fix: Fix vercel deployment

[frontegg-david]

Summary by CodeRabbit

Release Notes

• Chores

  • Updated build tooling dependencies to expand development capabilities.

• Bug Fixes

  • Improved error handling and validation for better debugging and system reliability.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Added @rspack/core dependency to CLI package and enhanced the front-mcp decorator with synchronous serverless imports, version mismatch validation, and improved error handling using InternalMcpError for bundler compatibility and initialization failures.

Changes

Cohort / File(s)	Summary
Dependency Management libs/cli/package.json	Added runtime dependency @rspack/core@^1.3.12 to support bundling requirements.
Serverless Import & Error Handling libs/sdk/src/common/decorators/front-mcp.decorator.ts	Replaced async import with synchronous require in serverless path for bundler compatibility. Renamed FrontMcpInstance to ServerlessInstance with explicit typing. Added version mismatch runtime validation throwing InternalMcpError (SDK_VERSION_MISMATCH). Updated handler initialization error handling to throw InternalMcpError (SERVERLESS_INIT_FAILED). Updated non-serverless path to throw InternalMcpError instead of generic Error on version mismatch.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

• Serverless import strategy change: Verify that synchronous require is necessary for bundler compatibility and doesn't introduce runtime issues
• Error type consolidation: Confirm that InternalMcpError with SDK_VERSION_MISMATCH and SERVERLESS_INIT_FAILED codes are correctly defined and handled upstream
• Version mismatch validation: Ensure the runtime check for ServerlessInstance presence is appropriate and error messaging is clear
• Backward compatibility: Validate that the renaming (FrontMcpInstance → ServerlessInstance) and error type changes don't break dependent code

Possibly related PRs

• feat: Add serverless deployment support for Vercel, AWS Lambda, and Cloudflare Workers #114: Modifies the same front-mcp decorator to adjust serverless initialization and handler creation validation logic.
• fix(ci): Reversed version 0.3 due to bug in publishing workflow and fixed it #33: Updates package.json dependency entries including @frontmcp/* versions and ranges.

Poem

🐰 A bundler's quest for bundling speed,
Sync requires are what we need!
Error types now neatly aligned,
Version checks and handlers refined—
The decorator hops with pride so keen! 🚀

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'fix: Fix vercel deployment' is vague and uses redundant language without clearly specifying the actual technical changes made to the codebase.	Consider revising the title to be more specific and descriptive, such as 'fix: Replace async imports with sync require for @frontmcp/sdk bundler compatibility' or 'fix: Add @rspack/core dependency and update error handling for Vercel serverless environment'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-vercel-deployment

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[frontegg-david]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

libs/sdk/src/tool/ui/template-helpers.ts (1)

33-49: Add null/undefined handling to formatDate in template-helpers.ts.

The current implementation lacks null/undefined checks and would throw when these values are passed. The handlebars implementation correctly handles this by returning an empty string. Since template-helpers.ts is a backwards compatibility layer for SDK consumers, it should match that behavior.

export function formatDate(date: Date | string | null | undefined, format?: string): string {
  if (date === null || date === undefined) {
    return '';
  }

  const d = typeof date === 'string' ? new Date(date) : date;
  if (isNaN(d.getTime())) {
    return String(date);
  }

  switch (format) {
    case 'iso':
      return d.toISOString();
    case 'time':
      return d.toLocaleTimeString();
    case 'datetime':
      return d.toLocaleString();
    default:
      return d.toLocaleDateString();
  }
}

🧹 Nitpick comments (1)

libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts (1)

95-120: Consider adding null/undefined handling tests for formatDate.

The formatDate tests cover Date objects, ISO strings, format options, and invalid date strings, but don't test null/undefined inputs. The handlebars test file (line 336-339) shows that formatDate handles null/undefined, suggesting this behavior should be tested here too for consistency.

🔎 Suggested addition

   it('should handle invalid date string', () => {
     const result = formatDate('invalid-date');
     expect(result).toBe('invalid-date');
   });
+
+  it('should handle null and undefined', () => {
+    // If formatDate is expected to handle null/undefined gracefully
+    // based on the handlebars tests showing this behavior
+    expect(formatDate(null as unknown as Date)).toBe('');
+    expect(formatDate(undefined as unknown as Date)).toBe('');
+  });
 });

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 885b454 and 8fc3661.

