fix: enforce required teamId parameter in credential requests list#48
Conversation
There was a problem hiding this comment.
Pull request overview
This PR tightens the Credential Requests “list” API to require a teamId in order to align request construction and MCP tooling with the endpoint’s expected parameters.
Changes:
- Made
teamIdrequired inListCredentialRequestsOptionsand requiredoptionsinCredentialRequests.list(...). - Updated the MCP tool schema and typings to require
teamIdforcredential-requests_list. - Removed the unit test that previously listed credential requests without providing
teamId.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
src/endpoints/credential-requests.ts |
Makes teamId mandatory in list options and requires an options argument for list(). |
src/endpoints/credential-requests.mcp.ts |
Marks teamId as required in the MCP tool schema and args type. |
test/credential-requests.spec.ts |
Removes the now-invalid test that listed requests without teamId. |
Comments suppressed due to low confidence (1)
test/credential-requests.spec.ts:36
- This spec file no longer has a test for the minimal/required list call (i.e., listing with only
teamId). The removed test could be updated to callmake.credentialRequests.list({ teamId: ... })and assert the URL/query string, which helps ensure the new required parameter behavior is covered without relying on additional filters/pagination.
describe('Endpoints: CredentialRequests', () => {
const make = new Make(MAKE_API_KEY, MAKE_ZONE);
it('Should list credential requests with filters and pagination', async () => {
mockFetch(
'GET https://make.local/api/v2/credential-requests/requests?teamId=123&status=pending&pg%5Blimit%5D=50',
listMock,
);
const result = await make.credentialRequests.list({
teamId: 123,
status: 'pending',
pg: {
limit: 50,
},
});
expect(result).toStrictEqual(listMock.requests);
});
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
Comments suppressed due to low confidence (1)
src/endpoints/credential-requests.ts:232
list()now requiresteamIdat the type level, but there’s no runtime enforcement. JavaScript callers (or TS callers usingany) can still calllist()withundefined/missingteamId, which will send a request withoutteamIdand fail with a server-side error. Consider adding an explicit runtime check that throws a clear client-side error whenteamIdis missing (and add/adjust a unit test accordingly).
async list<C extends keyof CredentialRequest = never>(
options: ListCredentialRequestsOptions<C>,
): Promise<PickColumns<CredentialRequest, C>[]> {
const response = await this.#fetch<{ requests: PickColumns<CredentialRequest, C>[] }>(
'/credential-requests/requests',
{ query: options },
);
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
Comments suppressed due to low confidence (1)
test/credential-requests.spec.ts:35
- The basic "list credential requests" unit test was removed, but there isn't a replacement test covering the new minimal call signature (
list(teamId)with no options). Adding a test that asserts the generated URL includes onlyteamIdwould help ensure the new required parameter behavior is covered.
it('Should list credential requests with filters and pagination', async () => {
mockFetch(
'GET https://make.local/api/v2/credential-requests/requests?teamId=123&status=pending&pg%5Blimit%5D=50',
listMock,
);
const result = await make.credentialRequests.list(123, {
status: 'pending',
pg: {
limit: 50,
},
});
expect(result).toStrictEqual(listMock.requests);
});
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| options?: ListCredentialRequestsOptions<C>, | ||
| ): Promise<PickColumns<CredentialRequest, C>[]> { | ||
| let teamId: number; | ||
| if (typeof teamIdOrOptions === 'number') { |
There was a problem hiding this comment.
Wouldn't it be safer to swap the condition and, instead of checking for type number, check for type object? That should prevent us from throwing a destructure error in case the runtime value is null, for example.
There was a problem hiding this comment.
Thanks, make sence I had add teamIdOrOptions !== null
There was a problem hiding this comment.
- null → falls to else, treated as a number (will fail at the API level with a clear error rather than a cryptic "Cannot destructure property 'teamId' of null")
- undefined → typeof undefined === 'object' is false, so also falls to else safely
- valid object → destructured as before
- number → typeof number === 'object' is false, works as before
This PR tightens the Credential Requests “list” API to require a teamId in order to align request construction and MCP tooling with the endpoint’s expected parameters.