[TEAM] ONCEHUB-114580 Updating rudder-trasformer version to 1.126.0#104
Merged
ArjavJain27 merged 135 commits intoteam/technocratsfrom Mar 13, 2026
Merged
[TEAM] ONCEHUB-114580 Updating rudder-trasformer version to 1.126.0#104ArjavJain27 merged 135 commits intoteam/technocratsfrom
ArjavJain27 merged 135 commits intoteam/technocratsfrom
Conversation
* feat: add support of ALL and NONE enum for SOQL rollout * chore: address comment
* fix: add mapping support for clickId in Impact * chore: use commong utility func
* chore: rename file * chore: upload images to ecr * fix: build workflow issues * chore: fix formatting * chore: use branch keyword as prefix for tags * chore: avoid pull_request closed trigger * chore: fix ternary operator issues * chore: make os config consistent * chore: rename workflow input
🔒 Scanned for secrets using gitleaks 8.29.1
* chore: apply security best practices from step security (#4871) [StepSecurity] Apply security best practices Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com> * feat: update onesignal header as per request (#4870) * chore: fix triggering condition for updating transformer version in ingestion svc (#4872) * fix: add typecast to the email string before running trim function (#4829) * chore: add metrics to count lookup failures per event for braze (#4875) * fix: add validation of lookupFieldValue before making lookup api call (#4876) * chore: audit versions (#4853) * chore: audit versions 🔒 Scanned for secrets using gitleaks 8.29.1 * chore: review comments 🔒 Scanned for secrets using gitleaks 8.29.1 * chore: review comments 🔒 Scanned for secrets using gitleaks 8.29.1 * chore: review comments 🔒 Scanned for secrets using gitleaks 8.29.1 * chore: review comments 🔒 Scanned for secrets using gitleaks 8.29.1 * fix: unexpected string data type in zendesk field endpoint (#4877) * chore: update creds with dummy data for several destinations (#4883) * chore: update invalid cred with dummy cred in appsflyer * chore: update invalid cred with dummy cred in posthog * chore: update invalid cred with dummy cred in marketo_static_list * chore: update invalid cred with dummy cred in amplitude * chore: update invalid cred with dummy cred in blueshift * chore: update invalid cred with dummy cred in salesforce * chore: update invalid cred with dummy cred in iterable * chore: update invalid cred with dummy cred in kissmetrics * chore: remove unused key from mp * chore: update invalid cred with dummy cred in clevertap * chore: update invalid cred with dummy cred in yahoo_dsp * chore: update invalid cred with dummy cred in rockerbox * feat: add support of ALL and NONE enum for SOQL rollout (#4885) * feat: add support of ALL and NONE enum for SOQL rollout * chore: address comment * fix: add mapping support for clickId in Impact (#4884) * fix: add mapping support for clickId in Impact * chore: use commong utility func * refactor(braze): replace gauge with histogram for batch size metrics (#4822) * chore: upload docker images to AWS ECR (#4879) * chore: rename file * chore: upload images to ecr * fix: build workflow issues * chore: fix formatting * chore: use branch keyword as prefix for tags * chore: avoid pull_request closed trigger * chore: fix ternary operator issues * chore: make os config consistent * chore: rename workflow input * chore: simplify workflows to avoid concurrency deadlock (#4888) * chore(release): 1.119.0 --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: Mahesh Kutty <39219085+maheshkutty@users.noreply.github.com> Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com> Co-authored-by: Sudip Paul <67197965+ItsSudip@users.noreply.github.com> Co-authored-by: Utsab Chowdhury <utsab.c97@gmail.com> Co-authored-by: Akash Chetty <achetty.iitr@gmail.com> Co-authored-by: shekhar-rudder <85345786+shekhar-rudder@users.noreply.github.com> Co-authored-by: Sai Kumar Battinoju <88789928+saikumarrs@users.noreply.github.com> Co-authored-by: GitHub Actions <noreply@github.com>
* chore: skip pushing for ecr or dockeerhub for dependabot image * chore: add check actor guard
- Mock Date.now() in timestamp boundary tests to ensure deterministic behavior - Fixes flaky tests that were failing intermittently in GitHub Actions - Tests now strictly validate exact 168-hour and 5-minute boundaries - Both test and validation function use same fixed timestamp value
…#4865) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.1 to 2.14.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@v2.13.1...20cf305) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.5.1 to 5.5.2. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@5a10915...671740a) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 5.5.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
….0 (#4863) Bumps [SonarSource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from 6.0.0 to 7.0.0. - [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases) - [Commits](SonarSource/sonarqube-scan-action@fd88b7d...a31c939) --- updated-dependencies: - dependency-name: SonarSource/sonarqube-scan-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 6.0.0 to 6.1.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@2028fbc...395ad32) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
chore(release): pull release/v1.119.0 into main (#4889) * chore: apply security best practices from step security (#4871) [StepSecurity] Apply security best practices * feat: update onesignal header as per request (#4870) * chore: fix triggering condition for updating transformer version in ingestion svc (#4872) * fix: add typecast to the email string before running trim function (#4829) * chore: add metrics to count lookup failures per event for braze (#4875) * fix: add validation of lookupFieldValue before making lookup api call (#4876) * chore: audit versions (#4853) * chore: audit versions 🔒 Scanned for secrets using gitleaks 8.29.1 * chore: review comments 🔒 Scanned for secrets using gitleaks 8.29.1 * chore: review comments 🔒 Scanned for secrets using gitleaks 8.29.1 * chore: review comments 🔒 Scanned for secrets using gitleaks 8.29.1 * chore: review comments 🔒 Scanned for secrets using gitleaks 8.29.1 * fix: unexpected string data type in zendesk field endpoint (#4877) * chore: update creds with dummy data for several destinations (#4883) * chore: update invalid cred with dummy cred in appsflyer * chore: update invalid cred with dummy cred in posthog * chore: update invalid cred with dummy cred in marketo_static_list * chore: update invalid cred with dummy cred in amplitude * chore: update invalid cred with dummy cred in blueshift * chore: update invalid cred with dummy cred in salesforce * chore: update invalid cred with dummy cred in iterable * chore: update invalid cred with dummy cred in kissmetrics * chore: remove unused key from mp * chore: update invalid cred with dummy cred in clevertap * chore: update invalid cred with dummy cred in yahoo_dsp * chore: update invalid cred with dummy cred in rockerbox * feat: add support of ALL and NONE enum for SOQL rollout (#4885) * feat: add support of ALL and NONE enum for SOQL rollout * chore: address comment * fix: add mapping support for clickId in Impact (#4884) * fix: add mapping support for clickId in Impact * chore: use commong utility func * refactor(braze): replace gauge with histogram for batch size metrics (#4822) * chore: upload docker images to AWS ECR (#4879) * chore: rename file * chore: upload images to ecr * fix: build workflow issues * chore: fix formatting * chore: use branch keyword as prefix for tags * chore: avoid pull_request closed trigger * chore: fix ternary operator issues * chore: make os config consistent * chore: rename workflow input * chore: simplify workflows to avoid concurrency deadlock (#4888) * chore(release): 1.119.0 --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: Mahesh Kutty <39219085+maheshkutty@users.noreply.github.com> Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com> Co-authored-by: Sudip Paul <67197965+ItsSudip@users.noreply.github.com> Co-authored-by: Utsab Chowdhury <utsab.c97@gmail.com> Co-authored-by: Akash Chetty <achetty.iitr@gmail.com> Co-authored-by: shekhar-rudder <85345786+shekhar-rudder@users.noreply.github.com> Co-authored-by: Sai Kumar Battinoju <88789928+saikumarrs@users.noreply.github.com> Co-authored-by: GitHub Actions <noreply@github.com>
…dates (#4838) Bumps the npm_and_yarn group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [axios](https://github.com/axios/axios) | `1.11.0` | `1.13.2` | | [koa](https://github.com/koajs/koa) | `2.16.2` | `3.0.3` | | [validator](https://github.com/validatorjs/validator.js) | `13.12.0` | `13.15.22` | | [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` | | [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` | | [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.3` | `2.1.4` | Updates `axios` from 1.11.0 to 1.13.2 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.11.0...v1.13.2) Updates `koa` from 2.16.2 to 3.0.3 - [Release notes](https://github.com/koajs/koa/releases) - [Changelog](https://github.com/koajs/koa/blob/master/History.md) - [Commits](koajs/koa@v2.16.2...v3.0.3) Updates `validator` from 13.12.0 to 13.15.22 - [Release notes](https://github.com/validatorjs/validator.js/releases) - [Changelog](https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md) - [Commits](validatorjs/validator.js@13.12.0...13.15.22) Updates `glob` from 10.4.5 to 10.5.0 - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](isaacs/node-glob@v10.4.5...v10.5.0) Updates `js-yaml` from 3.14.1 to 3.14.2 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@3.14.1...3.14.2) Updates `tar-fs` from 2.1.3 to 2.1.4 - [Commits](mafintosh/tar-fs@v2.1.3...v2.1.4) --- updated-dependencies: - dependency-name: axios dependency-version: 1.13.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: koa dependency-version: 3.0.3 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: validator dependency-version: 13.15.22 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: glob dependency-version: 10.5.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-version: 3.14.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar-fs dependency-version: 2.1.4 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore: decoupling fetch_dns_resolve_time metric 🔒 Scanned for secrets using gitleaks version is set by build process * chore: shared http agents with async hooks 🔒 Scanned for secrets using gitleaks version is set by build process * test: dnsCallbackStorage 🔒 Scanned for secrets using gitleaks version is set by build process * test: async hooks behaviour 🔒 Scanned for secrets using gitleaks version is set by build process * chore: shared agents for all fetch calls 🔒 Scanned for secrets using gitleaks version is set by build process * fix: code smells 🔒 Scanned for secrets using gitleaks version is set by build process * fix: nan parsing 🔒 Scanned for secrets using gitleaks version is set by build process * chore: moving condition 🔒 Scanned for secrets using gitleaks version is set by build process * chore: reflecting unit into setting name 🔒 Scanned for secrets using gitleaks version is set by build process * chore: adding comment 🔒 Scanned for secrets using gitleaks version is set by build process
