Skip to content

fix(core): remediate validation feedback loss and access control regressions#9840

Open
envsecure wants to merge 2 commits into
keystonejs:mainfrom
envsecure:fix/remediated-core-v3
Open

fix(core): remediate validation feedback loss and access control regressions#9840
envsecure wants to merge 2 commits into
keystonejs:mainfrom
envsecure:fix/remediated-core-v3

Conversation

@envsecure

@envsecure envsecure commented May 11, 2026

Copy link
Copy Markdown
Contributor

Description

This PR provides a comprehensive fix for the critical regressions in the KeystoneJS core that were identified in CI logs following the submission of PR #9838. It essentially replaces and completes the work started in #9838 by addressing the specific failure cases found in automated testing.

Key Improvements:

  1. Validation Pipeline Restoration:

    • Reverted internal error tags from validate to validateInput. This is a crucial fix for the API test suite which explicitly matches on the validateInput tag.
    • Restored the complex generic type signatures in hooks.ts to resolve MISSING_EXPORT build errors encountered with Rollup/Preconstruct.
    • Fixed a logic regression where field-level validation messages were being swallowed if a list-level hook crashed.
  2. Access Control Robustness:

    • Updated checkUniqueItemExists to correctly handle lists that are hidden from the GraphQL schema due to access control.
    • It now transforms "schema not supported" errors into the standard "Access denied ... it may not exist" message, ensuring consistent security-by-obscurity behavior.
    • Infrastructure-related database errors are now correctly rethrown instead of being masked.
  3. CI & Formatting:

    • Standardized formatting in hooks.ts to strictly adhere to the KeystoneJS "no semicolon" and trailing newline rules, resolving the format:check failures.

Changes

  • packages/core/src/lib/core/hooks.ts: Fixed types, formatting, and error tags.
  • packages/core/src/lib/core/access-control.ts: Improved error handling for unique item checks.
  • .changeset/remediate-ci-failures.md: Added documentation for the patch.

Relation to Previous Work

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant