbuild is stopping before assertions run, so I did not treat that as signal for or against this patch

kdhillon-stripe and others added 3 commits March 27, 2026 22:02
@kdhillon-stripe @codex
fix(openapi): proxy GitHub spec fetches on v2
424d6b1 
Committed-By-Agent: codex
Co-authored-by: codex <noreply@openai.com>
@kdhillon-stripe @codex
fix(network): honor proxy across v2 runtime paths
c82d70c 
Committed-By-Agent: codex
Co-authored-by: codex <noreply@openai.com>
@kdhillon-stripe @codex
test(ci): fix stale connector-loading expectation
75aab44 
Committed-By-Agent: codex
Co-authored-by: codex <noreply@openai.com>
@kdhillon-stripe kdhillon-stripe merged commit e4149ee into v2 Mar 28, 2026
6 checks passed
@kdhillon-stripe kdhillon-stripe deleted the kdhillon/v2-openapi-proxy-fetch branch March 28, 2026 03:00
This was referenced Mar 29, 2026
Open
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kdhillon-stripe