…dates (#4898) Bumps the npm_and_yarn group with 2 updates in the / directory: [qs](https://github.com/ljharb/qs) and [@smithy/config-resolver](https://github.com/smithy-lang/smithy-typescript/tree/HEAD/packages/config-resolver). Updates `qs` from 6.14.0 to 6.14.1 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.14.0...v6.14.1) Updates `@smithy/config-resolver` from 4.0.1 to 4.4.5 - [Release notes](https://github.com/smithy-lang/smithy-typescript/releases) - [Changelog](https://github.com/smithy-lang/smithy-typescript/blob/main/packages/config-resolver/CHANGELOG.md) - [Commits](https://github.com/smithy-lang/smithy-typescript/commits/@smithy/config-resolver@4.4.5/packages/config-resolver) --- updated-dependencies: - dependency-name: qs dependency-version: 6.14.1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@smithy/config-resolver" dependency-version: 4.4.5 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
🔒 Scanned for secrets using gitleaks 8.29.1
…dration API (#4906)
chore: remove cdkv2 test threshold 🔒 Scanned for secrets using gitleaks 8.29.1
….0 (#4909) Bumps [rudderlabs/build-scan-push-action](https://github.com/rudderlabs/build-scan-push-action) from 1.8.2 to 2.1.0. - [Release notes](https://github.com/rudderlabs/build-scan-push-action/releases) - [Commits](rudderlabs/build-scan-push-action@v1.8.2...96d7bfc) --- updated-dependencies: - dependency-name: rudderlabs/build-scan-push-action dependency-version: 2.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…4910) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.11.1 to 3.12.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@e468171...8d2750c) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@4dc6199...7a3fe6c) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 6.0.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v5...8e8c483) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
… 5.1.1 (#4912) chore(deps): bump aws-actions/configure-aws-credentials Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 5.0.0 to 5.1.1. - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](aws-actions/configure-aws-credentials@a03048d...61815dc) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-version: 5.1.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
👑 *An automated PR*
## What are the changes introduced in this PR? - Main to develop
…#5000) ## Summary - Migrated `fb_custom_audience` destination from JavaScript to TypeScript - Renamed files: `config.js` → `config.ts`, `recordTransform.js` → `recordTransform.ts`, `transform.js` → `transform.ts`, `util.js` → `util.ts`, `util.test.js` → `util.test.ts` - Added `types.ts` with proper TypeScript type definitions - Updated `networkHandler.js` → `networkHandler.ts` with type annotations - Improved type safety across the destination with explicit interfaces and types 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
🔒 Scanned for secrets using gitleaks 8.29.1
👑 *An automated PR*
…nitionName and fix soql query (#4998)
## What are the changes introduced in this PR?
What are the changes introduced in this PR?
Summary
Restricts the Salesforce SOQL lookup feature to SALESFORCE_OAUTH
destinations only (previously it was controlled solely by a workspace ID
list, with no destination-type gate)
Introduces a staggered rollout mechanism with a skip list to selectively
disabled post-rollout
Fixes a SOQL query bug where string identifier values were incorrectly
wrapped in single quotes, causing numeric-type field lookups to fail
Changes
config.js
Exported the SALESFORCE_OAUTH destination definition name constant for
use in utils
utils.js
Renamed isWorkspaceSupportedForSoql →
isWorkspaceAndDestTypeSupportedForSoql to reflect that both destination
type and workspace are now checked
Replaced the single env-var switch:
Non-SALESFORCE_OAUTH destination → false (hard gate)
DEST_SALESFORCE_SOQL_SKIP_WORKSPACE_IDS contains workspaceId → false
(escape hatch post-rollout)
Default → false
Fixed SOQL query: removed quotes from ${identifierValue} so numeric
external ID fields are matched correctly in SOQL
Updated all three call sites (getSalesforceIdForRecord,
getSalesforceIdForLead, exports)
transform.js
Updated both process and processRouterDest to pass
destinationDefinitionName to the renamed function
utils.test.js
Replaced the old test suite with cases covering: non-SALESFORCE_OAUTH
gate, default-false fallback, skip list, case-insensitivity, and
trimming of whitespace in ID lists
## What is the related Linear task?
Resolves INT-5643
## Please explain the objectives of your changes below
Put down any required details on the broader aspect of your changes. If
there are any dependent changes, **mandatorily** mention them here
### Any changes to existing capabilities/behaviour, mention the reason &
what are the changes ?
