feat(cloud-shared): rebrand-ready agent base domain config (waifu.fun → elizacloud.ai prep)#7896
feat(cloud-shared): rebrand-ready agent base domain config (waifu.fun → elizacloud.ai prep)#7896standujar wants to merge 3 commits into
Conversation
Three coordinated changes prepare the cloud-shared layer for the
in-flight rebrand from waifu.fun / milady.ai / shad0w.xyz to
elizacloud.ai, all gated on env vars so the runtime impact is zero
until ELIZA_CLOUD_AGENT_BASE_DOMAIN flips in deployment env:
1. `DOMAIN_ALIAS_GROUPS` extended from the original
[waifu.fun, eliza.ai] pair to the full 5-domain group
[waifu.fun, eliza.ai, elizacloud.ai, milady.ai, shad0w.xyz]. The
pairing-token CORS Origin check now tries every alternate, so a
token issued against `<uuid>.waifu.fun` validates when the user
reaches `<uuid>.elizacloud.ai` (or any other group member).
The alias resolver is extracted into a standalone pure module
`pairing-token-domains.ts` so it can be unit-tested without
dragging in the Postgres repository import chain. The DB-bound
service in `pairing-token.ts` re-exports the same names for back
compat with existing callers.
2. `DEFAULT_AGENT_BASE_DOMAIN` in `eliza-agent-web-ui.ts` flips
from "waifu.fun" to "elizacloud.ai" so a fresh deploy without
`ELIZA_CLOUD_AGENT_BASE_DOMAIN` set picks the rebrand brand by
default. Existing deployments override via the env var (currently
set to "milady.ai" on the prod manager VM) — unchanged.
3. Stale comment `Public URL: https://{agentId}.waifu.fun/...` in
eliza-sandbox.ts replaced with the env-var-templated equivalent so
the comment ages with the deployment, not against it.
Tests: 8 sociable specs in `pairing-token.test.ts` cover the alias
matrix (suffix anchoring, UUID prefix preservation, port round-trip,
unparseable input, group membership guarantee). bun test 8/8 pass.
|
Important Review skippedAuto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Claude encountered an error —— View job I'll analyze this and get back to you. |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
| altUrl.hostname = url.hostname.replace( | ||
| new RegExp(`${matched.replaceAll(".", "\\.")}$`), | ||
| candidate, | ||
| ); |
There was a problem hiding this comment.
matched.replaceAll(".", "\\.") only escapes dots. If a future domain suffix ever contains other regex metacharacters (e.g. +, *, (, )), they will be interpreted as regex operators rather than literal characters, silently producing a wrong hostname. Additionally, candidate is passed directly as the replacement string to String.prototype.replace(), where $&, $', and $n have special meaning — a domain suffix containing $ would corrupt the output. Current domains are safe, but a small escapeRegExp / escapeReplacement guard would make this maintainable as the alias group grows.
…s group
Audit of agent_pairing_tokens (90d) and agent_sandboxes.bridge_url
shows 0 prod rows under .milady.ai or .shad0w.xyz. Both were 0xSolace-
era domains:
- .milady.ai resolves to GitHub Pages (static front, never served
sandbox HTTP infra)
- .shad0w.xyz was a personal-handle dev convenience
Keeping them in the alias group would silently keep "0 legacy" from
being true. Drop both. Old bookmarks under those domains now fail
Origin validation, which is the intended outcome.
The remaining group is the three Eliza brands [waifu.fun, eliza.ai,
elizacloud.ai]. .elizacloud.ai is the post-2026-05 canonical; the
others ride along during the rebrand grace period.
