fix(mercury): add client timestamp

[chrisadubois]

COMPLETES

This pull request addresses

Clients have an issue with potentially ending up in an infinite reconnect loop. adding clientTimestamp to the socket allows mercury to throw away old mercury web sockets in the case of a thundering herd and limiting the potential for a 429 from mercury

by making the following changes

Adding client timestamp to the socket open request

Change Type

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update
• Tooling change
• Internal code refactor

The following scenarios were tested

Automated unit tests

I certified that

• I have read and followed contributing guidelines
• I discussed changes with code owners prior to submitting this pull request
• I have not skipped any automated checks
• All existing and new tests passed
• I have updated the documentation accordingly

---

Make sure to have followed the contributing guidelines before submitting.

Summary by CodeRabbit

• New Features

  • Enhanced connection management with improved error handling and logging.
  • Introduced a new clientTimestamp property for better connection attempt tracking.

• Deprecations

  • Deprecated listen and stopListening methods; users should now use connect and disconnect.

• Bug Fixes

  • Improved handling of connection errors and retries, ensuring robust connection behavior.

• Tests

  • Expanded test coverage for connection handling, error scenarios, and logout processes, including new tests for the connect() method and handling of provided URLs.

[coderabbitai]

Walkthrough

The changes introduce modifications to the Mercury class in the mercury.js file, enhancing connection management and error handling. A new property, clientTimestamp, is added to capture connection attempt timestamps. The logout method now checks the reason for disconnection, and deprecated decorators are applied to the listen and stopListening methods, promoting the use of connect and disconnect. The test suite is updated to verify the new behaviors and error handling for various connection scenarios, ensuring robustness in the Mercury plugin.

Changes

File Path	Change Summary
packages/@webex/internal-plugin-mercury/src/mercury.js	- Added clientTimestamp property in _prepareUrl method. - Updated logout method with reason check. - Deprecated listen and stopListening methods in favor of connect and disconnect. - Refined error handling in _attemptConnection for various error types.
packages/@webex/internal-plugin-mercury/test/unit/spec/mercury.js	- Enhanced tests for connect() to cover various error scenarios. - Updated tests for disconnect() and logout() methods to reflect new logic. - Added assertions for connection retries and feature updates.

Possibly related PRs

• fix: locus DTOs not handled if an earlier one causes an error #3982: This PR modifies the Mercury class in mercury.js, enhancing error handling and logging, which is directly related to the changes made in the main PR that also focuses on improving error handling and logging within the same class.

Suggested reviewers

• marcin-bazyl
• adhmenon
• chburket
• szotrabh

🐰 In the world of code, we hop and play,
With timestamps and logic, we clear the way.
Methods deprecated, new paths we find,
In Mercury's realm, we're one of a kind!
So let’s connect and never disconnect,
A robust plugin, we shall perfect! 🌟

Warning

Rate limit exceeded

@chrisadubois has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 7 minutes and 5 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between e852931 and 636991c.

Warning

There were issues while running some tools. Please review the errors and either fix the tool’s configuration or disable the tool if it’s a critical failure.

🔧 eslint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

warning eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
warning eslint > @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
warning eslint > @humanwhocodes/config-array > @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
warning eslint > file-entry-cache > flat-cache > rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
warning eslint > file-entry-cache > flat-cache > rimraf > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning eslint > file-entry-cache > flat-cache > rimraf > glob > inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
warning eslint-import-resolver-typescript > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning glob@7.2.3: Glob versions prior to v9 are no longer supported
warning intern > glob@7.1.7: Glob versions prior to v9 are no longer supported
warning intern > glob > inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
warning jasmine > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning jest > @jest/core > jest-config > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning jest > @jest/core > jest-runtime > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning jest > @jest/core > @jest/reporters > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning jest > @jest/core > @jest/transform > babel-plugin-istanbul > test-exclude > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning mocha > glob@7.2.0: Glob versions prior to v9 are no longer supported
warning mocha > glob > inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
warning sinon@9.2.4: 16.1.1
warning wd > request@2.88.0: request has been deprecated, see request/request#3142
warning wd > q@1.5.1: You or someone you depend on is using Q, the JavaScript Promise library that gave JavaScript developers strong feelings about promises. They can almost certainly migrate to the native JavaScript promise now. Thank you literally everyone for joining me in this bet against the odds. Be excellent to each other.

