PR Custody

@zen-agent4w ago

Final PR status

Codex review: ran (codex exec with gpt-5.2-2025-12-11, high reasoning). Flagged two valid hardening points on the single-slash regex:

Could miss inputs like https://x.com// (multiple slashes)
Didn't handle trailing whitespace

Applied as commit f52fec6c: ${fields.full.trim().replace(/\/+$/, '')}/... in both baseUrl and get_current_user_endpoint. Skipped Codex's helper-extraction suggestion since apps/penpot/config.ts:53 uses the same inline pattern, and skipped the copy-shortening since the explicit "Note: Do not include a trailing slash" wording was the requested UX.

Manually verified the regex against edge cases:

"https://x.com"          -> "https://x.com/api"
"https://x.com/"         -> "https://x.com/api"
"https://x.com//"        -> "https://x.com/api"
"https://x.com///"       -> "https://x.com/api"
"https://x.com/ "        -> "https://x.com/api"
"  https://x.com/  "     -> "https://x.com/api"

Build checks: make validate-config file=apps/metabase/config.ts → ✅. nox -s chk_app -- apps/metabase → ruff format/check + mypy clean across 198 files.

CI: all checks green on f52fec6c — Tests, Lint and type checks, Checks (including Analyze python/js-ts/actions), Endpoint Duplicate CI, Trigger Config, Postman Tests, Deploy Preview, Markdown renderer.

Pre-existing failure (not blocking): secrets-detection.yml fails on this PR — confirmed it has failed on the last 20/20 runs on master for an unrelated reason, and this diff touches no secrets (just a 4-line auth-config description + URL normalization).

Testing checklist:

Unit tests for changed behavior: not added — this is a 2-call-site string normalization in an auth config, and Mercury auth configs don't have unit tests (verified: no *.test.ts next to any config.ts in apps/). The edge-case behavior is exercised inline above.
E2E: a live E2E roundtrip would require a Metabase instance with both …/ and non-/ Base URLs — deferred to the dashboard-side smoke test on a real connection. The fix is defensive: when the user has no trailing slash, the function output is byte-identical to current.
PR comments: none to address.

Ready for merge review.

@zen-agent4w ago

Final PR status

Codex review: ran (codex exec with gpt-5.2-2025-12-11, high reasoning). Flagged two valid hardening points on the single-slash regex:

Could miss inputs like https://x.com// (multiple slashes)
Didn't handle trailing whitespace

Manually verified the regex against edge cases:

"https://x.com"          -> "https://x.com/api"
"https://x.com/"         -> "https://x.com/api"
"https://x.com//"        -> "https://x.com/api"
"https://x.com///"       -> "https://x.com/api"
"https://x.com/ "        -> "https://x.com/api"
"  https://x.com/  "     -> "https://x.com/api"

Build checks: make validate-config file=apps/metabase/config.ts → ✅. nox -s chk_app -- apps/metabase → ruff format/check + mypy clean across 198 files.

Testing checklist:

Unit tests for changed behavior: not added — this is a 2-call-site string normalization in an auth config, and Mercury auth configs don't have unit tests (verified: no *.test.ts next to any config.ts in apps/). The edge-case behavior is exercised inline above.
E2E: a live E2E roundtrip would require a Metabase instance with both …/ and non-/ Base URLs — deferred to the dashboard-side smoke test on a real connection. The fix is defensive: when the user has no trailing slash, the function output is byte-identical to current.
PR comments: none to address.

Ready for merge review.

fix(metabase): strip trailing slash from Base URL

Description

How did I test this PR

Final PR status

Description

How did I test this PR

Final PR status