Refactor health check implementation based on code review feedback by Copilot · Pull Request #746 · vercel/workflow

Copilot · 2026-01-07T23:05:01Z

Description

Addresses code review feedback from PR #743 by refactoring the health check implementation to improve type safety, maintainability, and cross-platform compatibility.

Key changes:

Exports from @workflow/world: Added HEALTH_CHECK_STREAM_PREFIX, HealthCheckPayloadSchema, HEALTH_CHECK_WORKFLOW_QUEUE, and HEALTH_CHECK_STEP_QUEUE as public API
Type safety: Replaced unsafe type casting with explicit conditionals using exported constants; added proper type guards for JSON parsing with unknown instead of any
Cross-platform compatibility: Replaced Node.js Buffer with standard Uint8Array for stream concatenation
Race condition fix: Reordered operations to start stream read before sending queue message
Queue naming: Changed from __wkf_workflow___health_check__ to __wkf_workflow_health_check (single underscore pattern)
Eliminated duplication: Import HealthCheckPayloadSchema from @workflow/world instead of redefining locally
Security documentation: Added comments explaining health check handlers are intentionally unauthenticated for monitoring purposes

How did you test your changes?

Added e2e test for queue-based health check covering both workflow and step endpoints
Created test API endpoints in workbench apps (example, nextjs-turbopack) to exercise healthCheck() function
Verified all packages build successfully (@workflow/world, @workflow/core)
Type safety validated through TypeScript compilation with proper type guards

PR Checklist - Required to merge

📦 pnpm changeset was run to create a changelog for this PR
- During beta, we only use "patch" mode for changes. Don't tag minor/major versions.
- Use pnpm changeset --empty if you are changing documentation or workbench apps
🔒 DCO sign-off passes (run git commit --signoff on your commits)

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

changeset-bot · 2026-01-07T23:05:06Z

⚠️ No Changeset found

Latest commit: 5687242

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

vercel · 2026-01-07T23:05:13Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
example-nextjs-workflow-turbopack	Error		Jan 7, 2026 11:22pm
example-nextjs-workflow-webpack	Ready	Preview, Comment	Jan 7, 2026 11:22pm
example-workflow	Ready	Preview, Comment	Jan 7, 2026 11:22pm
workbench-astro-workflow	Ready	Preview, Comment	Jan 7, 2026 11:22pm
workbench-express-workflow	Ready	Preview, Comment	Jan 7, 2026 11:22pm
workbench-fastify-workflow	Ready	Preview, Comment	Jan 7, 2026 11:22pm
workbench-hono-workflow	Ready	Preview, Comment	Jan 7, 2026 11:22pm
workbench-nitro-workflow	Ready	Preview, Comment	Jan 7, 2026 11:22pm
workbench-nuxt-workflow	Ready	Preview, Comment	Jan 7, 2026 11:22pm
workbench-sveltekit-workflow	Ready	Preview, Comment	Jan 7, 2026 11:22pm
workbench-vite-workflow	Ready	Preview, Comment	Jan 7, 2026 11:22pm
workflow-docs	Ready	Preview, Comment	Jan 7, 2026 11:22pm

… error handling Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com>

Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com>

Copilot · 2026-01-07T23:22:29Z

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

vercel

Additional Suggestion:

Race condition in healthCheck() implementation where queue message is sent without awaiting HTTP request completion

Copilot

Pull request overview

This PR refactors the health check implementation based on code review feedback from PR #743. The changes focus on improving type safety, maintainability, cross-platform compatibility, and eliminating code duplication while exposing health check constants and schemas as part of the public API.