N/A
### Any new dependencies introduced with this change?
N/A
### Any new generic utility introduced or modified. Please explain the
changes.
N/A
### Any technical or performance related pointers to consider with the
change?
N/A
@coderabbitai review
<hr>
### Developer checklist
- [ ] My code follows the style guidelines of this project
- [ ] **No breaking changes are being introduced.**
- [ ] All related docs linked with the PR?
- [ ] All changes manually tested?
- [ ] Any documentation changes needed with this change?
- [ ] Is the PR limited to 10 file changes?
- [ ] Is the PR limited to one linear task?
- [ ] Are relevant unit and component test-cases added in **new
readability format**?
### Reviewer checklist
- [ ] Is the type of change in the PR title appropriate as per the
changes?
- [ ] Verified that there are no credentials or confidential data
exposed with the changes.
👑 *An automated PR*
👑 *An automated PR*
## Summary - Adds a `validateHashingConsistency` function that detects mismatches between the `isHashRequired` setting and the actual input data (e.g. sending pre-hashed SHA-256 values when hashing is enabled, or plaintext when it is disabled). - Emits a `fb_custom_audience_hashing_inconsistency` stats metric on detection, labelled with `propertyName` and `type` (`hashed_when_hash_enabled` / `unhashed_when_hash_disabled`), so misconfigurations can be observed and alerted on in production without breaking traffic. - Throws an `InstrumentationError` only when the `FB_CUSTOM_AUDIENCE_HASHING_VALIDATION_ENABLED` env var is `true`, enabling a safe, gradual rollout. - Updates processor and router integration test fixtures to supply properly hashed values, aligning them with the expected behaviour when `isHashRequired=false`. 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
## Summary - Validate email fields using `validator.isEmail`; emit `fb_custom_audience_invalid_email` stats metric for invalid emails instead of silently passing them through - Validate country codes must be exactly 2 characters; emit `fb_custom_audience_invalid_country_code` stats metric for invalid codes - Throw `InstrumentationError` when all user properties for a record are null/invalid, replacing the previous silent stats counter (`fb_custom_audience_event_having_all_null_field_values_for_a_user`) - Pass `workspaceId` and `destinationId` through the call chain to enable proper metric attribution 🤖 Generated with [Claude Code](https://claude.com/claude-code)
…l (#5036) ## Summary - When a record with all-null user properties was in a batch, the thrown error caused the entire batch (including valid records) to fail - `processRecord` now returns an error field instead of throwing, and `processRecordEventArray` separates valid/invalid records into success and error responses - Added test case for all-events-failure scenario; updated existing test to expect partial success
… spec (#5024) ## Summary - **All fields**: Add global `.trim()` before normalization so leading/trailing whitespace never reaches the hash - **FN/LN**: Fix broken allowlist regex → ASCII-punctuation denylist (`0x21-0x2F`, `0x3A-0x40`, `0x5B-0x60`, `0x7B-0x7E`). Now correctly preserves spaces, accented letters (e.g. `é`), and non-ASCII UTF-8 (e.g. `정`) while removing punctuation like `'`, `-`, `!` - **ZIP**: Add dash removal (`/[\s-]/g`) alongside existing space removal - **FI**: Separated into its own `case` (logic unchanged — just removes the confusing `if (userProperty !== 'FI')` guard) - Add `ensureApplicableFormat` unit tests for PHONE, FN/LN, and ZIP covering all cases from the ticket spec - Update `docs/businesslogic.md` to reflect corrected rules
…ormer into technocrats/ONCEHUB-114580-team
There was a problem hiding this comment.
Pull request overview
This PR updates the transformer package/dependencies and introduces/refactors multiple destination/source integrations (including several JS→TS migrations), along with related docs, tests, metrics, and CI workflow hardening.
Changes:
- Bumps
@rudderstack/integrations-liband other dependencies; updates various API versions (Google Ads, Campaign Manager, Criteo). - Adds/refactors multiple integrations (e.g., TikTok Audience, Singular, PostHog, FB Custom Audience) and improves error handling/PII-safe logging for delete-users flows.
- Updates infra/tooling: Jest TS transform, Prometheus metrics, fetch DNS wrapper improvements, and GitHub Actions permissions/token hardening.
Reviewed changes
Copilot reviewed 155 out of 339 changed files in this pull request and generated 12 comments.
