Skip to content

Comments

fix: add In-Reply-To and References headers for Outlook reply threading#1246

Merged
elie222 merged 6 commits intomainfrom
fix/outlook-reply-threading
Jan 11, 2026
Merged

fix: add In-Reply-To and References headers for Outlook reply threading#1246
elie222 merged 6 commits intomainfrom
fix/outlook-reply-threading

Conversation

@elie222
Copy link
Owner

@elie222 elie222 commented Jan 11, 2026
edited by baz-reviewer bot
Loading

User description

Fix Outlook reply threading by setting proper email headers.

TLDR: Microsoft Graph API ignores conversationId when sending emails. This PR adds In-Reply-To and References headers so Microsoft properly threads replies.

  • Add internetMessageHeaders to sendEmailWithHtml with In-Reply-To and References headers
  • Microsoft uses these headers (not conversationId) to determine thread membership
  • This was causing replies to get different threadId values, breaking:
    • Draft cleanup (couldn't find ExecutedAction by threadId)
    • ThreadTracker resolution
    • DraftSendLog creation
  • Fix outbound-tracking test to check the original tracker by ID after reply
  • Previously used findFirst which could return a newly created AWAITING_REPLY tracker

Generated description

Below is a concise technical summary of the changes proposed in this PR:

graph LR
sendEmailWithHtml_("sendEmailWithHtml"):::modified
sendReplyUsingCreateReply_("sendReplyUsingCreateReply"):::added
OutlookMessageRequest_("OutlookMessageRequest"):::modified
EmailProvider_("EmailProvider"):::modified
MICROSOFT_GRAPH_API_("MICROSOFT_GRAPH_API"):::modified
replyToEmail_("replyToEmail"):::modified
createRawMailMessage_("createRawMailMessage"):::modified
buildThreadingHeaders_("buildThreadingHeaders"):::added
sendEmailWithHtml_ -- "Branches to new createReply flow for messageId-threaded replies." --> sendReplyUsingCreateReply_
sendEmailWithHtml_ -- "Constructs OutlookMessageRequest for new sends; excludes conversationId field." --> OutlookMessageRequest_
sendEmailWithHtml_ -- "Uses EmailProvider.replyToEmail.messageId to choose createReply." --> EmailProvider_
sendEmailWithHtml_ -- "Sends /me/sendMail for new messages when no replyId." --> MICROSOFT_GRAPH_API_
replyToEmail_ -- "Creates threaded draft via /createReply anchored to original message." --> MICROSOFT_GRAPH_API_
replyToEmail_ -- "Patches draft body with HTML content before sending." --> MICROSOFT_GRAPH_API_
replyToEmail_ -- "Sends reply draft via /send, Graph returns no sent ID." --> MICROSOFT_GRAPH_API_
sendReplyUsingCreateReply_ -- "Creates reply draft from original messageId for threading." --> MICROSOFT_GRAPH_API_
sendReplyUsingCreateReply_ -- "Patches draft subject, HTML body, and recipients before send." --> MICROSOFT_GRAPH_API_
sendReplyUsingCreateReply_ -- "Dispatches draft via /send; returns conversationId, empty id." --> MICROSOFT_GRAPH_API_
createRawMailMessage_ -- "Replaced manual headers with buildThreadingHeaders for RFC threading." --> buildThreadingHeaders_
classDef added stroke:#15AA7A
classDef removed stroke:#CD5270
classDef modified stroke:#EDAC4C
linkStyle default stroke:#CBD5E1,font-size:13px
Loading

Improves Outlook email threading within the inbox-zero-ai system by implementing RFC 5322 compliant In-Reply-To and References headers, utilizing the createReply API for Outlook and refining ThreadTracker test verification. Ensures replies are correctly grouped into conversations, which is crucial for automated email classification and streamlining responses.

Latest Contributors(1)
UserCommitDate
elie222fix-e2e-add-sequence-c...January 10, 2026
This pull request is reviewed by Baz. Review like a pro on (Baz).

@elie222
fix: add In-Reply-To and References headers for Outlook reply threading
a40eb8d 
Microsoft Graph API ignores the conversationId field when sending emails.
Instead, it uses In-Reply-To and References headers to determine thread
membership. This was causing replies to be assigned different threadIds,
breaking draft cleanup, ThreadTracker resolution, and other reply tracking.

