Skip to content

feat(oauth): add is_public field to OIDC client schemas#1356

Open
potofpie wants to merge 1 commit intomainfrom
feat/oidc-public-private
Open

feat(oauth): add is_public field to OIDC client schemas#1356
potofpie wants to merge 1 commit intomainfrom
feat/oidc-public-private

Conversation

@potofpie
Copy link
Copy Markdown
Member

@potofpie potofpie commented Apr 6, 2026
edited by coderabbitai bot
Loading

Summary

  • Adds is_public: z.boolean() to OAuthClientSchema (default true), OAuthClientCreateRequestSchema (optional), and OAuthClientUpdateRequestSchema (optional)
  • Required so the app API proxy's zValidator passes is_public through to Ion instead of stripping it

Related PRs

  • Ion: agentuity/ion — migration, Go handlers, OAuth enforcement
  • App: agentuity/app — frontend switch in OAuth app modal

Summary by CodeRabbit

  • New Features
    • OAuth clients now support a public/private visibility setting. This property defaults to public for newly created clients and can be customized during client creation and updates.

@potofpie
feat(oauth): add is_public field to OIDC client schemas
1bb3457 
Add is_public boolean to OAuthClientSchema, OAuthClientCreateRequestSchema,
and OAuthClientUpdateRequestSchema so the app API proxy's zValidator passes
the field through to Ion instead of stripping it.
@agentuity-agent
Copy link
Copy Markdown

agentuity-agent bot commented Apr 6, 2026
edited
Loading

The latest Agentuity deployment details.

Project Deployment Preview Updated (UTC)
docs 🟢 Ready (deploy_2af7ac50da4678707eccbbcd217e798a) - 2026-04-06T20:11:04Z

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Apr 6, 2026
edited
Loading

📝 Walkthrough

Walkthrough

A new is_public boolean field was added to OAuth client schemas in the types file. The field is required with a default value of true in the client schema, and optional in both the create and update request schemas.

Changes

Cohort / File(s) Summary
OAuth Client Schema
packages/core/src/services/oauth/types.ts		 Added is_public boolean field to OAuthClientSchema (default: true), OAuthClientCreateRequestSchema (optional), and OAuthClientUpdateRequestSchema (optional).
🚥 Pre-merge checks | ✅ 1
✅ Passed checks (1 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 6, 2026

📦 Canary Packages Published

version: 2.0.9-1bb3457

Packages
Package Version URL
@agentuity/opencode 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-opencode-2.0.9-1bb3457.tgz
@agentuity/react 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-react-2.0.9-1bb3457.tgz
@agentuity/schedule 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-schedule-2.0.9-1bb3457.tgz
@agentuity/sandbox 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-sandbox-2.0.9-1bb3457.tgz
@agentuity/queue 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-queue-2.0.9-1bb3457.tgz
@agentuity/claude-code 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-claude-code-2.0.9-1bb3457.tgz
@agentuity/cli 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-cli-2.0.9-1bb3457.tgz
@agentuity/email 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-email-2.0.9-1bb3457.tgz
@agentuity/evals 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-evals-2.0.9-1bb3457.tgz
@agentuity/keyvalue 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-keyvalue-2.0.9-1bb3457.tgz
@agentuity/db 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-db-2.0.9-1bb3457.tgz
@agentuity/runtime 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-runtime-2.0.9-1bb3457.tgz
@agentuity/task 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-task-2.0.9-1bb3457.tgz
@agentuity/core 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-core-2.0.9-1bb3457.tgz
@agentuity/workbench 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-workbench-2.0.9-1bb3457.tgz
@agentuity/auth 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-auth-2.0.9-1bb3457.tgz
@agentuity/postgres 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-postgres-2.0.9-1bb3457.tgz
@agentuity/schema 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-schema-2.0.9-1bb3457.tgz
@agentuity/webhook 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-webhook-2.0.9-1bb3457.tgz
@agentuity/coder 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-coder-2.0.9-1bb3457.tgz
@agentuity/frontend 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-frontend-2.0.9-1bb3457.tgz
@agentuity/migrate 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-migrate-2.0.9-1bb3457.tgz
@agentuity/server 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-server-2.0.9-1bb3457.tgz
@agentuity/coder-tui 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-coder-tui-2.0.9-1bb3457.tgz
@agentuity/drizzle 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-drizzle-2.0.9-1bb3457.tgz
@agentuity/vector 2.0.9-1bb3457 https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-vector-2.0.9-1bb3457.tgz
Install

Add to your package.json:

