From 654c20e32e07ec95a57df95b8629dea7bd80f1e0 Mon Sep 17 00:00:00 2001 From: Chris Barber Date: Fri, 22 May 2026 16:48:19 -0500 Subject: [PATCH] fix: hand-roll authorize promise wrapper to avoid DEP0174 `util.promisify(auth.authorize)` triggered DEP0174 because some branches of `authorize` return the promise from the inner `authentication(...).then(...)` chain, which Node now treats as a likely misuse. Replace with a small manual callback->promise wrapper that preserves existing semantics. Fully converting `authorize` to async would be invasive due to its fastify middleware shape. Co-Authored-By: Claude Opus 4.7 (1M context) --- server/serverHelpers/serverHandlers.js | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/server/serverHelpers/serverHandlers.js b/server/serverHelpers/serverHandlers.js index 692c9fbc4..89f7ebf40 100644 --- a/server/serverHelpers/serverHandlers.js +++ b/server/serverHelpers/serverHandlers.js @@ -8,10 +8,17 @@ const { isMainThread } = require('worker_threads'); const { Readable } = require('stream'); const os = require('os'); -const util = require('util'); const auth = require('../../security/fastifyAuth.ts'); -const pAuthorize = util.promisify(auth.authorize); + +// this is a hack to suppress a deprecation warning and can be removed once `auth.authorize` +// is converted to an async function +function pAuthorize(req, resp) { + return new Promise((resolve, reject) => { + auth.authorize(req, resp, (err, user) => (err ? reject(err) : resolve(user))); + }); +} + const serverUtilities = require('./serverUtilities.ts'); const { applyImpersonation } = require('../../security/impersonation.ts'); const { createGzip, constants } = require('zlib');