⛔ Files ignored due to path filters (7)

• libs/cli/src/commands/build/adapters/lambda.ts is excluded by !**/build/**
• libs/cli/src/commands/build/adapters/vercel.ts is excluded by !**/build/**
• libs/cli/src/commands/build/bundler.ts is excluded by !**/build/**
• libs/cli/src/commands/build/index.ts is excluded by !**/build/**
• libs/cli/src/commands/build/types.ts is excluded by !**/build/**
• libs/ui/src/build/__tests__/manifest-builder.test.ts is excluded by !**/build/**
• libs/ui/src/build/widget-manifest.ts is excluded by !**/build/**

📒 Files selected for processing (10)

• apps/e2e/demo-e2e-ui/src/apps/widgets/tools/static-badge.tool.ts (1 hunks)
• libs/cli/package.json (1 hunks)
• libs/sdk/src/common/decorators/front-mcp.decorator.ts (1 hunks)
• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts (1 hunks)
• libs/sdk/src/tool/ui/template-helpers.ts (2 hunks)
• libs/ui/src/handlebars/__tests__/handlebars.test.ts (1 hunks)
• libs/ui/src/runtime/types.ts (1 hunks)
• libs/ui/src/types/ui-config.ts (1 hunks)
• libs/ui/src/types/ui-runtime.ts (1 hunks)
• libs/ui/src/utils/__tests__/escape-html.test.ts (1 hunks)

🧰 Additional context used

📓 Path-based instructions (7)

libs/*/package.json

📄 CodeRabbit inference engine (CLAUDE.md)

Each library in /libs/* is independent and publishable under @frontmcp/* scope

Files:

• libs/cli/package.json

libs/**

⚙️ CodeRabbit configuration file

libs/**: Contains publishable SDK libraries. Review for API correctness, breaking changes, and consistency with docs. When public APIs change, ensure there is a matching docs/draft/docs/** update (not direct edits under docs/docs/**).

Files:

• libs/cli/package.json
• libs/sdk/src/common/decorators/front-mcp.decorator.ts
• libs/ui/src/handlebars/__tests__/handlebars.test.ts
• libs/ui/src/runtime/types.ts
• libs/ui/src/types/ui-config.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts
• libs/sdk/src/tool/ui/template-helpers.ts
• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts
• libs/ui/src/types/ui-runtime.ts

**/*.ts

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.ts: Use strict TypeScript mode with no any types without strong justification - use unknown instead for generic type defaults
Avoid non-null assertions (!) - use proper error handling and throw specific errors instead
Use type parameters with constraints instead of unconstrained generics
Do not mutate rawInput in flows - use state.set() for managing flow state instead

Files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts
• libs/ui/src/handlebars/__tests__/handlebars.test.ts
• libs/ui/src/runtime/types.ts
• apps/e2e/demo-e2e-ui/src/apps/widgets/tools/static-badge.tool.ts
• libs/ui/src/types/ui-config.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts
• libs/sdk/src/tool/ui/template-helpers.ts
• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts
• libs/ui/src/types/ui-runtime.ts

libs/sdk/src/**/*.ts

📄 CodeRabbit inference engine (CLAUDE.md)

libs/sdk/src/**/*.ts: MCP response types should use strict MCP protocol types (GetPromptResult, ReadResourceResult) instead of unknown
Use specific error classes with MCP error codes instead of generic errors
Use getCapabilities() method for dynamic capability exposure instead of hardcoding capabilities
Use changeScope property instead of scope in change events to avoid confusion with Scope class
Validate URIs per RFC 3986 at metadata level using proper validation
Validate hook flows and fail fast on invalid hook configurations with specific error messages

Files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts
• libs/sdk/src/tool/ui/template-helpers.ts
• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts

libs/ui/src/**/*.ts

📄 CodeRabbit inference engine (libs/ui/CLAUDE.md)

libs/ui/src/**/*.ts: Always use escapeHtml() utility for all user-provided content to prevent XSS vulnerabilities
Hard-code CDN URLs only in theme presets; always reference theme.cdn configuration in component code

