fix(rivetkit): keep internal error exposure behavior consistent

[NathanFlurry]

Description

Please include a summary of the changes and the related issue. Please also include relevant motivation and context.

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes.

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes

[NathanFlurry]

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

• chore(rivetkit): remove inline tests #4668
• fix(guard): serialize gateway actor keys correctly #4655
• fix(api): subscribe before namespace workflow dispatch #4654
• fix(rivetkit): restore hibernatable sockets and hydrate serverless starts #4658
• fix(rivetkit-native): expose full hibernation metadata to JS #4657
• fix(pegboard): persist and replay hibernating requests #4656
• fix(rivetkit): keep internal error exposure behavior consistent #4661 👈 (View in Graphite)
• test(rivetkit): stabilize actor db driver tests #4664
• fix(test): stabilize lifecycle, sleep, queue, and run edge cases #4660 : 1 other dependent PR (#4665 )
• test(rivetkit): re-enable gateway URL and direct-registry coverage #4659
• fix(rivetkit): add lifecycle error retry and gateway HTTP routing #4666
• chore(engine): publish engine bases in ci #4649 : 2 other dependent PRs (#4650 , #4652 )
• chore: lockfile lefthook #4647
• fix(rivetkit): surface native sqlite kv errors to callers #4645
• fix(rivetkit): prevent sleep races during disconnect and db work #4644
• fix(rivetkit): isolate engine envoys and propagate startup failures #4643
• test(rivetkit): remove wasm sqlite-only fixtures and coverage #4642
• chore(sqlite-vfs): remove wasm sqlite packages and workspace wiring #4641
• chore(rivetkit): remove wasm sqlite runtime #4614
• fix(sqlite-native): restore native startup kv preload #4639
• fix(sqlite-native): delete metadata before chunk range #4638
• fix(sqlite-native): keep truncate cache coherent #4637
• fix(sqlite-vfs): use delete range for truncate cleanup #4636
• fix(sqlite-native): restore kv error hook #4635
• perf(sqlite-native): avoid cloning cached read chunks #4634
• perf(sqlite-native): gate kv operation labels #4633
• perf(sqlite-native): reuse read cache for partial writes #4632
• perf(sqlite-native): remove delete file existence probe #4631
• fix(sqlite-native): gate native read cache behind env var #4630
• fix(pegboard): isolate runner config dc lookup failures #4625 : 1 other dependent PR (#4626 )
• docs(pegboard): note runner config upsert split write risk #4624
• fix(pegboard): unpack global runner config keys correctly #4623
• fix(pegboard-gateway): enforce tunnel message state #4622
• fix(pegboard-runner): clear terminal tunnel routes #4621
• fix(pegboard): skip protocol version keys in runner pool backfill #4620
• fix(pegboard): create missing normal runner configs #4619
• fix(epoxy): reuse cached optimistic value #4618
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[claude]

Code Review: fix(rivetkit): keep internal error exposure behavior consistent

Overview

This PR removes the NODE_ENV=development shortcut from getRequestExposeInternalError in two files, making RIVET_EXPOSE_ERRORS=1 the sole mechanism for exposing internal errors to clients. It also fixes a bug where the isolate sandbox unconditionally forwarded RIVET_EXPOSE_ERRORS=1 to child processes, now only forwarding the env var when explicitly set in the parent.

---

What the PR Does Well

• Correct security fix. Unconditionally injecting RIVET_EXPOSE_ERRORS=1 into every isolate sandbox process was a real information-disclosure bug: internal error details would always leak to sandboxed actors regardless of operator intent. The new conditional spread is the right fix.
• Consistent with the rest of the env-forwarding block. RIVETKIT_TEST_DOCKER_HELPER_URL forwarding immediately below already uses the same conditional-spread pattern, so this change brings RIVET_EXPOSE_ERRORS into line.
• Docstring updated. The JSDoc on getRequestExposeInternalError is updated to match the new behavior.

---

Issues

1. Incomplete fix: old.ts still checks NODE_ENV=development

File: rivetkit-typescript/packages/rivetkit/src/actor/protocol/old.ts:303-304

This file was not updated, so the behavior is still inconsistent. In the legacy protocol path, internal errors are still exposed whenever NODE_ENV=development, even after this PR. If the goal is consistent behavior, this call site needs the same treatment.

2. Conditional spread copies the raw env value, not normalised "1"

getRequestExposeInternalError only returns true when the value is exactly "1". If an operator sets RIVET_EXPOSE_ERRORS=true (or any other truthy string), the value is forwarded into the sandbox but the check inside the sandbox evaluates to false. This could cause the parent and child processes to disagree on whether errors are exposed.

Consider normalising to "1" when forwarding: ...(process.env.RIVET_EXPOSE_ERRORS ? { RIVET_EXPOSE_ERRORS: "1" } : {})

3. Breaking change for local development workflows

Removing the NODE_ENV=development shortcut means developers who relied on automatic error detail exposure in local dev environments now need to explicitly set RIVET_EXPOSE_ERRORS=1. This is a reasonable tradeoff for security consistency, but the PR description does not document this as a behaviour change and no docs update is present.

---

Summary

Issue	Severity
old.ts still has the NODE_ENV check, making the fix incomplete	Medium
Raw env value forwarded to sandbox instead of normalised "1"	Low
Breaking DX change not documented	Low

The core security fix (removing the unconditional RIVET_EXPOSE_ERRORS=1 injection into the sandbox) is correct and well-structured. The main outstanding item before merging is updating old.ts to match, otherwise the stated goal of consistent behavior is not fully achieved.