Limit retention api

[WcaleNieWolny]

Summary by CodeRabbit

• Bug Fixes

  • Added validation to prevent setting retention above 2 years (63113903) or below 0, returning clear 400 errors for invalid values.
  • Provides immediate feedback before saving changes, improving reliability and user experience.

• Localization

  • Updated English error message to reflect the 2-year retention limit for clearer guidance.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

Adds server-side validation for the retention field in the app update endpoint, enforcing a maximum of 63,113,903 (2 years) and a minimum of 0. Updates the English message for the retention-too-big error to reflect the new limit. No API signatures changed.

Changes

Cohort / File(s)	Summary
Validation: retention bounds in PUT app supabase/functions/_backend/public/app/put.ts	Adds pre-update checks: if retention >= 63113904 return 400 with code retention_to_big; if retention < 0 return 400 with code retention_to_small. Pass-through if not provided or within bounds. No signature changes.
i18n: message update messages/en.json	Updates retention-to-big text to: "Retention cannot be bigger than 63113903 (2 years)".

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Client
  participant API as put(c, appId, body, apikey)
  participant Validator as Retention Validator
  participant DB as Database

  Client->>API: PUT /app/{id} with body.retention?
  API->>Validator: Validate body.retention
  alt retention >= 63113904
    Validator-->>API: 400 { code: retention_to_big, message, value }
    API-->>Client: 400 Bad Request
  else retention < 0
    Validator-->>API: 400 { code: retention_to_small, message, value }
    API-->>Client: 400 Bad Request
  else valid or undefined
    API->>DB: Update app (retention if provided)
    DB-->>API: Update result
    API-->>Client: 200 OK (updated app)
  end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• feat: limit retention to 2 years #1199 — Implements the same 2-year retention upper bound and aligned messaging/validation, indicating coordinated limit enforcement.

Poem

A bunny taps the ceiling tight,
Two years max—now set just right.
No deeper burrow, not a hop more,
Zero to cap, a tidy score.
With bounds in place, I thump with cheer—
Our carrots age the right two-year! 🥕🐇

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch limit_retention_api

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 50f7615 and ce4441b.

📒 Files selected for processing (2)

• messages/en.json (1 hunks)
• supabase/functions/_backend/public/app/put.ts (1 hunks)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

🧹 Preview Environment Cleaned Up

The preview environment for this PR has been successfully removed from Cloudflare.

Deleted:

• Frontend: capgo-preview-1201
• API Worker: capgo-api-preview-1201
• Files Worker: capgo-files-preview-1201
• Plugin Worker: capgo-plugin-preview-1201