feat(js-sdk): add support for write conflict settings

[phamhieu]

Description

Generator PR for openfga/js-sdk#276

• Add conflict handling options for write operations in JavaScript SDK templates
• Add documentation and unit tests for write conflict options
• Update default Makefile to use OpenFGA API v1.10.0+ specification with conflict option support

Review Checklist

• I have clicked on "allow edits by maintainers".
• I have added documentation for new/changed functionality in this PR or in a PR to openfga.dev [Provide a link to any relevant PRs in the references section above]
• The correct base branch is being used, if not main
• I have added tests to validate that the change in functionality is working as expected

Summary by CodeRabbit

• New Features

  • Added conflict handling options for write and delete operations so clients can control duplicate-writes and missing-deletes behavior.

• Documentation

  • Added guidance and examples describing conflict option usage, defaults, and precedence.

• Tests

  • Expanded tests to validate propagation and behavior of conflict options across write and delete flows.

• Chores

  • Updated default API reference value used by the client templates.

[linux-foundation-easycla]

The committers listed above are authorized under a signed CLA.

• ✅ login: phamhieu / name: Hieu (001a2cd, 3b3d122, 4517ab8, 5d2ad84, b2e24b5, cc3a9b4)

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Updates OpenFGA API reference hash and adds per-request conflict handling for write and delete operations in the JavaScript client template, including new enums, option types, documentation, example usage, and tests that propagate on_duplicate / on_missing into API request bodies.

Changes

Cohort / File(s)	Summary
API Reference Update Makefile	Updates OPEN_API_REF hash from e53c69cc55317404d02a6d8e418d626268f28a59 to 0ac19aac54f21f3c78970126b84b4c69c6e3b9a2, which updates OPEN_API_URL.
Documentation config/clients/js/template/README_calling_api.mustache	Adds "Conflict Options for Write Operations" section describing onDuplicateWrites and onMissingDeletes options, defaults, behavior, precedence rules, and OpenFGA version requirement.
Client Core Logic config/clients/js/template/client.mustache	Adds enums WriteRequestWritesOnDuplicateEnum and WriteRequestDeletesOnMissingEnum (re-exported as OnDuplicateWrites / OnMissingDeletes); new types ClientWriteConflictOptions, ClientWriteTuplesRequestOpts, ClientDeleteTuplesRequestOpts; extends write, writeTuples, and deleteTuples method signatures to accept conflict options and to include on_duplicate / on_missing in API bodies when provided.
Example Usage config/clients/js/template/example/example1/example1.mjs	Updates example fgaClient.write call to include conflict: { onDuplicateWrites: 'ignore' }.
Tests config/clients/js/template/tests/client.test.ts.mustache	Exposes OnDuplicateWrites and OnMissingDeletes; adds tests verifying propagation of conflict options into request payloads for write, writeTuples, and deleteTuples, and verifies omission when options are absent.

Sequence Diagram(s)

sequenceDiagram
    participant Caller as Client Code
    participant Client as SDK Client
    participant Builder as Request Builder
    participant API as API Request
    participant Server

    Caller->>Client: call write/writeTuples/deleteTuples(payload, options)
    Client->>Builder: build apiBody (includes payload)
    Builder->>Builder: extract options.conflict (onDuplicateWrites/onMissingDeletes)
    alt conflict provided
        Builder->>API: include on_duplicate / on_missing in request body
    else no conflict
        Builder->>API: omit on_duplicate / on_missing
    end
    API->>Server: send request
    Server-->>API: response
    API-->>Client: result
    Client-->>Caller: return result

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• feat(java-sdk): add support for write conflict settings #641: Implements the same per-request write/delete conflict options and propagates on_duplicate/on_missing through client request construction.
• feat(go): add support for write conflict writes #611: Adds write conflict options and updates the same OPEN_API_REF; closely aligned changes to client templates.
• feat(dotnet-sdk): add write conflict resolution options #644: Adds OnDuplicateWrites/OnMissingDeletes enums and conflict propagation across client SDK templates.

Suggested labels

enhancement

Suggested reviewers

• evansims
• ewanharris

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The pull request title "feat(js-sdk): add support for write conflict settings" accurately summarizes the main objective of the changeset. The title correctly identifies that this is a new feature for the JavaScript SDK that adds conflict handling options (onDuplicateWrites and onMissingDeletes) for write and delete operations. The title is concise, clear, and specific—using proper conventional commit format without vague terminology or unnecessary noise. A teammate reviewing the git history would immediately understand that this PR introduces conflict settings support for write operations in the JS SDK.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

config/clients/js/template/example/example1/example1.mjs (1)

148-151: Use the exported enum constant instead of string literal.

