fix: handle invalid search query validation errors

[Tanishq-mellu]

Summary

Fixes member search behavior when users enter queries containing unsupported special characters such as '@'

Previously, these queries caused the backend validator to return HTTP 400, which surfaced a "Search service error" notification in the UI.

This change handles the specific invalid query validation error and returns an empty result set instead, allowing the existing "No Users found" state to be displayed.

Changes

• Handle HTTP 400 responses caused by invalid query validation.
• Return an empty search result set so the existing "No Users found" state is displayed instead of a server error toast.
• Preserve existing error handling for all other search errors.

Testing

Verified that:

• Searching @ displays "No Users found"
• Searching other unsupported special characters behaves the same way
• Valid searches continue to work normally
• Other search failures continue to use existing error handling

Closes #4979

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: c3e21653-f424-4798-9376-6cc803274e7b

📥 Commits

Reviewing files that changed from the base of the PR and between 807e804 and 4dbaa33.

📒 Files selected for processing (1)

• frontend/src/server/fetchAlgoliaData.ts

---

Summary by CodeRabbit

• New Features

  • Repository cards now show an “Updated” date when an update timestamp is available for a project.

• Bug Fixes

  • Search now handles certain invalid queries by returning empty results instead of surfacing an error.

• Tests

  • Added unit coverage to verify the “Updated” label/date rendering.
  • Updated accessibility test fixtures to include the timestamp data.

Walkthrough

Adds an optional updatedAt field to RepositoryCardProps, fetches it in the GET_ORGANIZATION_DATA GraphQL query, and conditionally renders a formatted "Updated" date in RepositoryCard. Also adds graceful handling of Algolia HTTP 400 responses caused by invalid query characters, returning empty results instead of surfacing a server error.

Changes

RepositoryCard updatedAt display

Layer / File(s)	Summary
Type and GraphQL query extension frontend/src/types/project.ts, frontend/src/server/queries/organizationQueries.ts	RepositoryCardProps gains updatedAt?: string and the GET_ORGANIZATION_DATA query adds updatedAt to the repositories selection set.
RepositoryCard conditional updatedAt rendering frontend/src/components/RepositoryCard.tsx	A conditional JSX block in RepositoryItem renders an "Updated …" label formatted with toLocaleDateString() when details.updatedAt is truthy.
Unit and a11y test updates frontend/__tests__/unit/components/RepositoryCard.test.tsx, frontend/__tests__/a11y/components/RepositoryCard.a11y.test.tsx	Mock repository factories are given a fixed updatedAt ISO timestamp, and a new unit test asserts the "Updated" label renders when updatedAt is present.

Algolia 400 error graceful handling

Layer / File(s)	Summary
fetchAlgoliaData 400 branch frontend/src/server/fetchAlgoliaData.ts	Adds a response.status === 400 pre-check that parses the response JSON and returns { hits: [], totalPages: 0 } when the error indicates "Invalid query value", or throws AppError(400, 'Search service error') for other 400 cases. The existing non-OK generic throw is preserved afterward.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 1 | ❌ 4

❌ Failed checks (3 warnings, 1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description focuses exclusively on search query validation error handling and issue #4979, but the changeset includes unrelated updates to RepositoryCard component to display updatedAt timestamps.	Update the description to explain both the search error handling fix and the updatedAt timestamp feature addition, or reconsider whether these changes should be in separate PRs.
Linked Issues check	⚠️ Warning	The PR addresses issue #4979 by handling HTTP 400 responses in fetchAlgoliaData and returning empty results for invalid query errors. However, the changeset includes unrelated RepositoryCard updates to display updatedAt timestamps that are not covered in the linked issue.	Either remove the unrelated RepositoryCard and updatedAt changes from this PR, or link additional issues that justify those changes.
Out of Scope Changes check	⚠️ Warning	The PR includes significant out-of-scope changes: RepositoryCard updates to display updatedAt timestamps, modifications to organizationQueries.ts to fetch updatedAt, and type updates in project.ts. These changes are unrelated to the linked issue #4979 about search validation error handling.	Separate the updatedAt timestamp feature (RepositoryCard.tsx, RepositoryCard.test.tsx, RepositoryCard.a11y.test.tsx, organizationQueries.ts, project.ts) into a distinct PR focused on that feature.
Title check	❓ Inconclusive	The title references handling invalid search query validation errors, which is the primary change in the PR (HTTP 400 handling in fetchAlgoliaData). However, the title does not mention the updatedAt feature also included in the changeset.	The title is partially accurate but incomplete. Consider if the title should encompass both the search error handling and the updatedAt timestamp feature, or if this PR should be split into separate changes.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cubic-dev-ai]

2 issues found and verified against the latest diff

Confidence score: 3/5

• In frontend/src/server/fetchAlgoliaData.ts, non-invalid 400 responses appear to bypass the prior generic error handling and can surface raw backend messages to users, which is a user-facing regression versus the stated behavior—restore the generic fallback path for all non-invalid-query errors before merging.
• In frontend/src/server/fetchAlgoliaData.ts, invalid-query handling relies on matching backend error text, so a wording change could silently break detection and reintroduce incorrect messaging—switch to a stable backend error code/field signal (and add a targeted test) to de-risk this path.

