Skip to content

feat(runtime): add experimental Node.js 24 and 26 task runtimes#4085

Draft
carderne wants to merge 6 commits into
mainfrom
feature/tri-11473-modernise-user-runtimes-add-node-24-default-for-new-add-node
Draft

feat(runtime): add experimental Node.js 24 and 26 task runtimes#4085
carderne wants to merge 6 commits into
mainfrom
feature/tri-11473-modernise-user-runtimes-add-node-24-default-for-new-add-node

Conversation

@carderne

@carderne carderne commented Jun 30, 2026

Copy link
Copy Markdown
Collaborator

Summary

Adds experimental Node.js 24 and 26 task runtimes through the experimental-node-24 and experimental-node-26 config values.

Existing runtime defaults and the node, node-22, and bun behavior remain unchanged. The unprefixed node-24 and node-26 config values remain unavailable until the runtimes are ready for general use.

Design

Experimental config values normalize to canonical runtime identifiers before build manifests are created, keeping deployment metadata and execution behavior consistent. Kubernetes task pods also use the runtime-default seccomp profile so modern Node.js versions fall back from io_uring to checkpoint-compatible system calls.

@coderabbitai

coderabbitai Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review

Walkthrough

Adds Node 24 and Node 26 runtime support, makes Node 24 the default, updates CLI configuration and container image handling, and warns when the legacy node runtime is used. Documents experimental runtime releases. Runtime identifiers now flow into Kubernetes workload creation, where qualifying workloads receive a targeted Localhost seccomp profile while existing security settings are preserved.

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name Status Explanation Resolution
Description check ⚠️ Warning The description omits required template sections like Closes #, checklist, Testing, Changelog, and Screenshots. Add the missing template sections, including an issue reference, checklist items, testing steps, changelog summary, and screenshots or note none.
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and concisely describes the main change: adding experimental Node.js 24 and 26 task runtimes.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feature/tri-11473-modernise-user-runtimes-add-node-24-default-for-new-add-node

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3


ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 59bdb7f6-c5bc-4a8d-be9d-fe5987c91536

📥 Commits

Reviewing files that changed from the base of the PR and between cd9d20c and d13595f.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (24)
  • .github/workflows/changesets-pr.yml
  • .github/workflows/claude.yml
  • .github/workflows/code-quality.yml
  • .github/workflows/e2e-webapp-auth-full.yml
  • .github/workflows/e2e-webapp.yml
  • .github/workflows/e2e.yml
  • .github/workflows/pr-testbox-windows.yml
  • .github/workflows/pr-testbox.yml
  • .github/workflows/release.yml
  • .github/workflows/sdk-compat.yml
  • .github/workflows/typecheck.yml
  • .github/workflows/unit-tests-internal.yml
  • .github/workflows/unit-tests-packages.yml
  • .github/workflows/unit-tests-webapp.yml
  • .nvmrc
  • CONTRIBUTING.md
  • docker/Dockerfile
  • internal-packages/clickhouse/src/client/client.ts
  • package.json
  • packages/cli-v3/src/commands/init.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/core/src/v3/schemas/build.ts
📜 Review details
⏰ Context from checks skipped due to timeout. (12)
  • GitHub Check: internal / 🧪 Unit Tests: Internal (10, 12)
  • GitHub Check: internal / 🧪 Unit Tests: Internal (8, 12)
  • GitHub Check: internal / 🧪 Unit Tests: Internal (11, 12)
  • GitHub Check: internal / 🧪 Unit Tests: Internal (2, 12)
  • GitHub Check: internal / 🧪 Unit Tests: Internal (5, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (8, 10)
  • GitHub Check: internal / 🧪 Unit Tests: Internal (4, 12)
  • GitHub Check: internal / 🧪 Unit Tests: Internal (6, 12)
  • GitHub Check: internal / 🧪 Unit Tests: Internal (3, 12)
  • GitHub Check: internal / 🧪 Unit Tests: Internal (1, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (4, 10)
  • GitHub Check: packages / 🧪 Unit Tests: Packages (3, 3)
⚠️ CI failures not shown inline (2)

GitHub Actions: 🛡️ E2E Tests: Webapp Auth (full) / 🛡️ E2E Auth Tests (full): feat(runtime): add node-24 (default) and node-26, deprecate node/node-21

Conclusion: failure

View job details

localhost:34257/api/v1/waitpoints/tokens/waitpoint_2gh5vn9rcv4e4ts1hibd5/complete","http.host":"localhost:34257","net.host.name":"localhost","http.method":"POST","http.scheme":"http","http.target":"/api/v1/waitpoints/tokens/waitpoint_2gh5vn9rcv4e4ts1hibd5/complete","http.user_agent":"node","http.request_content_length_uncompressed":2,"http.flavor":"1.1","net.transport":"ip_tcp","db.datasource":"writer","net.host.ip":"::ffff:127.0.0.1","net.host.port":34257,"net.peer.ip":"::ffff:127.0.0.1","net.peer.port":41848,"http.status_code":200,"http.status_text":"OK"},"status":{"code":0},"events":[],"links":[],"level":"trace"}
 {"traceId":"ec550e719a894af94766fa633db39fc0","parentId":"8396ed62ac5fe46d","message":"handlePayloadPacket()","spanId":"7ccabca69c489099","kind":0,"timestamp":1782828986381000,"duration":28.945,"attributes":{},"status":{"code":0},"events":[],"links":[],"level":"trace"}
 {"traceId":"ec550e719a894af94766fa633db39fc0","parentId":"8396ed62ac5fe46d","message":"enqueue","spanId":"eaa0d8af3e07d236","kind":3,"timestamp":1782828986386000,"duration":638.8,"attributes":{"job_type":"v3.expireRun","job_id":"v3.expireRun:cmr0qchzk000aqn1wus68sd4j","job_visibility_timeout_ms":60000},"status":{"code":0},"events":[],"links":[],"level":"trace"}
 {"traceId":"ec550e719a894af94766fa633db39fc0","parentId":"8396ed62ac5fe46d","message":"enqueueMessage","spanId":"268eb9e4ad1e6b6b","kind":3,"timestamp":1782828986386000,"duration":781.56,"attributes":{"messaging.operation":"publish","message.id":"cmr0qchzk000aqn1wus68sd4j","messaging.system":"marqs","$trigger.env.id":"cmr0qchz6004xqnadbb0zwvv6","$trigger.env.type":"DEVELOPMENT","$trigger.env.slug":"dev","$trigger.org.id":"cmr0qchz4004tqnad4604u7gu","$trigger.org.slug":"e2e-org-1d4108b5","$trigger.org.title":"e2e-test-org-1d4108b5","$trigger.project.id":"cmr0qchz5004vqnadvc62zx0v","$trigger.project.name":"e2e-test-project-1d4108b5","queue":"task/test-task","message_id":"cmr0qchzk000aqn1wus68sd4j","parent_queue":"org:qnad4604u7g...

