fix(data-api): stop dropping auth_required/public_safe from RPC pool artifacts#4979
Conversation
…artifacts endpointPool() built each served pool endpoint object from an explicit field allowlist that omitted auth_required and public_safe entirely. Both rpc/pools.json and endpoint-pools.json go through this function, so both artifacts serialized every endpoint without these two fields even though the registry source and the intermediate rpc-endpoints.json artifact both carry them correctly. The Worker's live health overlay (overlayRpcPoolEligibility, src/health-serving.mjs, #4958) re-derives pool_eligible on every request by reading these same serialized fields -- undefined fails both the auth_required!==false and public_safe!==true checks unconditionally, so every RPC pool endpoint was excluded regardless of real health. This is the actual root cause of the ongoing finney-RPC proxy 503 outage; #4958 fixed a real but secondary staleness-recompute bug in the overlay without addressing that the fields never reached the artifact in the first place. Closes #4978
|
Superagent didn't find any vulnerabilities or security issues in this PR. |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #4979 +/- ##
=======================================
Coverage 97.94% 97.94%
=======================================
Files 163 163
Lines 19440 19440
Branches 7385 7385
=======================================
Hits 19040 19040
Misses 53 53
Partials 347 347
🚀 New features to boost your workflow:
|
|
Warning 🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨 ⏸️ Gittensory review result - manual review recommendedReview updated: 2026-07-12 21:32:16 UTC
⏸️ Suggested Action - Manual Review
Review summary Nits — 7 non-blocking
Review context
Contributor next steps
Signal definitions
[BETA] Chat with GittensoryAsk Gittensory a question about this PR directly in a comment — grounded only in the same cached, public-safe facts shown above, never a new claim.
Full command reference: https://gittensory.aethereal.dev/docs/gittensory-commands Visual preview
Click any thumbnail to open the full-size screenshot. Before = production · After = this PR's preview deploy. 🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed 💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →. Checked by Gittensory, a quiet PR intelligence layer for OSS maintainers.
|
…chema The schema previously omitted these two fields with additionalProperties: false, so the code fix in the prior commit (adding them to endpointPool()'s output) failed contract validation. They're structural pool-eligibility inputs the Worker's live overlay genuinely needs to read back from the served artifact -- the schema was simply never updated for them. Regenerates openapi.json/types.d.ts/contracts.json via npm run build, and patch-bumps packages/client per the contract-change convention.
Summary
POST /rpc/v1/finneycurrently returns 503 for every request — live-confirmed.endpointPool()(scripts/lib/endpoint-artifacts.mjs) builds each served pool endpoint from an explicit field allowlist that never includedauth_required/public_safe, even though both fields are correctly present on the registry source and the intermediaterpc-endpoints.jsonartifact. Bothrpc/pools.jsonandendpoint-pools.jsonare built through this same function.The Worker's live health overlay (
overlayRpcPoolEligibility,src/health-serving.mjs, shipped in #4958 earlier today) re-derivespool_eligibleon every request from these same serialized fields —undefined !== falseandundefined !== trueboth evaluatetrue, so every endpoint fails the structural eligibility check regardless of real health. This is the actual root cause of the ongoing finney-RPC outage; #4958 fixed a real but secondary bug in the overlay's staleness-recompute logic without catching that the fields never reached the artifact at all.Closes #4978
Fix
Add
auth_required/public_safetoendpointPool()'s per-endpoint output object. Both are already part of the documented contract (schemas/components/07-endpoints-rpc.schema.json) for this shape — no schema change needed.Testing
npm run build: confirmeddist/metagraph-r2/metagraph/rpc/pools.jsonnow carries correctauth_required/public_safefor all 5 finney-rpc pool endpoints (previously allnull).pool_eligiblecomputation, which was already correct and didn't catch this). Verified it fails pre-fix (undefined !== false) and passes post-fix.eslint/prettier --checkclean.Expected outcome
Once merged and the next build+publish cycle runs,
GET /api/v1/rpc/poolsshould showeligible_count > 0forfinney-rpc, andPOST /rpc/v1/finneyshould serve real proxied responses instead of 503.