Skip to content

refactor(push): make encryption/signing more robust #2619

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 7 commits into
base: master
Choose a base branch
from
Draft

refactor(push): make encryption/signing more robust #2619

wants to merge 7 commits into from

Conversation

@joshtrichards
Copy link
Member

@joshtrichards joshtrichards commented Nov 1, 2025

This PR improves how push notification signing errors are handled to prevent sending unsigned notifications (which clients would reject anyway) and ensures clear, consistent error management.

  • Signing problems are consistently checked and logged cleanly.
  • Longer subjects are truncated to fit cryptographic limits, and truncation is now logged (debug level).
  • Unit tests have been added for the new error handling logic.
  • Code has been refactored for greater consistency and clarity.

Note:

  • Adds a PushSigningException for signing failures; affected devices are skipped, not deleted.
  • Device tokens are still only deleted for encryption failures (invalid device public key).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nickvergessen nickvergessen Awaiting requested review from nickvergessen nickvergessen will be requested when the pull request is marked ready for review nickvergessen is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@joshtrichards