Also fixes outbound-tracking test to check the original tracker by ID
instead of using findFirst which could return a newly created tracker.
@vercel
Copy link

vercel bot commented Jan 11, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
inbox-zero Ready Ready Preview Jan 11, 2026 5:31pm

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 11, 2026
edited
Loading

📝 Walkthrough

Walkthrough

Capture the pre-reply ThreadTracker ID and assert that that exact tracker is resolved after reply. Add a threading header builder and propagate RFC‑5322 In-Reply‑To/References into Gmail and Outlook reply flows; Outlook reply path now uses createReply → update → send.

Changes

Cohort / File(s) Summary
E2E test - outbound tracking
apps/web/__tests__/e2e/flows/outbound-tracking.test.ts		 Capture trackerBeforeReply by filtering resolved: false, store originalTrackerId, and verify that this specific tracker is resolved after sending the reply; update logs to reference the original tracker.
Threading utility & tests
apps/web/utils/email/threading.ts, apps/web/utils/email/threading.test.ts		 Add buildThreadingHeaders(options) to produce RFC‑5322 In-Reply-To and References; unit tests cover empty/falsy headerMessageId, references concatenation, trimming, and edge cases.
Outlook mail utility
apps/web/utils/outlook/mail.ts		 Remove conversationId? and isDraft? from OutlookMessageRequest; introduce createReply-based reply flow (/me/messages/{id}/createReply → update draft → send) via sendReplyUsingCreateReply; adjust returned id/conversation handling and threading headers; remove previous reliance on conversationId for threading.
Gmail mail utility
apps/web/utils/gmail/mail.ts		 Add replyToEmail.messageId?: string and use buildThreadingHeaders({ headerMessageId, references }) to populate raw message threading headers instead of manual assembly.
Email types & e2e helper
apps/web/utils/email/types.ts, apps/web/__tests__/e2e/flows/helpers/email.ts		 Add optional platform-specific messageId?: string to replyToEmail type; include messageId: originalMessageId in test helper sendTestReply payload to propagate platform message ID for reply flows.

Sequence Diagram(s)

(omitted)

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

Poem

🐰
I saved the ID before the hop,
Threads hum softly — never stop.
In‑Reply‑To and References say,
“Follow the trail, reply away.”
✨🐇

🚥 Pre-merge checks | ✅ 2 | ❌ 1
❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 28.57% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately summarizes the main change: adding In-Reply-To and References headers for Outlook reply threading to fix threading issues. It's concise, specific, and clearly communicates the primary objective of the changeset.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Jan 11, 2026
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
apps/web/utils/outlook/mail.ts (1)

61-83: Consider guarding conversationId assignment.

Line 62 may set conversationId to undefined if body.replyToEmail.threadId is undefined, since the condition on line 61 only checks for the existence of body.replyToEmail. While conversationId is optional in the interface, explicitly setting it to undefined might not be necessary.

The header-based threading logic (lines 64-82) correctly implements RFC 5322 standards:

  • In-Reply-To contains the immediate parent's Message-ID
  • References combines existing references with the headerMessageId
♻️ Optional: Guard conversationId assignment 
  if (body.replyToEmail) {
-   message.conversationId = body.replyToEmail.threadId;
+   if (body.replyToEmail.threadId) {
+     message.conversationId = body.replyToEmail.threadId;
+   }

    // Set In-Reply-To and References headers for proper threading
📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 46dceb0 and a40eb8d.

📒 Files selected for processing (2)
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
  • apps/web/utils/outlook/mail.ts
🧰 Additional context used
📓 Path-based instructions (22)
**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/data-fetching.mdc)

**/*.{ts,tsx}: For API GET requests to server, use the swr package
Use result?.serverError with toastError from @/components/Toast for error handling in async operations

**/*.{ts,tsx}: Use wrapper functions for Gmail message operations (get, list, batch, etc.) from @/utils/gmail/message.ts instead of direct API calls
Use wrapper functions for Gmail thread operations from @/utils/gmail/thread.ts instead of direct API calls
Use wrapper functions for Gmail label operations from @/utils/gmail/label.ts instead of direct API calls

**/*.{ts,tsx}: For early access feature flags, create hooks using the naming convention use[FeatureName]Enabled that return a boolean from useFeatureFlagEnabled("flag-key")
For A/B test variant flags, create hooks using the naming convention use[FeatureName]Variant that define variant types, use useFeatureFlagVariantKey() with type casting, and provide a default "control" fallback
Use kebab-case for PostHog feature flag keys (e.g., inbox-cleaner, pricing-options-2)
Always define types for A/B test variant flags (e.g., type PricingVariant = "control" | "variant-a" | "variant-b") and provide type safety through type casting