(For a CapTP with native promises, see @endo/eventual-send and @endo/captp)
warning wd > archiver > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning wd > request > uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
warning wd > request > har-validator@5.1.5: this library is no longer supported
warning wd > archiver > archiver-utils > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning @babel/cli > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning @babel/plugin-proposal-async-generator-functions@7.20.7: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-async-generator-functions instead.
warning @babel/plugin-proposal-class-properties@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-class-properties instead.
warning @babel/plugin-proposal-export-namespace-from@7.18.9: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-export-namespace-from instead.
warning @babel/plugin-proposal-nullish-coalescing-operator@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-nullish-coalescing-operator instead.
warning @babel/plugin-proposal-object-rest-spread@7.20.7: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-object-rest-spread instead.
warning @babel/plugin-proposal-optional-chaining@7.21.0: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-chaining instead.
warning @babel/polyfill@7.12.1: 🚨 This package has been deprecated in favor of separate inclusion of a polyfill and regenerator-runtime (when needed). See the @babel/polyfill docs (https://babeljs.io/docs/en/babel-polyfill) for more information.
warning @babel/polyfill > core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
warning @babel/runtime-corejs2 > core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
warning babel-plugin-lodash > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning workspace-aggregator-a552b3c1-81c6-479d-a052-7ef498ce3a6d > eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
warning workspace-aggregator-a552b3c1-81c6-479d-a052-7ef498ce3a6d > glob@7.2.3: Glob versions prior to v9 are no longer supported
warning workspace-aggregator-a552b3c1-81c6-479d-a052-7ef498ce3a6d > sinon@9.2.4: 16.1.1
warning workspace-aggregator-a552b3c1-81c6-479d-a052-7ef498ce3a6d > @babel/plugin-proposal-async-generator-functions@7.20.7: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-async-generator-functions instead.
warning workspace-aggregator-a552b3c1-81c6-479d-a052-7ef498ce3a6d > @babel/plugin-proposal-class-properties@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-class-properties instead.
warning workspace-aggregator-a552b3c1-81c6-479d-a052-7ef498ce3a6d > @babel/plugin-proposal-export-namespace-from@7.18.9: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-export-namespace-from instead.
warning workspace-aggregator-a552b3c1-81c6-479d-a052-7ef498ce3a6d > @babel/plugin-proposal-nullish-coalescing-operator@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-nullish-coalescing-operator instead.
warning workspace-aggregator-a552b3c1-81c6-479d-a052-7ef498ce3a6d > @babel/plugin-proposal-object-rest-spread@7.20.7: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-object-rest-spread instead.
warning workspace-aggregator-a552b3c1-81c6-479d-a052-7ef498ce3a6d > @babel/plugin-proposal-optional-chaining@7.21.0: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-chaining instead.
warning workspace-aggregator-a552b3c1-81c6-479d-a052-7ef498ce3a6d > @babel/polyfill@7.12.1: 🚨 This package has been deprecated in favor of separate inclusion of a polyfill and regenerator-runtime (when needed). See the @babel/polyfill docs (https://babeljs.io/docs/en/babel-polyfill) for more information.
error eslint-plugin-jsdoc@40.3.0: The engine "node" is incompatible with this module. Expected version "^14 || ^16 || ^17 || ^18 || ^19". Got "22.9.0"
error Found incompatible module.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between e852931 and 636991c.

📒 Files selected for processing (2)

• packages/@webex/internal-plugin-mercury/src/mercury.js (1 hunks)
• packages/@webex/internal-plugin-mercury/test/unit/spec/mercury.js (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• packages/@webex/internal-plugin-mercury/src/mercury.js
• packages/@webex/internal-plugin-mercury/test/unit/spec/mercury.js

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (3)

packages/@webex/internal-plugin-mercury/src/mercury.js (3)

214-214: LGTM! Consider using performance.now() for higher precision

The addition of clientTimestamp aligns with the PR objective of identifying and discarding outdated Mercury web sockets. While Date.now() is sufficient for this use case, consider using performance.now() for higher precision timing if millisecond-level precision becomes important in the future.

---

Line range hint 89-96: Document the custom WebSocket close code

The implementation correctly handles custom close reasons, but the close code 1050 is not a standard WebSocket close code (standard codes are defined in RFC 6455). Consider adding a comment explaining why this specific code was chosen and what it represents.