Key Changes

Exported health check constants and schemas from @workflow/world package to support shared usage
Improved type safety with explicit type guards replacing unsafe type casting
Enhanced cross-platform compatibility by replacing Node.js Buffer with standard Uint8Array

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
`packages/world/src/queue.ts`	Added exports for health check schema, constants, and type; updated queue naming pattern
`packages/world/src/index.ts`	Re-exported health check constants and schema from queue module
`packages/core/src/runtime/helpers.ts`	Refactored to use imported constants; improved type safety with proper type guards; replaced Buffer with Uint8Array; fixed race condition
`packages/core/src/runtime/step-handler.ts`	Added security documentation explaining unauthenticated health check design
`packages/core/src/runtime.ts`	Added security documentation explaining unauthenticated health check design
`packages/core/e2e/e2e.test.ts`	Added e2e test covering queue-based health checks for both workflow and step endpoints
`workbench/nextjs-turbopack/app/api/test-health-check/route.ts`	New test API endpoint to exercise `healthCheck()` function in Next.js
`workbench/example/api/test-health-check.ts`	New test API endpoint to exercise `healthCheck()` function in example app

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Copilot · 2026-01-07T23:50:12Z


 export type WorkflowInvokePayload = z.infer<typeof WorkflowInvokePayloadSchema>;
 export type StepInvokePayload = z.infer<typeof StepInvokePayloadSchema>;
+export type HealthCheckPayload = z.infer<typeof HealthCheckPayloadSchema>;


The type HealthCheckPayload is being defined using z.infer<typeof HealthCheckPayloadSchema> before HealthCheckPayloadSchema is declared. This creates a forward reference issue. Move line 41 to after line 51 (after the schema definition) to fix the ordering.

) * Initial plan * Address PR review comments: export types, fix race condition, improve error handling Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> * Add queue-based health check test and document security considerations Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> * Replace 'any' type with proper type guards for health check response Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> * Extract health check queue names as constants and improve type guards Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com>