**/*.{ts,tsx}: Don't use primitive type aliases or misleading types
Don't use empty type parameters in type aliases and interfaces
Don't use this and super in static contexts
Don't use any or unknown as type constraints
Don't use the TypeScript directive @ts-ignore
Don't use TypeScript enums
Don't export imported variables
Don't add type annotations to variables, parameters, and class properties that are initialized with literal expressions
Don't use TypeScript namespaces
Don't use non-null assertions with the ! postfix operator
Don't use parameter properties in class constructors
Don't use user-defined types
Use as const instead of literal types and type annotations
Use either T[] or Array<T> consistently
Initialize each enum member value explicitly
Use export type for types
Use `impo...

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursor/rules/prisma-enum-imports.mdc)

Always import Prisma enums from @/generated/prisma/enums instead of @/generated/prisma/client to avoid Next.js bundling errors in client components

Import Prisma using the project's centralized utility: import prisma from '@/utils/prisma'

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
apps/web/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/project-structure.mdc)

Import specific lodash functions rather than entire lodash library to minimize bundle size (e.g., import groupBy from 'lodash/groupBy')

apps/web/**/*.{ts,tsx}: Use TypeScript with strict null checks
Do not export types/interfaces that are only used within the same file. Export later if needed
Infer types from Zod schemas using z.infer<typeof schema> instead of duplicating as separate interfaces

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

**/*.ts: ALL database queries MUST be scoped to the authenticated user/account by including user/account filtering in WHERE clauses to prevent unauthorized data access
Always validate that resources belong to the authenticated user before performing operations, using ownership checks in WHERE clauses or relationships
Always validate all input parameters for type, format, and length before using them in database queries
Use SafeError for error responses to prevent information disclosure. Generic error messages should not reveal internal IDs, logic, or resource ownership details
Only return necessary fields in API responses using Prisma's select option. Never expose sensitive data such as password hashes, private keys, or system flags
Prevent Insecure Direct Object References (IDOR) by validating resource ownership before operations. All findUnique/findFirst calls MUST include ownership filters
Prevent mass assignment vulnerabilities by explicitly whitelisting allowed fields in update operations instead of accepting all user-provided data
Prevent privilege escalation by never allowing users to modify system fields, ownership fields, or admin-only attributes through user input
All findMany queries MUST be scoped to the user's data by including appropriate WHERE filters to prevent returning data from other users
Use Prisma relationships for access control by leveraging nested where clauses (e.g., emailAccount: { id: emailAccountId }) to validate ownership

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/*.{tsx,ts}

📄 CodeRabbit inference engine (.cursor/rules/ui-components.mdc)

**/*.{tsx,ts}: Use Shadcn UI and Tailwind for components and styling
Use next/image package for images
For API GET requests to server, use the swr package with hooks like useSWR to fetch data
For text inputs, use the Input component with registerProps for form integration and error handling

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/*.{tsx,ts,css}

📄 CodeRabbit inference engine (.cursor/rules/ui-components.mdc)

Implement responsive design with Tailwind CSS using a mobile-first approach

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

**/*.{js,jsx,ts,tsx}: Don't use accessKey attribute on any HTML element
Don't set aria-hidden="true" on focusable elements
Don't add ARIA roles, states, and properties to elements that don't support them
Don't use distracting elements like <marquee> or <blink>
Only use the scope prop on <th> elements
Don't assign non-interactive ARIA roles to interactive HTML elements
Make sure label elements have text content and are associated with an input
Don't assign interactive ARIA roles to non-interactive HTML elements
Don't assign tabIndex to non-interactive HTML elements
Don't use positive integers for tabIndex property
Don't include "image", "picture", or "photo" in img alt prop
Don't use explicit role property that's the same as the implicit/default role
Make static elements with click handlers use a valid role attribute
Always include a title element for SVG elements
Give all elements requiring alt text meaningful information for screen readers
Make sure anchors have content that's accessible to screen readers
Assign tabIndex to non-interactive HTML elements with aria-activedescendant
Include all required ARIA attributes for elements with ARIA roles
Make sure ARIA properties are valid for the element's supported roles
Always include a type attribute for button elements
Make elements with interactive roles and handlers focusable
Give heading elements content that's accessible to screen readers (not hidden with aria-hidden)
Always include a lang attribute on the html element
Always include a title attribute for iframe elements
Accompany onClick with at least one of: onKeyUp, onKeyDown, or onKeyPress
Accompany onMouseOver/onMouseOut with onFocus/onBlur
Include caption tracks for audio and video elements
Use semantic elements instead of role attributes in JSX
Make sure all anchors are valid and navigable
Ensure all ARIA properties (aria-*) are valid
Use valid, non-abstract ARIA roles for elements with ARIA roles
Use valid AR...