Show a summary per file
| File | Description |
|---|---|
| src/v0/util/tags.js | Adjusts error type tag constants. |
| src/v0/util/regulation-api.js | Updates validation helper JSDoc. |
| src/v0/util/index.js | Changes event timestamp normalization/validation behavior. |
| src/v0/util/errorTypes/index.js | Exposes new DeleteUsersError type. |
| src/v0/util/errorTypes/deleteUsersError.ts | Adds PII-safe wrapper error for delete-users flows. |
| src/v0/util/audienceUtils.ts | Adds audience hashing consistency validation + metrics. |
| src/v0/destinations/tiktok_audience/types.ts | Adds Zod schemas/types for TikTok Audience. |
| src/v0/destinations/tiktok_audience/transform.ts | Implements TikTok Audience transformer/router. |
| src/v0/destinations/tiktok_audience/config.ts | Adds TikTok Audience config constants. |
| src/v0/destinations/singular/util.js | Removes legacy Singular util (JS). |
| src/v0/destinations/singular/transform.ts | Adds Singular transform in TS. |
| src/v0/destinations/singular/transform.js | Removes legacy Singular transform (JS). |
| src/v0/destinations/singular/docs/retl.md | Adds Singular RETL documentation. |
| src/v0/destinations/singular/data/v2/SINGULARUnityEventConfig.json | Adds Singular v2 Unity mapping config. |
| src/v0/destinations/singular/data/v2/SINGULARIosEventConfig.json | Adds Singular v2 iOS mapping config. |
| src/v0/destinations/singular/data/v2/SINGULARAndroidEventConfig.json | Adds Singular v2 Android mapping config. |
| src/v0/destinations/singular/config.ts | Refactors Singular config; adds v2 endpoints/mappings. |
| src/v0/destinations/salesforce/utils.js | Hardens SOQL lookup path and gating logic. |
| src/v0/destinations/salesforce/transform.js | Uses updated SOQL gating helper. |
| src/v0/destinations/salesforce/config.js | Adds SALESFORCE_OAUTH constant used by gating. |
| src/v0/destinations/posthog/types.ts | Adds PostHog TS types. |
| src/v0/destinations/posthog/transform.ts | Migrates PostHog transform to TS + stronger typing. |
| src/v0/destinations/posthog/config.ts | Migrates PostHog config to TS export style. |
| src/v0/destinations/marketo/util.js | Adds structured error logging before throwing. |
| src/v0/destinations/marketo/config.js | Removes unused ResponseRules extraction. |
| src/v0/destinations/klaviyo/util.js | Sets endpointPath for multiple Klaviyo requests. |
| src/v0/destinations/klaviyo/transform.js | Adds endpointPath for track requests. |
| src/v0/destinations/klaviyo/docs/retl.md | Adds Klaviyo RETL documentation. |
| src/v0/destinations/klaviyo/batchUtil.test.js | Updates tests to assert endpointPath. |
| src/v0/destinations/klaviyo/batchUtil.js | Adds endpointPath and cleans endpoint construction. |
| src/v0/destinations/iterable/deleteUsers.js | Wraps delete-users errors with PII-safe logging message. |
| src/v0/destinations/impact/transform.js | Avoids overwriting ClickId if already set. |
| src/v0/destinations/hs/transform.ts | Migrates HubSpot transform to TS + refactors batching flow. |
| src/v0/destinations/hs/config.ts | Migrates HubSpot config to TS exports + new constants. |
| src/v0/destinations/heap/transform.js | Removes legacy Heap transform (JS). |
| src/v0/destinations/heap/data/HEAPTrackConfig.json | Removes legacy Heap mapping config. |
| src/v0/destinations/heap/data/HEAPIdentifyConfig.json | Removes legacy Heap mapping config. |
| src/v0/destinations/heap/config.js | Removes legacy Heap config (JS). |
| src/v0/destinations/google_adwords_remarketing_lists/config.js | Bumps Google Ads API version to v22. |
| src/v0/destinations/google_adwords_offline_conversions/utils.test.js | Updates tests for API version pulled from config. |
| src/v0/destinations/google_adwords_offline_conversions/config.js | Bumps Google Ads API version to v22 + doc links. |
| src/v0/destinations/google_adwords_enhanced_conversions/utils.ts | Adds workspace gating for adjustmentType support. |
| src/v0/destinations/google_adwords_enhanced_conversions/transform.js | Conditionally applies RESTATEMENT adjustmentType behavior. |
| src/v0/destinations/fb_custom_audience/util.test.js | Removes old FB Custom Audience util unit tests. |
| src/v0/destinations/fb_custom_audience/types.ts | Adds FB Custom Audience TS types. |
