@littlebearapps/platform-admin-sdk 1.4.0 → 1.4.2

package/dist/templates.d.ts

@@ -6,7 +6,7 @@
  */
 import type { Tier } from './prompts.js';
 /** Single source of truth for the SDK version. */
-export declare const SDK_VERSION = "1.4.0";
+export declare const SDK_VERSION = "1.4.2";
 /** Returns true if `to` is the same or higher tier than `from`. */
 export declare function isTierUpgradeOrSame(from: Tier, to: Tier): boolean;
 /** Check if a template file is a numbered migration (not seed.sql). */

package/dist/templates.js

@@ -5,7 +5,7 @@
  * All other files are copied verbatim.
  */
 /** Single source of truth for the SDK version. */
-export const SDK_VERSION = '1.4.0';
+export const SDK_VERSION = '1.4.2';
 /** Tier ordering for upgrade validation. */
 const TIER_ORDER = { minimal: 0, standard: 1, full: 2 };
 /** Returns true if `to` is the same or higher tier than `from`. */

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@littlebearapps/platform-admin-sdk",
-  "version": "1.4.0",
+  "version": "1.4.2",
   "description": "Platform Admin SDK — scaffold backend infrastructure with workers, circuit breakers, and cost protection for Cloudflare",
   "type": "module",
   "bin": {

package/templates/standard/workers/error-collector.ts

@@ -49,6 +49,22 @@ const GITHUB_ORG = 'your-github-org';
 // Rate limit: max issues per script per hour
 const MAX_ISSUES_PER_SCRIPT_PER_HOUR = 10;
 
+/** Safe parse of KV-cached JSON. Returns null on malformed data and logs the bad key. */
+function safeParseKV<T>(raw: string, kvKey: string): T | null {
+  try {
+    return JSON.parse(raw) as T;
+  } catch {
+    console.error(`Malformed KV cache at ${kvKey}, will fall through to D1`);
+    return null;
+  }
+}
+
+/** Discriminated result from GitHub issue search */
+type IssueSearchResult =
+  | { found: true; issue: { number: number; state: 'open' | 'closed'; shouldSkip: boolean } }
+  | { found: false }
+  | { found: 'error'; error: unknown };
+
 /**
  * Map error type to GitHub issue type
  * - Exceptions, CPU/memory limits, soft errors → Bug
@@ -244,31 +260,33 @@ async function createDashboardNotification(
  * Search GitHub for an existing issue with this fingerprint.
  * Used as a fallback when D1/KV don't have the mapping.
  *
- * @returns Issue details if found, null otherwise
+ * Returns a discriminated union so the caller can distinguish
+ * "no issue exists" from "search failed" — preventing duplicate
+ * issue creation when the GitHub Search API is temporarily unavailable.
  */
 async function findExistingIssueByFingerprint(
   github: GitHubClient,
   owner: string,
   repo: string,
   fingerprint: string
-): Promise<{
-  number: number;
-  state: 'open' | 'closed';
-  shouldSkip: boolean; // true if muted/wontfix
-} | null> {
+): Promise<IssueSearchResult> {
   try {
     // Search for issues containing this fingerprint in the body
     // The fingerprint appears as "Fingerprint: `{hash}`" in the issue body
-    const issues = await github.searchIssues(owner, repo, `"Fingerprint: \`${fingerprint}\`" in:body`);
+    const issues = await github.searchIssues(
+      owner,
+      repo,
+      `"Fingerprint: \`${fingerprint}\`" in:body`
+    );
 
-    if (issues.length === 0) return null;
+    if (issues.length === 0) return { found: false };
 
     // Prefer open issues over closed
     const openIssue = issues.find((i) => i.state === 'open');
     if (openIssue) {
       const labelNames = openIssue.labels.map((l) => l.name);
       const shouldSkip = SKIP_REOPEN_LABELS.some((l) => labelNames.includes(l));
-      return { number: openIssue.number, state: 'open', shouldSkip };
+      return { found: true, issue: { number: openIssue.number, state: 'open', shouldSkip } };
     }
 