GitHub Actions: 🛡️ E2E Tests: Webapp Auth (full) / 0_🛡️ E2E Auth Tests (full).txt: feat(runtime): add node-24 (default) and node-26, deprecate node/node-21

Conclusion: failure

View job details

t_count":1},"status":{"code":0},"events":[],"links":[],"level":"trace"}
 {"traceId":"ec550e719a894af94766fa633db39fc0","parentId":"8396ed62ac5fe46d","message":"flushBatch","spanId":"ef9414c87503246f","kind":0,"timestamp":1782828986387000,"duration":1334.206,"attributes":{"flush_id":"P98bmGQq7nq6B2gZAxJH1","event_count":1,"partial_event_count":0,"last_flush_in_ms":76},"status":{"code":0},"events":[],"links":[],"level":"trace"}
 {"traceId":"ec550e719a894af94766fa633db39fc0","parentId":"2be15ea21956f61e","message":"TriggerTaskServiceV1.call()","spanId":"8396ed62ac5fe46d","kind":1,"timestamp":1782828986381000,"duration":7757.459,"attributes":{"$trigger.env.id":"cmr0qchz6004xqnadbb0zwvv6","$trigger.env.type":"DEVELOPMENT","$trigger.env.slug":"dev","$trigger.org.id":"cmr0qchz4004tqnad4604u7gu","$trigger.org.slug":"e2e-org-1d4108b5","$trigger.org.title":"e2e-test-org-1d4108b5","$trigger.project.id":"cmr0qchz5004vqnadvc62zx0v","$trigger.project.name":"e2e-test-project-1d4108b5","taskId":"test-task","attempt":0,"db.datasource":"writer","queueName":"task/test-task","runId":"run_8mgoezwdxevaherkzehmo"},"status":{"code":0},"events":[],"links":[],"level":"trace"}
 {"traceId":"ec550e719a894af94766fa633db39fc0","parentId":"deec4f750a2873f4","message":"TriggerTaskService.call()","spanId":"2be15ea21956f61e","kind":1,"timestamp":1782828986380000,"duration":8954.676,"attributes":{"$trigger.env.id":"cmr0qchz6004xqnadbb0zwvv6","$trigger.env.type":"DEVELOPMENT","$trigger.env.slug":"dev","$trigger.org.id":"cmr0qchz4004tqnad4604u7gu","$trigger.org.slug":"e2e-org-1d4108b5","$trigger.org.title":"e2e-test-org-1d4108b5","$trigger.project.id":"cmr0qchz5004vqnadvc62zx0v","$trigger.project.name":"e2e-test-project-1d4108b5","taskId":"test-task","db.datasource":"writer"},"status":{"code":0},"events":[],"links":[],"level":"trace"}
 {"traceId":"ec550e719a894af94766fa633db39fc0","message":"POST","spanId":"deec4f750a2873f4","kind":1,"timestamp":1782828986372000,"duration":18796.62,"attributes":{"htt...
🧰 Additional context used
📓 Path-based instructions (15)
**/*.{ts,tsx,js,jsx,mts,cts,mjs,cjs,md,mdx}

📄 CodeRabbit inference engine (CLAUDE.md)

Always import from @trigger.dev/sdk when writing Trigger.dev tasks; never use @trigger.dev/sdk/v3 or deprecated client.defineJob.

Files:

  • CONTRIBUTING.md
  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
**/*.{ts,tsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

**/*.{ts,tsx}: Use types over interfaces for TypeScript
Avoid using enums; prefer string unions or const objects instead

Files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Use function declarations instead of default exports

Files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/otel-metrics.mdc)

**/*.ts: When creating or editing OTEL metrics (counters, histograms, gauges), ensure metric attributes have low cardinality by using only enums, booleans, bounded error codes, or bounded shard IDs
Do not use high-cardinality attributes in OTEL metrics such as UUIDs/IDs (envId, userId, runId, projectId, organizationId), unbounded integers (itemCount, batchSize, retryCount), timestamps (createdAt, startTime), or free-form strings (errorMessage, taskName, queueName)
When exporting OTEL metrics via OTLP to Prometheus, be aware that the exporter automatically adds unit suffixes to metric names (e.g., 'my_duration_ms' becomes 'my_duration_ms_milliseconds', 'my_counter' becomes 'my_counter_total'). Account for these transformations when writing Grafana dashboards or Prometheus queries

Files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
**/*.{ts,tsx,js,jsx,mts,cts,mjs,cjs}

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.{ts,tsx,js,jsx,mts,cts,mjs,cjs}: Use pnpm run typecheck for changes in apps (apps/*) and internal packages (internal-packages/*), and never use build to verify those changes.
Use Vitest for tests, and never mock anything; use testcontainers instead.
Prefer static imports over dynamic import(), and only use dynamic imports for unresolved circular dependencies, genuine code-splitting needs, or conditional runtime loading.

Files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
package.json

📄 CodeRabbit inference engine (CLAUDE.md)

When adding dependencies, edit package.json directly instead of using pnpm add; then run pnpm i from the repo root.

Files:

  • package.json
**/package.json

📄 CodeRabbit inference engine (CLAUDE.md)

When adding zod to any package, use the exact repository-pinned version (3.25.76) and never a different version or a range.