| src/v0/destinations/fb_custom_audience/transform.ts | Migrates transformer to TS + workspace-aware batching/env toggles. |
| src/v0/destinations/fb_custom_audience/networkHandler.ts | Adds TS re-export wrapper for shared Facebook handler. |
| src/v0/destinations/fb_custom_audience/networkHandler.js | Removes JS network handler wrapper. |
| src/v0/destinations/fb_custom_audience/docs/businesslogic.md | Updates normalization rules documentation. |
| src/v0/destinations/fb_custom_audience/config.ts | Adds workspace/global env overrides + validation flag. |
| src/v0/destinations/customerio_audience/utils.ts | Makes base endpoint region-aware. |
| src/v0/destinations/customerio_audience/utils.test.ts | Adds EU region base URL unit tests. |
| src/v0/destinations/customerio_audience/type.ts | Adds optional region to destination schema. |
| src/v0/destinations/customerio_audience/config.ts | Adds region-based base endpoint resolver. |
| src/v0/destinations/criteo_audience/config.js | Bumps Criteo API version to 2025-10. |
| src/v0/destinations/criteo_audience/README.md | Updates endpoint + rate-limit notes for 2025-10. |
| src/v0/destinations/campaign_manager/config.js | Bumps Campaign Manager API to v5. |
| src/v0/destinations/braze/networkHandler.ts | Migrates Braze network handler to TS + refines checks. |
| src/v0/destinations/braze/identityResolutionUtils.ts | Uses shared types + extends response shape. |
| src/v0/destinations/braze/identityResolutionUtils.test.ts | Updates tests for shared Braze TS types. |
| src/v0/destinations/braze/docs/retl.md | Updates docs code blocks/examples to TS. |
| src/v0/destinations/braze/docs/businesslogic.md | Updates docs code blocks/examples to TS. |
| src/v0/destinations/braze/deleteUsers.ts | Migrates Braze delete users path to TS. |
| src/v0/destinations/braze/config.ts | Migrates Braze config to TS exports + typing. |
| src/v0/destinations/braze/README.md | Updates docs around TS implementation and rate limits. |
| src/v0/destinations/autopilot/transform.js | Removes legacy Autopilot transform (JS) (CDK v2 family). |
| src/v0/destinations/autopilot/data/APTrackConfig.json | Removes legacy Autopilot mapping config. |
| src/v0/destinations/autopilot/data/APIdentifyConfig.json | Removes legacy Autopilot mapping config. |
| src/v0/destinations/autopilot/config.js | Removes legacy Autopilot config (JS). |
| src/v0/destinations/attentive_tag/transform.js | Adds endpointPath for Attentive Tag requests. |
| src/util/utils.test.js | Adds tests for AsyncLocalStorage propagation + DNS wrapper fetch. |
| src/util/utils.js | Introduces shared agents + AsyncLocalStorage callback for DNS timing. |
| src/util/prometheus.js | Changes Braze batch size metrics to histograms; removes Salesforce SOQL counter. |
| src/util/openfaas/index.js | Updates OpenFaaS labels (team change). |
| src/util/customTransformer.js | Adds returnMetadata option for UT test runs. |
| src/types/destinationTransformation.ts | Adds endpointPath + introduces MultiBatchRequestOutput type. |
| src/types/controlPlaneConfig.ts | Removes ResponseRules from DestinationDefinition type. |
| src/sources/iterable/transform.js | Improves required-field validation; fixes typo. |
| src/sources/facebook_lead_ads_native/hydrate.ts | Uses shared Facebook error handler for better classification. |
| src/sources/facebook_lead_ads_native/hydrate.test.ts | Updates tests to match new error classification behavior. |
| src/sources/braze/transform.js | Fixes typo in comment string. |
| src/sources/appsflyer/transform.js | Fixes typo in error message. |
| src/services/userTransform.ts | Adds returnMetadata flag to test routine. |
| src/services/source/nativeIntegration.ts | Improves error logging + logs request schema (not full event). |
| src/services/destination/postTransformation.ts | Adds PII-safe logging for delete-users failures. |
| src/routes/userTransform.ts | Adds /transformation/testRun route. |
| src/helpers/serviceSelector.ts | Switches CDK v2 selection to new shouldUseCdkV2 logic. |
| src/helpers/tests/serviceSelector.test.ts | Updates unit tests for new CDK v2 selection logic. |
| src/controllers/userTransform.ts | Adds testRun controller to return full metadata in test runs. |
| src/controllers/source.ts | Adds X-Rudder-Permanent-Error header for non-429 4xx hydration failures. |