Files:

• libs/ui/src/handlebars/__tests__/handlebars.test.ts
• libs/ui/src/runtime/types.ts
• libs/ui/src/types/ui-config.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts
• libs/ui/src/types/ui-runtime.ts

libs/ui/src/**/*.test.ts

📄 CodeRabbit inference engine (libs/ui/CLAUDE.md)

libs/ui/src/**/*.test.ts: Maintain 95%+ test coverage across statements, branches, functions, and lines
Test HTML escaping for user-provided content to prevent XSS attacks
Test behavior across platform configurations (OpenAI, Claude, Gemini, ngrok) where applicable

Files:

• libs/ui/src/handlebars/__tests__/handlebars.test.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts

**/*.test.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.test.{ts,tsx}: Achieve 95%+ test coverage across all metrics (statements, branches, functions, lines)
Test all code paths including error cases and constructor validation
Include error class instanceof checks in tests to validate error handling

Files:

• libs/ui/src/handlebars/__tests__/handlebars.test.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts
• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts

🧠 Learnings (13)

📓 Common learnings

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: libs/ui/CLAUDE.md:0-0
Timestamp: 2025-11-26T15:23:04.965Z
Learning: Applies to libs/ui/src/**/*.test.ts : Test HTML escaping for user-provided content to prevent XSS attacks

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: libs/ui/CLAUDE.md:0-0
Timestamp: 2025-11-26T15:23:04.965Z
Learning: Applies to libs/ui/src/**/*.ts : Always use `escapeHtml()` utility for all user-provided content to prevent XSS vulnerabilities

📚 Learning: 2025-12-19T02:04:46.464Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: Applies to libs/sdk/src/**/index.ts : Export public API through barrel files - export users' needed items, no legacy exports with different names

Applied to files:

• libs/cli/package.json
• libs/sdk/src/tool/ui/template-helpers.ts

📚 Learning: 2025-12-19T02:04:46.464Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: FrontMCP is a TypeScript-first schema validation framework - all types should align with MCP protocol definitions

Applied to files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts

📚 Learning: 2025-12-19T02:04:46.464Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: Applies to libs/sdk/src/**/*.ts : Use specific error classes with MCP error codes instead of generic errors

Applied to files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts

📚 Learning: 2025-11-26T15:23:04.965Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: libs/ui/CLAUDE.md:0-0
Timestamp: 2025-11-26T15:23:04.965Z
Learning: Applies to libs/ui/src/**/*.test.ts : Test HTML escaping for user-provided content to prevent XSS attacks

Applied to files:

• libs/ui/src/handlebars/__tests__/handlebars.test.ts
• libs/ui/src/runtime/types.ts
• libs/ui/src/types/ui-config.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts
• libs/sdk/src/tool/ui/template-helpers.ts
• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts
• libs/ui/src/types/ui-runtime.ts

📚 Learning: 2025-11-26T15:23:04.965Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: libs/ui/CLAUDE.md:0-0
Timestamp: 2025-11-26T15:23:04.965Z
Learning: Applies to libs/ui/src/**/*.test.ts : Test behavior across platform configurations (OpenAI, Claude, Gemini, ngrok) where applicable

Applied to files:

• libs/ui/src/handlebars/__tests__/handlebars.test.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts
• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts

📚 Learning: 2025-11-26T15:23:04.965Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: libs/ui/CLAUDE.md:0-0
Timestamp: 2025-11-26T15:23:04.965Z
Learning: Applies to libs/ui/src/components/**/*.test.ts : Write validation tests covering invalid variant/options, unknown properties, and valid option acceptance

Applied to files:

• libs/ui/src/handlebars/__tests__/handlebars.test.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts
• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts

📚 Learning: 2025-11-26T15:23:04.965Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: libs/ui/CLAUDE.md:0-0
Timestamp: 2025-11-26T15:23:04.965Z
Learning: Applies to libs/ui/src/**/*.test.ts : Maintain 95%+ test coverage across statements, branches, functions, and lines

Applied to files:

• libs/ui/src/handlebars/__tests__/handlebars.test.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts
• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts

