[copilot-finds] Improve: withTimeout() missing input validation and dead sleepWithAbort export in backoff.util.ts

[github-actions]

Problem

backoff.util.ts has two issues:

1. withTimeout() missing input validation — Unlike its sibling raceWithTimeout() in timeout.util.ts, withTimeout() does not validate its timeoutMs parameter. When called with NaN, Infinity, or negative values, setTimeout clamps the delay to ~1ms (per Node.js behavior), causing the promise to reject immediately regardless of the actual work. This is inconsistent with raceWithTimeout() which explicitly throws a RangeError for invalid values.

2. Dead sleepWithAbort() export — The sleepWithAbort() function is exported but never imported or used anywhere in the codebase. It is dead code.

Root Cause

1. withTimeout() was implemented without the input validation that was added to raceWithTimeout().
2. sleepWithAbort() was likely added for future use but was never integrated, leaving dead code in the module.

Proposed Fix

1. Add input validation to withTimeout() matching raceWithTimeout() behavior: reject non-finite or negative timeoutMs values with a RangeError.
2. Remove the dead sleepWithAbort() function.

Impact

• Severity: Low — withTimeout() callers currently use hardcoded valid values, so the validation is defensive. Dead code removal is a cleanup.
• Affected scenarios: Any future caller passing invalid timeout values to withTimeout() would get a clear RangeError instead of silent misbehavior.

[github-actions]

Branch copilot-finds/improve/backoff-util-validation-dead-code has been pushed with the fix and tests. A PR could not be created automatically due to GitHub Actions permissions. The branch is ready for manual PR creation.

Changes:

• packages/durabletask-js/src/utils/backoff.util.ts: Added input validation to withTimeout(), removed dead sleepWithAbort()
• packages/durabletask-js/test/backoff.spec.ts: Added 5 new unit tests for withTimeout() input validation

All tests pass (npm run test:unit), lint is clean (npm run lint).