| src/controllers/tests/source.test.ts | Adds unit tests for X-Rudder-Permanent-Error behavior. |
| src/constants/destinationCanonicalNames.js | Adds canonical name entry for Singular. |
| src/cdk/v2/utils.ts | Adds shouldUseCdkV2 with env-based disable lists. |
| src/cdk/v2/utils.test.ts | Adds tests for shouldUseCdkV2 gating behavior. |
| src/cdk/v2/handler.ts | Uses shouldUseCdkV2 in error classification context. |
| src/cdk/v2/destinations/reddit/utils.test.js | Stabilizes time-based tests by mocking Date.now. |
| src/cdk/v2/destinations/http/utils.test.js | Removes tests for removed encodeParamsObject helper. |
| src/cdk/v2/destinations/http/utils.js | Replaces encoding helper with query param validation helper. |
| src/cdk/v2/destinations/http/procWorkflow.yaml | Updates workflow step to use validateQueryParams. |
| src/cdk/v2/constants/cdkV2DestinationsMap.ts | Adds transformer-owned CDK v2 destination allowlist. |
| src/adapters/networkHandlerFactory.test.ts | Migrates test file to TS. |
| src/adapters/networkHandlerFactory.test.js | Removes JS version of the same tests. |
| package.json | Bumps package version and dependency ranges. |
| jest.default.config.js | Enables ts-jest transform for TS test execution. |
| go/webhook/testcases/testdata/testcases/iterable/test_30_0.json | Adds a new Iterable webhook test case. |
| go/webhook/testcases/testdata/testcases/iterable/test_2_0.json | Fixes expected error typo. |
| go/webhook/testcases/testdata/testcases/iterable/test_1_0.json | Fixes expected error typo. |
| go/webhook/testcases/testdata/testcases/appsflyer/test_2_0.json | Fixes expected error typo. |
| README.md | Adds DeepWiki badge. |
| .github/workflows/verify.yml | Tightens permissions; bumps actions pins. |
| .github/workflows/verify-server-start.yml | Tightens permissions; bumps actions pins. |
| .github/workflows/validate-actor.yml | Switches PAT to GitHub App token; tightens permissions. |
| .github/workflows/ut-tests.yml | Tightens permissions; bumps actions pins. |
| .github/workflows/update-ingestion-service.yml | Switches PAT to GitHub App token; tighter perms; logic updates. |
| .github/workflows/slack-notify.yml | Tightens permissions; bumps actions pins. |
| .github/workflows/publish-new-release.yml | Switches PAT to GitHub App token; verified tagging flow. |
| .github/workflows/prepare-for-staging-deploy.yml | Targets main; uses GitHub App token; disables latest tags. |
| .github/workflows/prepare-for-prod-ut-deploy.yml | Removes coverage job; uses latest tag; GitHub App token. |
| .github/workflows/prepare-for-prod-rollback.yml | Uses GitHub App token; tighter perms. |
| .github/workflows/prepare-for-dev-deploy.yml | Adjusts job perms; removes merged-only condition; disables latest tags. |
| .github/workflows/integrations_version_audit.yml | Runs every 2 months; tighter perms; bumps checkout pin. |
| .github/workflows/ingestion-service-test.yml | Uses GitHub App token (cross-repo clone); tighter perms. |
| .github/workflows/housekeeping.yml | Uses GITHUB_TOKEN for stale/branch cleanup; bumps action pins. |
| .github/workflows/dt-test-and-report-code-coverage.yml | Runs on PR + pushes; uses GITHUB_TOKEN for Sonar. |
| .github/workflows/draft-new-release.yml | Uses GitHub App token; verified commit via API. |
| .github/workflows/create-hotfix-branch.yml | Uses GitHub App token to create branches. |
| .github/workflows/commitlint.yml | Tightens perms; bumps action pins. |
| .github/workflows/check-pr-title.yml | Tightens perms; bumps action pins. |
| .github/workflows/build-pr-artifacts.yml | Prefixes branch tags; uses Github App token in reused workflow. |
| .github/workflows/allure-test-reporter.yml | Removes Allure reporter workflow. |
| .github/scripts/versions.json | Updates destination version audit entries. |
Comments suppressed due to low confidence (1)
src/v0/destinations/fb_custom_audience/transform.ts:1
- When
userSchemais a string,prepareFinalPayload.schemais converted to an array, butuserSchemaitself remains a string and is then cast tostring[]when callingprepareDataField. That cast won’t convert at runtime and can lead toprepareDataFielditerating over string characters. Fix by normalizing into a realschemaArrayvariable (array of strings) and using it both forprepareFinalPayload.schemaand theprepareDataFieldcall.
