Opus finding
Cron route reads `outgoingResult` even when realPollDeps throws synchronously on missing token, but log path swallows the misconfiguration silently in non-dev
lowmaintainabilitymedium
- apps/web/app/api/cron/sweep/route.ts:74-88
- apps/web/lib/outgoing-prs.ts:230-243
The comment in route.ts says token-missing is 'skipped silently' but the code path actually emits logError (not logWarn/logInfo) for the orchestrator failure — and getAntfleetOpsToken throws *inside* realPollDeps()? No — re-reading outgoing-prs.ts, getAntfleetOpsToken() is only invoked inside tokenReader() which runs per-call inside getUpstreamPrState. Since realPollDeps() itself only sets up closures, it does NOT throw when the token is missing; only when getUpstreamPrState is called. That means if loadOpenPrs returns 0 rows (the common 'nothing to poll' case), the missing token is invisible — fine. But if there ARE open rows, the per-row try/catch in pollOutgoingPrs catches each token failure as a logWarn and increments errors, then returns a non-null result. The comment claims realPollDeps's lazy token read throws and is converted to a log line by runOutgoingPrsPoll — this is misleading. The actual error pathway is per-row in pollOutgoingPrs, and runOutgoingPrsPoll's catch would only fire on loadOpenPrs failure or similar.
Recommendation
Update the comment block in apps/web/app/api/cron/sweep/route.ts to describe the actual behavior: 'with rows present, each per-row poll fails individually and is logged via outgoing_prs.poll_failed; with no rows, the token never gets read'. Or, more robustly, validate the token once at the top of runOutgoingPrsPoll() so the orchestrator-level skip-when-missing behavior the comment implies actually happens.