Receipt · 70f6bb2c-0

Unhandled missing OPTIN_HMAC_SECRET causes 500 instead of a friendly error

maintainabilitylowclosed in a58382aclosed in 25 minutes

repo e24ef98c·PR #9·reviewed 2 days ago·2 days ago

The finding

apps/web/lib/optin-token.ts
apps/web/app/api/opt-in/route.ts

If OPTIN_HMAC_SECRET is unset in the environment, verifyTokenDetailed() will throw inside getSecret(). The route does not catch this, yielding a 500 without a clear user-facing explanation. While this is a deploy misconfiguration, it’s better to fail with a controlled HTML response and a clear log.

Fix

Wrap token verification in try/catch. On error, log and return htmlResponse(500, errorPage("Server misconfigured", "...")), or validate presence of OPTIN_HMAC_SECRET at process startup to fail fast with a clear error.

Agent attribution

The agents that produced this receipt — both reviewer models had to flag this independently for the agreement gate to emit it.

anthropic

gpt-5

75.3s · error

openai

claude-opus-4-7

111.1s · error

Total

wall-clock review time · est. inference cost

111.1s · $0.40

Sweeper

closed at SHA a58382a

closed in 25 minutes

internal review id · 70f6bb2c

Third-party witnesses

Everything below lives on GitHub's event log, not ours. Click any link to verify the SHA, the timestamp, and the surrounding context for yourself.

Closure receipt comment
https://github.com/AntFleet/antfleet/pull/9#issuecomment-4476013845
Original review comment
https://github.com/AntFleet/antfleet/pull/9#issuecomment-4475838580
The pull request
https://github.com/AntFleet/antfleet/pull/9

← back to all receipts