Five parallel agents (Slop, Types, Dead Code, Defensive, Tests) audited the rebrand-ready domain config. Changes that landed: - Removed dead re-export of `DOMAIN_ALIAS_GROUPS`/`getAlternateDomainOrigins` from `pairing-token.ts` (Agent 1). The test + caller both import directly from the pure module, so the re-export was slop. - Simplified the inner-loop URL construction in `pairing-token-domains.ts` (Agent 4): `new URL(url.toString())` collapses to `new URL(url)`, and the per-iteration RegExp allocation is replaced with a constant-time slice now that the matched suffix length is known. - Added two test cases (Agents 4 + 5): an uppercase-hostname input (verifies WHATWG URL parser lowercasing makes `endsWith` work) and a subdomain-depth input (`a.b.c.waifu.fun`) to lock in the slice-based algorithm's prefix preservation. - Tightened a weak assertion (`toBeGreaterThan(0)` → `toHaveLength(2)`) in the port-preservation test. All decisions explicitly kept the alias mechanism's surface area — the extraction of `pairing-token-domains.ts`, the `try/catch` for unparseable input, the readonly group shape, and the outer-loop over groups all justified by Agents 2-5 audits. Tests: 11 pass / 33 expect() calls (was 9/31).
|
Claude encountered an error —— View job I'll analyze this and get back to you. |
SummaryPrepare the cloud-shared layer for the rebrand from Changes
Tests8 sociable specs in
What this PR does NOT do
Verification
Greptile SummaryThis PR prepares
Confidence Score: 5/5Safe to merge — the changes are purely additive during the grace period, and the env-var guard means no live deployment is affected until ops explicitly flips the variable. The alias-group extraction is well-tested (8 targeted specs), the fallback loop short-circuits correctly, and the default-domain flip has zero runtime impact until the deployment env var changes. No auth bypass, no data mutation, no migration. No files require special attention. The one inconsistency worth a quick look is whether the PR description's claim about the alias group matches team intent — the code and tests tell a clear story, but the description says something different. Important Files Changed
Sequence DiagramsequenceDiagram
participant Client as Browser (Origin: uuid.elizacloud.ai)
participant Service as PairingTokenService
participant Domains as getAlternateDomainOrigins
participant DB as agentPairingTokensRepository
Client->>Service: validateToken(token, "https://uuid.elizacloud.ai")
Service->>DB: consumeValidToken(hash, "https://uuid.elizacloud.ai")
DB-->>Service: null (token stored with waifu.fun origin)
Service->>Domains: getAlternateDomainOrigins("https://uuid.elizacloud.ai")
Domains-->>Service: ["https://uuid.waifu.fun", "https://uuid.eliza.ai"]
loop For each alternate origin
Service->>DB: consumeValidToken(hash, "https://uuid.waifu.fun")
DB-->>Service: PairingTokenRow (match found)
Note over Service: break - token consumed
end
Service-->>Client: PairingToken
|
1 participant
Summary
Prepare the cloud-shared layer for the rebrand from
waifu.fun/milady.ai/shad0w.xyztoelizacloud.ai. Runtime impact: zero untilELIZA_CLOUD_AGENT_BASE_DOMAINflips in deployment env. This PR is one of several coordinated commits that ship the rebrand without breaking existing sandbox URLs.Changes
DOMAIN_ALIAS_GROUPSextended from the original[waifu.fun, eliza.ai]pair to the full 5-domain group:The pairing-token CORS Origin validator now tries every alternate, so a token issued against
<uuid>.waifu.funvalidates when the user reaches<uuid>.elizacloud.ai(or any other group member). Without this, the rebrand would break in-flight pair handshakes.Pure module extraction:
getAlternateDomainOrigins()+ theDOMAIN_ALIAS_GROUPSconstant move into a new filepairing-token-domains.tsso the alias logic is unit-testable without dragging the Postgres repository import chain. The DB-boundPairingTokenServiceinpairing-token.tsre-exports the same names for back-compat with existing callers.DEFAULT_AGENT_BASE_DOMAINineliza-agent-web-ui.tsflips from"waifu.fun"to"elizacloud.ai". A fresh deploy withoutELIZA_CLOUD_AGENT_BASE_DOMAINset picks the rebrand brand by default. Existing deployments override via env var (currently"milady.ai"on the prod manager VM) and stay unchanged.Stale comment fix in
