fix: add extra validation for vercel sync #6094

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

maidul98 wants to merge 1 commit into main from vercel-sync-add-validation

+24 −0

Open

fix: add extra validation for vercel sync #6094

fix: add extra validation for vercel sync

Claude / Claude Code Review completed Apr 19, 2026 in 8m 3s

Code review found 1 important issue

Found 5 candidates, confirmed 2. See review comments for details.

Details

Severity	Count
🔴 Important	1
🟡 Nit	0
🟣 Pre-existing	0

Severity	File:Line	Issue
🔴 Important	`backend/src/services/secret-sync/vercel/vercel-sync-schemas.ts:54-63`	Vacuous truth: empty targetEnvironments triggers misleading sensitive validation error

Annotations

Check failure on line 63 in backend/src/services/secret-sync/vercel/vercel-sync-schemas.ts

claude / Claude Code Review

Vacuous truth: empty targetEnvironments triggers misleading sensitive validation error

When `targetEnvironments` is empty and `sensitive` is `true`, the new Team-scope check `config.targetEnvironments.every(...)` fires vacuously (`[].every(fn) === true` in JavaScript), producing the misleading error "not supported for development environments" alongside the correct "At least one environment is required" error. Fix: add `config.targetEnvironments.length > 0 &&` before the `.every()` call in both the backend schema (`vercel-sync-schemas.ts` line 54) and the frontend schema (`vercel-

View more details on Claude