{
  "dependencies": {
    "@agentuity/opencode": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-opencode-2.0.9-1bb3457.tgz",
    "@agentuity/react": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-react-2.0.9-1bb3457.tgz",
    "@agentuity/schedule": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-schedule-2.0.9-1bb3457.tgz",
    "@agentuity/sandbox": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-sandbox-2.0.9-1bb3457.tgz",
    "@agentuity/queue": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-queue-2.0.9-1bb3457.tgz",
    "@agentuity/claude-code": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-claude-code-2.0.9-1bb3457.tgz",
    "@agentuity/cli": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-cli-2.0.9-1bb3457.tgz",
    "@agentuity/email": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-email-2.0.9-1bb3457.tgz",
    "@agentuity/evals": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-evals-2.0.9-1bb3457.tgz",
    "@agentuity/keyvalue": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-keyvalue-2.0.9-1bb3457.tgz",
    "@agentuity/db": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-db-2.0.9-1bb3457.tgz",
    "@agentuity/runtime": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-runtime-2.0.9-1bb3457.tgz",
    "@agentuity/task": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-task-2.0.9-1bb3457.tgz",
    "@agentuity/core": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-core-2.0.9-1bb3457.tgz",
    "@agentuity/workbench": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-workbench-2.0.9-1bb3457.tgz",
    "@agentuity/auth": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-auth-2.0.9-1bb3457.tgz",
    "@agentuity/postgres": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-postgres-2.0.9-1bb3457.tgz",
    "@agentuity/schema": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-schema-2.0.9-1bb3457.tgz",
    "@agentuity/webhook": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-webhook-2.0.9-1bb3457.tgz",
    "@agentuity/coder": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-coder-2.0.9-1bb3457.tgz",
    "@agentuity/frontend": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-frontend-2.0.9-1bb3457.tgz",
    "@agentuity/migrate": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-migrate-2.0.9-1bb3457.tgz",
    "@agentuity/server": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-server-2.0.9-1bb3457.tgz",
    "@agentuity/coder-tui": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-coder-tui-2.0.9-1bb3457.tgz",
    "@agentuity/drizzle": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-drizzle-2.0.9-1bb3457.tgz",
    "@agentuity/vector": "https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-vector-2.0.9-1bb3457.tgz"
  }
}

Or install directly:

bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-opencode-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-react-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-schedule-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-sandbox-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-queue-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-claude-code-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-cli-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-email-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-evals-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-keyvalue-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-db-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-runtime-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-task-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-core-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-workbench-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-auth-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-postgres-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-schema-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-webhook-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-coder-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-frontend-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-migrate-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-server-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-coder-tui-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-drizzle-2.0.9-1bb3457.tgz
bun add https://agentuity-sdk-objects.t3.storageapi.dev/npm/2.0.9-1bb3457/agentuity-vector-2.0.9-1bb3457.tgz

coderabbitai[bot]
coderabbitai bot reviewed Apr 6, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@packages/core/src/services/oauth/types.ts`:
- Line 23: The response schema unconditionally defaults OAuthClientSchema's
is_public to true, which is unsafe; update the OAuthClientSchema definition (the
is_public field) to stop defaulting to true—either remove the .default(true) and
use .optional() to mirror request schemas or explicitly set .default(false) if
you need a default, so missing backend values aren't implicitly treated as
public.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 09ad128e-fbc5-4289-a494-67dd54d07735

📥 Commits

Reviewing files that changed from the base of the PR and between 1e464e7 and 1bb3457.

📒 Files selected for processing (1)
  • packages/core/src/services/oauth/types.ts
📜 Review details
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)
  • GitHub Check: Agentuity Deployment
  • GitHub Check: Template Integration Tests
  • GitHub Check: SDK Integration Test Suite
  • GitHub Check: Cloud Deployment Tests
  • GitHub Check: Sandbox CLI Tests
  • GitHub Check: Windows WSL CLI Smoke Test
  • GitHub Check: Build
🧰 Additional context used
📓 Path-based instructions (3)
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (AGENTS.md)

Use Biome as code formatter with tabs (width 3), single quotes, semicolons, lineWidth 100, and trailingCommas es5

Files:

  • packages/core/src/services/oauth/types.ts
**/*.{ts,tsx}

📄 CodeRabbit inference engine (AGENTS.md)

**/*.{ts,tsx}: Use TypeScript Strict mode with ESNext target and bundler moduleResolution
Use StructuredError from @agentuity/core for error handling

Files:

  • packages/core/src/services/oauth/types.ts
packages/core/src/**/*.ts

📄 CodeRabbit inference engine (packages/core/AGENTS.md)

packages/core/src/**/*.ts: Build TypeScript with bun run build command
Run TypeScript type checking with bun run typecheck command
Ensure runtime compatibility with both Browser and Node/Bun environments with no runtime-specific code
Build target must be ESNext with TypeScript declaration files
Prefer interfaces for public APIs
Use generics for reusable type utilities
Ensure no side effects in all exports - all exports must be pure with no global mutations
All relative imports in TypeScript files MUST include the .ts extension
Run bun run build before publishing to compile TypeScript

