Skip to content

fix(secrets): resolve rename validation error for skipMultilineEncoding#5379

Merged
IgorHorta merged 5 commits intomainfrom
igor/secrets-116-improve-error-handling-for-large-secret-value-imports
Feb 5, 2026
Merged

fix(secrets): resolve rename validation error for skipMultilineEncoding#5379
IgorHorta merged 5 commits intomainfrom
igor/secrets-116-improve-error-handling-for-large-secret-value-imports

Conversation

@IgorHorta
Copy link
Contributor

@IgorHorta IgorHorta commented Feb 5, 2026

Context

Fixes validation error when renaming a secret: API expected boolean for skipMultilineEncoding but received null (e.g. from newly created secrets), causing "expected boolean, received null". Rename was sending the full secret payload including that field.

  • Before: Rename sent all secret fields; backend PATCH rejected null for skipMultilineEncoding.
  • After: Rename sends only required fields + newSecretName. CREATE accepts null and coerces to false; PATCH stays strict (reject null). New secrets never persist null for skipMultilineEncoding.

Also: copy fix "Shared secret value too long" → "Shared secret value is too long"; added missing orgGroupMembership/types.ts for pre-commit/ESLint.

Screenshots

N/A

Steps to verify the change

  1. Create a new secret, then rename it — should succeed (no validation error).
  2. Rename an existing secret — behavior unchanged.
  3. Update only tags/comment/value via their forms — still works (partial updates).
  4. Trigger shared-secret length error — message shows "Shared secret value is too long".

Type

  • Fix
  • Feature
  • Improvement
  • Breaking
  • Docs
  • Chore

Checklist

  • Title follows the conventional commit format: type(scope): short description (scope is optional, e.g., fix: prevent crash on sync or fix(api): handle null response).
  • Tested locally
  • Updated docs (if needed)
  • Read the contributing guide

@linear
Copy link

linear bot commented Feb 5, 2026

SECRETS-116 Improve error handling for large secret value imports

IgorHorta
IgorHorta commented Feb 5, 2026
View reviewed changes
@maidul98
Copy link
Collaborator

maidul98 commented Feb 5, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@IgorHorta IgorHorta marked this pull request as ready for review February 5, 2026 18:37
@greptile-apps
Copy link
Contributor

greptile-apps bot commented Feb 5, 2026

Greptile Overview

Greptile Summary

Fixed validation error when renaming newly created secrets by addressing skipMultilineEncoding null handling.

Root cause: Newly created secrets could have skipMultilineEncoding set to null. When renaming these secrets, the frontend was sending the full secret payload (including skipMultilineEncoding: null) to the PATCH endpoint, which only accepts boolean or undefined, causing validation errors.

Solution implemented:

  • Frontend rename forms: Removed unnecessary fields (tagIds, secretComment, secretReminderRepeatDays, secretReminderNote, skipMultilineEncoding) from rename requests, sending only required fields plus newSecretName
  • Frontend mutation hook: Added type guard to only send skipMultilineEncoding when it's explicitly a boolean value (converts null to undefined)
  • Backend CREATE endpoints: Updated Zod validation to accept null for skipMultilineEncoding and transform it to false
  • Backend service layer: Added null coalescing (?? false) throughout secret creation and bulk update operations to ensure skipMultilineEncoding is never persisted as null

Additional changes: Fixed grammar in error message "Shared secret value too long" → "Shared secret value is too long"

The fix maintains backward compatibility while preventing the validation error. PATCH endpoints remain strict (boolean/undefined only), while CREATE endpoints are more lenient (null → false).

Confidence Score: 5/5

  • This PR is safe to merge with minimal risk
  • The fix correctly addresses the validation error by handling null values at multiple layers (frontend and backend). The approach is conservative - removing unnecessary fields from rename operations and adding defensive null coalescing. No breaking changes to the API contract.
  • No files require special attention

Important Files Changed

Filename Overview
backend/src/services/secret/secret-service.ts Normalized skipMultilineEncoding to false when null throughout secret creation and bulk update operations
frontend/src/hooks/api/secrets/mutations.tsx Fixed to only send skipMultilineEncoding when it's explicitly a boolean, preventing null from being sent
frontend/src/pages/secret-manager/OverviewPage/components/SecretOverviewTableRow/SecretRenameRow.tsx Removed unnecessary fields from rename operation, sending only required fields plus newSecretName
frontend/src/pages/secret-manager/OverviewPage/components/SecretTableRow/SecretRenameForm.tsx Removed unnecessary fields from rename operation, sending only required fields plus newSecretName

scott-ray-wilson
scott-ray-wilson approved these changes Feb 5, 2026
View reviewed changes
Copy link
Contributor

@scott-ray-wilson scott-ray-wilson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, tested with and without approvals

@IgorHorta IgorHorta merged commit 1cd31c8 into main Feb 5, 2026
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@scott-ray-wilson scott-ray-wilson scott-ray-wilson approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@IgorHorta @maidul98 @scott-ray-wilson