import lodash from 'lodash';
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
1
to
+3
| { | ||
| "name": "rudder-transformer", | ||
| "version": "1.118.0", | ||
| "version": "1.125.0", |
| @@ -4,7 +4,7 @@ const RegulationApiUtils = { | |||
| /** | |||
| * Common validations that are part of `deleteUsers` api would be defined here | |||
| * | |||
| * @param {Array<{ userId:string, email:string, phone:string}>} userAttributes Array of objects with userId, email and phone | |||
| * @param {Array<{}>} userAttributes Array of objects with userId, email and phone | |||
Comment on lines
+108
to
+117
| * Returns the maximum payload size in bytes for FB Custom Audience batching. | ||
| * Can be overridden per workspace via env var FB_CUSTOM_AUDIENCE_MAX_PAYLOAD_SIZE_<WORKSPACE_ID>, | ||
| * or globally via FB_CUSTOM_AUDIENCE_MAX_PAYLOAD_SIZE. Defaults to 60000. | ||
| */ | ||
| function getMaxPayloadSize(workspaceId: string): number { | ||
| if (workspaceId) { | ||
| const workspaceVal = Number.parseInt( | ||
| process.env[`FB_CUSTOM_AUDIENCE_MAX_PAYLOAD_SIZE_${workspaceId}`] ?? '', | ||
| 10, | ||
| ); |
Comment on lines
485
to
512
| { | ||
| name: 'braze_batch_attributes_pack_size', | ||
| help: 'braze_batch_attributes_pack_size', | ||
| type: 'gauge', | ||
| help: 'Distribution of attributes count per batch chunk', | ||
| type: 'histogram', | ||
| labelNames: ['destination_id'], | ||
| buckets: [1, 5, 10, 20, 30, 40, 50, 60, 70, 75], | ||
| }, | ||
| { | ||
| name: 'braze_batch_events_pack_size', | ||
| help: 'braze_batch_events_pack_size', | ||
| type: 'gauge', | ||
| help: 'Distribution of events count per batch chunk', | ||
| type: 'histogram', | ||
| labelNames: ['destination_id'], | ||
| buckets: [1, 5, 10, 20, 30, 40, 50, 60, 70, 75], | ||
| }, | ||
| { | ||
| name: 'braze_batch_purchase_pack_size', | ||
| help: 'braze_batch_purchase_pack_size', | ||
| type: 'gauge', | ||
| help: 'Distribution of purchases count per batch chunk', | ||
| type: 'histogram', | ||
| labelNames: ['destination_id'], | ||
| buckets: [1, 5, 10, 20, 30, 40, 50, 60, 70, 75], | ||
| }, | ||
| { | ||
| name: 'braze_batch_total_pack_size', | ||
| help: 'Distribution of total count per batch chunk', | ||
| type: 'histogram', | ||
| labelNames: ['destination_id'], | ||
| buckets: [1, 5, 10, 20, 30, 40, 50, 60, 70, 75, 100, 125, 150, 175, 200, 225], | ||
| }, |
Comment on lines
+356
to
363
| if (!SOQL_FIELD_NAME_REGEX.test(identifierType)) { | ||
| throw new InstrumentationError(`Invalid identifierType for SOQL query: ${identifierType}`); | ||
| } | ||
| let queryResponse; | ||
| try { | ||
| queryResponse = await salesforceSdk.query( | ||
| `SELECT Id FROM ${objectType} WHERE ${identifierType} = '${identifierValue}'`, | ||
| `SELECT Id FROM ${objectType} WHERE ${identifierType} = ${soqlEscapeValue(identifierValue)}`, | ||
| ); |
Comment on lines
78
to
82
| return processSingleMessage({ | ||
| message: events[0].message, | ||
| destination: events[0].destination, | ||
| metadata: events[0].metadata || metadata, | ||
| destination, | ||
| metadata, | ||
| }); |
Comment on lines
+74
to
+75
| const filteredKeys = Object.keys(params).filter((key) => params[key] !== undefined); | ||
| return Object.fromEntries(filteredKeys.map((key) => [key, params[key]])); |
| cordial: ['cordial', 'Cordial', 'CORDIAL'], | ||
| clevertap: ['clevertap', 'Clevertap', 'CleverTap', 'CLEVERTAP'], | ||
| airship: ['airship', 'Airship', 'AIRSHIP'], | ||
| singular: ['Singular'], |
Comment on lines
+239
to
+241
| logger.error('Marketo sent us some failure which is not handled', { | ||
| status, | ||
| responseErrors: JSON.stringify(response.errors), |
Comment on lines
+104
to
+107
| throw new Error(`Unexpected: unknown error type ${error}`); | ||
| } | ||
| // This should never be reached since errorResponseHandler always throws for errors | ||
| throw new Error('Unexpected: errorResponseHandler did not throw for non-OK response'); |
ArjavJain27
changed the title
SoniRani
approved these changes
Mar 13, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What are the changes introduced in this PR?
Updating rudder-trasformer version to 1.126.0
https://scheduleonce.atlassian.net/browse/ONCEHUB-114580
Write a brief explainer on your code changes.
What is the related Linear task?
Resolves INT-XXX
Please explain the objectives of your changes below
Put down any required details on the broader aspect of your changes. If there are any dependent changes, mandatorily mention them here
Any changes to existing capabilities/behaviour, mention the reason & what are the changes ?
N/A
Any new dependencies introduced with this change?
N/A
Any new generic utility introduced or modified. Please explain the changes.
N/A
Any technical or performance related pointers to consider with the change?
N/A
@coderabbitai review
Developer checklist
My code follows the style guidelines of this project
No breaking changes are being introduced.
All related docs linked with the PR?
All changes manually tested?
Any documentation changes needed with this change?
Is the PR limited to 10 file changes?
Is the PR limited to one linear task?
Are relevant unit and component test-cases added in new readability format?
Reviewer checklist
Is the type of change in the PR title appropriate as per the changes?
Verified that there are no credentials or confidential data exposed with the changes.