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
!(pages/_document).{jsx,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

Don't use the next/head module in pages/_document.js on Next.js projects

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/*.{js,ts,jsx,tsx}

📄 CodeRabbit inference engine (.cursor/rules/utilities.mdc)

**/*.{js,ts,jsx,tsx}: Use lodash utilities for common operations (arrays, objects, strings)
Import specific lodash functions to minimize bundle size (e.g., import groupBy from 'lodash/groupBy')

**/*.{js,ts,jsx,tsx}: Add helper functions to the bottom of files, not the top!
All imports go at the top of files, no mid-file dynamic imports.

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/{utils,helpers,lib}/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/logging.mdc)

Logger should be passed as a parameter to helper functions instead of creating their own logger instances

Files:

  • apps/web/utils/outlook/mail.ts
apps/web/**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

apps/web/**/*.{ts,tsx,js,jsx}: Use @/ path aliases for imports from project root
Use proper error handling with try/catch blocks
Prefer self-documenting code over comments; use descriptive variable and function names instead of explaining intent with comments. Never add comments that just describe what the code does. Only add comments for 'why' not 'what'
Add helper functions to the bottom of files, not the top
All imports go at the top of files, no mid-file dynamic imports
Use getActionErrorMessage(error.error) from @/utils/error to extract user-friendly error messages

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
apps/web/**/*.{ts,tsx,css}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

Follow tailwindcss patterns with prettier-plugin-tailwindcss

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
apps/web/**/*.{ts,tsx,js,jsx,json}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

Client-side environment variables must be prefixed with NEXT_PUBLIC_

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/*.{js,ts,jsx,tsx,py,java,cs,rb,go,php,rs,kt,swift,m}

📄 CodeRabbit inference engine (.cursor/rules/notes.mdc)

Prefer self-documenting code over comments; use descriptive variable and function names instead of explaining intent with comments. Never add comments that just describe what the code does - code should explain itself. Only add comments for 'why' not 'what'.

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
apps/web/__tests__/**/*.test.ts

📄 CodeRabbit inference engine (.cursor/rules/llm-test.mdc)

apps/web/__tests__/**/*.test.ts: Place all LLM-related tests in apps/web/__tests__/ directory
Use vitest imports (describe, expect, test, vi, beforeEach) in LLM test files
Mock 'server-only' module with empty object in LLM test files: vi.mock("server-only", () => ({}))
Set timeout constant const TIMEOUT = 15_000; for LLM tests
Use describe.runIf(isAiTest) with environment variable RUN_AI_TESTS === "true" to conditionally run LLM tests
Use console.debug() for outputting generated LLM content in tests, e.g., console.debug("Generated content:\n", result.content);
Prefer using existing helpers from @/__tests__/helpers.ts (getEmailAccount, getEmail, getRule, getMockMessage, getMockExecutedRule) instead of creating custom test data helpers

Files:

  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
apps/web/{utils/ai,utils/llms,__tests__}/**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/llm.mdc)

LLM-related code must be organized in specific directories: apps/web/utils/ai/ for main implementations, apps/web/utils/llms/ for core utilities and configurations, and apps/web/__tests__/ for LLM-specific tests

Files:

  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/*.{test,spec}.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

**/*.{test,spec}.{js,jsx,ts,tsx}: Don't nest describe() blocks too deeply in test files
Don't use callbacks in asynchronous tests and hooks
Don't have duplicate hooks in describe blocks
Don't use export or module.exports in test files
Don't use focused tests
Make sure the assertion function, like expect, is placed inside an it() function call
Don't use disabled tests

Files:

  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/{scripts,tests,__tests__}/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/logging.mdc)

Use createScopedLogger only for code that doesn't run within a middleware chain, such as standalone scripts or tests

Files:

  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/*.test.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/testing.mdc)