📚 Learning: 2025-12-19T02:04:46.464Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: Applies to **/*.test.{ts,tsx} : Test all code paths including error cases and constructor validation

Applied to files:

• libs/ui/src/handlebars/__tests__/handlebars.test.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts
• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts

📚 Learning: 2025-11-26T15:23:04.965Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: libs/ui/CLAUDE.md:0-0
Timestamp: 2025-11-26T15:23:04.965Z
Learning: Applies to libs/ui/src/**/*.ts : Always use `escapeHtml()` utility for all user-provided content to prevent XSS vulnerabilities

Applied to files:

• libs/ui/src/runtime/types.ts
• libs/ui/src/types/ui-config.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts
• libs/sdk/src/tool/ui/template-helpers.ts
• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts
• libs/ui/src/types/ui-runtime.ts

📚 Learning: 2025-11-26T15:23:04.965Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: libs/ui/CLAUDE.md:0-0
Timestamp: 2025-11-26T15:23:04.965Z
Learning: Applies to libs/ui/src/components/**/*.ts : Use pure HTML string generation without React/Vue/JSX - components return HTML strings only

Applied to files:

• libs/ui/src/runtime/types.ts
• libs/ui/src/types/ui-config.ts
• libs/ui/src/utils/__tests__/escape-html.test.ts
• libs/sdk/src/tool/ui/template-helpers.ts
• libs/ui/src/types/ui-runtime.ts

📚 Learning: 2025-12-19T02:04:46.464Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: Applies to **/*.ts : Use strict TypeScript mode with no `any` types without strong justification - use `unknown` instead for generic type defaults

Applied to files:

• libs/ui/src/runtime/types.ts

📚 Learning: 2025-12-19T02:04:46.464Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: Applies to **/*.test.{ts,tsx} : Achieve 95%+ test coverage across all metrics (statements, branches, functions, lines)

Applied to files:

• libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts

🧬 Code graph analysis (3)

libs/sdk/src/common/decorators/front-mcp.decorator.ts (2)

libs/sdk/src/index.ts (3)

• setServerlessHandlerPromise (9-9)
• setServerlessHandler (8-8)
• setServerlessHandlerError (10-10)

libs/sdk/src/front-mcp/serverless-handler.ts (3)

• setServerlessHandlerPromise (20-22)
• setServerlessHandler (13-15)
• setServerlessHandlerError (27-29)

libs/ui/src/utils/__tests__/escape-html.test.ts (1)

libs/sdk/src/tool/ui/template-helpers.ts (1)

• escapeHtml (24-24)

libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts (1)

libs/sdk/src/tool/ui/template-helpers.ts (7)

• escapeHtml (24-24)
• formatDate (33-49)
• formatCurrency (56-61)
• resetIdCounter (101-103)
• uniqueId (67-69)
• jsonEmbed (75-81)
• createTemplateHelpersLocal (87-95)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Build Libraries

🔇 Additional comments (13)

apps/e2e/demo-e2e-ui/src/apps/widgets/tools/static-badge.tool.ts (1)

40-53: LGTM - Handlebars template with proper XSS protection.

The migration to Handlebars templating is well-structured. The {{output.label}} and {{output.value}} expressions are auto-escaped by Handlebars, which satisfies XSS prevention requirements. The conditional color class logic correctly handles all enum values plus the default case via {{#unless output.color}}.

Based on learnings, this aligns with the requirement to use proper escaping for user-provided content.

libs/ui/src/utils/__tests__/escape-html.test.ts (2)

1-76: Comprehensive test coverage for XSS prevention utilities.

Excellent test suite covering:

• Null/undefined handling (returns empty string)
• Type coercion for non-string inputs
• All HTML special characters (&, <, >, ", ')
• Unicode line terminators (U+2028, U+2029) which can break JSON-in-script contexts
• XSS attack vectors

Based on learnings, this satisfies the requirement to test HTML escaping for user-provided content to prevent XSS attacks.

---

78-94: Ensure escapeHtmlAttr constraint is documented and enforced: lighter escaping requires double-quoted attributes.

