[FIX] Lusha API Authentication Issue

[jcortes]

WHY

Resolves #18861

Summary by CodeRabbit

• Chores

  • Updated version numbers for Lusha integration actions (company search/enrich, contact search/enrich, combined operations) and main package (0.2.0 → 0.2.1).

• Improvements

  • Enhanced pagination mechanism for improved API request handling and enabled debug logging for better troubleshooting capabilities.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

2 Skipped Deployments

Project	Deployment	Preview	Comments	Updated (UTC)
pipedream-docs	Ignored			Oct 28, 2025 11:12pm
pipedream-docs-redirect-do-not-edit	Ignored			Oct 28, 2025 11:12pm

[coderabbitai]

Walkthrough

This pull request updates the Lusha app component with version increments across multiple action modules and refactors the pagination method in the main app file, changing the parameter name from params to data and adjusting result extraction logic.

Changes

Cohort / File(s)	Summary
Version bumps for action modules components/lusha/actions/company-enrich/company-enrich.mjs, components/lusha/actions/company-search/company-search.mjs, components/lusha/actions/contact-enrich/contact-enrich.mjs, components/lusha/actions/contact-search/contact-search.mjs	Version incremented for each action: company-enrich (0.0.4 → 0.0.5), company-search (0.0.3 → 0.0.4), contact-enrich (0.0.3 → 0.0.4), contact-search (0.0.3 → 0.0.4)
Version bumps for composite action modules components/lusha/actions/search-and-enrich-companies/search-and-enrich-companies.mjs, components/lusha/actions/search-and-enrich-contacts/search-and-enrich-contacts.mjs	Version updated: search-and-enrich-companies (0.0.2 → 0.0.3) and search-and-enrich-contacts (0.0.2 → 0.0.3)
Pagination method refactoring components/lusha/lusha.app.mjs	Method signature updated: paginate() parameter changed from params to data. Result extraction logic modified to use response.data instead of direct data iteration. Added debug: true flag to axios request configuration
Package version update components/lusha/package.json	Version bumped from 0.2.0 to 0.2.1

Sequence Diagram

sequenceDiagram
    participant Caller
    participant paginate as paginate() method
    participant API as Lusha API
    
    Note over Caller,API: Old Flow (params-based)
    Caller->>paginate: paginate({fn, params={}, maxResults})
    paginate->>paginate: payload.pages = params.pages
    paginate->>API: _makeRequest(axios config)
    API-->>paginate: response
    paginate->>paginate: iterate over data
    Note right of paginate: Loop until data.length < limit
    paginate-->>Caller: results
    
    Note over Caller,API: New Flow (data-based)
    Caller->>paginate: paginate({fn, data={}, maxResults})
    paginate->>paginate: payload.pages = data.pages
    paginate->>API: _makeRequest(axios config, debug:true)
    API-->>paginate: response
    paginate->>paginate: results = response.data<br/>iterate over results
    Note right of paginate: Loop until results.length < limit
    paginate-->>Caller: results

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Attention needed: Review the parameter rename and result extraction logic change in lusha.app.mjs to ensure all callers of the paginate() method have been updated to use data instead of params
• Verify that the debug: true flag addition to axios requests doesn't cause unintended logging side effects
• Confirm version increments align with semantic versioning conventions for the changes made

Poem

🐰 Version bumps hop along the way,

Eight-fold updates brighten the day,

Pagination flows with data so new,

Debug flags shine for me and you,

Lusha app sparkles, refreshed and true! ✨

Pre-merge checks and finishing touches

❌ Failed checks (3 warnings, 1 inconclusive)

