refactor(remote-config): Disable /v1/config for the session on a 4xx response#3700
Merged
Conversation
7c29eff to
e96009b
Compare
760450f to
54e2307
Compare
Contributor
Author
Contributor
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit e96009b. Configure here.
e96009b to
5659295
Compare
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #3700 +/- ##
==========================================
+ Coverage 80.55% 80.58% +0.02%
==========================================
Files 395 395
Lines 16300 16316 +16
Branches 2318 2322 +4
==========================================
+ Hits 13131 13148 +17
Misses 2243 2243
+ Partials 926 925 -1 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
Base automatically changed from
phase_6_rearm_blob_sources_when_exhausted
to
main
July 2, 2026 16:33
vegaro
added a commit
that referenced
this pull request
Jul 3, 2026
…orkflow path RemoteConfigManager.isUnavailable (the /v1/config 4xx session kill switch from #3700) had no consumers. Expose it through the orchestrator and an @InternalRevenueCatAPI property on Purchases (getter @JvmSynthetic-hidden from the Java surface, like the sibling workflow functions), surface it on the ui module's PurchasesType, and read it in PaywallViewModel at fetch time: when the endpoint is session-disabled and the offering carries a renderable fallback, render the offerings-provided paywall directly instead of attempting the doomed workflow fetch. With no fallback to render, the fetch is still attempted — a previously-committed workflow can still serve from the local config cache, which beats erroring without trying. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
5659295 to
8cfe71a
Compare
rickvdl
approved these changes
Jul 3, 2026
vegaro
added a commit
that referenced
this pull request
Jul 3, 2026
…orkflow path RemoteConfigManager.isUnavailable (the /v1/config 4xx session kill switch from #3700) had no consumers. Expose it through the orchestrator and an @InternalRevenueCatAPI property on Purchases (getter @JvmSynthetic-hidden from the Java surface, like the sibling workflow functions), surface it on the ui module's PurchasesType, and read it in PaywallViewModel at fetch time: when the endpoint is session-disabled and the offering carries a renderable fallback, render the offerings-provided paywall directly instead of attempting the doomed workflow fetch. With no fallback to render, the fetch is still attempted — a previously-committed workflow can still serve from the local config cache, which beats erroring without trying. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
vegaro
added a commit
that referenced
this pull request
Jul 3, 2026
…orkflow path RemoteConfigManager.isUnavailable (the /v1/config 4xx session kill switch from #3700) had no consumers. Expose it through the orchestrator and an @InternalRevenueCatAPI property on Purchases (getter @JvmSynthetic-hidden from the Java surface, like the sibling workflow functions), surface it on the ui module's PurchasesType, and read it in PaywallViewModel at fetch time: when the endpoint is session-disabled and the offering carries a renderable fallback, render the offerings-provided paywall directly instead of attempting the doomed workflow fetch. With no fallback to render, the fetch is still attempted — a previously-committed workflow can still serve from the local config cache, which beats erroring without trying. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This was referenced Jul 3, 2026
2 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.


Disables the
/v1/configremote config endpoint for the rest of the session when the backend returns a 4xx, so no further config requests or blob fetches are made until the app restarts. The disabled state is exposed viaRemoteConfigManager.isUnavailable.Android equivalent of RevenueCat/purchases-ios#7118
Note
Medium Risk
Changes when the SDK hits
/v1/configand prefetches blobs for an entire session after client errors; behavior is intentional but affects remote-config-dependent features until restart.Overview
Remote config failures now carry an explicit retry vs disable signal from
Backend.getRemoteConfig, aligned with workflows/offerings-style error handling.Backend classifies errors as
SHOULD_RETRY(transport, 5xx, bad parse on 2xx) orSHOULD_DISABLE(4xx client refusal) and passes that on theonErrorcallback via newGetRemoteConfigErrorHandlingBehavior.RemoteConfigManager sets a session-scoped kill-switch on
SHOULD_DISABLE, exposesisUnavailable, and skips further/v1/configrefreshes (and thus blob prefetch) until app restart.clearCache()does not clear the disable flag—treated as app/endpoint-level, not per-user.Unit and integration tests cover 4xx/5xx behavior, retry after transient errors, and disable surviving identity changes.
Reviewed by Cursor Bugbot for commit 8cfe71a. Bugbot is set up for automated code reviews on this repo. Configure here.