Files:

  • package.json
**/Dockerfile*

📄 CodeRabbit inference engine (CLAUDE.md)

When updating Docker image references, always use multiplatform/index digests, not architecture-specific digests.

Files:

  • docker/Dockerfile
{packages/core,apps/webapp}/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Use zod for validation in packages/core and apps/webapp

Files:

  • packages/core/src/v3/schemas/build.ts
  • packages/core/src/v3/build/runtime.ts
packages/core/**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (packages/core/CLAUDE.md)

Never import the root package (@trigger.dev/core). Always use subpath imports such as @trigger.dev/core/v3, @trigger.dev/core/v3/utils, @trigger.dev/core/logger, or @trigger.dev/core/schemas

Files:

  • packages/core/src/v3/schemas/build.ts
  • packages/core/src/v3/build/runtime.ts
packages/**/*.{ts,tsx,js,jsx,mts,cts,mjs,cjs}

📄 CodeRabbit inference engine (CLAUDE.md)

Use pnpm run build to verify changes in public packages (packages/*).

Files:

  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
packages/cli-v3/src/deploy/**/*

📄 CodeRabbit inference engine (packages/cli-v3/CLAUDE.md)

Deploy mode code should be located in src/deploy/ and handles bundling, archiving, building Docker images, and pushing to registry

Files:

  • packages/cli-v3/src/deploy/buildImage.ts
packages/cli-v3/src/deploy/buildImage.ts

📄 CodeRabbit inference engine (packages/cli-v3/CLAUDE.md)

Build Docker images using src/deploy/buildImage.ts for local Docker/Depot or remote builds

Files:

  • packages/cli-v3/src/deploy/buildImage.ts
packages/cli-v3/src/commands/**/*

📄 CodeRabbit inference engine (packages/cli-v3/CLAUDE.md)

CLI command definitions should be located in src/commands/

Files:

  • packages/cli-v3/src/commands/init.ts
packages/cli-v3/src/commands/init.ts

📄 CodeRabbit inference engine (packages/cli-v3/CLAUDE.md)

Implement init.ts command in src/commands/ for project initialization

Files:

  • packages/cli-v3/src/commands/init.ts
🧠 Learnings (14)
📚 Learning: 2026-04-13T21:43:58.707Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3368
File: apps/webapp/app/services/taskIdentifierRegistry.server.ts:49-58
Timestamp: 2026-04-13T21:43:58.707Z
Learning: In `apps/webapp/app/services/taskIdentifierRegistry.server.ts` (and closely related task registry/sync code in this module), an empty deployment (zero tasks) is not a realistic/expected scenario. Do not flag or require special handling or fallback logic for missing empty-task cases in this registry/sync flow.

Applied to files:

  • .nvmrc
📚 Learning: 2026-04-23T13:26:27.529Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3430
File: apps/webapp/app/presenters/v3/RunStreamPresenter.server.ts:0-0
Timestamp: 2026-04-23T13:26:27.529Z
Learning: In this codebase’s SSE implementation (notably `apps/webapp/app/utils/sse.ts` and its SSE callers such as `apps/webapp/app/presenters/v3/RunStreamPresenter.server.ts`), do not treat `.abort()` vs `.abort("<reason string>")` differences as a heap retention/memory leak issue on Node 20. Heap deltas are identical once `AbortSignal.any` is not involved; the investigated SSE memory leak root cause was `AbortSignal.any` (via FinalizationRegistry behavior on abort). When reviewing, focus on whether `AbortSignal.any` (or similar signal-combining/finalization patterns) is used in the SSE abort path rather than the presence/contents of the abort reason string. Named abort-reason sentinel constants (e.g., `ABORT_REASON_*`) are for readability/style only, not correctness.

Applied to files:

  • .nvmrc
📚 Learning: 2026-04-30T21:28:35.705Z
Learnt from: samejr
Repo: triggerdotdev/trigger.dev PR: 3473
File: internal-packages/database/prisma/schema.prisma:59-60
Timestamp: 2026-04-30T21:28:35.705Z
Learning: In this repo, session-duration lower-bound validation is intentionally enforced only at the app layer (via `isAllowedSessionDuration` and `SESSION_DURATION_OPTIONS`), where the minimum allowed value is 300 seconds (5 minutes). `User.sessionDuration` is `Int` (non-nullable) and `Organization.maxSessionDuration` is `Int?` (nullable). There are currently no DB-level `CHECK` constraints for these fields anywhere in the migrations, so future reviews should not flag the absence of DB `CHECK` constraints on these session-duration fields—focus validation on the app-layer logic instead.

Applied to files:

  • .nvmrc
📚 Learning: 2026-05-12T06:43:09.116Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3558
File: internal-packages/run-engine/src/run-queue/index.ts:420-424
Timestamp: 2026-05-12T06:43:09.116Z
Learning: In internal-packages/run-engine/src/run-queue/index.ts, the RunQueue “read-path” counter/concurrency methods (e.g., lengthOfQueue/lengthOfQueues/currentConcurrencyOfQueues) intentionally “fail open” on transient Redis pipeline result errors. If you see pipeline result errors (e.g., baseErr/ctrErr) being coerced to 0 (treating Redis command errors the same as missing keys) rather than surfaced/thrown, do not flag it as a bug and do not suggest propagating those errors in future reviews.

Applied to files:

  • .nvmrc
📚 Learning: 2026-05-19T21:04:49.990Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3671
File: packages/trigger-sdk/src/v3/ai.ts:724-769
Timestamp: 2026-05-19T21:04:49.990Z
Learning: In packages/trigger-sdk/src/v3/ai.ts, when reviewing recovery/replay of turns, do NOT flag “lost metadata on recovered turns” if the recovered turns are reconstructed via the recovery boot queue that maps metadata by message.id (using replaySessionInTail’s {message, metadata, seqNum} per session.in record). If a message has no matching session.in record (e.g., hook-synthesized messages), the code intentionally falls back to the current boot payload’s metadata—this fallback is expected behavior.

