Disagreement · a3184982-openai-1

createDirectConnectSession does not wrap JSON parsing in DirectConnectError, leaking raw exceptions

solo GPT-5

repo 7e34f3ef·PR #2·reviewed 1 week ago

GPT-5 finding

createDirectConnectSession does not wrap JSON parsing in DirectConnectError, leaking raw exceptions

mediumbughigh

src/server/createDirectConnectSession.ts:71

If the server returns invalid/non-JSON with HTTP 2xx, resp.json() throws and the function rejects with a raw error instead of the documented DirectConnectError, violating the API contract and complicating caller error handling.

Recommendation

Wrap resp.json() and schema validation in try/catch and rethrow a DirectConnectError with a clear message (e.g., "Invalid JSON in session response").

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

← back to all disagreements view public receipts see unanimous findings + anatomies →

Tweet ↗