Skip to content

[Components] livekit - new components #16839

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 3, 2025
Merged

[Components] livekit - new components #16839

merged 1 commit into from
Jun 3, 2025

Conversation

@jcortes
Copy link
Collaborator

@jcortes jcortes commented May 27, 2025
edited by coderabbitai bot
Loading

WHY

Resolves #16808

Summary by CodeRabbit

  • New Features

    • Added "Generate Access Token" action to create participant access tokens for LiveKit rooms.
    • Introduced "Remove Participants" action to remove specific participants from a LiveKit room.
    • Added "New Room Event (Instant)" source to emit LiveKit room events in real-time via webhook.
    • Enhanced app with participant management, webhook verification, and improved error handling in property options.

  • Chores

    • Updated package and action versions.
    • Upgraded LiveKit SDK dependency.

@jcortes jcortes self-assigned this May 27, 2025
@vercel
Copy link

vercel bot commented May 27, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

3 Skipped Deployments
Name Status Preview Comments Updated (UTC)
docs-v2 ⬜️ Ignored (Inspect) Visit Preview Jun 3, 2025 1:32pm
pipedream-docs ⬜️ Ignored (Inspect) Jun 3, 2025 1:32pm
pipedream-docs-redirect-do-not-edit ⬜️ Ignored (Inspect) Jun 3, 2025 1:32pm

@coderabbitai
Copy link
Contributor

coderabbitai bot commented May 27, 2025
edited
Loading

"""

Walkthrough

The update introduces two new LiveKit action modules—one for generating access tokens and another for removing participants from a room—as well as a new source module for emitting instant room events via webhook. The LiveKit app is enhanced with participant management, webhook verification, and access token creation methods. Several action modules receive version bumps, and dependencies are updated.

Changes

File(s) Change Summary
components/livekit/actions/create-ingress-from-url/create-ingress-from-url.mjs Version increment from 0.0.1 to 0.0.2; reordered and deduplicated url and name props.
components/livekit/actions/create-room/create-room.mjs Version increment from 0.0.1 to 0.0.2.
components/livekit/actions/delete-room/delete-room.mjs Version increment from 0.0.1 to 0.0.2.
components/livekit/actions/list-rooms/list-rooms.mjs Version increment from 0.0.1 to 0.0.2.
components/livekit/package.json Package version updated to 0.2.0; livekit-server-sdk dependency upgraded to ^2.13.0.
components/livekit/actions/generate-access-token/generate-access-token.mjs New action: generates access tokens for LiveKit participants.
components/livekit/actions/remove-participants/remove-participants.mjs New action: removes specified participants from a LiveKit room.
components/livekit/livekit.app.mjs Adds participant management, webhook verification, access token creation, improved error handling, etc.
components/livekit/sources/new-room-event-instant/new-room-event-instant.mjs New source: emits events for LiveKit room activities via webhook, with event filtering and summaries.
components/livekit/common/constants.mjs Deleted file defining HTTP/HTTPS prefix constants.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant LiveKitApp
    participant LiveKitServer

    User->>LiveKitApp: Request access token (room, identity, etc.)
    alt Auto-create room enabled
        LiveKitApp->>LiveKitServer: Create room if not exists
    end
    LiveKitApp->>LiveKitServer: Generate access token
    LiveKitServer-->>LiveKitApp: Access token
    LiveKitApp-->>User: Return access token
Loading 
sequenceDiagram
    participant User
    participant LiveKitApp
    participant LiveKitServer

    User->>LiveKitApp: Remove participants (room, identities)
    loop For each identity
        LiveKitApp->>LiveKitServer: Remove participant from room
    end
    LiveKitApp-->>User: Return removal summary
Loading 
sequenceDiagram
    participant LiveKitServer
    participant WebhookSource
    participant Downstream

    LiveKitServer-->>WebhookSource: Send webhook event (room activity)
    WebhookSource->>WebhookSource: Verify signature, filter event type/room
    alt Event matches filters
        WebhookSource-->>Downstream: Emit event with summary
    end
Loading