Applied to files:

  • .nvmrc
📚 Learning: 2026-03-22T13:26:12.060Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3244
File: apps/webapp/app/components/code/TextEditor.tsx:81-86
Timestamp: 2026-03-22T13:26:12.060Z
Learning: In the triggerdotdev/trigger.dev codebase, do not flag `navigator.clipboard.writeText(...)` calls for `missing-await`/`unhandled-promise` issues. These clipboard writes are intentionally invoked without `await` and without `catch` handlers across the project; keep that behavior consistent when reviewing TypeScript/TSX files (e.g., usages like in `apps/webapp/app/components/code/TextEditor.tsx`).

Applied to files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
📚 Learning: 2026-03-22T19:24:14.403Z
Learnt from: matt-aitken
Repo: triggerdotdev/trigger.dev PR: 3187
File: apps/webapp/app/v3/services/alerts/deliverErrorGroupAlert.server.ts:200-204
Timestamp: 2026-03-22T19:24:14.403Z
Learning: In the triggerdotdev/trigger.dev codebase, webhook URLs are not expected to contain embedded credentials/secrets (e.g., fields like `ProjectAlertWebhookProperties` should only hold credential-free webhook endpoints). During code review, if you see logging or inclusion of raw webhook URLs in error messages, do not automatically treat it as a credential-leak/secrets-in-logs issue by default—first verify the URL does not contain embedded credentials (for example, no username/password in the URL, no obvious secret/token query params or fragments). If the URL is credential-free per this project’s conventions, allow the logging.

Applied to files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
📚 Learning: 2026-05-18T08:21:27.694Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3632
File: apps/webapp/sentry.server.ts:4-21
Timestamp: 2026-05-18T08:21:27.694Z
Learning: When handling Prisma error P1001 ("Can't reach database server") in TypeScript, don’t assume a single error shape. Prisma can surface P1001 via two different error classes/fields: `PrismaClientKnownRequestError` exposes it as `err.code === "P1001"` (common during mid-query connection drops), while `PrismaClientInitializationError` exposes it as `err.errorCode === "P1001"` (common on client startup failure). Therefore, predicates should use `err.code === "P1001" || err.errorCode === "P1001"`. Do not flag `err.code === "P1001"` as “unreachable/never matches,” as it is expected in production.

Applied to files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
📚 Learning: 2026-05-18T08:21:27.694Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3632
File: apps/webapp/sentry.server.ts:4-21
Timestamp: 2026-05-18T08:21:27.694Z
Learning: When handling Prisma errors for P1001 ("Can't reach database server"), do not assume it only appears under a single property name. Prisma may surface P1001 via either `PrismaClientKnownRequestError` (`err.code === "P1001"`, e.g., mid-query connection drops) or `PrismaClientInitializationError` (`err.errorCode === "P1001"`, e.g., client startup connection failure). To reliably detect the condition, check `err.code === "P1001" || err.errorCode === "P1001"`, and avoid review rules that would incorrectly flag `err.code === "P1001"` as unreachable/never-matching.

Applied to files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
📚 Learning: 2026-06-13T19:53:13.759Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3937
File: packages/trigger-sdk/skills/realtime-and-frontend/SKILL.md:258-260
Timestamp: 2026-06-13T19:53:13.759Z
Learning: When reviewing code that uses `trigger.dev/react-hooks`’s `useRealtimeRun`, preserve the call signature where the first argument is the full realtime handle object (not `handle.id`). This is intentional to maintain type-safety and is consistent with the official docs; do not suggest changing the first argument from the handle object to `handle.id`.

Applied to files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
📚 Learning: 2026-06-17T17:13:49.929Z
Learnt from: matt-aitken
Repo: triggerdotdev/trigger.dev PR: 3948
File: apps/webapp/app/routes/_app.orgs.$organizationSlug.projects.$projectParam.env.$envParam.bulk-actions.$bulkActionParam/route.tsx:48-62
Timestamp: 2026-06-17T17:13:49.929Z
Learning: In triggerdotdev/trigger.dev, within `dashboardLoader`/`dashboardAction` (or similar context resolver code) whenever you resolve an organization ID from an organization slug for RBAC/enterprise authorization scope, always read from the primary Prisma client (`prisma`), not `$replica`. Using `$replica` can hit replica-lag and cause the RBAC lookup/authorization to run without the correct org scope (bypassing intended role enforcement). Implement the slug→org lookup with `prisma.organization.findFirst(...)` (or equivalent primary-client query) and add an inline comment documenting why the primary client is required (replica lag could lead to unscoped RBAC checks).

Applied to files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
📚 Learning: 2026-06-23T13:04:21.413Z
Learnt from: carderne
Repo: triggerdotdev/trigger.dev PR: 4023
File: apps/webapp/app/services/upsertBranch.server.ts:14-18
Timestamp: 2026-06-23T13:04:21.413Z
Learning: In TypeScript, it’s valid to `import { type X }` and then use `typeof X` in a type-only position, e.g. `type Alias = z.infer<typeof X>`. The `type` modifier suppresses the runtime import, but the type checker still has the full exported type so `z.infer<typeof X>` can resolve correctly. In code reviews, don’t flag this as a TypeScript compile error as long as `typeof X` is used in a type context (e.g., with `z.infer`, `type` aliases, generics), not as a runtime value.

Applied to files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
📚 Learning: 2026-06-04T18:16:35.386Z
Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 3836
File: apps/supervisor/src/backpressure/backpressureMonitor.ts:3-5
Timestamp: 2026-06-04T18:16:35.386Z
Learning: When reviewing TypeScript in this repo, apply the rule “prefer type aliases over interfaces” only to data/object shapes and union/intersection type modeling. If an interface is being used as a behavioral contract for collaborators to implement (e.g., method-shape interfaces that define required behavior, such as `BackpressureLogger` / `BackpressureSignalSource` in `apps/supervisor/src/backpressure/backpressureMonitor.ts`), keep it as an `interface` and do not flag it as a type-alias-vs-interface violation.

