fix(plugin): userConfig enums + sensitive flags + per-integration toggles (v2.0.5)#182
Conversation
…bled toggles Plugin settings UI rendered every option as a raw text input, including credentials and finite-value selectors. Three fixes: 1. Added `enum` to finite-value fields: - fix_model: opus|sonnet|haiku - notify_channel: macos|ntfy|pushover|discord|telegram|none - aws_region: 16 commonly-used regions - max_fixes_per_hour: 1|3|5|10 - task_reminder_threshold: 5|10|20|50 - watcher_timeout_seconds: 300|600|900|1800|3600 - doppler_config: dev|stg|prd|ci 2. Marked 22 credential fields `sensitive: true` so the UI masks them: Telegram api_hash/session, Klaviyo, Meta Ads, Shopify admin, ShipBob, Bland AI, ElevenLabs, Groq, Stripe, RevenueCat, Datadog, New Relic, Pushover, Discord bot/webhook, Doppler token, DPD password, UPS+FedEx client secrets. 3. Added 25 per-integration *_enabled boolean toggles so users explicitly opt in to each integration before the related credential fields matter. Same pattern as deploy_fix_enabled, recap_marquee_enabled. Covers: telegram, discord, pushover, ntfy, sentry, linear, datadog, newrelic, otel, doppler, klaviyo, meta_ads, ga4, gsc, shopify, shipbob, bland_ai, elevenlabs, groq, stripe, revenuecat, postnl, dpd, ups, fedex. Remaining text inputs are user-specific identifiers (Sentry org slug, Linear team key, store URLs, account/customer IDs) with no enumerable value space — freeform text is correct for those. Bumps marketplace.json + plugin.json to 2.0.5. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
Warning Rate limit exceeded
To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (3)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Review rate limit: 0/1 reviews remaining, refill in 21 minutes and 40 seconds.Comment |
| "type": "string", | ||
| "sensitive": true, | ||
| "default": "" | ||
| }, | ||
| "dhl_parcel_key": { | ||
| "title": "DHL Parcel NL API Key", | ||
| "description": "API key from My DHL Parcel \u2192 User settings \u2192 API settings. Paired with dhl_parcel_user_id.", | ||
| "description": "API key from My DHL Parcel → User settings → API settings. Paired with dhl_parcel_user_id.", |
There was a problem hiding this comment.
Bug: The doppler_config field's default value "" is not included in its enum list, which will cause a schema validation failure for default configurations.
Severity: HIGH
Suggested Fix
To resolve the schema inconsistency, add the empty string "" to the enum array for the doppler_config field. This will make the default value a valid choice according to the schema.
Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent. Verify if this is a real issue. If it is, propose a fix; if not, explain why it's
not valid.
Location: claude-ops/.claude-plugin/plugin.json#L513-L519
Potential issue: The `doppler_config` field in the `plugin.json` configuration schema
specifies a default value of `""` (an empty string). However, the same field has an
`enum` constraint that only allows the values `["dev", "stg", "prd", "ci"]`. The default
value is not a member of the allowed enum values, making the schema internally
inconsistent. Any plugin host that validates the configuration against this schema will
reject the default value, likely causing errors for users who have not explicitly
configured a Doppler environment, which is the default state as `doppler_enabled`
defaults to `false`.
Did we get this right? 👍 / 👎 to inform future reviews.
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is ON, but it could not run because the branch was deleted or merged before autofix could start.
Reviewed by Cursor Bugbot for commit 36cc482. Configure here.
| "sensitive": false, | ||
| "default": "" | ||
| "default": "", | ||
| "enum": ["dev", "stg", "prd", "ci"] |
There was a problem hiding this comment.
Enum missing empty default for optional doppler_config field
Medium Severity
The doppler_config field has "default": "" but the enum is ["dev", "stg", "prd", "ci"]. The empty string default is not a valid enum value. Since Doppler is optional (and doppler_enabled defaults to false), newly installed users will have an empty value that doesn't match any enum option. The UI picker cannot represent the current "not configured" state, and schema validation may reject the default.
Reviewed by Cursor Bugbot for commit 36cc482. Configure here.
| "min": 0, | ||
| "max": 20 | ||
| "max": 20, | ||
| "enum": [1, 3, 5, 10] |
There was a problem hiding this comment.
Enum excludes documented zero value for disabling fixes
Medium Severity
The max_fixes_per_hour field has "min": 0 and documentation stating "range 0..20", but the new enum is [1, 3, 5, 10]. This removes the ability to set 0, which is a documented safety mechanism to completely disable auto-fix dispatches while keeping monitoring active. The enum also caps at 10 despite "max": 20 being specified.
Reviewed by Cursor Bugbot for commit 36cc482. Configure here.
…release (#199) The v2.0.5 → v2.0.9 patch series shipped meaningful features (multi-workspace Slack #195, /ops:credentials audit #184, ops-ci current-state filter #196, telegram preflight #185, userConfig schema upgrades #182). Per semver these should have been a minor bump. This release retroactively rolls them up into v2.1.0 with a single coherent CHANGELOG entry. No code changes — only: - plugin.json: 2.0.9 → 2.1.0 - CHANGELOG.md: new [2.1.0] entry consolidating Added/Fixed/Notes for the patch series - README header + What's-new section: refer to v2.1.0 - 11 docs/*.md badges + agents-reference subtitle + migration latest-stable note: v2.0.9 → v2.1.0 Marketplace pin (.claude-plugin/marketplace.json) bumped in follow-up PR. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Summary
Plugin settings UI was rendering every option as a raw text input. Three fixes:
fix_model,notify_channel,aws_region,max_fixes_per_hour,task_reminder_threshold,watcher_timeout_seconds,doppler_config.sensitive: trueon 22 credential fields so the UI masks them.*_enabledtoggles so users explicitly opt in to each integration. Same pattern asdeploy_fix_enabled,recap_marquee_enabled. Covers all of: telegram, discord, pushover, ntfy, sentry, linear, datadog, newrelic, otel, doppler, klaviyo, meta_ads, ga4, gsc, shopify, shipbob, bland_ai, elevenlabs, groq, stripe, revenuecat, postnl, dpd, ups, fedex.Remaining text inputs are user-specific identifiers (Sentry org slug, Linear team key, store URLs, account/customer IDs) with no enumerable value space — freeform text is correct for those.
Bumps marketplace.json + plugin.json to 2.0.5.
Follow-up not in this PR
Display masked
*****abc1for credentials already in keychain/Doppler/prefs but not yet in Claude Code userConfig. Requires abin/ops-credentials-syncscript that reconciles external stores → userConfig at install time. Separate PR.Test plan
Note
Low Risk
Primarily metadata changes to
plugin.jsonthat affect the settings UI (picklists, masking, and new opt-in booleans) with minimal runtime impact; main risk is mis-specified config defaults/enums altering how users configure integrations.Overview
Bumps the plugin version to
2.0.5in both the marketplace manifest andplugin.json, and documents the release inCHANGELOG.md.Improves the plugin settings UX by adding
enumpicklists for several finite-valueuserConfigfields, marking credential-like fields assensitiveso they’re masked in the UI, and introducing per-integration*_enabledboolean toggles (defaultfalse) so each integration is explicitly opt-in.Reviewed by Cursor Bugbot for commit 36cc482. Bugbot is set up for automated code reviews on this repo. Configure here.