     // Return most recent closed issue (search results are sorted by best match)
@@ -277,14 +295,18 @@ async function findExistingIssueByFingerprint(
     const shouldSkip = SKIP_REOPEN_LABELS.some((l) => labelNames.includes(l));
 
     return {
-      number: closedIssue.number,
-      state: closedIssue.state as 'open' | 'closed',
-      shouldSkip,
+      found: true,
+      issue: {
+        number: closedIssue.number,
+        state: closedIssue.state as 'open' | 'closed',
+        shouldSkip,
+      },
     };
   } catch (error) {
-    // Fail open - if search fails, allow creating a new issue
+    // Fail closed — if search fails, skip issue creation to prevent duplicates.
+    // The error is still tracked in D1; next occurrence will retry the search.
     console.error(`GitHub search failed for fingerprint ${fingerprint}:`, error);
-    return null;
+    return { found: 'error', error };
   }
 }
 
@@ -358,48 +380,53 @@ async function getOrCreateOccurrence(
   const cached = await kv.get(kvKey);
 
   if (cached) {
-    const data = JSON.parse(cached) as {
+    const data = safeParseKV<{
       issueNumber?: number;
       issueUrl?: string;
       status: ErrorStatus;
       occurrenceCount: number;
-    };
-
-    // Update occurrence count in D1
-    await db
-      .prepare(
-        `
-      UPDATE error_occurrences
-      SET occurrence_count = occurrence_count + 1,
-          last_seen_at = unixepoch(),
-          updated_at = unixepoch()
-      WHERE fingerprint = ?
-    `
-      )
-      .bind(fingerprint)
-      .run();
-
-    // Update KV cache
-    await kv.put(
-      kvKey,
-      JSON.stringify({
-        ...data,
-        occurrenceCount: data.occurrenceCount + 1,
-        lastSeen: Date.now(),
-      }),
-      { expirationTtl: 90 * 24 * 60 * 60 }
-    ); // 90 days
+    }>(cached, kvKey);
+
+    if (!data) {
+      // Corrupted cache — delete and fall through to D1
+      await kv.delete(kvKey);
+    } else {
+      // Update occurrence count in D1
+      await db
+        .prepare(
+          `
+        UPDATE error_occurrences
+        SET occurrence_count = occurrence_count + 1,
+            last_seen_at = unixepoch(),
+            updated_at = unixepoch()
+        WHERE fingerprint = ?
+      `
+        )
+        .bind(fingerprint)
+        .run();
 
-    return {
-      isNew: false,
-      occurrence: {
-        id: fingerprint,
-        occurrence_count: data.occurrenceCount + 1,
-        github_issue_number: data.issueNumber,
-        github_issue_url: data.issueUrl,
-        status: data.status,
-      },
-    };
+      // Update KV cache
+      await kv.put(
+        kvKey,
+        JSON.stringify({
+          ...data,
+          occurrenceCount: data.occurrenceCount + 1,
+          lastSeen: Date.now(),
+        }),
+        { expirationTtl: 90 * 24 * 60 * 60 }
+      ); // 90 days
+
+      return {
+        isNew: false,
+        occurrence: {
+          id: fingerprint,
+          occurrence_count: data.occurrenceCount + 1,
+          github_issue_number: data.issueNumber,
+          github_issue_url: data.issueUrl,
+          status: data.status,
+        },
+      };
+    }
   }
 
