refactor: tighten DDD boundaries on the Feed aggregate

Address five modeling tensions in one pass: - Encapsulation: the Feed aggregate no longer exposes raw config/metadata (a shallow Readonly still leaked mutable arrays). It now offers intention-revealing accessors that return copies, plus toConfigSnapshot/toMetadataSnapshot for the repository and summary() for the global registry. - feeds:list consistency: FeedRepository.save/saveConfig upsert the registry entry from feed.summary(), so services no longer mirror title/description/ expiry by hand (the old add/updateInList footgun is gone). - domain/feed.ts: drop the dead applySenderPolicy, internalise resolveExpiresAt and trimToByteBudget into the aggregate; feed.ts keeps only the shared isExpired predicate used by the read-model routes. - Single edit path: remove editDetails; edit(patch, deps) is the sole config mutation, with a systematic expired guard. Renaming an expired feed now 403s. - FeedId flows through the application and infrastructure signatures; fromTrusted/parse happen once at the edge, .value only at the serialisation boundaries (urls, feed-generator, feed-keys, logs, JSON). 347 tests green, tsc clean, Worker bundle builds. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-06-21 06:13:48 +00:00 · 2026-05-24 13:45:13 +02:00
parent b3d42f6c50
commit ad196f1761
24 changed files with 406 additions and 398 deletions
@@ -9,7 +9,7 @@ import { FeedId } from "../domain/value-objects/feed-id";
 // attachmentIds.
 export async function deleteAttachmentsForEmails(
  env: Env,
-  emails: EmailMetadata[],
+  emails: readonly EmailMetadata[],
  keys: Iterable<string>,
 ): Promise<void> {
  const keySet = new Set(keys);
@@ -58,16 +58,14 @@ export async function deleteKeysWithConcurrency(
 */
 export async function collectUnsubscribeUrls(
  emailStorage: KVNamespace,
-  feedId: string,
+  feedId: FeedId,
 ): Promise<string[]> {
  try {
-    const metadata = await new FeedRepository(emailStorage).getMetadata(
-      FeedId.fromTrusted(feedId),
-    );
+    const metadata = await new FeedRepository(emailStorage).getMetadata(feedId);
    return Object.values(metadata?.unsubscribe ?? {});
  } catch (error) {
    logger.error("Error reading unsubscribe URLs", {
-      feedId,
+      feedId: feedId.value,
      error: String(error),
    });
    return [];
@@ -76,7 +74,7 @@ export async function collectUnsubscribeUrls(

 export async function purgeFeedKeysStep(
  emailStorage: KVNamespace,
-  feedId: string,
+  feedId: FeedId,
  options: { cursor?: string; limit?: number; bucket?: R2Bucket } = {},
 ): Promise<{
  deletedKeys: string[];
@@ -85,15 +83,14 @@ export async function purgeFeedKeysStep(
  listComplete: boolean;
 }> {
  const repo = new FeedRepository(emailStorage);
-  const id = FeedId.fromTrusted(feedId);
-  const listed = await repo.listFeedKeys(id, {
+  const listed = await repo.listFeedKeys(feedId, {
    cursor: options.cursor,
    limit: options.limit,
  });
  const keys = listed.names;

  if (options.bucket && keys.length > 0) {
-    const emailKeys = keys.filter((k) => repo.isEmailKey(id, k));
+    const emailKeys = keys.filter((k) => repo.isEmailKey(feedId, k));
    if (emailKeys.length > 0) {
      const emailDataResults = await Promise.allSettled(
        emailKeys.map((k) => repo.getEmail(k)),
@@ -128,7 +125,7 @@ export async function purgeFeedKeysStep(

 export async function purgeExpiredFeeds(
  emailStorage: KVNamespace,
-  feedId: string,
+  feedId: FeedId,
  bucket?: R2Bucket,
 ): Promise<void> {
  let cursor: string | undefined;