Assessment against linked issues

Objective Addressed Explanation
Emit new event for LiveKit room activities via webhook (new-room-event-instant) (#16808)
Generate an access token for a participant to join a LiveKit room (#16808)
Remove specific participants from a LiveKit room (#16808)

Poem

In the burrow, code hops anew,
Tokens for rooms and webhooks too!
Participants prance, some may go,
Events arrive in a real-time flow.
Version bumps and features sprout—
This bunny’s proud, without a doubt!
🐇✨
"""

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

components/livekit/actions/create-ingress-from-url/create-ingress-from-url.mjs

Oops! Something went wrong! :(

ESLint: 8.57.1

Error [ERR_MODULE_NOT_FOUND]: Cannot find package 'jsonc-eslint-parser' imported from /eslint.config.mjs
at Object.getPackageJSONURL (node:internal/modules/package_json_reader:255:9)
at packageResolve (node:internal/modules/esm/resolve:767:81)
at moduleResolve (node:internal/modules/esm/resolve:853:18)
at defaultResolve (node:internal/modules/esm/resolve:983:11)
at ModuleLoader.defaultResolve (node:internal/modules/esm/loader:799:12)
at #cachedDefaultResolve (node:internal/modules/esm/loader:723:25)
at ModuleLoader.resolve (node:internal/modules/esm/loader:706:38)
at ModuleLoader.getModuleJobForImport (node:internal/modules/esm/loader:307:38)
at #link (node:internal/modules/esm/module_job:170:49)

components/livekit/actions/create-room/create-room.mjs

Oops! Something went wrong! :(

ESLint: 8.57.1

Error [ERR_MODULE_NOT_FOUND]: Cannot find package 'jsonc-eslint-parser' imported from /eslint.config.mjs
at Object.getPackageJSONURL (node:internal/modules/package_json_reader:255:9)
at packageResolve (node:internal/modules/esm/resolve:767:81)
at moduleResolve (node:internal/modules/esm/resolve:853:18)
at defaultResolve (node:internal/modules/esm/resolve:983:11)
at ModuleLoader.defaultResolve (node:internal/modules/esm/loader:799:12)
at #cachedDefaultResolve (node:internal/modules/esm/loader:723:25)
at ModuleLoader.resolve (node:internal/modules/esm/loader:706:38)
at ModuleLoader.getModuleJobForImport (node:internal/modules/esm/loader:307:38)
at #link (node:internal/modules/esm/module_job:170:49)

components/livekit/livekit.app.mjs

Oops! Something went wrong! :(

ESLint: 8.57.1

Error [ERR_MODULE_NOT_FOUND]: Cannot find package 'jsonc-eslint-parser' imported from /eslint.config.mjs
at Object.getPackageJSONURL (node:internal/modules/package_json_reader:255:9)
at packageResolve (node:internal/modules/esm/resolve:767:81)
at moduleResolve (node:internal/modules/esm/resolve:853:18)
at defaultResolve (node:internal/modules/esm/resolve:983:11)
at ModuleLoader.defaultResolve (node:internal/modules/esm/loader:799:12)
at #cachedDefaultResolve (node:internal/modules/esm/loader:723:25)
at ModuleLoader.resolve (node:internal/modules/esm/loader:706:38)
at ModuleLoader.getModuleJobForImport (node:internal/modules/esm/loader:307:38)
at #link (node:internal/modules/esm/module_job:170:49)

