Skip to content

fix(clerk-js): Revert query filtering from fapiClient #6817

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
panteliselef wants to merge 1 commit into from
Closed

fix(clerk-js): Revert query filtering from fapiClient #6817

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .changeset/blue-oranges-make.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
---
---
Comment on lines +1 to +2
Copy link
Contributor

@coderabbitai coderabbitai bot Sep 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Missing changeset content.

The changeset file is empty and should include package names and descriptions of changes.

A valid changeset should follow this format:

---
+"@clerk/clerk-js": patch
---
+
+Revert query filtering from fapiClient - no longer filter undefined properties before building query parameters.
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
---
---
---
"@clerk/clerk-js": patch
---
Revert query filtering from fapiClient - no longer filter undefined properties before building query parameters.
🤖 Prompt for AI Agents 
In .changeset/blue-oranges-make.md around lines 1 to 2, the changeset file is
empty; replace the placeholder with a valid changeset YAML block that lists the
affected package(s) and a short summary of the change(s). Specifically, add the
top-level version bump type for each package (patch/minor/major) as keys and a
brief human-readable description under the body (wrap text as needed), following
the standard Changesets format: a header mapping package names to release types,
a divider line of "---", and then the description paragraph(s).

15 changes: 1 addition & 14 deletions packages/clerk-js/src/core/fapiClient.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,20 +105,7 @@ export function createFapiClient(options: FapiClientOptions): FapiClient {
}

function buildQueryString({ method, path, sessionId, search, rotatingTokenNonce }: FapiRequestInit): string {
const filteredSearch =
search && typeof search === 'object'
? Object.keys(search as Record<string, any>).reduce(
(acc, key) => {
const value = (search as Record<string, any>)[key];
if (value !== undefined) {
acc[key] = value;
}
return acc;
},
{} as Record<string, any>,
)
: search;
const searchParams = new URLSearchParams(filteredSearch as any);
const searchParams = new URLSearchParams(search as any);
// the above will parse {key: ['val1','val2']} as key: 'val1,val2' and we need to recreate the array bellow
Comment on lines +108 to 109
Copy link
Contributor

@coderabbitai coderabbitai bot Sep 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

🧩 Analysis chain

Potential issue with undefined values in URLSearchParams.

The URLSearchParams constructor will stringify undefined values as "undefined" strings rather than omitting them, which could result in query parameters like ?param=undefined being sent to the API.

Run this script to check how undefined values are handled across the codebase:

Consider filtering undefined values before passing to URLSearchParams:

 function buildQueryString({ method, path, sessionId, search, rotatingTokenNonce }: FapiRequestInit): string {
-  const searchParams = new URLSearchParams(search as any);
+  // Filter out undefined values to prevent them from being stringified as "undefined"
+  const filteredSearch = search && typeof search === 'object' && !Array.isArray(search) 
+    ? Object.fromEntries(Object.entries(search).filter(([_, v]) => v !== undefined))
+    : search;
+  const searchParams = new URLSearchParams(filteredSearch as any);
   // the above will parse {key: ['val1','val2']} as key: 'val1,val2' and we need to recreate the array bellow

🏁 Script executed:

#!/bin/bash
# Description: Check how search parameters are constructed and used throughout the codebase

# Find places where search parameters are constructed or passed to fapiClient
rg -nP -C3 --type=ts --type=js 'search\s*:\s*[^,}]+' | head -20

# Look for undefined handling in query construction
ast-grep --pattern $'buildQueryString($_)'

# Check for any existing undefined filtering patterns
rg -nP 'undefined.*filter|filter.*undefined' --type=ts --type=js

Length of output: 2436

Filter out undefined search params before instantiating URLSearchParams
The URLSearchParams constructor stringifies undefined to "undefined", which will produce queries like ?param=undefined. In buildQueryString, add a step to remove undefined values before creating URLSearchParams:

 function buildQueryString({ search, ... }: FapiRequestInit): string {
-  const searchParams = new URLSearchParams(search as any);
+  const filteredSearch = Object.fromEntries(
+    Object.entries(search ?? {}).filter(([, v]) => v !== undefined)
+  );
+  const searchParams = new URLSearchParams(filteredSearch as any);
   // …recreate array values below…
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const searchParams = new URLSearchParams(search as any);
// the above will parse {key: ['val1','val2']} as key: 'val1,val2' and we need to recreate the array bellow
function buildQueryString({ search, ... }: FapiRequestInit): string {
const filteredSearch = Object.fromEntries(
Object.entries(search ?? {}).filter(([, v]) => v !== undefined)
);
const searchParams = new URLSearchParams(filteredSearch as any);
// the above will parse {key: ['val1','val2']} as key: 'val1,val2' and we need to recreate the array bellow
🤖 Prompt for AI Agents 
In packages/clerk-js/src/core/fapiClient.ts around lines 108-109, filter out
undefined values from the search object before creating URLSearchParams: iterate
keys of the search input, skip any key whose value is undefined, and for array
values create a new array with undefined entries removed (so arrays remain
arrays and not become "undefined" strings); then pass this cleaned object to new
URLSearchParams. Ensure you preserve non-array values and convert them to
strings only after removing undefined entries.


// Append supported FAPI version to the query string
Expand Down
Loading