* feat: add queue-based health check to bypass Deployment Protection - Add HealthCheckPayloadSchema and HEALTH_CHECK_STREAM_PREFIX to @workflow/world - Add healthCheck() method to Queue interface - Update workflow and step handlers to detect and respond to health check messages - Implement healthCheck() in world-local, world-vercel, and world-postgres The queue-based health check sends a message through the queue pipeline, which bypasses Vercel's Deployment Protection. The handler writes a response to a stream that the caller reads to confirm health. This complements the existing HTTP-based ?__health approach which still works for local development and when bypass headers are available. * refactor: move healthCheck to core package as utility function Instead of adding healthCheck to the World interface (which duplicated the same implementation across all worlds), this is now a utility function in @workflow/core that takes the World as a parameter. Usage: import { healthCheck } from '@workflow/core'; const result = await healthCheck(world, 'workflow'); This is cleaner because: - Single implementation instead of 3 identical ones - World implementations remain simple - No changes needed to the World interface * . * refactor: move health check types from world to core Health check types (HealthCheckPayloadSchema, HealthCheckResult, etc.) are now defined in @workflow/core since that's where they're used. The HealthCheckPayloadSchema is still part of QueuePayloadSchema in world (so the queue accepts health check messages), but it's not exported from the public API. * . * Refactor health check implementation based on code review feedback (#746) * Initial plan * Address PR review comments: export types, fix race condition, improve error handling Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> * Add queue-based health check test and document security considerations Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> * Replace 'any' type with proper type guards for health check response Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> * Extract health check queue names as constants and improve type guards Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> * . * Fix e2e test * . * . * . * fix(ai): preserve providerMetadata as providerOptions in multi-turn tool calls (#733) When tool calls are added to the conversation history, map providerMetadata to providerOptions following the AI SDK convention. This fixes Gemini thinking models that require thoughtSignature to be preserved across multi-turn tool calls, preventing the error 'function call is missing a thought_signature'. Fixes #727 * Local ui cli flag (#744) * [web] Increase contrast on attribute items in sidebar (#736) Signed-off-by: Peter Wielander <mittgfu@gmail.com> * [world] Remove pause and resume events, actions and states (#751) * Version Packages (beta) (#735) * . * . * Update turbo inputs to include shared config (#752) * Update turbo inputs to include shared config * Apply suggestions from code review Co-authored-by: vercel[bot] <35613825+vercel[bot]@users.noreply.github.com> --------- Co-authored-by: vercel[bot] <35613825+vercel[bot]@users.noreply.github.com> * feat(web): add self-hosted mode for world configuration (#747) * feat(web): add self-hosted mode for world configuration When WORKFLOW_TARGET_WORLD env var is set, the web UI operates in self-hosted mode where the world configuration is locked to server-side environment variables and cannot be changed via query params or UI. - Add getHardcodedConfig server action to detect self-hosted mode - Modify getWorldFromEnv to use server env vars in hardcoded mode - Create WorldConfigContext to provide config state app-wide - Update settings sidebar to show locked state with disabled inputs - Update connection status to show PostgreSQL backend info - Mask sensitive values (postgres URL) in hardcoded mode UI * fix: address PR review feedback - Remove unused ConfigMode type export - Fix postgres substring to undefined (tooltip has details) - Extract buildEnvMapFromProcessEnv helper to reduce duplication - Remove unused EnvMap import from layout-client - Import HardcodedConfig from web-shared/server instead of re-defining * Fix: PostgreSQL URL parameter missing from configParsers, causing loss of postgres URL configuration on page reload in dynamic mode * fix(cli): clear WORKFLOW_TARGET_WORLD when spawning web server The CLI sets WORKFLOW_TARGET_WORLD as an env var, which the spawned Next.js server inherits. This caused the web UI to enter self-hosted mode even when launched via CLI. Now we explicitly clear WORKFLOW_TARGET_WORLD from the server's environment so it starts in dynamic mode where config comes from query params as intended. * refactor(web): use server-side env vars for world config BREAKING CHANGE: The web UI no longer supports configuring the world backend via URL query parameters. Configuration is now read exclusively from server-side environment variables. Changes: - Remove query param parsing from @workflow/web config.ts - Add ServerConfig interface with non-sensitive display info - Update all components to use useServerConfig() hook - Settings sidebar is now read-only - CLI passes env vars to spawned web server instead of query params - Server actions use process.env directly (envMap param reserved for future use) This simplifies the architecture and improves security by never sending sensitive data (connection strings, auth tokens) to the client. * fix(web): fix settings sidebar overflow and shorten data dir path - Add truncate/overflow handling to settings sidebar config values - Add shortenPath() helper to abbreviate long file paths: - Replaces home directory with ~ - Shows .../last-two-segments if still too long - Add title attributes for full path on hover * Update changeest --------- Co-authored-by: Vercel <vercel[bot]@users.noreply.github.com> * Version Packages (beta) (#755) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Update packages/world/src/queue.ts Co-authored-by: Pranay Prakash <pranay.gp@gmail.com> * [web] Tidy wake-up and re-enqueue buttons (#737) --------- Signed-off-by: Peter Wielander <mittgfu@gmail.com> * [cli] Use dotenv to resolve .env and .env.local files on startup (#765) * Use temporary workflow-server deployment URL * feat: add queue-based health check to bypass Deployment Protection - Add HealthCheckPayloadSchema and HEALTH_CHECK_STREAM_PREFIX to @workflow/world - Add healthCheck() method to Queue interface - Update workflow and step handlers to detect and respond to health check messages - Implement healthCheck() in world-local, world-vercel, and world-postgres The queue-based health check sends a message through the queue pipeline, which bypasses Vercel's Deployment Protection. The handler writes a response to a stream that the caller reads to confirm health. This complements the existing HTTP-based ?__health approach which still works for local development and when bypass headers are available. * refactor: move healthCheck to core package as utility function Instead of adding healthCheck to the World interface (which duplicated the same implementation across all worlds), this is now a utility function in @workflow/core that takes the World as a parameter. Usage: import { healthCheck } from '@workflow/core'; const result = await healthCheck(world, 'workflow'); This is cleaner because: - Single implementation instead of 3 identical ones - World implementations remain simple - No changes needed to the World interface * . * refactor: move health check types from world to core Health check types (HealthCheckPayloadSchema, HealthCheckResult, etc.) are now defined in @workflow/core since that's where they're used. The HealthCheckPayloadSchema is still part of QueuePayloadSchema in world (so the queue accepts health check messages), but it's not exported from the public API. * . * Refactor health check implementation based on code review feedback (#746) * Initial plan * Address PR review comments: export types, fix race condition, improve error handling Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> * Add queue-based health check test and document security considerations Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> * Replace 'any' type with proper type guards for health check response Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> * Extract health check queue names as constants and improve type guards Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> * . * Fix e2e test * . * . * . * . * . * Update packages/world/src/queue.ts Co-authored-by: Pranay Prakash <pranay.gp@gmail.com> * Use temporary workflow-server deployment URL * . * . --------- Signed-off-by: Peter Wielander <mittgfu@gmail.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com> Co-authored-by: Pranay Prakash <pranay.gp@gmail.com> Co-authored-by: Peter Wielander <mittgfu@gmail.com> Co-authored-by: Vercel Release Bot <88769842+vercel-release-bot@users.noreply.github.com> Co-authored-by: JJ Kasper <jj@jjsweb.site> Co-authored-by: vercel[bot] <35613825+vercel[bot]@users.noreply.github.com> Co-authored-by: Vercel <vercel[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