  • 5 others
📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 11020bb and 1b03cd3.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (10)
  • components/livekit/actions/create-ingress-from-url/create-ingress-from-url.mjs (2 hunks)
  • components/livekit/actions/create-room/create-room.mjs (1 hunks)
  • components/livekit/actions/delete-room/delete-room.mjs (1 hunks)
  • components/livekit/actions/generate-access-token/generate-access-token.mjs (1 hunks)
  • components/livekit/actions/list-rooms/list-rooms.mjs (1 hunks)
  • components/livekit/actions/remove-participants/remove-participants.mjs (1 hunks)
  • components/livekit/common/constants.mjs (0 hunks)
  • components/livekit/livekit.app.mjs (4 hunks)
  • components/livekit/package.json (2 hunks)
  • components/livekit/sources/new-room-event-instant/new-room-event-instant.mjs (1 hunks)
💤 Files with no reviewable changes (1)
  • components/livekit/common/constants.mjs
✅ Files skipped from review due to trivial changes (1)
  • components/livekit/actions/create-room/create-room.mjs
🚧 Files skipped from review as they are similar to previous changes (8)
  • components/livekit/actions/delete-room/delete-room.mjs
  • components/livekit/actions/create-ingress-from-url/create-ingress-from-url.mjs
  • components/livekit/livekit.app.mjs
  • components/livekit/sources/new-room-event-instant/new-room-event-instant.mjs
  • components/livekit/actions/remove-participants/remove-participants.mjs
  • components/livekit/actions/generate-access-token/generate-access-token.mjs
  • components/livekit/actions/list-rooms/list-rooms.mjs
  • components/livekit/package.json
⏰ Context from checks skipped due to timeout of 90000ms (3)
  • GitHub Check: Verify TypeScript components
  • GitHub Check: Publish TypeScript components
  • GitHub Check: Lint Code Base
✨ Finishing Touches
  • 📝 Generate Docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed May 27, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 6

🧹 Nitpick comments (1)
components/livekit/sources/new-room-event-instant/new-room-event-instant.mjs (1)

139-156: Consider adding input validation for webhook payload.

While the current implementation is functional, consider adding validation to ensure the webhook payload has the expected structure before processing.

 async run({
   headers, bodyRaw,
 }) {
   if (!headers.authorization) {
     throw new Error("Missing Authorization header");
   }

   const webhookEvent = await this.app.verifyWebhook(bodyRaw, headers.authorization);
+  
+  // Validate basic webhook structure
+  if (!webhookEvent || !webhookEvent.event || !webhookEvent.id) {
+    throw new Error("Invalid webhook payload structure");
+  }

   if (this.shouldEmitEvent(webhookEvent)) {
     this.$emit(webhookEvent, {
       id: webhookEvent.id,
       summary: this.generateSummary(webhookEvent),
       ts: parseInt(webhookEvent.createdAt) * 1000,
     });
   }
 },
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0ba5bc1 and 5a4ec03.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (9)
  • components/livekit/actions/create-ingress-from-url/create-ingress-from-url.mjs (1 hunks)
  • components/livekit/actions/create-room/create-room.mjs (1 hunks)
  • components/livekit/actions/delete-room/delete-room.mjs (1 hunks)
  • components/livekit/actions/generate-access-token/generate-access-token.mjs (1 hunks)
  • components/livekit/actions/list-rooms/list-rooms.mjs (1 hunks)
  • components/livekit/actions/remove-participants/remove-participants.mjs (1 hunks)
  • components/livekit/livekit.app.mjs (5 hunks)
  • components/livekit/package.json (2 hunks)
  • components/livekit/sources/new-room-event-instant/new-room-event-instant.mjs (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms (4)
  • GitHub Check: pnpm publish
  • GitHub Check: Verify TypeScript components
  • GitHub Check: Publish TypeScript components
  • GitHub Check: Lint Code Base
🔇 Additional comments (23)
components/livekit/livekit.app.mjs (8)

4-5: LGTM! Good additions for enhanced functionality.

The new imports for WebhookReceiver and AccessToken support the webhook verification and token generation features being added to the LiveKit integration.

18-26: Excellent error handling improvement.

The try-catch block prevents the options method from failing when room listing encounters errors, gracefully returning an empty array instead. The console logging helps with debugging.

27-40: Well-implemented participant identity options.

The new identity property provides a clean way to select participants from a room, with proper error handling that mirrors the room options implementation.

68-70: LGTM! Clean webhook receiver implementation.

Simple and straightforward method that properly initializes the webhook receiver with authentication keys.

85-88: Good webhook verification method.

Proper implementation that delegates to the LiveKit SDK's webhook receiver for security verification.

89-94: LGTM! Clean participant management methods.

Both removeParticipant and listParticipants are well-implemented, providing clean interfaces to the underlying SDK functionality.

95-109: Well-designed access token creation method.

The method properly handles optional grants and additional arguments, creates the JWT token, and returns both the token and host information. The destructuring with defaults is clean and flexible.

