promote fix for missing space on consent screen to#168
Merged
aspiers merged 5 commits intoproductionfrom May 7, 2026
Merged
Conversation
Adds a second @otp-expiry scenario that backdates the auth_flow row via the existing /_internal/test/expire-auth-flow hook, then submits a still-valid OTP. After PR #154's reactive abort gate the OTP form pings /auth/ping before submitting; with the auth_flow row dead the ping reports `flow_expired`, the gate navigates to /auth/abort, and cleanExit serves its Tier-2 styled "Sign-in session expired" fallback page (the OAuth client redirect path needs the dead row's clientId, which is exactly what's missing here). The scenario asserts both signals — the ping reason (proving auth_flow specifically tripped, not PAR) and the abort fallback page — so a regression that, say, swaps which timer the gate honours would still be caught. Without this guardrail nothing in CI would notice if AUTH_FLOW_TTL_MS were quietly shortened back to the OTP TTL; the existing scenario only proves the 10-min-and-resend path works, not that the 60-min boundary is enforced. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…ng-space-between-account-and-email-address fix(pds-core): add email label spacing
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
There was a problem hiding this comment.
Claude Code Review
This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.
Tip: disable this comment in your organization's Code Review settings.
|
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
🚅 Deployed to the ePDS-pr-168 environment in ePDS
|
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
There was a problem hiding this comment.
Pull request overview
This PR appears to bundle a small UI text tweak (fixing a missing separator before an enriched email label) together with new E2E regression coverage around auth-flow expiry handling and a tracking entry for future enrichment E2E work.
Changes:
- Adjust chooser enrichment email-label rendering to include a leading space before the email text.
- Add a new passwordless-auth E2E scenario that forces
auth_flowexpiry and asserts the/auth/pingreason + abort fallback page, including new Playwright routing logic to capture the ping response body across navigation. - Add a new
.beadsepic entry for consent/chooser enrichment E2E coverage work.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| packages/pds-core/src/chooser-enrichment.ts | Tweaks injected enrichment script output for email label text spacing. |
| features/passwordless-authentication.feature | Adds a new regression scenario documenting/validating auth_flow TTL expiry behavior. |
| e2e/support/world.ts | Extends test world state to store the next /auth/ping response body. |
| e2e/step-definitions/auth.steps.ts | Implements new expiry + assertion steps, including a /auth/ping route interceptor to capture response body before navigation. |
| .beads/issues.jsonl | Adds an epic issue entry for future enrichment E2E coverage. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
199
to
204
| var label = document.createElement('span'); | ||
| label.className = 'epds-email-label'; | ||
| label.style.cssText = | ||
| 'min-width:0;white-space:nowrap;overflow:hidden;text-overflow:ellipsis;' | ||
| label.textContent = m.email; | ||
| label.textContent = ' ' + m.email; | ||
| if (m.el.dataset) m.el.dataset.epdsEnriched = '1'; |
Comment on lines
+496
to
+498
| # If someone shortens AUTH_FLOW_TTL_MS back to the OTP TTL we want to | ||
| # catch it here: past the 60-minute mark, even a freshly verified OTP | ||
| # must NOT recover the flow. |
Contributor
|
Found 63 test failures on Blacksmith runners: Failures
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Emergency hotfix for ME