Initial plan

f144a2e

Copilot AI assigned Copilot and TooTallNate Jan 7, 2026

Copilot AI mentioned this pull request Jan 7, 2026

Add queue-based health check #743

Merged

Copilot started work on behalf of TooTallNate January 7, 2026 23:05 View session

vercel Bot deployed to Preview – workbench-express-workflow January 7, 2026 23:06 View deployment

vercel Bot deployed to Preview – example-workflow January 7, 2026 23:06 View deployment

vercel Bot deployed to Preview – workbench-vite-workflow January 7, 2026 23:06 View deployment

vercel Bot deployed to Preview – workbench-fastify-workflow January 7, 2026 23:06 View deployment

vercel Bot deployed to Preview – workbench-astro-workflow January 7, 2026 23:06 View deployment

vercel Bot deployed to Preview – workbench-hono-workflow January 7, 2026 23:06 View deployment

vercel Bot deployed to Preview – workbench-sveltekit-workflow January 7, 2026 23:06 View deployment

vercel Bot deployed to Preview – workbench-nitro-workflow January 7, 2026 23:06 View deployment

vercel Bot deployed to Preview – example-nextjs-workflow-webpack January 7, 2026 23:06 View deployment

vercel Bot deployed to Preview – workbench-nuxt-workflow January 7, 2026 23:06 View deployment

vercel Bot deployed to Preview – example-nextjs-workflow-turbopack January 7, 2026 23:06 View deployment

Address PR review comments: export types, fix race condition, improve…

12b75fd

… error handling Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com>

vercel Bot deployed to Preview – workbench-hono-workflow January 7, 2026 23:14 View deployment

vercel Bot deployed to Preview – workbench-astro-workflow January 7, 2026 23:14 View deployment

vercel Bot deployed to Preview – workbench-nitro-workflow January 7, 2026 23:14 View deployment

vercel Bot deployed to Preview – workbench-express-workflow January 7, 2026 23:14 View deployment

vercel Bot deployed to Preview – workbench-vite-workflow January 7, 2026 23:14 View deployment

vercel Bot deployed to Preview – workbench-sveltekit-workflow January 7, 2026 23:14 View deployment

vercel Bot deployed to Preview – workbench-fastify-workflow January 7, 2026 23:14 View deployment

vercel Bot deployed to Preview – example-workflow January 7, 2026 23:14 View deployment

vercel Bot deployed to Preview – workbench-nuxt-workflow January 7, 2026 23:14 View deployment

vercel Bot deployed to Preview – example-nextjs-workflow-turbopack January 7, 2026 23:14 View deployment

vercel Bot deployed to Preview – workflow-docs January 7, 2026 23:14 View deployment

vercel Bot deployed to Preview – example-nextjs-workflow-webpack January 7, 2026 23:19 View deployment

vercel Bot deployed to Preview – workflow-docs January 7, 2026 23:19 View deployment

