Conversation
|
🧪 Testing To try out this version of the SDK: Expires at: Mon, 06 Apr 2026 15:51:03 GMT |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| if (!(timeoutMillis && 0 <= timeoutMillis && timeoutMillis < 60 * 1000)) { | ||
| // If the API asks us to wait a certain amount of time, just do what it | ||
| // says, but otherwise calculate a default | ||
| if (timeoutMillis === undefined) { |
There was a problem hiding this comment.
Missing validation allows NaN/negative retry timeouts
Medium Severity
The old guard !(timeoutMillis && 0 <= timeoutMillis && timeoutMillis < 60 * 1000) validated that timeoutMillis was a positive, finite, reasonable number. The new check timeoutMillis === undefined only catches the undefined case. When Date.parse(retryAfterHeader) fails on an invalid date string, timeoutMillis becomes NaN (since NaN - Date.now() is NaN). Since NaN !== undefined, the fallback is skipped and sleep(NaN) is called, which resolves immediately via setTimeout(resolve, NaN). Similarly, a past-date retry-after header produces a negative timeoutMillis, also resolving immediately. Both cases bypass exponential backoff entirely, risking a retry storm against an already-struggling server.
stainless-app
bot
force-pushed
the
release-please--branches--main--changes--next--components--sdk
branch
from
c4a7e8c to
b883f9e
Compare
stainless-app
bot
force-pushed
the
release-please--branches--main--changes--next--components--sdk
branch
from
b883f9e to
293d9e1
Compare
stainless-app
bot
force-pushed
the
release-please--branches--main--changes--next--components--sdk
branch
from
293d9e1 to
21eb629
Compare
Automated Release PR
0.42.2 (2026-03-07)
Full Changelog: v0.42.1...v0.42.2
Bug Fixes
Chores
This pull request is managed by Stainless's GitHub App.
The semver version number is based on included commit messages. Alternatively, you can manually set the version number in the title of this pull request.
For a better experience, it is recommended to use either rebase-merge or squash-merge when merging this pull request.
🔗 Stainless website
📚 Read the docs
🙋 Reach out for help or questions
Note
Medium Risk
Modifies core client request behavior (URL query merging and retry delay handling), which could affect request routing/caching and backoff timing in production. Other changes are routine release/CI tweaks and test fixture text updates.
Overview
Bumps the SDK to v0.42.2 (manifest/package/version/changelog updates).
Fixes
Kernel.buildURL()to preserve query parameters already present in the provided path by mergingurl.searchParamswithdefaultQueryand per-callquery.Tweaks retry behavior to always honor server-provided
Retry-After/retry-after-msdelays (no longer falling back when the delay is “too long”), and updates CI to skip OIDC/artifact uploads onstl/*branches; test fixtures switch placeholder upload data toExample data.Written by Cursor Bugbot for commit 21eb629. This will update automatically on new commits. Configure here.