Applied to files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
📚 Learning: 2026-06-09T17:58:04.699Z
Learnt from: 0ski
Repo: triggerdotdev/trigger.dev PR: 3879
File: apps/webapp/app/models/vercelIntegration.server.ts:619-630
Timestamp: 2026-06-09T17:58:04.699Z
Learning: In this codebase, outbound raw `fetch` calls should typically rely on Node/undici’s default request timeout (about ~300s) rather than adding a per-call `AbortController` + `setTimeout` wrapper inside individual functions (e.g. in files like `apps/webapp/app/models/vercelIntegration.server.ts`). During code review, do not flag the absence of a per-call timeout on a single `fetch` as an issue; if per-call timeouts are needed, they should be implemented via a codebase-wide convention (e.g., a shared fetch wrapper or documented pattern) rather than ad-hoc per-function changes.

Applied to files:

  • internal-packages/clickhouse/src/client/client.ts
  • packages/core/src/v3/schemas/build.ts
  • packages/cli-v3/src/config.ts
  • packages/cli-v3/src/deploy/buildImage.ts
  • packages/core/src/v3/build/runtime.ts
  • packages/cli-v3/src/commands/init.ts
🔇 Additional comments (23)
.nvmrc (1)

1-1: LGTM!

package.json (1)

59-59: LGTM!

Also applies to: 95-95

CONTRIBUTING.md (1)

32-32: LGTM!

Also applies to: 52-52

.github/workflows/typecheck.yml (1)

28-28: LGTM!

.github/workflows/unit-tests-internal.yml (1)

69-69: LGTM!

Also applies to: 149-149

.github/workflows/unit-tests-packages.yml (1)

69-69: LGTM!

Also applies to: 149-149

docker/Dockerfile (1)

1-1: 🩺 Stability & Availability

Confirm this digest is a multi-platform index. A single-platform manifest would make every stage architecture-specific and can break non-amd64 builds.

internal-packages/clickhouse/src/client/client.ts (1)

496-496: LGTM!

.github/workflows/changesets-pr.yml (1)

39-39: LGTM!

.github/workflows/claude.yml (1)

47-47: LGTM!

.github/workflows/code-quality.yml (1)

28-28: LGTM!

.github/workflows/e2e-webapp-auth-full.yml (1)

88-88: LGTM!

.github/workflows/unit-tests-webapp.yml (1)

69-69: LGTM!

Also applies to: 158-158

.github/workflows/e2e-webapp.yml (1)

59-63: LGTM!

.github/workflows/e2e.yml (1)

37-40: LGTM!

.github/workflows/pr-testbox-windows.yml (1)

36-39: LGTM!

.github/workflows/release.yml (1)

90-94: LGTM!

Also applies to: 288-292

.github/workflows/sdk-compat.yml (1)

15-17: LGTM!

Also applies to: 70-74, 112-116

packages/core/src/v3/schemas/build.ts (1)

16-16: LGTM!

packages/core/src/v3/build/runtime.ts (1)

7-14: LGTM!

Also applies to: 27-28, 57-59

packages/cli-v3/src/config.ts (1)

196-196: LGTM!

Also applies to: 286-292

packages/cli-v3/src/deploy/buildImage.ts (2)

694-694: 🎯 Functional Correctness

Confirm the legacy node alias should upgrade to Node 22.

Line 694 maps deprecated runtime: "node" projects to Node 22.23.1, while the warning describes node as the old Node 21 runtime. If this silent major-version move is intentional, update the warning/comment to say node now aliases Node 22 until removal; otherwise keep the old pinned image until users explicitly migrate.


700-713: LGTM!

Comment thread .github/workflows/pr-testbox.yml Outdated
Comment thread packages/cli-v3/src/commands/init.ts Outdated
Comment on lines 692 to 698
const BASE_IMAGE: Record<BuildRuntime, string> = {
bun: "imbios/bun-node:1.3.3-20-slim@sha256:59d84856a7e31eec83afedadb542f7306f672343b8b265c70d733404a6e8834b",
node: "node:21.7.3-bookworm-slim@sha256:dfc05dee209a1d7adf2ef189bd97396daad4e97c6eaa85778d6f75205ba1b0fb",
"node-22":
"node:22.16.0-bookworm-slim@sha256:048ed02c5fd52e86fda6fbd2f6a76cf0d4492fd6c6fee9e2c463ed5108da0e34",
bun: "imbios/bun-node:1.1.43-22-slim",
node: "node:22.23.1-bookworm-slim",
"node-22": "node:22.23.1-bookworm-slim",
"node-24": "node:24.18.0-bookworm-slim",
"node-26": "node:26.4.0-bookworm-slim",
};

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify index digests for the image tags before updating BASE_IMAGE.
for image in \
  "imbios/bun-node:1.1.43-22-slim" \
  "node:22.23.1-bookworm-slim" \
  "node:24.18.0-bookworm-slim" \
  "node:26.4.0-bookworm-slim"
do
  docker buildx imagetools inspect "$image" | sed -n '1,40p'
done

Repository: triggerdotdev/trigger.dev

Length of output: 323


🏁 Script executed:

#!/bin/bash
set -euo pipefail

FILE="packages/cli-v3/src/deploy/buildImage.ts"

echo "== outline =="
ast-grep outline "$FILE" --view expanded | sed -n '1,220p'

echo
echo "== relevant slice =="
sed -n '650,740p' "$FILE" | cat -n

Repository: triggerdotdev/trigger.dev

Length of output: 7697


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== BuildRuntime definition =="
rg -n "type BuildRuntime|BuildRuntime" packages/cli-v3/src -g '*.ts' -A4 -B4

echo
echo "== image reference / digest usage in deploy code =="
rg -n "digest|imagetools|`@sha256`|BASE_IMAGE|FROM " packages/cli-v3/src/deploy -g '*.ts' -A3 -B3

echo
echo "== other docker image references in repo =="
rg -n ":[0-9]+\.[0-9]+\.[0-9]+|`@sha256`:|FROM " packages -g '*.ts' -g '*.md' -A2 -B2

Repository: triggerdotdev/trigger.dev

Length of output: 21747


Pin the base images by digest. These FROM references are tag-only, so upstream tag changes can silently alter rebuild inputs; use multi-platform/index digests for all variants, especially the default node-24 image.