50-50:

❓ Verification inconclusive

Verify the URL normalization logic change.

The logic now returns the original projectUrl as-is when it doesn't start with "http://" or "https://", removing the previous automatic "https://" prepending. This could be a breaking change if users relied on the automatic HTTPS prefix behavior.

🏁 Script executed:

#!/bin/bash
# Description: Search for usage of getHost() method to understand impact
# Expected: Find all usages to assess if removing automatic HTTPS prefix could cause issues

rg -A 3 -B 3 "getHost\(\)" --type js

Length of output: 38

Let’s locate the normalization function in livekit.app.mjs and inspect its context to determine its actual name and how it’s used:

🏁 Script executed:

#!/bin/bash
# Locate and display the URL normalization logic in livekit.app.mjs
FILE=$(fd livekit.app.mjs --type f)
echo "Inspecting: $FILE"
# Print the first 200 lines to capture the function declaration around line 50
sed -n '1,200p' "$FILE"

Length of output: 3125

Verify impact of URL normalization change

The getHost() method in components/livekit/livekit.app.mjs now returns the raw projectUrl when it doesn’t start with http:// or https://, removing the previous automatic HTTPS fallback. This could break any client calls or token generation that expect a fully qualified URL.

Please confirm that this change won’t introduce errors for users who supply a hostname without protocol. In particular, check these usages of getHost():

  • getRoomClient(): new RoomServiceClient(this.getHost(), …)
  • getIngressClient(): new IngressClient(this.getHost(), …)
  • createAccessToken(): { token, host: this.getHost() }

If bare hostnames aren’t accepted by these constructors or downstream APIs, consider restoring a default HTTPS prefix or updating documentation/tests to ensure users include the protocol.

components/livekit/actions/delete-room/delete-room.mjs (1)

7-7: LGTM! Version bump is appropriate.

The version increment from "0.0.1" to "0.0.2" aligns with the coordinated update across LiveKit action components in this PR.

components/livekit/actions/list-rooms/list-rooms.mjs (1)

7-7: LGTM! Consistent version increment.

The version bump from "0.0.1" to "0.0.2" maintains consistency with other LiveKit action components being updated in this PR.

components/livekit/actions/create-room/create-room.mjs (1)

7-7: LGTM! Coordinated version update.

The version increment from "0.0.1" to "0.0.2" completes the coordinated update across all LiveKit action components in this PR.

components/livekit/actions/create-ingress-from-url/create-ingress-from-url.mjs (1)

8-8: LGTM! Version bump aligns with package update.

The version increment is consistent with the overall LiveKit component update and package.json version bump to 0.2.0.

components/livekit/package.json (2)

3-3: LGTM! Package version reflects new functionality.

The version bump to 0.2.0 appropriately reflects the addition of new action modules and enhanced app capabilities.

16-16:

❓ Verification inconclusive

Verify compatibility with the significant SDK upgrade.

The livekit-server-sdk upgrade from ^2.8.1 to ^2.13.0 is substantial. Please ensure that all existing and new functionality remains compatible with this version, particularly the new access token generation and participant management features.

🏁 Script executed:

#!/bin/bash
# Description: Check for potential breaking changes in livekit-server-sdk between versions 2.8.1 and 2.13.0

# Search for any usage of livekit-server-sdk classes and methods in the codebase
echo "=== Searching for LiveKit SDK usage patterns ==="
rg -A 3 "from ['\"]livekit-server-sdk['\"]" --type mjs
rg -A 3 "import.*livekit-server-sdk" --type mjs

echo "=== Checking for AccessToken usage ==="
rg -A 5 "AccessToken" --type mjs

echo "=== Checking for RoomServiceClient usage ==="
rg -A 5 "RoomServiceClient" --type mjs

Length of output: 587

I’ll expand the search to include .js, .ts, .jsx, and .tsx files (no more “mjs” filter) and look again for any LiveKit SDK imports or key class usage:

🏁 Script executed:

#!/bin/bash
echo "=== Searching for any livekit-server-sdk imports ==="
rg -A3 "livekit-server-sdk" -g "*.js" -g "*.ts" -g "*.jsx" -g "*.tsx"

echo "=== Checking for AccessToken usage ==="
rg -A5 "AccessToken" -g "*.js" -g "*.ts" -g "*.jsx" -g "*.tsx"

echo "=== Checking for RoomServiceClient usage ==="
rg -A5 "RoomServiceClient" -g "*.js" -g "*.ts" -g "*.jsx" -g "*.tsx"

Length of output: 14275

I’ll do a global search (no extension filter) for any direct import or require of the LiveKit server SDK to be absolutely sure:

🏁 Script executed:

#!/bin/bash
echo "=== Global search for livekit-server-sdk literal ==="
rg -A3 "livekit-server-sdk"

echo "=== Search for require('livekit-server-sdk') patterns ==="
rg -A3 "require('livekit-server-sdk')"
rg -A3 'require("livekit-server-sdk")'

Length of output: 2775

Verify LiveKit SDK v2.13.0 usage in components

We’ve detected imports of livekit-server-sdk in the following files:

  • components/livekit/livekit.app.mjs
  • components/livekit/actions/create-ingress-from-url/create-ingress-from-url.mjs
  • components/livekit/actions/generate-access-token/generate-access-token.mjs
  • components/livekit/actions/remove-participants/remove-participants.mjs

Please review the upgrade from v2.8.1 → v2.13.0 for any breaking changes around:

  • AccessToken generation vs. IngressInput/Token builder APIs
  • Participant management methods (add/remove participants)

Ensure that each module still compiles, produces valid tokens, and that participants can be managed correctly. Run end-to-end or integration tests to confirm compatibility.

components/livekit/actions/remove-participants/remove-participants.mjs (1)

17-28:

✅ Verification successful

Verify identity propDefinition and removeParticipant method.

Ensure the identity propDefinition and removeParticipant method are properly implemented in the LiveKit app component.

🏁 Script executed:

#!/bin/bash
# Description: Verify the removeParticipant method and identity propDefinition exist

# Search for removeParticipant method implementation
echo "=== Searching for removeParticipant method ==="
rg -A 10 "removeParticipant" components/livekit/

# Search for identity propDefinition
echo "=== Searching for identity propDefinition ==="
rg -A 10 "identity.*propDefinition\|identity.*:" components/livekit/livekit.app.mjs

Length of output: 2175

🏁 Script executed:

#!/bin/bash
# Inspect the propDefinitions block in the LiveKit app component
echo "=== propDefinitions section in livekit.app.mjs ==="
rg -n "propDefinitions" -B3 -A30 "propDefinitions" components/livekit/livekit.app.mjs

Length of output: 2458

All good: identity propDefinition and removeParticipant method are present
Both the identity entry in propDefinitions (lines 27–40) and the removeParticipant(room, identity) method in livekit.app.mjs are correctly implemented. No changes needed.

components/livekit/sources/new-room-event-instant/new-room-event-instant.mjs (8)

1-11: LGTM! Well-structured component metadata.

The component setup follows Pipedream conventions with appropriate metadata, dedupe strategy, and type configuration.

13-62: Comprehensive event type configuration with clear labels.

The event types configuration provides good coverage of LiveKit room activities with descriptive labels and examples that help users understand each event type.

64-69: Good design for optional room filtering.

The optional room name filter provides flexibility for users to monitor specific rooms or all rooms, with clear documentation.

72-87: Robust event filtering logic with proper safety checks.

The filtering logic correctly handles both event type filtering and optional room name filtering with case-insensitive comparison and null safety.

88-137: Comprehensive summary generation with consistent patterns.

The switch statement covers all supported event types with consistent formatting and appropriate fallback values for missing data.

152-152:

✅ Verification successful

Verify timestamp conversion is correct.

The timestamp conversion assumes webhookEvent.createdAt is in seconds and converts to milliseconds. Please verify this matches the LiveKit webhook payload format.

🌐 Web query:

What is the format of the createdAt field in LiveKit webhook events? Is it provided in seconds or milliseconds?

💡 Result:

The format of the createdAt field in LiveKit webhook events is a UNIX timestamp expressed in seconds. This means the value represents the number of seconds since the Unix epoch (January 1, 1970), not milliseconds[1][10].

