Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
📝 WalkthroughWalkthroughThis PR introduces a feature flag to bypass plan-limit enforcement during rollout. A new environment variable ChangesPlan-Limits Enforcement Toggle
Estimated Code Review Effort🎯 2 (Simple) | ⏱️ ~12 minutes Possibly Related PRs
Suggested Reviewers
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
nams1570
force-pushed
the
disable-plan-billing-temporarily
branch
from
2229e64 to
fa7d0d2
Compare
Contributor
Greptile SummaryThis PR introduces a temporary kill-switch (
Confidence Score: 5/5Safe to merge — the flag defaults to enforcement-on and all nine enforcement sites are consistently guarded. The change is additive and conservative: No files require special attention. Important Files Changed
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[Request hits enforcement call site] --> B{billingTeamId != null?}
B -- No --> Z[Skip limit check]
B -- Yes --> C{arePlanLimitsEnforced?}
C -- No\nSTACK_DISABLE_PLAN_LIMITS=true --> Z
C -- Yes\ndefault / false / unset --> D[getItem / tryDecreaseQuantity]
D --> E{Quota available?}
E -- Yes --> F[Allow request]
E -- No --> G[Return 429 / throw KnownError]
Reviews (2): Last reviewed commit: "feat: set flag to disable billing" | Re-trigger Greptile |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Pull request overview
Adds an environment-flag gate to temporarily bypass Stack Auth’s server-side plan-limit enforcement, allowing production cutover while plan-limit deployment/migrations are stabilized.
Changes:
- Introduces
arePlanLimitsEnforced()(driven bySTACK_DISABLE_PLAN_LIMITS) to centralize enable/disable logic. - Wraps plan-limit enforcement/debit call sites (analytics events, session replays, email quota, auth-users soft cap, internal seat cap) with the flag check to avoid
getItem/capacity lookups when disabled. - Documents the flag in backend
.envtemplates and adds unit tests for the flag behavior.
Reviewed changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| apps/backend/src/lib/plan-entitlements.ts | Adds arePlanLimitsEnforced() helper and documentation for the new env flag. |
| apps/backend/src/lib/plan-entitlements.test.ts | Adds test coverage for arePlanLimitsEnforced() and env var parsing behavior. |
| apps/backend/src/lib/events.tsx | Skips analytics event quota debit when plan limits are disabled. |
| apps/backend/src/lib/email-queue-step.tsx | Skips monthly email quota debit when plan limits are disabled. |
| apps/backend/src/app/api/latest/users/crud.tsx | Skips auth_users soft-limit check when plan limits are disabled. |
| apps/backend/src/app/api/latest/team-invitations/accept/verification-code-handler.tsx | Skips internal dashboard-admins seat cap check when plan limits are disabled. |
| apps/backend/src/app/api/latest/team-invitations/[id]/accept/route.tsx | Skips internal dashboard-admins seat cap check when plan limits are disabled. |
| apps/backend/src/app/api/latest/session-replays/batch/route.tsx | Skips session replay quota debit when plan limits are disabled. |
| apps/backend/src/app/api/latest/internal/send-test-email/route.tsx | Avoids email quota debit/refund logic when plan limits are disabled. |
| apps/backend/src/app/api/latest/internal/analytics/query/route.ts | Skips entitlement-based timeout clamping when plan limits are disabled. |
| apps/backend/src/app/api/latest/analytics/events/batch/route.tsx | Skips analytics-events quota debit when plan limits are disabled. |
| apps/backend/.env.development | Adds the flag with a default of enforcing limits in local dev. |
| apps/backend/.env | Documents the flag in the env template. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
🧹 Nitpick comments (1)
apps/backend/src/app/api/latest/analytics/events/batch/route.tsx (1)
124-130: ⚡ Quick winAdd a
// TODOmarker so the temporary bypass isn't silently forgotten.The PR description explicitly frames
STACK_DISABLE_PLAN_LIMITSas a stopgap for deployment issues. Without any breadcrumb in the call sites (or inplan-entitlements.ts), there's no signal to re-enable enforcement after the underlying issue is resolved. A quota bypass left in production indefinitely would mean billing never fires.💡 Suggested marker (same pattern applies to the equivalent gates in the other changed files)
- if (billingTeamId != null && arePlanLimitsEnforced()) { + // TODO: remove arePlanLimitsEnforced() guard once plan-limit deployment issues are resolved + if (billingTeamId != null && arePlanLimitsEnforced()) {Based on learnings: the codebase convention is to annotate temporary shims with a
// TODO next-releasecomment (or an equivalent marker) so they surface at the right time rather than persisting silently.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@apps/backend/src/app/api/latest/analytics/events/batch/route.tsx` around lines 124 - 130, Add a TODO marker to make the temporary plan-limits bypass visible: locate the gating logic that uses arePlanLimitsEnforced() around billingTeamId and the events quota check (the block that calls app.getItem({ itemId: ITEM_IDS.analyticsEvents, teamId: billingTeamId }) and eventsItem.tryDecreaseQuantity(...)), and add a comment like "// TODO next-release: remove STACK_DISABLE_PLAN_LIMITS bypass and re-enable full plan enforcement; see plan-entitlements.ts" immediately above that block so it surfaces for future cleanup.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@apps/backend/src/app/api/latest/analytics/events/batch/route.tsx`:
- Around line 124-130: Add a TODO marker to make the temporary plan-limits
bypass visible: locate the gating logic that uses arePlanLimitsEnforced() around
billingTeamId and the events quota check (the block that calls app.getItem({
itemId: ITEM_IDS.analyticsEvents, teamId: billingTeamId }) and
eventsItem.tryDecreaseQuantity(...)), and add a comment like "// TODO
next-release: remove STACK_DISABLE_PLAN_LIMITS bypass and re-enable full plan
enforcement; see plan-entitlements.ts" immediately above that block so it
surfaces for future cleanup.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 4f254ddf-f3a5-46fd-9348-8ad706eb6db5
📒 Files selected for processing (13)
apps/backend/.envapps/backend/.env.developmentapps/backend/src/app/api/latest/analytics/events/batch/route.tsxapps/backend/src/app/api/latest/internal/analytics/query/route.tsapps/backend/src/app/api/latest/internal/send-test-email/route.tsxapps/backend/src/app/api/latest/session-replays/batch/route.tsxapps/backend/src/app/api/latest/team-invitations/[id]/accept/route.tsxapps/backend/src/app/api/latest/team-invitations/accept/verification-code-handler.tsxapps/backend/src/app/api/latest/users/crud.tsxapps/backend/src/lib/email-queue-step.tsxapps/backend/src/lib/events.tsxapps/backend/src/lib/plan-entitlements.test.tsapps/backend/src/lib/plan-entitlements.ts
Collaborator
Author
|
@greptileai rereview? getEnvVariable definition is not going to change |
N2D4
approved these changes
May 6, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Context
There are some kinks to work out with deploying plan limits onto prod, so we'd like to disable it temporarily.
Summary of Changes
We update all call sites of the item quantity things with a flag based check. Idea is when flag is set to true, it should function as if there are no limits.
Summary by CodeRabbit
Release Notes
New Features
Tests