Source: Coding guidelines

@carderne carderne force-pushed the feature/tri-11473-modernise-user-runtimes-add-node-24-default-for-new-add-node branch from d13595f to b88e035 Compare July 14, 2026 11:26
@changeset-bot

changeset-bot Bot commented Jul 14, 2026

Copy link
Copy Markdown

🦋 Changeset detected

Latest commit: 5cc6840

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 26 packages
Name Type
@trigger.dev/core Patch
trigger.dev Patch
@trigger.dev/build Patch
@trigger.dev/python Patch
@trigger.dev/redis-worker Patch
@trigger.dev/schema-to-json Patch
@trigger.dev/sdk Patch
@internal/cache Patch
@internal/clickhouse Patch
@internal/llm-model-catalog Patch
@trigger.dev/rbac Patch
@internal/redis Patch
@internal/replication Patch
@internal/run-engine Patch
@internal/run-store Patch
@internal/schedule-engine Patch
@trigger.dev/sso Patch
@internal/testcontainers Patch
@internal/tracing Patch
@internal/tsql Patch
@internal/dashboard-agent Patch
@internal/sdk-compat-tests Patch
@trigger.dev/react-hooks Patch
@trigger.dev/rsc Patch
@trigger.dev/database Patch
@trigger.dev/otlp-importer Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@pkg-pr-new

pkg-pr-new Bot commented Jul 14, 2026

Copy link
Copy Markdown

Open in StackBlitz

@trigger.dev/build

npm i https://pkg.pr.new/@trigger.dev/build@0ea5f74

trigger.dev

npm i https://pkg.pr.new/trigger.dev@0ea5f74

@trigger.dev/core

npm i https://pkg.pr.new/@trigger.dev/core@0ea5f74

@trigger.dev/python

npm i https://pkg.pr.new/@trigger.dev/python@0ea5f74

@trigger.dev/react-hooks

npm i https://pkg.pr.new/@trigger.dev/react-hooks@0ea5f74

@trigger.dev/redis-worker

npm i https://pkg.pr.new/@trigger.dev/redis-worker@0ea5f74

@trigger.dev/rsc

npm i https://pkg.pr.new/@trigger.dev/rsc@0ea5f74

@trigger.dev/schema-to-json

npm i https://pkg.pr.new/@trigger.dev/schema-to-json@0ea5f74

@trigger.dev/sdk

npm i https://pkg.pr.new/@trigger.dev/sdk@0ea5f74

commit: 0ea5f74

…rojects to node-24

- BuildRuntime enum: add node-24, node-26
- DEFAULT_RUNTIME: node → node-24
- buildImage.ts: repin node-22→22.23.1, add node-24/26 images, fix bun sidecar (node-20→node-22)
- runtime.ts: add node-24/26 cases to all switches
- config.ts: deprecation warning when runtime="node" (EOL node-21)
- init.ts: scaffold node-24 as default for new projects

TRI-11473
@carderne carderne force-pushed the feature/tri-11473-modernise-user-runtimes-add-node-24-default-for-new-add-node branch from b88e035 to 53b88bb Compare July 14, 2026 12:40
@carderne carderne changed the title feat(runtime): add node-24 (default) and node-26, deprecate node/node-21 feat(runtime): add Node.js 24 and 26 task runtimes Jul 14, 2026
@carderne carderne changed the title feat(runtime): add Node.js 24 and 26 task runtimes feat(runtime): add experimental Node.js 24 and 26 task runtimes Jul 14, 2026
carderne added 3 commits July 14, 2026 16:55
Only node-24+ runtimes create io_uring file descriptors (libuv >= ~1.52)
that block CRIU checkpointing; node/node-22/bun do not. Apply the
RuntimeDefault seccomp profile only to those cold pods instead of all run
pods, so existing runtimes keep their current syscall surface.

Plumbs the canonical runtime identifier through the dequeue message
(backgroundWorker.runtime) to the Kubernetes workload manager.
…ault

Replace the RuntimeDefault seccomp profile on node-24+ run pods with a
Localhost profile that blocks only io_uring_setup/enter/register and allows
every other syscall. This keeps node-24+ pods CRIU-checkpointable (libuv
falls back to epoll) without RuntimeDefault's broad syscall allowlist, which
could break unrelated workloads (browsers, sandboxes, native threads). Still
scoped to node-24+; node/node-22/bun pods remain unconfined.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
apps/supervisor/src/workloadManager/kubernetes.test.ts (1)

8-52: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Rename the test file to match the source file it tests.

As per coding guidelines, test files must be placed next to the source files they test. Since this file exclusively contains test coverage for the helpers implemented in kubernetesPodSpec.ts, consider renaming it to kubernetesPodSpec.test.ts to accurately reflect its target.

Source: Coding guidelines


ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 08b5655a-3a03-40c3-a347-3c36b742de5b

📥 Commits

Reviewing files that changed from the base of the PR and between 0ea5f74 and 5cc6840.