You should expect this value to be an integer (or floating point value) where fractions represent sub-second precision, but by default, most usages and documentation refer to it as whole seconds[1][10].

Citations:

Timestamp conversion is correct

According to the LiveKit webhook documentation, createdAt is a UNIX timestamp in seconds, so multiplying by 1000 to convert it to milliseconds is the correct approach.

146-146:

✅ Verification successful

Verify the webhook verification method exists.

Ensure that the verifyWebhook method is properly implemented in the LiveKit app with appropriate signature and error handling.

🏁 Script executed:

#!/bin/bash
# Description: Verify the verifyWebhook method exists in the LiveKit app
# Expected: Find the method implementation with proper signature

rg -A 10 "verifyWebhook" --type js

Length of output: 34

I couldn’t find any occurrences of verifyWebhook restricted to JS files—let’s broaden the search across all file types:

🏁 Script executed:

#!/bin/bash
# Search for any definition or reference of verifyWebhook across the repo
rg -n "verifyWebhook" -A 5 -B 2

Length of output: 5840

verifyWebhook implementation confirmed

  • The verifyWebhook(body, authHeader) method is defined in components/livekit/livekit.app.mjs (lines 85–88) and matches the call in new-room-event-instant.mjs (line 146).
  • It delegates validation to getWebhookReceiver().receive(body, authHeader), which encapsulates signature checking and error handling.

No action required.

142-144:

❓ Verification inconclusive

Verify error handling for webhook verification failures.

While the authorization header check is good, consider adding more specific error handling for the webhook verification process that follows.

Please verify that the app.verifyWebhook method properly handles and throws meaningful errors for invalid webhooks:

🏁 Script executed:

#!/bin/bash
# Description: Check the webhook verification implementation in the LiveKit app
# Expected: Find the verifyWebhook method and examine its error handling

ast-grep --pattern $'verifyWebhook($$$) {
  $$$
}'

Length of output: 51

Let’s locate the verifyWebhook implementation to inspect its error handling:

🏁 Script executed:

#!/bin/bash
# Search for any definitions or usages of verifyWebhook across the repo
rg --context 3 "verifyWebhook\(" -n .

Length of output: 1366

Let’s inspect the verifyWebhook implementation and its receiver setup:

🏁 Script executed:

#!/bin/bash
# Show verifyWebhook body
rg -n -A5 "verifyWebhook" components/livekit/livekit.app.mjs

Length of output: 331

🏁 Script executed:

#!/bin/bash
# Find getWebhookReceiver implementation
rg -n -A5 "getWebhookReceiver" components/livekit/livekit.app.mjs

Length of output: 495

Let’s locate and inspect the WebhookReceiver class to see how receive() handles errors:

#!/bin/bash
# 1) Show how WebhookReceiver is imported
rg -n "import.*WebhookReceiver" -n components/livekit/livekit.app.mjs

# 2) Find and display the WebhookReceiver class definition
rg -n -A5 "class WebhookReceiver" -n .

# 3) If found, show its receive() method body
FILE=$(rg -l "class WebhookReceiver" -n . | head -n1)
if [ -n "$FILE" ]; then
  echo -e "\n>> Receiving logic in $FILE:"
  rg -n -A10 "receive(" "$FILE"
fi

Let’s locate the WebhookReceiver implementation and inspect its receive() error handling:

🏁 Script executed:

#!/bin/bash
# 1) Find where WebhookReceiver is defined
rg -n "class WebhookReceiver" -n .

# 2) Once found, show the full receive() method
FILE=$(rg -l "class WebhookReceiver" -n . | head -n1)
if [ -n "$FILE" ]; then
  echo -e "\n>>> receive() in $FILE:"
  rg -n -A10 "receive(" "$FILE"
fi

Length of output: 110

Let’s try locating the WebhookReceiver definition by searching for its instantiation and references:

🏁 Script executed:

#!/bin/bash
# 1) Search for any instantiation of WebhookReceiver
rg -n "new WebhookReceiver" -n .

