fix(redis,mongodb): address PR review comments

- redis.ts: move resolveTlsOptions call outside the try/catch in
  getRedisClient so config errors surface instead of being swallowed
  into a silent null return.
- mongodb.ts: re-attach mongoUsernamePasswordPaired .refine after each
  of the five downstream .extend()s. Mirrors the confluence pattern
  and restores the pairing constraint that the original chain dropped.

Author: TheodoreSpeaks

apps/sim/lib/api/contracts/tools/databases/mongodb.ts

@@ -10,13 +10,8 @@ import {
   defineRouteContract,
 } from '@/lib/api/contracts/types'
 
-// .refine returns ZodEffects which has no .extend method, so the downstream
-// MongoDB operation schemas have to extend the un-refined base. (Note: the
-// resolved Zod is v3 despite package.json declaring v4 — same root issue as
-// confluence and storage-transfer.) The five downstream extensions previously
-// threw at module-init time in the TD bundle, so no consumer was actually
-// running the username/password pairing constraint; not adding it back here
-// preserves observed behavior.
+// Un-refined base so the downstream operation schemas can .extend it; each
+// reattaches mongoUsernamePasswordPaired after its own .extend.
 const mongoConnectionBaseSchema = z.object({
   host: z.string().min(1, 'Host is required'),
   port: z.coerce.number().int().positive('Port must be a positive integer'),
@@ -27,6 +22,13 @@ const mongoConnectionBaseSchema = z.object({
   ssl: sslModeSchema,
 })
 
+const mongoUsernamePasswordPaired = (data: { username?: string; password?: string }) =>
+  Boolean(data.username) === Boolean(data.password)
+const mongoUsernamePasswordPairedError = {
+  message: 'Username and password must be provided together',
+  path: ['password' as const],
+}
+
 const mongoJsonStringOrObjectSchema = (message: string) =>
   z
     .union([z.string(), z.object({}).passthrough()])
@@ -47,92 +49,102 @@ const booleanStringSchema = z
     return false
   })
 
