gb_flea/paperclip
1
0
Fork 0
forked from farhoodlabs/paperclip
Code Pull Requests Activity

fix(skills): delete secret row when PAT is cleared via updateSkillAuth

Browse Source 
When updateSkillAuth(null) is called, the underlying secret row was
left orphaned. Now deletes the secret via secretsSvc.remove() before
clearing sourceAuthSecretId from metadata.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Chris Farhood
2026-04-10 17:31:36 -04:00
parent ec4e94a6e7
commit edc77da082
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/src/services/company-skills.ts
+8 -2
View File
@@ -2445,9 +2445,15 @@ export function companySkillService(db: Db) {
}
meta.sourceAuthSecretId = secretId;
} else {
// Clear the PAT
// Clear the PAT — delete the secret row to avoid orphaned secrets
if (existingSecretId) {
try {
await secretsSvc.remove(existingSecretId);
} catch {
// Best-effort: don't fail the metadata update if secret deletion fails
}
}
delete meta.sourceAuthSecretId;
// Note: we don't delete the secret itself — it may be referenced in audit logs
}
const [updated] = await db