# 2) Search for any raw references to WebhookReceiver
rg -n "WebhookReceiver" -n .

Length of output: 464

Let’s locate where WebhookReceiver comes from and inspect its receive() error handling:

🏁 Script executed:

#!/bin/bash
# 1) Find the import path for WebhookReceiver
rg -n "import.*WebhookReceiver" components/livekit/livekit.app.mjs

# 2) Once we have the file path, show the receive() method in that file
FILE=$(rg -o "['\"][^'\"]*WebhookReceiver[^'\"]*['\"]" components/livekit/livekit.app.mjs \
       | sed -E "s/['\"](.*)['\"]/\\1/" | head -n1)
if [ -n "$FILE" ]; then
  echo -e "\n>>> receive() in $FILE:"
  rg -n -A10 "receive(" "$FILE"
else
  echo "WebhookReceiver import not found."
fi

Length of output: 312

Ensure robust webhook verification error handling

The verifyWebhook call in
components/livekit/sources/new-room-event-instant/new-room-event-instant.mjs (lines 142–144)
currently bubbles up whatever error the external WebhookReceiver.receive() throws. Since WebhookReceiver lives in an external SDK, its failure modes aren’t visible here. To make failures clearer:

  • Wrap the await this.app.verifyWebhook(...) call in a try/catch
  • On error, throw a new, contextualized error (e.g.
    throw new Error(\Webhook verification failed: ${err.message}`)`)
  • Optionally distinguish between signature-mismatch vs. other errors, if the SDK surfaces those types

Please verify that the external WebhookReceiver.receive() method returns well-typed errors for invalid signatures, and add the above try/catch in your handler so callers get meaningful messages.

@jcortes jcortes force-pushed the livekit-new-components branch from 5a4ec03 to 49ce625 Compare May 27, 2025 17:57
coderabbitai[bot]
coderabbitai bot reviewed May 27, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
components/livekit/livekit.app.mjs (1)

95-109: Review access token creation for security considerations.

The createAccessToken() method accepts arbitrary args which are passed directly to the AccessToken constructor. While flexible, this could potentially allow unintended parameters to be passed.

Consider explicitly defining the allowed parameters for better security and documentation:

-async createAccessToken({
-  grant = {},
-  ...args
-} = {}) {
-  const accessToken = new AccessToken(...this.getKeys(), args);
+async createAccessToken({
+  grant = {},
+  identity,
+  ttl,
+  ...otherArgs
+} = {}) {
+  const tokenArgs = { identity, ttl, ...otherArgs };
+  const accessToken = new AccessToken(...this.getKeys(), tokenArgs);

Additionally, consider adding validation for required parameters if any are mandatory.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5a4ec03 and 49ce625.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (9)
  • components/livekit/actions/create-ingress-from-url/create-ingress-from-url.mjs (1 hunks)
  • components/livekit/actions/create-room/create-room.mjs (1 hunks)
  • components/livekit/actions/delete-room/delete-room.mjs (1 hunks)
  • components/livekit/actions/generate-access-token/generate-access-token.mjs (1 hunks)
  • components/livekit/actions/list-rooms/list-rooms.mjs (1 hunks)
  • components/livekit/actions/remove-participants/remove-participants.mjs (1 hunks)
  • components/livekit/livekit.app.mjs (5 hunks)
  • components/livekit/package.json (2 hunks)
  • components/livekit/sources/new-room-event-instant/new-room-event-instant.mjs (1 hunks)
✅ Files skipped from review due to trivial changes (1)
  • components/livekit/actions/create-room/create-room.mjs
🚧 Files skipped from review as they are similar to previous changes (7)
  • components/livekit/actions/list-rooms/list-rooms.mjs
  • components/livekit/actions/create-ingress-from-url/create-ingress-from-url.mjs
  • components/livekit/actions/delete-room/delete-room.mjs
  • components/livekit/package.json
  • components/livekit/actions/generate-access-token/generate-access-token.mjs
  • components/livekit/sources/new-room-event-instant/new-room-event-instant.mjs
  • components/livekit/actions/remove-participants/remove-participants.mjs
⏰ Context from checks skipped due to timeout of 90000ms (4)
  • GitHub Check: Verify TypeScript components
  • GitHub Check: pnpm publish
  • GitHub Check: Publish TypeScript components
  • GitHub Check: Lint Code Base
🔇 Additional comments (7)
components/livekit/livekit.app.mjs (7)

4-5: LGTM! New imports added correctly.