Files:

  • packages/core/src/services/oauth/types.ts
🧠 Learnings (1)
📚 Learning: 2025-12-21T00:31:41.858Z 
Learnt from: jhaynie
Repo: agentuity/sdk PR: 274
File: packages/cli/src/cmd/build/vite/server-bundler.ts:12-41
Timestamp: 2025-12-21T00:31:41.858Z
Learning: In Bun runtime, BuildMessage and ResolveMessage are global types and are not exported from the bun module. Do not import { BuildMessage } from 'bun' or similar; these types are available globally and should be used without import. This applies to all TypeScript files that target the Bun runtime within the repository.

Applied to files:

  • packages/core/src/services/oauth/types.ts
🔇 Additional comments (1)
packages/core/src/services/oauth/types.ts (1)

54-54: Good parity on create/update validators for is_public.

Line 54 and Line 82 correctly make is_public accepted on both request schemas, which matches the passthrough objective and prevents field stripping.

Also applies to: 82-82

packages/core/src/services/oauth/types.ts
id_token_lifetime_seconds: z.number().optional(),
allowed_user_ids: z.array(z.string()),
internal: z.boolean().optional().default(false),
is_public: z.boolean().default(true),
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify whether any OAuth response producers/consumers still omit `is_public`
# and would rely on the schema default.
rg -nP --type=ts -C3 '\bOAuthClientSchema\b|\bOAuthClientListItemSchema\b|APIResponseSchema\('
rg -nP --type=ts -C3 '\bis_public\b|\bclient_type\b' packages/core/src/services/oauth

Repository: agentuity/sdk

Length of output: 50369

🏁 Script executed:

# Read the OAuth types file to see the exact schema definition
cat -n packages/core/src/services/oauth/types.ts | head -50

Repository: agentuity/sdk

Length of output: 2179

🏁 Script executed:

# Search for where is_public is used/accessed in the codebase
rg -nP --type=ts 'is_public' --max-count=30 -B2 -A2

Repository: agentuity/sdk

Length of output: 1202

🏁 Script executed:

# Search for OAuth handlers and API functions
rg -nP --type=ts 'OAuth.*[Cc]lient.*[Ss]chema|OAuthClientListItemSchema|OAuthClientCreateDataSchema|OAuthClientUpdateDataSchema' packages/core/src/services/oauth -B3 -A3

Repository: agentuity/sdk

Length of output: 21797

🏁 Script executed:

# Search for code that accesses is_public after parsing responses
rg -nP --type=ts 'client\.is_public|item\.is_public|\bis_public\b' --max-count=20 -B2 -A2

Repository: agentuity/sdk

Length of output: 1202

🏁 Script executed:

# Search for test files related to OAuth clients
find packages/core -name '*.test.ts' -o -name '*.spec.ts' | xargs grep -l -i oauth 2>/dev/null | head -5

Repository: agentuity/sdk

Length of output: 95

🏁 Script executed:

# Check the OAuth test file
cat packages/core/test/env-example.test.ts | head -100

Repository: agentuity/sdk

Length of output: 3734

🏁 Script executed:

# Search for any tests that might parse OAuth responses or mention is_public
find packages -name '*.test.ts' -o -name '*.spec.ts' | xargs grep -l 'OAuthClient' 2>/dev/null

Repository: agentuity/sdk

Length of output: 41

🏁 Script executed:

# Check for any comments or documentation about is_public in the OAuth service
rg -nP --type=ts 'is_public' packages/core/src/services/oauth -B5 -A1 | head -60

Repository: agentuity/sdk

Length of output: 1901

Avoid defaulting a security-sensitive flag to true in response schemas.

Line 23 applies z.boolean().default(true) to the is_public field in OAuthClientSchema, which will silently coerce missing values to true. This asymmetry with request schemas—where is_public is .optional() without defaults—creates a defensive coding gap for a security-relevant field. If the backend ever omits or partially returns client data, misclassification to public becomes automatic rather than explicit.

Suggested change 
-	is_public: z.boolean().default(true),
+	is_public: z.boolean(),
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
is_public: z.boolean().default(true),
is_public: z.boolean(),
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@packages/core/src/services/oauth/types.ts` at line 23, The response schema
unconditionally defaults OAuthClientSchema's is_public to true, which is unsafe;
update the OAuthClientSchema definition (the is_public field) to stop defaulting
to true—either remove the .default(true) and use .optional() to mirror request
schemas or explicitly set .default(false) if you need a default, so missing
backend values aren't implicitly treated as public.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@potofpie