Extract health check queue names as constants and improve type guards

5687242

Co-authored-by: TooTallNate <71256+TooTallNate@users.noreply.github.com>

vercel Bot deployed to Preview – workbench-hono-workflow January 7, 2026 23:21 View deployment

vercel Bot had a problem deploying to Preview – example-nextjs-workflow-turbopack January 7, 2026 23:21 Failure

vercel Bot deployed to Preview – workbench-vite-workflow January 7, 2026 23:21 View deployment

vercel Bot deployed to Preview – workbench-nitro-workflow January 7, 2026 23:21 View deployment

vercel Bot deployed to Preview – workbench-astro-workflow January 7, 2026 23:21 View deployment

vercel Bot deployed to Preview – workbench-fastify-workflow January 7, 2026 23:21 View deployment

vercel Bot deployed to Preview – workbench-express-workflow January 7, 2026 23:21 View deployment

vercel Bot deployed to Preview – workbench-sveltekit-workflow January 7, 2026 23:21 View deployment

vercel Bot deployed to Preview – example-workflow January 7, 2026 23:22 View deployment

vercel Bot deployed to Preview – workbench-nuxt-workflow January 7, 2026 23:22 View deployment

vercel Bot deployed to Preview – example-nextjs-workflow-webpack January 7, 2026 23:22 View deployment

vercel Bot deployed to Preview – workflow-docs January 7, 2026 23:22 View deployment

Copilot AI changed the title ~~[WIP] Add queue-based health check~~ Refactor health check implementation based on code review feedback Jan 7, 2026

Copilot AI requested a review from TooTallNate January 7, 2026 23:22

Copilot finished work on behalf of TooTallNate January 7, 2026 23:22

vercel Bot reviewed Jan 7, 2026

View reviewed changes

TooTallNate marked this pull request as ready for review January 7, 2026 23:46

Copilot AI review requested due to automatic review settings January 7, 2026 23:46

TooTallNate merged commit 2a1a0bf into health-check-thru-queue Jan 7, 2026
18 of 19 checks passed

TooTallNate deleted the copilot/sub-pr-743 branch January 7, 2026 23:46

Copilot started reviewing on behalf of TooTallNate January 7, 2026 23:46 View session

Copilot AI reviewed Jan 7, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Refactor health check implementation based on code review feedback#746

Refactor health check implementation based on code review feedback#746
TooTallNate merged 5 commits intohealth-check-thru-queuefrom
copilot/sub-pr-743

Copilot AI commented Jan 7, 2026 •

edited

Loading

Uh oh!

changeset-bot Bot commented Jan 7, 2026 •

edited

Loading

Uh oh!

vercel Bot commented Jan 7, 2026 •

edited

Loading

Uh oh!

Copilot AI commented Jan 7, 2026

Uh oh!

vercel Bot left a comment

Uh oh!

Uh oh!

Copilot AI left a comment

Uh oh!

Copilot AI Jan 7, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

Copilot AI commented Jan 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

How did you test your changes?

PR Checklist - Required to merge

Uh oh!

changeset-bot Bot commented Jan 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

⚠️ No Changeset found

Uh oh!

vercel Bot commented Jan 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Copilot AI commented Jan 7, 2026

Uh oh!

vercel Bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Key Changes

Reviewed changes

Uh oh!

Copilot AI Jan 7, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Copilot AI commented Jan 7, 2026 •

edited

Loading

changeset-bot Bot commented Jan 7, 2026 •

edited

Loading

vercel Bot commented Jan 7, 2026 •

edited

Loading