The new imports for WebhookReceiver and AccessToken are properly imported from the LiveKit SDK and will support the new webhook verification and access token generation functionality.

18-25: Excellent error handling improvement.

The addition of try-catch error handling to the room options method is a significant improvement. This prevents the UI from breaking when room listing fails and provides graceful degradation by returning an empty array.

27-39: Well-structured participant identity property.

The new identity property follows the same pattern as the room property with proper error handling. The dependent options pattern (options({ room })) is correctly implemented for fetching participants based on the selected room.

68-70: LGTM! Webhook receiver instantiation.

The getWebhookReceiver() method correctly instantiates a WebhookReceiver with the API keys using the spread operator.

89-91: LGTM! Participant removal method.

The removeParticipant() method correctly delegates to the RoomServiceClient with appropriate parameters.

92-94: LGTM! Participant listing method.

The listParticipants() method correctly delegates to the RoomServiceClient for fetching room participants.

50-50:

❓ Verification inconclusive

Verify URL handling behavior change.

The modification to return projectUrl as-is when it doesn't start with "http://" or "https://" removes the automatic "https://" prefix. While this provides more flexibility, ensure this doesn't break existing integrations that rely on the previous behavior.

🏁 Script executed:

#!/bin/bash
# Description: Check for any hardcoded expectations of HTTPS prefix in LiveKit components
# Expected: Find usages of getHost() method to verify impact

# Search for getHost() method usage
rg -A 3 -B 1 "getHost\(\)" --type js

# Search for any hardcoded HTTPS expectations
rg "https://" --type js | head -20

Length of output: 2588

🏁 Script executed:

#!/bin/bash
# Locate the livekit.app.mjs file
LIVEKIT_PATH=$(fd livekit.app.mjs)
echo "Found file at: $LIVEKIT_PATH"

# Show the URL handling logic around projectUrl
sed -n '1,200p' "$LIVEKIT_PATH" | sed -n '1,200!d'

Length of output: 250

🏁 Script executed:

#!/bin/bash
file="components/livekit/livekit.app.mjs"
echo "Showing lines 30–80 around the projectUrl logic:"
sed -n '30,80p' "$file"

Length of output: 1646

Verify getHost() protocol fallback

The updated logic now returns projectUrl verbatim when it doesn’t start with http:// or https://, removing the previous implicit https:// prefix. Please confirm that both RoomServiceClient and IngressClient can accept a bare host (e.g. "my-domain.livekit.cloud") without error. If not, consider reinstating a default https:// prepend or updating the docs to require a fully qualified URL.

• File: components/livekit/livekit.app.mjs
Method: getHost() (around lines 46–52)

return projectUrl.startsWith(constants.HTTPS_PREFIX)
  ? projectUrl
  : projectUrl.startsWith(constants.HTTP_PREFIX)
    ? projectUrl.replace(constants.HTTP_PREFIX, constants.HTTPS_PREFIX)
    : projectUrl;

lcaresia
lcaresia previously approved these changes May 28, 2025
View reviewed changes
@jcortes jcortes force-pushed the livekit-new-components branch 3 times, most recently from 11020bb to c6510b2 Compare June 3, 2025 13:30
@jcortes
Copy link
Collaborator Author

jcortes commented Jun 3, 2025

/approve

@jcortes jcortes force-pushed the livekit-new-components branch from c6510b2 to 1b03cd3 Compare June 3, 2025 13:32
@jcortes
Copy link
Collaborator Author

jcortes commented Jun 3, 2025

/approve

@jcortes jcortes merged commit 88b7698 into master Jun 3, 2025
11 checks passed
@jcortes jcortes deleted the livekit-new-components branch June 3, 2025 13:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@lcaresia lcaresia lcaresia approved these changes

Assignees

@jcortes jcortes

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

livekit

3 participants

@jcortes @lcaresia