Skip to content

Add SESSION_INJECTION_SECRET to Environment type definition#1348

Merged
damsleth merged 2 commits intofeat/agent-setupfrom
copilot/sub-pr-1342
Feb 4, 2026
Merged

Add SESSION_INJECTION_SECRET to Environment type definition#1348
damsleth merged 2 commits intofeat/agent-setupfrom
copilot/sub-pr-1342

Conversation

Copy link
Contributor

Copilot AI commented Feb 4, 2026
edited
Loading

Your checklist for this pull request

  • Make sure you are requesting to pull a feature/bugfix branch (right side).
  • Make sure you are making a pull request against the dev branch (left side). Also you should start your branch off our dev branch.
  • Check your code additions locally using npm run watch
  • Make sure strings/resources are added using our resource files
  • Make sure CHANGELOG.md is updated if applicable
  • Make sure Smoke tests are updated if applicable

Review checklist

  • Tested locally

Review theme song

Remove section if you think this is stupid.
🎵 Artist - Song 🎵

Description

Resolves TypeScript compilation failure where SESSION_INJECTION_SECRET was referenced in server/routes/auth.ts but missing from the Environment type definition.

Changes:

  • Added SESSION_INJECTION_SECRET: string to the Environment type in server/utils/environment.ts

The environment variable is used for timing-safe validation of session injection requests in the development-only endpoint added in the parent PR.

How to test

  1. Check out locally with gh
  2. Run npm run build:server
  3. Verify build completes without TypeScript errors

Related issues

Use e.g. Closes #1000 to link issue 1000 to the PR. Remove section if no related issues.

Related discussions

Remove section if no related discussions.

Related PRs

Parent PR: #1342

Related smoke tests

Remove section if no related smoke tests.

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI mentioned this pull request Feb 4, 2026
Merged
@damsleth
fix: add SESSION_INJECTION_SECRET to Environment type
ed3f285 
Co-authored-by: damsleth <7300548+damsleth@users.noreply.github.com>
Copilot AI changed the title [WIP] Refactor Docker scripts for improved management Add SESSION_INJECTION_SECRET to Environment type definition Feb 4, 2026
Copilot AI requested a review from damsleth February 4, 2026 15:40
@damsleth damsleth marked this pull request as ready for review February 4, 2026 19:31
@damsleth damsleth merged commit e7de8a5 into feat/agent-setup Feb 4, 2026
@damsleth damsleth deleted the copilot/sub-pr-1342 branch February 4, 2026 19:32
damsleth added a commit that referenced this pull request Feb 4, 2026
@damsleth
unified docker.sh script for improved docker management (#1342)
cce80c7 
* Refactor Docker scripts and enhance session management

- Replaced docker-dev.sh with a unified docker.sh script for improved Docker management.
- Removed docker-quickstart.sh and validate-docker.sh as they are no longer needed.
- Introduced agent-setup.sh and agent-teardown.sh for hands-off Docker environment setup for agent worktrees.
- Updated package.json to reflect new script paths and commands.
- Added session injection endpoint in auth.ts for testing purposes, allowing agents to authenticate without OAuth.
- Enhanced logging and error handling across scripts for better debugging and user feedback.

* fix: session injection env handling

* Security hardening and robustness fixes for Docker scripts and session injection (#1345)

* Initial plan

* fix: apply security and robustness improvements from code review

Co-authored-by: damsleth <7300548+damsleth@users.noreply.github.com>

* fix: add timing-safe comparison and handle edge cases

Co-authored-by: damsleth <7300548+damsleth@users.noreply.github.com>

* fix: add buffer length check and improve .env parsing robustness

Co-authored-by: damsleth <7300548+damsleth@users.noreply.github.com>

* refactor: use case-insensitive header lookup and DRY principle

Co-authored-by: damsleth <7300548+damsleth@users.noreply.github.com>

* fix: correct quote stripping pattern and use consistent session indexing

* Add SESSION_INJECTION_SECRET to Environment type definition (#1348)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@damsleth damsleth Awaiting requested review from damsleth

Assignees

@damsleth damsleth

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@damsleth

Comments