eliza-sandbox.ts:2190: replaced// Public URL: https://{agentId}.waifu.fun/...with the env-var-templated equivalent so the comment ages with the deployment.Tests
8 sociable specs in
pairing-token.test.ts:abc.notwaifu.fundoes NOT alias)[]DOMAIN_ALIAS_GROUPSdeclares.elizacloud.ai(the rebrand-target guarantee)bun test packages/cloud-shared/src/lib/services/pairing-token.test.ts→ 8/8 pass.What this PR does NOT do
ELIZA_CLOUD_AGENT_BASE_DOMAIN=elizacloud.aiin deployed env — that's an ops action, separate from codeagent_sandboxesrows (theirbridge_urluses direct IPs, not affected by DNS).waifu.fun/.milady.ai/.shad0w.xyzfrom the alias group — they stay during the grace period so existing pair tokens validateVerification
bun test packages/cloud-shared/src/lib/services/pairing-token.test.tsbunx tsc --noEmitonpackages/cloud-shared(clean, only pre-existing core/shared @elizaos/contracts noise)bunx @biomejs/biome checkon touched files (clean)ELIZA_CLOUD_AGENT_BASE_DOMAIN=elizacloud.aion the prod manager VM.env.localand restart the daemons (ops, not in this PR)Greptile Summary
This PR prepares
cloud-sharedfor thewaifu.fun→elizacloud.airebrand by expanding the CORS domain alias group from 2 to 5 entries and extracting the alias logic into a standalone, testable module.pairing-token-domains.ts(new): pure module holdingDOMAIN_ALIAS_GROUPS(5-domain group) andgetAlternateDomainOrigins(), unit-tested by the accompanying 8-spec suite;pairing-token.tsre-exports both names for backward compat.eliza-agent-web-ui.ts: default domain flips toelizacloud.ai; deployments withELIZA_CLOUD_AGENT_BASE_DOMAINset are unaffected.eliza-sandbox.ts: stale hardcodedwaifu.funcomment replaced with the env-var template.Confidence Score: 4/5
Safe to merge; changes are additive and gated behind an env-var flip that has not yet happened in production.
The core rebrand logic is correct and well-tested. The two findings are minor:
hashTokenis recomputed redundantly on each loop iteration rather than cached, and the regex/replacement construction ingetAlternateDomainOriginsonly escapes dots, leaving a latent trap if a domain with other metacharacters or a$is ever added. Neither affects current runtime behavior.pairing-token-domains.ts and pairing-token.ts carry the new alias logic and are worth a second look for the points above.
Important Files Changed
hashTokenis recomputed on every loop iteration instead of being cached before the first call.waifu.funtoelizacloud.ai; env-var override path is unchanged so existing deployments are unaffected.waifu.funreference with the env-var template; no logic change.Flowchart
%%{init: {'theme': 'neutral'}}%% flowchart TD A["validateToken(token, origin)"] --> B["normalizeOrigin(origin)"] B --> C["hashToken(token)"] C --> D["consumeValidToken(hash, normalizedOrigin)"] D -->|row found| E["return PairingToken"] D -->|null| F["getAlternateDomainOrigins(normalizedOrigin)"] F --> G["DOMAIN_ALIAS_GROUPS\n[.waifu.fun, .eliza.ai, .elizacloud.ai,\n .milady.ai, .shad0w.xyz]"] G --> H{"loop alternates"} H --> I["consumeValidToken(hash, alternateOrigin)\n← hash re-computed each iteration"] I -->|row found| E I -->|null| H H -->|exhausted| J["return null"]Comments Outside Diff (1)
packages/cloud-shared/src/lib/services/pairing-token.ts, line 89-108 (link)hashTokenis an async SHA-256 digest, and the result is identical on every call for the sametoken. Currently it is awaited once for the exact-origin check and then re-awaited on every iteration of the alternates loop (up to 4 more times). Computing it once and reusing the result avoids redundant crypto work on every miss.Reviews (1): Last reviewed commit: "feat(cloud-shared): rebrand-ready agent ..." | Re-trigger Greptile