-export const mongodbQueryBodySchema = mongoConnectionBaseSchema.extend({
-  collection: z.string().min(1, 'Collection name is required'),
-  query: z
-    .union([z.string(), z.object({}).passthrough()])
-    .optional()
-    .default('{}')
-    .transform((val) => {
-      if (typeof val === 'object' && val !== null) {
-        return JSON.stringify(val)
-      }
-      return val || '{}'
-    }),
-  limit: z
-    .union([z.coerce.number().int().positive(), z.literal(''), z.undefined()])
-    .optional()
-    .transform((val) => {
-      if (val === '' || val === undefined || val === null) {
-        return 100
-      }
-      return val
-    }),
-  sort: z
-    .union([z.string(), z.object({}).passthrough(), z.null()])
-    .optional()
-    .transform((val) => {
-      if (typeof val === 'object' && val !== null) {
-        return JSON.stringify(val)
-      }
-      return val
-    }),
-})
-
-export const mongodbExecuteBodySchema = mongoConnectionBaseSchema.extend({
-  collection: z.string().min(1, 'Collection name is required'),
-  pipeline: z
-    .union([z.string(), z.array(z.object({}).passthrough())])
-    .transform((val) => {
-      if (Array.isArray(val)) {
-        return JSON.stringify(val)
-      }
-      return val
-    })
-    .refine((val) => val && val.trim() !== '', {
-      message: 'Pipeline is required',
-    }),
-})
-
-export const mongodbInsertBodySchema = mongoConnectionBaseSchema.extend({
-  collection: z.string().min(1, 'Collection name is required'),
-  documents: z
-    .union([z.array(z.record(z.string(), z.unknown())), z.string()])
-    .transform((val) => {
-      if (typeof val === 'string') {
-        try {
-          const parsed = JSON.parse(val)
-          return Array.isArray(parsed) ? parsed : [parsed]
-        } catch {
-          throw new Error('Invalid JSON in documents field')
+export const mongodbQueryBodySchema = mongoConnectionBaseSchema
+  .extend({
+    collection: z.string().min(1, 'Collection name is required'),
+    query: z
+      .union([z.string(), z.object({}).passthrough()])
+      .optional()
+      .default('{}')
+      .transform((val) => {
+        if (typeof val === 'object' && val !== null) {
+          return JSON.stringify(val)
         }
-      }
-      return val
-    })
-    .refine((val) => Array.isArray(val) && val.length > 0, {
-      message: 'At least one document is required',
-    }),
-})
-
-export const mongodbUpdateBodySchema = mongoConnectionBaseSchema.extend({
-  collection: z.string().min(1, 'Collection name is required'),
-  filter: mongoJsonStringOrObjectSchema('Filter is required for MongoDB Update').refine(
-    (val) => val !== '{}',
-    { message: 'Filter is required for MongoDB Update' }
-  ),
-  update: mongoJsonStringOrObjectSchema('Update is required'),
-  upsert: booleanStringSchema,
-  multi: booleanStringSchema,
-})
-
-export const mongodbDeleteBodySchema = mongoConnectionBaseSchema.extend({
-  collection: z.string().min(1, 'Collection name is required'),
-  filter: mongoJsonStringOrObjectSchema('Filter is required for MongoDB Delete').refine(
-    (val) => val !== '{}',
-    { message: 'Filter is required for MongoDB Delete' }
-  ),
-  multi: booleanStringSchema,
-})
+        return val || '{}'
+      }),
+    limit: z
+      .union([z.coerce.number().int().positive(), z.literal(''), z.undefined()])
+      .optional()
+      .transform((val) => {
+        if (val === '' || val === undefined || val === null) {
+          return 100
+        }
+        return val
+      }),
+    sort: z
+      .union([z.string(), z.object({}).passthrough(), z.null()])
+      .optional()
+      .transform((val) => {
+        if (typeof val === 'object' && val !== null) {
+          return JSON.stringify(val)
+        }
+        return val
+      }),
+  })
+  .refine(mongoUsernamePasswordPaired, mongoUsernamePasswordPairedError)
+
+export const mongodbExecuteBodySchema = mongoConnectionBaseSchema
+  .extend({
+    collection: z.string().min(1, 'Collection name is required'),
+    pipeline: z
+      .union([z.string(), z.array(z.object({}).passthrough())])
+      .transform((val) => {
+        if (Array.isArray(val)) {
+          return JSON.stringify(val)
+        }
+        return val
+      })
+      .refine((val) => val && val.trim() !== '', {
+        message: 'Pipeline is required',
+      }),
+  })
+  .refine(mongoUsernamePasswordPaired, mongoUsernamePasswordPairedError)
+
+export const mongodbInsertBodySchema = mongoConnectionBaseSchema
+  .extend({
+    collection: z.string().min(1, 'Collection name is required'),
+    documents: z
+      .union([z.array(z.record(z.string(), z.unknown())), z.string()])
+      .transform((val) => {
+        if (typeof val === 'string') {
+          try {
+            const parsed = JSON.parse(val)
+            return Array.isArray(parsed) ? parsed : [parsed]
+          } catch {
+            throw new Error('Invalid JSON in documents field')
+          }
+        }
+        return val
+      })
+      .refine((val) => Array.isArray(val) && val.length > 0, {
+        message: 'At least one document is required',
+      }),
+  })
+  .refine(mongoUsernamePasswordPaired, mongoUsernamePasswordPairedError)
+
+export const mongodbUpdateBodySchema = mongoConnectionBaseSchema
+  .extend({
+    collection: z.string().min(1, 'Collection name is required'),
+    filter: mongoJsonStringOrObjectSchema('Filter is required for MongoDB Update').refine(
+      (val) => val !== '{}',
+      { message: 'Filter is required for MongoDB Update' }
+    ),
+    update: mongoJsonStringOrObjectSchema('Update is required'),
+    upsert: booleanStringSchema,
+    multi: booleanStringSchema,
+  })
+  .refine(mongoUsernamePasswordPaired, mongoUsernamePasswordPairedError)
+
+export const mongodbDeleteBodySchema = mongoConnectionBaseSchema
+  .extend({
+    collection: z.string().min(1, 'Collection name is required'),
+    filter: mongoJsonStringOrObjectSchema('Filter is required for MongoDB Delete').refine(
+      (val) => val !== '{}',
+      { message: 'Filter is required for MongoDB Delete' }
+    ),
+    multi: booleanStringSchema,
+  })
+  .refine(mongoUsernamePasswordPaired, mongoUsernamePasswordPairedError)
 
 export const mongodbIntrospectBodySchema = z
   .object({

apps/sim/lib/core/config/redis.ts

@@ -116,11 +116,12 @@ export function getRedisClient(): Redis | null {
   if (!redisUrl) return null
   if (globalRedisClient) return globalRedisClient
 
+  // Outside the try/catch so config errors aren't silently swallowed.
+  const tls = resolveTlsOptions(redisUrl)
+
   try {
     logger.info('Initializing Redis client')
 
-    const tls = resolveTlsOptions(redisUrl)
-
     globalRedisClient = new Redis(redisUrl, {
       keepAlive: 1000,
       connectTimeout: 10000,