The function intentionally doesn't escape <, >, or single quotes, which is safe only when attribute values are always enclosed in double quotes. Add JSDoc documenting this constraint and verify all call sites use double-quoted attributes. Consider adding a comment explaining the risk if single-quoted or unquoted attributes are ever used.

libs/ui/src/runtime/types.ts (1)

40-42: LGTM - Type signature widened to handle null/undefined gracefully.

The change from (str: string) => string to (str: unknown) => string aligns with the coding guidelines to use unknown instead of any. The JSDoc properly documents that null/undefined return an empty string.

libs/ui/src/types/ui-runtime.ts (1)

728-733: LGTM - Consistent type signature update.

The WidgetTemplateHelpers.escapeHtml signature is updated consistently with TemplateHelpers in other files. Documentation clearly states null/undefined handling.

libs/ui/src/types/ui-config.ts (1)

133-139: LGTM - Public API documentation enhanced.

The TemplateHelpers.escapeHtml signature is properly updated with comprehensive JSDoc explaining both null/undefined handling and type coercion behavior.

libs/sdk/src/tool/ui/__tests__/template-helpers.test.ts (1)

28-37: Good regression test for the bug fix.

This test captures the exact scenario that caused the deployment issue - accessing undefined properties from destructured objects and passing them to escapeHtml. The comment at line 33-34 clearly documents the before/after behavior.

libs/ui/src/handlebars/__tests__/handlebars.test.ts (3)

519-596: LGTM - Comprehensive static widget template tests.

Excellent coverage of static mode scenarios including:

• Empty output handling during build time (the core deployment fix scenario)
• Undefined properties with eq helper producing correct defaults
• Actual data rendering with color conditionals

These tests directly validate the Handlebars template patterns used in static-badge.tool.ts.

---

598-625: Good XSS prevention validation.

Tests confirm that Handlebars auto-escapes output values by default, preventing script injection. This satisfies the requirement to test HTML escaping for user-provided content. Based on learnings.

---

627-683: LGTM - Complex template pattern coverage.

Good coverage of:

• Nested conditionals with multiple branches
• #each loops with empty array fallback ({{else}})
• Hidden state rendering

These patterns align with real-world widget template complexity.

libs/sdk/src/tool/ui/template-helpers.ts (2)

11-12: LGTM - Centralized escapeHtml with backwards compatibility.

Re-exporting escapeHtml from @frontmcp/ui/utils establishes a single source of truth while maintaining backwards compatibility for SDK consumers. This is a clean refactoring pattern.

Also applies to: 23-24

---

87-95: Deprecation documented correctly.

The createTemplateHelpersLocal function is properly marked as deprecated with a clear migration path to createTemplateHelpers from @frontmcp/ui/runtime.

libs/sdk/src/common/decorators/front-mcp.decorator.ts (1)

51-83: The architectural pattern is justified for bundler compatibility and properly documented.

The synchronous require for serverless is a necessary fix for rspack/webpack bundler compatibility (as indicated by the commit "enhance serverless deployment with rspack bundling and setup generation"). This is clearly documented in the code comment at line 53. The documentation has been appropriately updated in docs/draft/docs/deployment/serverless.mdx covering Vercel, AWS Lambda, and Cloudflare Workers deployment. The E2E test suite in apps/e2e/demo-e2e-serverless/ validates serverless deployment behavior. The inconsistency between serverless (synchronous require) and normal mode (dynamic import) is intentional and unavoidable given bundler constraints; this pattern is standard in serverless frameworks.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

libs/sdk/src/common/decorators/front-mcp.decorator.ts (1)

75-81: Improved error handling with InternalMcpError for non-Error cases.

The error handling now properly uses InternalMcpError with SERVERLESS_INIT_FAILED for non-Error values, addressing the previous review feedback. Preserving original Error instances maintains stack traces.