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="frontend/src/server/fetchAlgoliaData.ts">

<violation number="1" location="frontend/src/server/fetchAlgoliaData.ts:42">
P2: Invalid-query detection depends on fragile string matching against a backend error message instead of a stable machine-readable error code or field identifier. If the backend wording changes, the fix will regress and the original 'Search service error' toast will reappear.</violation>
</file>

<sub>Reply with feedback, questions, or to request a fix.

Re-trigger cubic</sub>

[coderabbitai]

Actionable comments posted: 5

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@frontend/__tests__/unit/components/RepositoryCard.test.tsx`:
- Around line 76-80: The test suite for RepositoryCard only covers the positive
case where updatedAt is present, but lacks coverage for when updatedAt is
undefined. Add a new test case after the existing "displays repository updated
date when available" test that creates a mock repository with updatedAt
explicitly set to undefined, renders the RepositoryCard component with this
repository, and verifies that the "Updated" text is not present in the document
using queryByText instead of getByText to confirm the conditional rendering
logic handles the undefined case correctly.

In `@frontend/src/components/RepositoryCard.tsx`:
- Around line 90-94: Replace the `div` element in the RepositoryCard component
where the updated date is displayed with a semantic `<time>` element. Add a
`dateTime` attribute to the time element containing the ISO format date string
from details.updatedAt, and keep the displayed text as the human-readable
formatted date using toLocaleDateString(). This improves accessibility and
semantic markup by properly communicating to assistive technologies and search
engines that this is a date value.
- Around line 90-94: Replace the direct date formatting in the RepositoryCard
component with the existing formatDate() utility function. Import formatDate
from frontend/src/utils/dateFormatter.ts and replace the new
Date(details.updatedAt).toLocaleDateString() call with
formatDate(details.updatedAt). This utility already handles invalid date
validation with Number.isNaN() checks, preventing "Invalid Date" from being
displayed to users when malformed date strings are encountered.

In `@frontend/src/server/fetchAlgoliaData.ts`:
- Around line 41-57: There is a duplicate condition block checking for "Invalid
query value" in the errorData error handling logic. The first condition block
(with the identical typeof and includes check) has no body and creates malformed
code. Remove the first incomplete condition block entirely and keep only the
second complete implementation that returns the object with empty hits array and
totalPages set to 0.
- Around line 38-57: The code currently catches "Invalid query value" errors
from Algolia and silently converts them to empty results without any logging. To
improve observability and aid in production debugging, add a log statement
(using console.warn or your preferred logging mechanism) before the return
statement that returns empty results. This log should capture the occurrence of
the invalid query error, ideally including the actual error message from
errorData.error, so that the pattern of invalid queries can be monitored and
analyzed in production environments.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 05d75fe3-b26e-4ce7-a63d-0f3f5270f3e5

📥 Commits

Reviewing files that changed from the base of the PR and between 61cada9 and 807e804.

📒 Files selected for processing (6)

• frontend/__tests__/a11y/components/RepositoryCard.a11y.test.tsx
• frontend/__tests__/unit/components/RepositoryCard.test.tsx
• frontend/src/components/RepositoryCard.tsx
• frontend/src/server/fetchAlgoliaData.ts
• frontend/src/server/queries/organizationQueries.ts
• frontend/src/types/project.ts

[cubic-dev-ai]

2 issues found across 1 file (changes from recent commits).

<sub>Reply with feedback, questions, or to request a fix.

Re-trigger cubic</sub>

[cubic-dev-ai]

0 issues found across 1 file (changes from recent commits).

<sub>Requires human review: Auto-approval blocked by 1 unresolved issue from previous reviews.

Re-trigger cubic</sub>

[Tanishq-mellu]

I noticed this branch currently contains both the repository updated-date feature and the invalid query handling fix. If you'd prefer these to be split into separate PRs for review, I'm happy to separate them.

[Tanishq-mellu]

I'll be happy to make edits if needed ?

[Tanishq-mellu]

Hi @arkid15r and @kasya, I've addressed the previous feedback, updated the PR, and all current automated checks (CodeRabbit, Cubic AI, SonarCloud and Snyk) are passing. The remaining GitHub workflows are awaiting maintainer approval. I'd appreciate another review when you have time.
Thank you

[github-actions]

Contribution validation failed:

• commit_signature: One or more commits are not signed.

  • eab1ff7
  • 422786d
  • 807e804
  • 4dbaa33

• commit_sign_off: One or more commits are missing or have an invalid Signed-off-by trailer.

  • eab1ff7
  • 03b107e
  • 807e804
  • 4dbaa33
  • 74c9e40
  • ed44867
  • eaa606d
  • fd6b4a7
  • ef60c2a

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud