fix(typescript/agent-os-vscode): drop unnecessary double cast on audit details#2157
Merged
imran-siddique merged 1 commit intoMay 12, 2026
Conversation
…t details
The audit-entry mapping in the storage-export command was building the
`details` field on each `AuditEntry` consumed by `ReportGenerator` via:
details: e as unknown as Record<string, unknown>
The `as unknown as Record<string, unknown>` form is the "I give up" cast:
it tells the compiler to accept the value without any structural check.
It's also unnecessary here — `AuditEntry` (from `auditLogger.ts`) is a
plain interface whose every field is a primitive, string union, or `any`,
so spreading it into a fresh object literal produces a value that is
structurally assignable to `Record<string, unknown>` with a single
narrowing cast.
Replace with `{ ...e } as Record<string, unknown>`. The fresh object
literal is the cast target rather than the original `AuditEntry`
reference; future structural drift on `AuditEntry` (e.g. nested objects)
will then surface as a real cast failure to investigate rather than
being laundered through `unknown`.
🤖 AI Agent: test-generator — `extension.ts`
|
🤖 AI Agent: security-scanner — View detailsNo security issues found. |
🤖 AI Agent: breaking-change-detector — View detailsNo breaking changes detected. |
🤖 AI Agent: code-reviewer — View detailsTL;DR: 0 blockers, 0 warnings. No issues found. Clean change. |
🤖 AI Agent: docs-sync-checker — Docs SyncDocs Sync
Other documentation is in sync. |
|
🟡 Contributor Check: MEDIUM
Automated check by AGT Contributor Check. |
PR Review Summary
Verdict: ✅ Ready for human review |
MohammadHaroonAbuomar
pushed a commit
to MohammadHaroonAbuomar/agt-acs
that referenced
this pull request
Jun 1, 2026
…t details (microsoft#2157) The audit-entry mapping in the storage-export command was building the `details` field on each `AuditEntry` consumed by `ReportGenerator` via: details: e as unknown as Record<string, unknown> The `as unknown as Record<string, unknown>` form is the "I give up" cast: it tells the compiler to accept the value without any structural check. It's also unnecessary here — `AuditEntry` (from `auditLogger.ts`) is a plain interface whose every field is a primitive, string union, or `any`, so spreading it into a fresh object literal produces a value that is structurally assignable to `Record<string, unknown>` with a single narrowing cast. Replace with `{ ...e } as Record<string, unknown>`. The fresh object literal is the cast target rather than the original `AuditEntry` reference; future structural drift on `AuditEntry` (e.g. nested objects) will then surface as a real cast failure to investigate rather than being laundered through `unknown`.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
extension.ts:621, inside the storage-export command, maps eachAuditEntryreturned from the audit logger into theReportGenerator'sAuditEntryshape and assigns the original entry todetailsvia:The
as unknown as Record<string, unknown>is the "I give up" cast: it strips the compiler's view of the value down tounknownand then re-asserts it as a record. There's no real structural check in either direction. It's also unnecessary here —AuditEntryis a plain interface whose every field is a primitive, string union, orany, so a fresh object literal copied from it is naturally assignable toRecord<string, unknown>with a single narrowing cast.Fix
The cast target is now a fresh object literal rather than the original
AuditEntryreference. Two side benefits beyond removing the double cast:AuditEntrylater grows a nested object field that can't satisfyRecord<string, unknown>, the single cast will surface that as a real type error to investigate, rather than the previousunknownshape laundering it silently.detailsfield no longer aliases the liveAuditEntrystored in the logger's internal array, so callers further downstream can't mutate the logger's state through the report payload.Test
The agent-os-vscode package's existing
testscript wraps the VS Code integration runner; this is a shape-only change in a.mapcallback and the produced object is structurally identical at runtime. No behavioural change on either path.Surfaced during independent audit conducted by @finnoybu (Ken Tannenbaum, AEGIS Initiative); [LOW, TypeScript].