From fabe22089d0a31282966f49a918294ec9afd2840 Mon Sep 17 00:00:00 2001 From: Donovan Watts Date: Sat, 9 May 2026 10:49:43 -0600 Subject: [PATCH] fix(api): allow empty name in public resume output schema (#3012) The redactResumeForViewer helper intentionally blanks the dashboard title for non-owner viewers (the title can leak owner-only context like "Senior Eng @ Foo - final draft"), but the getBySlug output schema inherits name.min(1) from resumeSchema. Zod rejects the redacted payload, oRPC throws Output validation failed, and every public resume URL returns HTTP 500. Relax the constraint to z.string() on the getBySlug output only - ownership-gated procedures (getById, update, patch, list, ...) keep min(1). Fixes #3011 Co-authored-by: Amruth Pillai --- packages/api/src/dto/resume.ts | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/packages/api/src/dto/resume.ts b/packages/api/src/dto/resume.ts index ff584a613..320e3e32d 100644 --- a/packages/api/src/dto/resume.ts +++ b/packages/api/src/dto/resume.ts @@ -39,7 +39,13 @@ export const resumeDto = { getBySlug: { input: z.object({ username: z.string(), slug: z.string() }), - output: resumeSchema.omit({ password: true, userId: true, createdAt: true, updatedAt: true }), + // `name` is the owner-chosen dashboard title and is intentionally redacted + // to an empty string for non-owner viewers (see redactResumeForViewer in + // helpers/resume-access-policy.ts). Relax the `min(1)` constraint here so + // the redacted public response passes output validation. + output: resumeSchema + .omit({ name: true, password: true, userId: true, createdAt: true, updatedAt: true }) + .extend({ name: z.string() }), }, create: {