The conflict option should use OnDuplicateWrites.Ignore instead of the string literal 'ignore' to align with the documented API and maintain type safety. The README examples (lines 281, 313) consistently use the enum constants.

Apply this diff:

   }, {
     authorizationModelId,
-    conflict: { onDuplicateWrites: 'ignore' }
+    conflict: { onDuplicateWrites: OnDuplicateWrites.Ignore }
   });

Don't forget to import the enum at the top of the file:

-import { CredentialsMethod, FgaApiValidationError, OpenFgaClient, TypeName } from "@openfga/sdk";
+import { CredentialsMethod, FgaApiValidationError, OnDuplicateWrites, OpenFgaClient, TypeName } from "@openfga/sdk";

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 75dbea2 and d29e95a.

📒 Files selected for processing (5)

• Makefile (1 hunks)
• config/clients/js/template/README_calling_api.mustache (1 hunks)
• config/clients/js/template/client.mustache (9 hunks)
• config/clients/js/template/example/example1/example1.mjs (1 hunks)
• config/clients/js/template/tests/client.test.ts.mustache (4 hunks)

🧰 Additional context used

📓 Path-based instructions (3)

config/**/*.mustache

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Validate mustache syntax and variable references across all template files, including CHANGELOG.md.mustache

Files:

• config/clients/js/template/client.mustache
• config/clients/js/template/tests/client.test.ts.mustache
• config/clients/js/template/README_calling_api.mustache

config/**/*.{json,mustache}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Never hardcode API keys or credentials in configuration or template files

Files:

• config/clients/js/template/client.mustache
• config/clients/js/template/tests/client.test.ts.mustache
• config/clients/js/template/README_calling_api.mustache

Makefile

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Makefile: Update OPEN_API_REF in the Makefile when targeting new OpenFGA API versions
Update Docker image tags in the Makefile when upgrading build tools
Use official, tagged Docker images for containerized builds

Files:

• Makefile

🧠 Learnings (1)

📚 Learning: 2025-09-04T17:35:34.111Z

Learnt from: CR
PR: openfga/sdk-generator#0
File: .github/copilot-instructions.md:0-0
Timestamp: 2025-09-04T17:35:34.111Z
Learning: Applies to Makefile : Update OPEN_API_REF in the Makefile when targeting new OpenFGA API versions

Applied to files:

• Makefile

🪛 Gitleaks (8.28.0)

Makefile

[high] 3-3: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: build-and-test-java-sdk
• GitHub Check: build-and-test-go-sdk
• GitHub Check: build-and-test-dotnet-sdk

🔇 Additional comments (10)

Makefile (1)

3-3: Code change is correct. Commit hash references appropriate OpenFGA API specification.

The commit 0ac19aac54f21f3c78970126b84b4c69c6e3b9a2 is dated 2025-09-09, which aligns with the OpenFGA API v1.10.0 release on 2025-09-11. The openfga/api repository uses commit SHAs rather than semantic version tags to reference API specifications—this is standard practice. The change properly implements the coding guideline requirement to update OPEN_API_REF when targeting new OpenFGA API versions and enables the generator to use the v1.10.0+ specification.

Regarding the Gitleaks alert: this is a confirmed false positive. The value is a git commit SHA-1 hash (40 hex characters), not a secret credential. Consider updating Gitleaks configuration to exclude git commit hash patterns from generic API key detection.

config/clients/js/template/tests/client.test.ts.mustache (4)

16-17: LGTM!

The new enum imports are correctly added and will be used in the conflict options tests.

---

470-601: LGTM!

The test suite comprehensively validates conflict option propagation:

• Tests verify correct API payload structure for write operations with conflict options
• Tests cover both onDuplicateWrites and onMissingDeletes independently and combined
• Tests verify behavior when conflict options are omitted (undefined values)
• Proper mock setup and restoration after each test

---

622-649: LGTM!

Tests properly validate that conflict options flow through the convenience methods (writeTuples and deleteTuples) to the underlying API calls.

---

670-697: LGTM!

The deleteTuples test correctly validates onMissingDeletes option propagation.

config/clients/js/template/client.mustache (5)

41-42: LGTM!

The new enum imports are correctly added to support conflict handling in write operations.

---

181-183: LGTM!

Re-exporting the API enums with more user-friendly names (OnDuplicateWrites and OnMissingDeletes) provides a cleaner public API surface.

---

201-230: LGTM!

The new option types properly segregate conflict handling concerns:

• ClientWriteRequestOpts supports both write and delete conflict options
• ClientWriteTuplesRequestOpts only includes onDuplicateWrites
• ClientDeleteTuplesRequestOpts only includes onMissingDeletes

This design prevents users from mistakenly passing incompatible options to convenience methods.

---

523-605: LGTM!

The write method implementation correctly:

• Extracts conflict options from the options parameter
• Constructs API body with tuple_keys and conflict fields (on_duplicate, on_missing)
• Preserves conflict options when delegating to writeTuples/deleteTuples in non-transaction mode
• Handles both transaction and non-transaction modes appropriately

---

607-649: LGTM!

The convenience methods (writeTuples and deleteTuples) properly delegate to the main write method while preserving conflict options, enabling both single-operation and batch-operation paths to support conflict handling.

[phamhieu]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

config/clients/js/template/client.mustache (1)

185-199: JSDoc casing issue already flagged in previous review.

The JSDoc comments at lines 195-197 use lowercase onMissingDeletes instead of the correct enum name OnMissingDeletes. This issue was already identified in a previous review comment.

🧹 Nitpick comments (1)

config/clients/js/template/example/example1/example1.mjs (1)

148-151: Use the enum constant instead of a string literal.

For better type safety and to demonstrate best practices, use OnDuplicateWrites.Ignore instead of the string literal 'ignore'.

Apply this diff:

+import { CredentialsMethod, FgaApiValidationError, OpenFgaClient, TypeName, OnDuplicateWrites } from "@openfga/sdk";
-import { CredentialsMethod, FgaApiValidationError, OpenFgaClient, TypeName } from "@openfga/sdk";

Then update the write call:

   }, {
     authorizationModelId,
-    conflict: { onDuplicateWrites: 'ignore' }
+    conflict: { onDuplicateWrites: OnDuplicateWrites.Ignore }
   });

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d29e95a and 3159598.

📒 Files selected for processing (5)

• Makefile (1 hunks)
• config/clients/js/template/README_calling_api.mustache (1 hunks)
• config/clients/js/template/client.mustache (9 hunks)
• config/clients/js/template/example/example1/example1.mjs (1 hunks)
• config/clients/js/template/tests/client.test.ts.mustache (4 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• Makefile
• config/clients/js/template/README_calling_api.mustache

🔇 Additional comments (11)

config/clients/js/template/tests/client.test.ts.mustache (5)

16-17: LGTM!

The enum imports are correctly added to support the new conflict option tests.

---

470-573: LGTM!

The test coverage for conflict options is comprehensive and correct. The tests properly verify that:

• onDuplicateWrites is propagated correctly to the API body
• onMissingDeletes is propagated correctly to the API body
• Both options can be used together

Good practice using Jest spies and restoring mocks after each test.

---

622-649: LGTM!

The test correctly verifies that onDuplicateWrites option is propagated from writeTuples to the underlying write method call. Mock cleanup is properly handled.

---

670-697: LGTM!

The test correctly verifies that onMissingDeletes option is propagated from deleteTuples to the underlying write method call. Mock cleanup is properly handled.

---

575-600: No action required - undefined fields are intentionally set and properly handled by JSON serialization.

When the conflict option is omitted, on_duplicate is correctly set to undefined in the apiBody object (line 537-539 of client.mustache). This undefined value is then automatically removed by JSON.stringify() during HTTP serialization, resulting in a clean API payload. The test expectation accurately reflects the intended implementation.

config/clients/js/template/client.mustache (6)

41-42: LGTM!

The enum imports are correctly added from the generated API model to support conflict handling.

---

181-183: LGTM!

The enum re-exports provide cleaner, more user-friendly names (OnDuplicateWrites and OnMissingDeletes) for the generated enum types.

---

201-230: LGTM!

The option type definitions are well-structured:

• ClientWriteRequestOpts includes both conflict options since write can handle both writes and deletes
• ClientWriteTuplesRequestOpts includes only onDuplicateWrites (appropriate for write-only operations)
• ClientDeleteTuplesRequestOpts includes only onMissingDeletes (appropriate for delete-only operations)

---

507-605: LGTM!

The write method implementation correctly:

• Documents the new conflict options in JSDoc
• Extracts conflict settings from options
• Propagates onDuplicateWrites to apiBody.writes.on_duplicate
• Propagates onMissingDeletes to apiBody.deletes.on_missing
• Handles both transaction and non-transaction modes appropriately

---

607-627: LGTM!

The writeTuples method correctly:

• Updates the parameter type to ClientWriteTuplesRequestOpts to accept conflict options
• Documents the onDuplicateWrites option in JSDoc
• Passes options through to the write method for proper conflict handling

---

629-649: LGTM!

The deleteTuples method correctly:

• Updates the parameter type to ClientDeleteTuplesRequestOpts to accept conflict options
• Documents the onMissingDeletes option in JSDoc
• Passes options through to the write method for proper conflict handling

[phamhieu]

No idea why the .NET tests failed on my change to the JS client.
https://github.com/openfga/sdk-generator/actions/runs/19093598215/job/54548798776?pr=646