   // Check D1 for existing occurrence
@@ -542,7 +569,8 @@ async function updateOccurrenceWithIssue(
   const kvKey = `ERROR_FINGERPRINT:${fingerprint}`;
   const cached = await kv.get(kvKey);
   if (cached) {
-    const data = JSON.parse(cached);
+    const data = safeParseKV<Record<string, unknown>>(cached, kvKey);
+    if (!data) return; // Corrupted cache — D1 is already updated
     await kv.put(
       kvKey,
       JSON.stringify({
@@ -665,6 +693,12 @@ function formatIssueBody(
     body += `🟠 Exceeded CPU Limit\n\n`;
   } else if (errorType === 'memory_limit') {
     body += `🟠 Exceeded Memory Limit\n\n`;
+  } else if (errorType === 'canceled') {
+    body += `🟠 Invocation Canceled\n\n`;
+  } else if (errorType === 'stream_disconnected') {
+    body += `🟡 Response Stream Disconnected\n\n`;
+  } else if (errorType === 'script_not_found') {
+    body += `🔴 Script Not Found (Deployment Issue)\n\n`;
   } else if (errorType === 'soft_error') {
     const errorLog = event.logs.find((l) => l.level === 'error');
     const cleanMsg = errorLog ? extractCoreMessage(errorLog.message[0]) : 'Unknown';
@@ -959,9 +993,18 @@ async function handleNewOrRecurringError(ctx: {
 
       try {
         // DEDUP CHECK: Search GitHub for existing issue with this fingerprint
-        const existingIssue = await findExistingIssueByFingerprint(github, owner, repo, fingerprint);
+        const searchResult = await findExistingIssueByFingerprint(github, owner, repo, fingerprint);
+
+        // If search failed, skip issue creation to prevent duplicates.
+        // The error is still tracked in D1; next occurrence will retry.
+        if (searchResult.found === 'error') {
+          console.log(`GitHub search failed for ${fingerprint}, skipping issue creation to prevent duplicates`);
+          return;
+        }
+
+        if (searchResult.found === true) {
+          const existingIssue = searchResult.issue;
 
-        if (existingIssue) {
           // Check if issue is muted/wontfix - don't reopen or create new
           if (existingIssue.shouldSkip) {
             console.log(`Issue #${existingIssue.number} is muted/wontfix, skipping`);
@@ -1472,9 +1515,15 @@ async function tail(events: TailEvent[], env: Env): Promise<void> {
 
   // Load dynamic patterns once for all events in this batch
   // These are AI-suggested, human-approved patterns from pattern-discovery
-  const dynamicPatterns = await loadDynamicPatterns(env.PLATFORM_CACHE);
-  if (dynamicPatterns.length > 0) {
-    console.log(`Loaded ${dynamicPatterns.length} dynamic patterns from KV`);
+  // Defensive wrap: if SDK's internal catch is ever refactored, this prevents entire batch loss
+  let dynamicPatterns: CompiledPattern[] = [];
+  try {
+    dynamicPatterns = await loadDynamicPatterns(env.PLATFORM_CACHE);
+    if (dynamicPatterns.length > 0) {
+      console.log(`Loaded ${dynamicPatterns.length} dynamic patterns from KV`);
+    }
+  } catch (e) {
+    console.error('Failed to load dynamic patterns in tail handler:', e);
   }
 
   for (const event of events) {

package/templates/standard/workers/lib/error-collector/capture.ts

@@ -48,6 +48,21 @@ export function shouldCapture(event: TailEvent): CaptureDecision {
     return { capture: true, type: 'exception' };
   }
 
+  // Canceled invocations (workflow timeout, step failure) - always capture
+  if (event.outcome === 'canceled') {
+    return { capture: true, type: 'canceled' };
+  }
+
+  // Response stream disconnected (client disconnect during streaming)
+  if (event.outcome === 'responseStreamDisconnected') {
+    return { capture: true, type: 'stream_disconnected' };
+  }
+
+  // Script not found (deployment issue) - always capture as critical
+  if (event.outcome === 'scriptNotFound') {
+    return { capture: true, type: 'script_not_found' };
+  }
+
   // Check for soft errors (console.error with 'ok' outcome)
   const hasErrorLogs = event.logs.some((l) => l.level === 'error');
   if (hasErrorLogs) {
@@ -72,8 +87,12 @@ export function calculatePriority(
   tier: number,
   occurrenceCount: number
 ): Priority {
-  // Resource limits are always critical
-  if (errorType === 'cpu_limit' || errorType === 'memory_limit') {
+  // Resource limits and deployment failures are always critical
+  if (
+    errorType === 'cpu_limit' ||
+    errorType === 'memory_limit' ||
+    errorType === 'script_not_found'
+  ) {
     return 'P0';
   }
 
@@ -84,6 +103,16 @@ export function calculatePriority(
     return 'P2'; // Tier 2+ = Medium priority
   }
 
+  // Canceled invocations — moderate priority (workflow issues)
+  if (errorType === 'canceled') {
+    return 'P2';
+  }
+
+  // Stream disconnected — low priority (often transient/client-side)
+  if (errorType === 'stream_disconnected') {
+    return 'P3';
+  }
+
   // Soft errors escalate with repeated occurrences
   if (errorType === 'soft_error') {
     return occurrenceCount > 5 ? 'P2' : 'P3';
@@ -132,6 +161,15 @@ export function getLabels(errorType: ErrorType, priority: Priority): string[] {
     case 'soft_error':
       labels.push('cf:error:soft-error');
       break;
+    case 'canceled':
+      labels.push('cf:error:canceled');
+      break;
+    case 'stream_disconnected':
+      labels.push('cf:error:stream-disconnected');
+      break;
+    case 'script_not_found':
+      labels.push('cf:error:script-not-found');
+      break;
     case 'warning':
       labels.push('cf:error:warning');
       break;
@@ -201,6 +239,18 @@ export function formatErrorTitle(
     }
   }
 
+  if (errorType === 'canceled') {
+    return `[${scriptName}] Invocation canceled`;
+  }
+
+  if (errorType === 'stream_disconnected') {
+    return `[${scriptName}] Response stream disconnected`;
+  }
+
+  if (errorType === 'script_not_found') {
+    return `[${scriptName}] Script not found`;
+  }
+
   if (errorType === 'warning') {
     const warnLog = event.logs.find((l) => l.level === 'warn');
     if (warnLog) {

package/templates/standard/workers/lib/error-collector/github.ts

@@ -73,6 +73,7 @@ async function getInstallationToken(
     `https://api.github.com/app/installations/${installationId}/access_tokens`,
     {
       method: 'POST',
+      signal: AbortSignal.timeout(10_000),
       headers: {
         Authorization: `Bearer ${jwt}`,
         Accept: 'application/vnd.github+json',
@@ -135,6 +136,7 @@ export class GitHubClient {
 
     const response = await fetch(`https://api.github.com${path}`, {
       method,
+      signal: AbortSignal.timeout(10_000),
       headers: {
         Authorization: `Bearer ${token}`,
         Accept: 'application/vnd.github+json',
@@ -235,6 +237,7 @@ export class GitHubClient {
 
     const response = await fetch('https://api.github.com/graphql', {
       method: 'POST',
+      signal: AbortSignal.timeout(10_000),
       headers: {
         Authorization: `Bearer ${token}`,
         'Content-Type': 'application/json',

package/templates/standard/workers/lib/error-collector/types.ts

@@ -83,7 +83,15 @@ export interface TailEvent {
 }
 
 // Error Collector types
-export type ErrorType = 'exception' | 'cpu_limit' | 'memory_limit' | 'soft_error' | 'warning';
+export type ErrorType =
+  | 'exception'
+  | 'cpu_limit'
+  | 'memory_limit'
+  | 'canceled'
+  | 'stream_disconnected'
+  | 'script_not_found'
+  | 'soft_error'
+  | 'warning';
 export type Priority = 'P0' | 'P1' | 'P2' | 'P3' | 'P4';
 export type ErrorStatus = 'open' | 'resolved' | 'wont_fix' | 'pending_digest' | 'digested';