📒 Files selected for processing (4)
  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/types.ts
🚧 Files skipped from review as they are similar to previous changes (1)
  • apps/supervisor/src/workloadManager/types.ts
📜 Review details
⏰ Context from checks skipped due to timeout. (31)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (10, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (11, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (12, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (7, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (8, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (6, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (9, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (2, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (3, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (4, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (5, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (1, 12)
  • GitHub Check: sdk-compat / Node.js 24.18 (warp-ubuntu-latest-x64-4x)
  • GitHub Check: sdk-compat / Cloudflare Workers
  • GitHub Check: e2e / 🧪 CLI v3 tests (warp-windows-latest-x64-8x - pnpm)
  • GitHub Check: packages / 🧪 Unit Tests: Packages (1, 3)
  • GitHub Check: e2e / 🧪 CLI v3 tests (warp-windows-latest-x64-8x - npm)
  • GitHub Check: sdk-compat / Node.js 20.20 (warp-ubuntu-latest-x64-4x)
  • GitHub Check: packages / 🧪 Unit Tests: Packages (2, 3)
  • GitHub Check: e2e / 🧪 CLI v3 tests (warp-ubuntu-latest-x64-4x - npm)
  • GitHub Check: sdk-compat / Node.js 26.4 (warp-ubuntu-latest-x64-4x)
  • GitHub Check: sdk-compat / Deno Runtime
  • GitHub Check: sdk-compat / Node.js 22.23 (warp-ubuntu-latest-x64-4x)
  • GitHub Check: e2e / 🧪 CLI v3 tests (warp-ubuntu-latest-x64-4x - pnpm)
  • GitHub Check: packages / 🧪 Unit Tests: Packages (3, 3)
  • GitHub Check: internal / 🧪 Unit Tests: Internal
  • GitHub Check: sdk-compat / Bun Runtime
  • GitHub Check: typecheck / typecheck
  • GitHub Check: e2e-webapp / 🧪 E2E Tests: Webapp
  • GitHub Check: code-quality / code-quality
  • GitHub Check: Analyze (javascript-typescript)
🧰 Additional context used
📓 Path-based instructions (6)
**/*.{ts,tsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

**/*.{ts,tsx}: Use types over interfaces for TypeScript
Avoid using enums; prefer string unions or const objects instead

**/*.{ts,tsx}: Prefer static imports over dynamic import(); use dynamic imports only for unresolvable circular dependencies, genuine performance code splitting, or conditional runtime loading.
Import Trigger.dev tasks from @trigger.dev/sdk; never use @trigger.dev/sdk/v3 or deprecated client.defineJob.
Add agentcrumbs while writing code using approved namespaces; mark lines with // @Crumbs or blocks with `// `#region` `@crumbs, and strip them before merging.

Files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Use function declarations instead of default exports

Files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
**/*.{test,spec}.{ts,tsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Use vitest for all tests in the Trigger.dev repository

**/*.{test,spec}.{ts,tsx}: Use Vitest exclusively and never mock dependencies; use Testcontainers for integration dependencies.
Place test files next to the source files they test.

Files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/otel-metrics.mdc)

**/*.ts: When creating or editing OTEL metrics (counters, histograms, gauges), ensure metric attributes have low cardinality by using only enums, booleans, bounded error codes, or bounded shard IDs
Do not use high-cardinality attributes in OTEL metrics such as UUIDs/IDs (envId, userId, runId, projectId, organizationId), unbounded integers (itemCount, batchSize, retryCount), timestamps (createdAt, startTime), or free-form strings (errorMessage, taskName, queueName)
When exporting OTEL metrics via OTLP to Prometheus, be aware that the exporter automatically adds unit suffixes to metric names (e.g., 'my_duration_ms' becomes 'my_duration_ms_milliseconds', 'my_counter' becomes 'my_counter_total'). Account for these transformations when writing Grafana dashboards or Prometheus queries

Files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
apps/supervisor/src/workloadManager/**/*

📄 CodeRabbit inference engine (apps/supervisor/CLAUDE.md)

Keep the Docker/Kubernetes container orchestration abstraction in src/workloadManager/.

Files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
apps/**/*.{ts,tsx}

📄 CodeRabbit inference engine (AGENTS.md)

For apps, use typecheck for verification and never use build as the correctness check.

Files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
🧠 Learnings (11)
📚 Learning: 2026-03-22T13:26:12.060Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3244
File: apps/webapp/app/components/code/TextEditor.tsx:81-86
Timestamp: 2026-03-22T13:26:12.060Z
Learning: In the triggerdotdev/trigger.dev codebase, do not flag `navigator.clipboard.writeText(...)` calls for `missing-await`/`unhandled-promise` issues. These clipboard writes are intentionally invoked without `await` and without `catch` handlers across the project; keep that behavior consistent when reviewing TypeScript/TSX files (e.g., usages like in `apps/webapp/app/components/code/TextEditor.tsx`).

Applied to files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
📚 Learning: 2026-03-22T19:24:14.403Z
Learnt from: matt-aitken
Repo: triggerdotdev/trigger.dev PR: 3187
File: apps/webapp/app/v3/services/alerts/deliverErrorGroupAlert.server.ts:200-204
Timestamp: 2026-03-22T19:24:14.403Z
Learning: In the triggerdotdev/trigger.dev codebase, webhook URLs are not expected to contain embedded credentials/secrets (e.g., fields like `ProjectAlertWebhookProperties` should only hold credential-free webhook endpoints). During code review, if you see logging or inclusion of raw webhook URLs in error messages, do not automatically treat it as a credential-leak/secrets-in-logs issue by default—first verify the URL does not contain embedded credentials (for example, no username/password in the URL, no obvious secret/token query params or fragments). If the URL is credential-free per this project’s conventions, allow the logging.

Applied to files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
📚 Learning: 2026-05-18T08:21:27.694Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3632
File: apps/webapp/sentry.server.ts:4-21
Timestamp: 2026-05-18T08:21:27.694Z
Learning: When handling Prisma error P1001 ("Can't reach database server") in TypeScript, don’t assume a single error shape. Prisma can surface P1001 via two different error classes/fields: `PrismaClientKnownRequestError` exposes it as `err.code === "P1001"` (common during mid-query connection drops), while `PrismaClientInitializationError` exposes it as `err.errorCode === "P1001"` (common on client startup failure). Therefore, predicates should use `err.code === "P1001" || err.errorCode === "P1001"`. Do not flag `err.code === "P1001"` as “unreachable/never matches,” as it is expected in production.

Applied to files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
📚 Learning: 2026-05-18T08:21:27.694Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3632
File: apps/webapp/sentry.server.ts:4-21
Timestamp: 2026-05-18T08:21:27.694Z
Learning: When handling Prisma errors for P1001 ("Can't reach database server"), do not assume it only appears under a single property name. Prisma may surface P1001 via either `PrismaClientKnownRequestError` (`err.code === "P1001"`, e.g., mid-query connection drops) or `PrismaClientInitializationError` (`err.errorCode === "P1001"`, e.g., client startup connection failure). To reliably detect the condition, check `err.code === "P1001" || err.errorCode === "P1001"`, and avoid review rules that would incorrectly flag `err.code === "P1001"` as unreachable/never-matching.