Check name	Status	Explanation	Resolution
Title Check	⚠️ Warning	The PR title "[FIX] Lusha API Authentication Issue" references the main bug category from the linked issue #18861. However, the actual code changes shown in the raw summary consist primarily of version bumps across multiple action files (0.0.3→0.0.4, 0.0.2→0.0.3, etc.), pagination refactoring in lusha.app.mjs (changing params to data and adding a debug flag), and a package.json version bump. While the pagination changes might relate to request handling, the summary does not explain how these changes directly address the authentication header issue described in the title.
Linked Issues Check	⚠️ Warning	Issue #18861 specifies three key requirements: (1) fix API authentication by including the account API key in request headers, (2) add domain search parameter to the "Find a Company" action, and (3) add email and LinkedIn URL search parameters to contact search. The summarized changes show only version bumps across multiple action files, pagination refactoring that changes params to data with an added debug flag, and a package version update. There is no evidence in the raw summary that the API key has been added to request headers or that the missing search parameters (domain, email, LinkedIn URL) have been implemented in the respective actions.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.
Out of Scope Changes Check	❓ Inconclusive	The PR includes version bumps across six action files and the main package.json, which are routine maintenance tasks. Additionally, the lusha.app.mjs file has been modified with pagination changes (renaming params to data and adding a debug: true flag). While version bumps are generally within normal scope, the connection between the pagination refactoring and the stated authentication issue fix is unclear from the provided summary, making it difficult to determine if these changes are necessary to resolve the reported bug or constitute scope creep.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	The PR description follows the required template structure with a "WHY" section, but provides only a single line referencing issue #18861 without any explanation of the changes made or how they resolve the reported problem. While the description technically adheres to the template format, it lacks meaningful detail about what was changed and why those specific changes address the authentication issue and missing search parameters mentioned in the linked issue.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-lusha-auth-issues

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

components/lusha/actions/search-and-enrich-contacts/search-and-enrich-contacts.mjs (1)

90-108: Critical: Pagination broken due to params vs data mismatch.

The manual pagination loop passes pagination info via params.pages (lines 95-100), but based on the refactored paginate method in lusha.app.mjs (line 272), pagination should now be in data.pages. The Lusha API likely expects pagination in the request body, not query parameters.

Apply this diff to fix the pagination:

     do {
       const {
         requestId, data = [],
       } = await this.lusha.searchContacts({
         $,
-        params: {
-          pages: {
-            page,
-            size: 50,
-          },
-        },
         data: {
+          pages: {
+            page,
+            size: 50,
+          },
           filters: {
             contacts: {
               include,
             },
           },
         },
       });

components/lusha/actions/search-and-enrich-companies/search-and-enrich-companies.mjs (1)

80-98: Critical: Pagination broken due to params vs data mismatch.

The manual pagination loop passes pagination info via params.pages (lines 85-90), but the refactored paginate method in lusha.app.mjs (line 272) now uses data.pages. This inconsistency will cause pagination to fail.

Apply this diff to fix the pagination:

     do {
       const {
         requestId, data = [],
       } = await this.lusha.searchCompanies({
         $,
-        params: {
-          pages: {
-            page,
-            size: 50,
-          },
-        },
         data: {
+          pages: {
+            page,
+            size: 50,
+          },
           filters: {
             companies: {
               include,
             },
           },
         },
       });

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 36a8917 and b0364a7.

📒 Files selected for processing (8)

• components/lusha/actions/company-enrich/company-enrich.mjs (1 hunks)
• components/lusha/actions/company-search/company-search.mjs (1 hunks)
• components/lusha/actions/contact-enrich/contact-enrich.mjs (1 hunks)
• components/lusha/actions/contact-search/contact-search.mjs (1 hunks)
• components/lusha/actions/search-and-enrich-companies/search-and-enrich-companies.mjs (1 hunks)
• components/lusha/actions/search-and-enrich-contacts/search-and-enrich-contacts.mjs (1 hunks)
• components/lusha/lusha.app.mjs (2 hunks)
• components/lusha/package.json (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

components/lusha/lusha.app.mjs (4)

components/lusha/actions/company-enrich/company-enrich.mjs (1)

• response (32-38)

components/lusha/actions/company-search/company-search.mjs (1)

• response (78-89)

components/lusha/actions/contact-enrich/contact-enrich.mjs (1)

• response (32-38)

components/lusha/actions/contact-search/contact-search.mjs (1)

• response (87-98)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Publish TypeScript components
• GitHub Check: pnpm publish
• GitHub Check: Verify TypeScript components
• GitHub Check: Lint Code Base

🔇 Additional comments (1)

components/lusha/lusha.app.mjs (1)

182-182: Verify whether hardcoded debug mode is acceptable for production use and whether API key exposure is a known/acceptable trade-off.

The Pipedream platform's debug feature intentionally exports the full request configuration (including the Authorization header with the API key) to step.debug_config when enabled. The cloneSafe() function performs only a deep clone without filtering sensitive data.

This hardcoding is atypical compared to how most components use the debug flag (primarily in source/webhook handlers). Since the original concern about API key exposure is technically valid, confirm whether this debug mode is:

• Required for troubleshooting in production
• An oversight that should be removed or made configurable
• An accepted security/observability trade-off for this integration

If debug is not essential for production use, consider removing it or gating it behind an environment variable or component setting.