One consideration: if a plain Error is caught (not InternalMcpError), it's passed through without an MCP error code. Depending on how setServerlessHandlerError consumers handle the error, you may want to wrap all errors:

🔎 Optional: Wrap all errors for consistent MCP error codes

      handlerPromise.then(setServerlessHandler).catch((err: unknown) => {
-       const e = err instanceof Error ? err : new InternalMcpError(String(err), 'SERVERLESS_INIT_FAILED');
+       const e = err instanceof InternalMcpError
+         ? err
+         : new InternalMcpError(
+             err instanceof Error ? err.message : String(err),
+             'SERVERLESS_INIT_FAILED',
+             err instanceof Error ? { cause: err } : undefined,
+           );
        setServerlessHandlerError(e);
        console.error('[FrontMCP] Serverless initialization failed:', e);
      });

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8fc3661 and a20527f.

📒 Files selected for processing (1)

• libs/sdk/src/common/decorators/front-mcp.decorator.ts (2 hunks)

🧰 Additional context used

📓 Path-based instructions (3)

**/*.ts

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.ts: Use strict TypeScript mode with no any types without strong justification - use unknown instead for generic type defaults
Avoid non-null assertions (!) - use proper error handling and throw specific errors instead
Use type parameters with constraints instead of unconstrained generics
Do not mutate rawInput in flows - use state.set() for managing flow state instead

Files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts

libs/sdk/src/**/*.ts

📄 CodeRabbit inference engine (CLAUDE.md)

libs/sdk/src/**/*.ts: MCP response types should use strict MCP protocol types (GetPromptResult, ReadResourceResult) instead of unknown
Use specific error classes with MCP error codes instead of generic errors
Use getCapabilities() method for dynamic capability exposure instead of hardcoding capabilities
Use changeScope property instead of scope in change events to avoid confusion with Scope class
Validate URIs per RFC 3986 at metadata level using proper validation
Validate hook flows and fail fast on invalid hook configurations with specific error messages

Files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts

libs/**

⚙️ CodeRabbit configuration file

libs/**: Contains publishable SDK libraries. Review for API correctness, breaking changes, and consistency with docs. When public APIs change, ensure there is a matching docs/draft/docs/** update (not direct edits under docs/docs/**).

Files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts

🧠 Learnings (6)

📓 Common learnings

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: FrontMCP is a TypeScript-first schema validation framework - all types should align with MCP protocol definitions

📚 Learning: 2025-12-19T02:04:46.464Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: FrontMCP is a TypeScript-first schema validation framework - all types should align with MCP protocol definitions

Applied to files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts

📚 Learning: 2025-12-19T02:04:46.464Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: Applies to libs/sdk/src/**/*.ts : Use specific error classes with MCP error codes instead of generic errors

Applied to files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts

📚 Learning: 2025-12-19T02:04:46.464Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: Applies to libs/sdk/src/**/*.ts : MCP response types should use strict MCP protocol types (GetPromptResult, ReadResourceResult) instead of `unknown`

Applied to files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts

📚 Learning: 2025-12-19T02:04:46.464Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: Applies to **/*.ts : Avoid non-null assertions (`!`) - use proper error handling and throw specific errors instead

Applied to files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts

📚 Learning: 2025-12-19T02:04:46.464Z

Learnt from: CR
Repo: agentfront/frontmcp PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-19T02:04:46.464Z
Learning: Applies to libs/sdk/src/**/*.ts : Validate hook flows and fail fast on invalid hook configurations with specific error messages

Applied to files:

• libs/sdk/src/common/decorators/front-mcp.decorator.ts

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Build Libraries
• GitHub Check: Lint & Format Checks

🔇 Additional comments (4)

libs/sdk/src/common/decorators/front-mcp.decorator.ts (4)

6-6: Good addition of MCP-specific error import.

This import aligns with the coding guideline requiring specific error classes with MCP error codes instead of generic errors. Based on learnings.

---

54-66: Well-typed synchronous require for bundler compatibility.

The explicit type annotations address the previous review feedback. The synchronous require is the correct approach for serverless bundlers (rspack/webpack) that may not handle dynamic imports correctly.

---

68-73: Proper MCP error handling for version mismatch.

Uses InternalMcpError with the SDK_VERSION_MISMATCH code and includes helpful guidance in the error message, matching the consistency with the non-serverless path. Based on learnings.

---

87-90: Consistent use of InternalMcpError in non-serverless path.

Properly uses InternalMcpError with SDK_VERSION_MISMATCH code, matching the serverless path and adhering to coding guidelines. Based on learnings.