Skip to content

fix(docs): add auth to root cache key #4655

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 5 commits into
base: app
Choose a base branch
from
Open

fix(docs): add auth to root cache key #4655

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
b4d8b1a
add auth to root cache key
kennyderek Oct 31, 2025
2cc4173
test
kennyderek Nov 3, 2025
356453a
test 2
kennyderek Nov 3, 2025
65eeeae
test 3
kennyderek Nov 3, 2025
7e09057
test 4
kennyderek Nov 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion packages/commons/docs-loader/src/readonly-docs-loader.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -563,10 +563,14 @@ const getRoot = async (

const getRootCached = (cacheConfig: Required<CacheConfig>) =>
cache(async (domainKey: string, authState: AuthState, authConfig: AuthEdgeConfig | undefined) => {
const authCacheKey = authState.authed
? `authed:${authState.user?.roles?.sort().join(",") || "noroles"}`
Copy link
Contributor

@vercel vercel bot Oct 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
? `authed:${authState.user?.roles?.sort().join(",") || "noroles"}`
? `authed:${authState.user?.roles?.slice().sort().join(",") || "noroles"}`

The code mutates the original authState.user.roles array in-place by calling .sort() directly on it. This should create a copy before sorting to avoid mutating shared state.

View Details

Analysis

Array mutation bug in cache key generation mutates authState.user.roles

What fails: getRootCached() in packages/commons/docs-loader/src/readonly-docs-loader.ts:567 mutates authState.user.roles array when generating cache keys by calling .sort() directly on the original array

How to reproduce:

const authState = { authed: true, user: { roles: ["admin", "user", "editor"] } };
// Line 567: authState.user?.roles?.sort().join(",")
console.log(authState.user.roles); // ["admin", "editor", "user"] - mutated!

Result: The same mutated authState object is passed to pruneWithAuthState() for authorization decisions, causing authorization logic to see sorted roles instead of original JWT order

Expected: Authorization should use original role order from JWT; cache key generation should not mutate shared state

Fix: Create array copy before sorting: authState.user?.roles?.slice().sort().join(",")

: "anon";

return await unstable_cache(
(domainKey: string, authState: AuthState, authConfig: AuthEdgeConfig | undefined) =>
getRoot(domainKey, authState, authConfig, cacheConfig),
[domainKey, cacheConfig.cacheKeySuffix],
[domainKey, cacheConfig.cacheKeySuffix, authCacheKey],
{ tags: [domainKey, "getRoot"] }
)(domainKey, authState, authConfig);
});
Expand Down