Applied to files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
📚 Learning: 2026-06-13T19:53:13.759Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3937
File: packages/trigger-sdk/skills/realtime-and-frontend/SKILL.md:258-260
Timestamp: 2026-06-13T19:53:13.759Z
Learning: When reviewing code that uses `trigger.dev/react-hooks`’s `useRealtimeRun`, preserve the call signature where the first argument is the full realtime handle object (not `handle.id`). This is intentional to maintain type-safety and is consistent with the official docs; do not suggest changing the first argument from the handle object to `handle.id`.

Applied to files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
📚 Learning: 2026-06-17T17:13:49.929Z
Learnt from: matt-aitken
Repo: triggerdotdev/trigger.dev PR: 3948
File: apps/webapp/app/routes/_app.orgs.$organizationSlug.projects.$projectParam.env.$envParam.bulk-actions.$bulkActionParam/route.tsx:48-62
Timestamp: 2026-06-17T17:13:49.929Z
Learning: In triggerdotdev/trigger.dev, within `dashboardLoader`/`dashboardAction` (or similar context resolver code) whenever you resolve an organization ID from an organization slug for RBAC/enterprise authorization scope, always read from the primary Prisma client (`prisma`), not `$replica`. Using `$replica` can hit replica-lag and cause the RBAC lookup/authorization to run without the correct org scope (bypassing intended role enforcement). Implement the slug→org lookup with `prisma.organization.findFirst(...)` (or equivalent primary-client query) and add an inline comment documenting why the primary client is required (replica lag could lead to unscoped RBAC checks).

Applied to files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
📚 Learning: 2026-06-23T13:04:21.413Z
Learnt from: carderne
Repo: triggerdotdev/trigger.dev PR: 4023
File: apps/webapp/app/services/upsertBranch.server.ts:14-18
Timestamp: 2026-06-23T13:04:21.413Z
Learning: In TypeScript, it’s valid to `import { type X }` and then use `typeof X` in a type-only position, e.g. `type Alias = z.infer<typeof X>`. The `type` modifier suppresses the runtime import, but the type checker still has the full exported type so `z.infer<typeof X>` can resolve correctly. In code reviews, don’t flag this as a TypeScript compile error as long as `typeof X` is used in a type context (e.g., with `z.infer`, `type` aliases, generics), not as a runtime value.

Applied to files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
📚 Learning: 2026-05-18T14:40:02.173Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3658
File: packages/core/src/v3/realtimeStreams/manager.test.ts:1-147
Timestamp: 2026-05-18T14:40:02.173Z
Learning: In the triggerdotdev/trigger.dev repo, the policy “Never mock anything — use testcontainers instead” should only be enforced for integration tests that interact with real external services (e.g., Redis, Postgres) via actual infrastructure. For unit tests that exercise pure in-memory logic (e.g., cache semantics) it is OK to stub collaborators such as `ApiClient` using Vitest (`vi.fn()`) to assert call counts or control behavior. Do not flag `vi.fn()`-based `ApiClient` stubs in unit tests as violations of the testcontainers policy.

Applied to files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
📚 Learning: 2026-06-04T18:16:35.386Z
Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 3836
File: apps/supervisor/src/backpressure/backpressureMonitor.ts:3-5
Timestamp: 2026-06-04T18:16:35.386Z
Learning: When reviewing TypeScript in this repo, apply the rule “prefer type aliases over interfaces” only to data/object shapes and union/intersection type modeling. If an interface is being used as a behavioral contract for collaborators to implement (e.g., method-shape interfaces that define required behavior, such as `BackpressureLogger` / `BackpressureSignalSource` in `apps/supervisor/src/backpressure/backpressureMonitor.ts`), keep it as an `interface` and do not flag it as a type-alias-vs-interface violation.

Applied to files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
📚 Learning: 2026-06-09T17:58:04.699Z
Learnt from: 0ski
Repo: triggerdotdev/trigger.dev PR: 3879
File: apps/webapp/app/models/vercelIntegration.server.ts:619-630
Timestamp: 2026-06-09T17:58:04.699Z
Learning: In this codebase, outbound raw `fetch` calls should typically rely on Node/undici’s default request timeout (about ~300s) rather than adding a per-call `AbortController` + `setTimeout` wrapper inside individual functions (e.g. in files like `apps/webapp/app/models/vercelIntegration.server.ts`). During code review, do not flag the absence of a per-call timeout on a single `fetch` as an issue; if per-call timeouts are needed, they should be implemented via a codebase-wide convention (e.g., a shared fetch wrapper or documented pattern) rather than ad-hoc per-function changes.

Applied to files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
  • apps/supervisor/src/workloadManager/kubernetesPodSpec.ts
  • apps/supervisor/src/workloadManager/kubernetes.ts
📚 Learning: 2026-06-16T09:19:47.637Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3960
File: apps/webapp/test/prismaInfrastructureErrorCapture.test.ts:0-0
Timestamp: 2026-06-16T09:19:47.637Z
Learning: In this repo’s Vitest setup, `vitest.config.ts` uses `globals: true`, so identifiers like `vi`, `describe`, `it`, and `expect` are available as globals in Vitest test files. During code review, do not flag missing `vi`/`describe`/`it`/`expect` imports as a runtime error or correctness issue when they’re used in `*.test.ts/tsx` or `*.spec.ts/tsx` files. Explicit imports are still preferred for consistency, but they’re not required for runtime behavior.

Applied to files:

  • apps/supervisor/src/workloadManager/kubernetes.test.ts
🔇 Additional comments (2)
apps/supervisor/src/workloadManager/kubernetesPodSpec.ts (1)

3-46: LGTM!

apps/supervisor/src/workloadManager/kubernetes.ts (1)

17-20: LGTM!

Also applies to: 112-116, 131-131

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant