Increase timeout for getCookies to 30 seconds (#3)

michael-watson · peggyrayzis · web-flow · commit 464958d554e6 · 2026-02-25T09:53:48.000-05:00
* Increase timeout for getCookies to 30 seconds

Default timeout is 3000ms and I can't enter my password fast enough

* fix(auth): patch sweet-cookie timeout and node22 sqlite handling

* fix(ci): remove unsupported hashFiles call in job if

* fix(ci): install ripgrep for security check job

---------

Co-authored-by: Peggy Rayzis &lt;peggyrayzis@gmail.com&gt;
diff --git a/.github/workflows/docs-check.yml b/.github/workflows/docs-check.yml
@@ -50,10 +50,11 @@ jobs:
           cache: "pnpm"
 
       - run: pnpm install --frozen-lockfile
+      - run: sudo apt-get update && sudo apt-get install -y ripgrep
       - run: npm run security
 
   smoke:
-    if: ${{ hashFiles('scripts/smoke.sh') != '' && vars.LI_SMOKE_ENABLED == '1' }}
+    if: ${{ vars.LI_SMOKE_ENABLED == '1' }}
     runs-on: ubuntu-latest
     continue-on-error: true
     steps:
diff --git a/docs/DECISIONS.md b/docs/DECISIONS.md
@@ -3,6 +3,7 @@ Last Updated: 2026-02-25
 
 | Date | Decision | Status | Rationale | Consequences | Supersedes |
 | --- | --- | --- | --- | --- | --- |
+| 2026-02-25 | Temporarily patch `@steipete/sweet-cookie@0.1.0` in-repo | active | Upstream release does not yet include Chrome macOS timeout propagation and Node 22 Chrome sqlite overflow handling | `pnpm.patchedDependencies` now carries a local patch that must be removed once upstream releases fixes | n/a |
 | 2026-02-25 | Adopt repository operating system with multi-agent roles and PR-first enforcement | active | Reduce process drift and make quality/security checks mechanically enforced | Adds standardized docs/scripts/hooks/templates and CI checks | n/a |
 | 2026-02-25 | GitHub Issues become the only task tracker | active | Keep planning and delivery in one auditable system | No parallel `docs/TASKS.md` or duplicate trackers | informal task notes |
 | 2026-02-25 | Managed docs moved to `docs/` and stale root markdown retired | active | Remove conflicting guidance and normalize discoverability | `CLAUDE.md`, root `SPEC.md`, and root `DECISIONS.md` are retired | root markdown process docs |
diff --git a/docs/MEMORY.md b/docs/MEMORY.md
@@ -12,3 +12,8 @@ Append-only log. Add entries; do not rewrite historical entries except typo fixe
 - Correction: repository mixed `.MD` and `.md` file extensions.
 - Fix: normalized markdown file extensions to `.md` and removed stale uppercase root docs.
 - Guardrail: future docs updates should only create `.md` files.
+
+## 2026-02-25
+- Correction: `@steipete/sweet-cookie@0.1.0` ignored Chrome macOS `timeoutMs` and failed Chrome cookie reads on Node 22 with large `expires_utc` values.
+- Fix: applied a local `pnpm` dependency patch to propagate `timeoutMs` in Chrome macOS keychain reads and cast `expires_utc` for Node runtimes without `readBigInts`.
+- Guardrail: keep the repository patch until upstream `sweet-cookie` merges/releases equivalent fixes, then remove patch and retest smoke on Node 22.
diff --git a/package.json b/package.json
@@ -57,5 +57,10 @@
     "dotenv": "^17.2.3",
     "json5": "^2.2.3",
     "picocolors": "^1.1.1"
+  },
+  "pnpm": {
+    "patchedDependencies": {
+      "@steipete/sweet-cookie@0.1.0": "patches/@steipete__sweet-cookie@0.1.0.patch"
+    }
   }
 }
diff --git a/patches/@steipete__sweet-cookie@0.1.0.patch b/patches/@steipete__sweet-cookie@0.1.0.patch
@@ -0,0 +1,40 @@
+diff --git a/dist/providers/chromeSqlite/shared.js b/dist/providers/chromeSqlite/shared.js
+index 59ef6e4e20a40a71db7fc39d46606c306682e967..cd1bd1690f6e7dc1819dcb1ec68279f1a54f3115 100644
+--- a/dist/providers/chromeSqlite/shared.js
++++ b/dist/providers/chromeSqlite/shared.js
+@@ -185,7 +185,10 @@ async function readChromiumMetaVersion(dbPath) {
+ async function readChromeRows(dbPath, where) {
+     const sqliteKind = isBunRuntime() ? 'bun' : 'node';
+     const sqliteLabel = sqliteKind === 'bun' ? 'bun:sqlite' : 'node:sqlite';
+-    const sql = `SELECT name, value, host_key, path, expires_utc, samesite, encrypted_value, ` +
++    const expiresCol = sqliteKind === 'node' && !supportsReadBigInts()
++        ? 'CAST(expires_utc AS TEXT) AS expires_utc'
++        : 'expires_utc';
++    const sql = `SELECT name, value, host_key, path, ${expiresCol}, samesite, encrypted_value, ` +
+         `is_secure AS is_secure, is_httponly AS is_httponly ` +
+         `FROM cookies WHERE (${where}) ORDER BY expires_utc DESC;`;
+     const result = await queryNodeOrBun({ kind: sqliteKind, dbPath, sql });
+diff --git a/dist/providers/chromeSqliteMac.d.ts b/dist/providers/chromeSqliteMac.d.ts
+index da0e8aaad456961d15185be1cc03b5f0bcd8d179..3a213b185ad4f36cf9f2a52b307d502510d5655f 100644
+--- a/dist/providers/chromeSqliteMac.d.ts
++++ b/dist/providers/chromeSqliteMac.d.ts
+@@ -3,5 +3,6 @@ export declare function getCookiesFromChromeSqliteMac(options: {
+     profile?: string;
+     includeExpired?: boolean;
+     debug?: boolean;
++    timeoutMs?: number;
+ }, origins: string[], allowlistNames: Set<string> | null): Promise<GetCookiesResult>;
+ //# sourceMappingURL=chromeSqliteMac.d.ts.map
+diff --git a/dist/providers/chromeSqliteMac.js b/dist/providers/chromeSqliteMac.js
+index 71c815f77378d03e07061976ac372b3a55a61ac4..3a85a2fce102128d7e7b69145d97bc353f663008 100644
+--- a/dist/providers/chromeSqliteMac.js
++++ b/dist/providers/chromeSqliteMac.js
+@@ -15,7 +15,7 @@ export async function getCookiesFromChromeSqliteMac(options, origins, allowlistN
+     const passwordResult = await readKeychainGenericPasswordFirst({
+         account: 'Chrome',
+         services: ['Chrome Safe Storage'],
+-        timeoutMs: 3_000,
++        timeoutMs: options.timeoutMs ?? 3_000,
+         label: 'Chrome Safe Storage',
+     });
+     if (!passwordResult.ok) {
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
diff --git a/src/lib/auth.ts b/src/lib/auth.ts
@@ -90,6 +90,7 @@ async function extractBrowserCookies(
 			url: LINKEDIN_URL,
 			browsers: browsers,
 			profile: profileDir,
+			timeoutMs: 30000,
 		});
 
 		if (result.warnings) {
diff --git a/tests/unit/auth.test.ts b/tests/unit/auth.test.ts
@@ -204,6 +204,13 @@ describe("auth", () => {
 			expect(result.credentials.liAt).toBe("chrome-li-at-token");
 			expect(result.credentials.jsessionId).toBe("chrome-jsession-token");
 			expect(result.credentials.source).toBe("chrome");
+			expect(getCookies).toHaveBeenCalledWith(
+				expect.objectContaining({
+					browsers: ["chrome"],
+					timeoutMs: 30000,
+					url: "https://www.linkedin.com",
+				}),
+			);
 		});
 
 		it("env vars take priority over Chrome cookies", async () => {

Original file line number	Diff line number	Diff line change
`@@ -57,5 +57,10 @@`
`57`	`57`	`"dotenv": "^17.2.3",`
`58`	`58`	`"json5": "^2.2.3",`
`59`	`59`	`"picocolors": "^1.1.1"`
	`60`	`+ },`
	`61`	`+ "pnpm": {`
	`62`	`+ "patchedDependencies": {`
	`63`	`+ "@steipete/sweet-cookie@0.1.0": "patches/@steipete__sweet-cookie@0.1.0.patch"`
	`64`	`+ }`
`60`	`65`	`}`
`61`	`66`	`}`