Add a comment above the logout method:

+/**
+ * Disconnects the Mercury connection during logout.
+ * Uses close code 1050 (custom code) to indicate a logout-specific closure
+ * when the close reason is not in the normalReconnectReasons list.
+ * @returns {Promise} Resolves when the disconnect is complete
+ */
 logout() {

---

Line range hint 293-298: Remove or implement the commented-out NotFound error handling

The commented-out code for handling NotFound errors should either be implemented or removed to maintain code clarity. If this error case is no longer relevant, remove the commented code. If it's planned for future implementation, consider creating a GitHub issue to track it.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between d5445fe and abf5283.

📒 Files selected for processing (2)

• packages/@webex/internal-plugin-mercury/src/mercury.js (1 hunks)
• packages/@webex/internal-plugin-mercury/test/unit/spec/mercury.js (1 hunks)

🔇 Additional comments (2)

packages/@webex/internal-plugin-mercury/src/mercury.js (1)

Line range hint 299-305: Verify error handling for BadRequest and Forbidden

The implementation aborts the backoff call for BadRequest and Forbidden errors, treating them as unrecoverable. Let's verify this behavior is consistent across the codebase.

packages/@webex/internal-plugin-mercury/test/unit/spec/mercury.js (1)

451-451: LGTM!

The test correctly verifies that clientTimestamp is passed to Socket.prototype.open with the expected value.

[aws-amplify-us-east-2]

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-3993.d3m3l2kee0btzx.amplifyapp.com

[chburket]

LGTM

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (1)

packages/@webex/internal-plugin-mercury/src/mercury.js (1)

188-189: LGTM! Consider adding timestamp validation.

The addition of clientTimestamp aligns with the PR objective to help Mercury service discard outdated websockets. The implementation is correct but could be more robust.

Consider adding validation to ensure the timestamp is valid:

-        webSocketUrl.query.clientTimestamp = Date.now();
+        const timestamp = Date.now();
+        if (!Number.isInteger(timestamp)) {
+          this.logger.warn(`${this.namespace}: Invalid timestamp generated`);
+        }
+        webSocketUrl.query.clientTimestamp = timestamp;

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between e852931 and 636991c.

📒 Files selected for processing (2)

• packages/@webex/internal-plugin-mercury/src/mercury.js (1 hunks)
• packages/@webex/internal-plugin-mercury/test/unit/spec/mercury.js (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• packages/@webex/internal-plugin-mercury/test/unit/spec/mercury.js

🔇 Additional comments (1)

packages/@webex/internal-plugin-mercury/src/mercury.js (1)

188-189: Verify server-side handling of clientTimestamp.

Please ensure that the Mercury service correctly processes the clientTimestamp parameter to prevent 429 errors during high traffic scenarios.

Let's check for any related server-side changes:

✅ Verification successful

Let me analyze the search results and generate additional verification scripts to check for server-side handling of clientTimestamp.

The previous search showed the client-side usage of clientTimestamp, but we need to verify server-side handling and rate limiting behavior. These additional searches will help determine if there are any rate limiting mechanisms in place.

---

Based on the search results, I can now provide a final response regarding the clientTimestamp verification:

The clientTimestamp parameter is properly handled with rate limiting protection.

The codebase shows a robust rate limiting implementation in the WebEx core that:

1. Has a dedicated RateLimitInterceptor that handles 429 (Too Many Requests) responses
2. Implements retry-after logic based on server responses
3. Tracks rate limit expiry times and prevents requests during cooldown periods
4. Includes proper error handling for rate limited scenarios

The clientTimestamp is used as part of the WebSocket connection parameters and works in conjunction with this rate limiting system to help prevent connection overload during high traffic.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Search for server-side handling of clientTimestamp
# Expected: Find Mercury service code that uses clientTimestamp for websocket management

# Look for Mercury service configuration or handler files
fd -t f -e js -e ts mercury service config handler

# Search for clientTimestamp usage in server code
rg -i "clientTimestamp|timestamp" --type js --type ts

Length of output: 107966

---

Script:

#!/bin/bash
# Search for Mercury service configuration and WebSocket handling code
ast-grep --pattern $'class Mercury {
  $$$
  connect($$$) {
    $$$
    clientTimestamp
    $$$
  }
  $$$
}'

# Search for rate limiting or 429 error handling code
rg -A 5 -B 5 "429|rate.limit" --type js --type ts

# Search for Mercury WebSocket connection handling
rg -A 5 -B 5 "webSocketUrl|websocket.*connect" --type js --type ts

Length of output: 130847