**/*.test.{ts,tsx}: Use vitest as the testing framework
Colocate test files next to the tested file with .test.ts or .test.tsx naming convention (e.g., dir/format.ts and dir/format.test.ts)
Mock server-only using vi.mock("server-only", () => ({}))
Mock Prisma using vi.mock("@/utils/prisma") and the provided mock from @/utils/__mocks__/prisma
Use test helper functions getEmail, getEmailAccount, and getRule from @/__tests__/helpers for creating mock data
Clear all mocks between tests using beforeEach(() => { vi.clearAllMocks(); })
Use descriptive test names that clearly indicate what is being tested
Do not mock the Logger in tests

Files:

  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/__tests__/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/testing.mdc)

Place AI tests in the __tests__ directory and do not run them by default as they use a real LLM

Files:

  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
apps/web/**/*.test.{ts,tsx}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

Co-locate test files next to source files (e.g., utils/example.test.ts). Only E2E and AI tests go in __tests__/

Files:

  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
**/*.test.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursor/rules/notes.mdc)

Co-locate test files next to source files (e.g., utils/example.test.ts). Only E2E and AI tests go in __tests__/.

Files:

  • apps/web/__tests__/e2e/flows/outbound-tracking.test.ts
🧠 Learnings (2)
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail thread operations from @/utils/gmail/thread.ts instead of direct API calls

Applied to files:

  • apps/web/utils/outlook/mail.ts
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail message operations (get, list, batch, etc.) from @/utils/gmail/message.ts instead of direct API calls

Applied to files:

  • apps/web/utils/outlook/mail.ts
🧬 Code graph analysis (1)
apps/web/__tests__/e2e/flows/outbound-tracking.test.ts (1)
apps/web/__tests__/e2e/flows/helpers/logging.ts (1)
  • logStep (113-118)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
  • GitHub Check: Baz Reviewer
  • GitHub Check: cubic · AI code reviewer
  • GitHub Check: test
  • GitHub Check: Analyze (javascript-typescript)
🔇 Additional comments (4)
apps/web/__tests__/e2e/flows/outbound-tracking.test.ts (2)

229-246: LGTM! Improved tracker verification logic.

The addition of the resolved: false filter and capturing the specific tracker ID before sending the reply correctly addresses the issue described in the PR. By storing originalTrackerId, the test can later verify that this specific tracker gets resolved, avoiding false positives from newly created AWAITING_REPLY trackers.

269-283: LGTM! Correct verification of the original tracker.

The switch from findFirst to findUnique with the specific originalTrackerId is the correct approach. This ensures the test verifies that the original tracker is resolved, even if a new AWAITING_REPLY tracker is created after the reply is sent. The explanatory comment on lines 270-271 clearly documents why this approach is necessary.

apps/web/utils/outlook/mail.ts (2)

30-30: LGTM! Correct type definition for internet message headers.

The optional internetMessageHeaders field is correctly typed to match the Microsoft Graph API's Message interface structure.

96-96: LGTM! Comment accurately reflects the threading mechanism.

The updated comment correctly documents that thread continuity is maintained through In-Reply-To/References headers rather than just conversationId.

cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Jan 11, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 issue found across 2 files

Prompt for AI agents (all issues) 

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name="apps/web/utils/outlook/mail.ts">

<violation number="1" location="apps/web/utils/outlook/mail.ts:61">
P2: The condition change from `body.replyToEmail?.threadId` to `body.replyToEmail` means `conversationId` will now be set even when `threadId` is undefined/empty. Consider guarding the `conversationId` assignment: `if (body.replyToEmail.threadId) { message.conversationId = body.replyToEmail.threadId; }`</violation>
</file>

Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.

apps/web/utils/outlook/mail.ts Outdated
};

if (body.replyToEmail?.threadId) {
if (body.replyToEmail) {
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot Jan 11, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2: The condition change from body.replyToEmail?.threadId to body.replyToEmail means conversationId will now be set even when threadId is undefined/empty. Consider guarding the conversationId assignment: if (body.replyToEmail.threadId) { message.conversationId = body.replyToEmail.threadId; }

Prompt for AI agents 
Check if this issue is valid — if so, understand the root cause and fix it. At apps/web/utils/outlook/mail.ts, line 61:

<comment>The condition change from `body.replyToEmail?.threadId` to `body.replyToEmail` means `conversationId` will now be set even when `threadId` is undefined/empty. Consider guarding the `conversationId` assignment: `if (body.replyToEmail.threadId) { message.conversationId = body.replyToEmail.threadId; }`</comment>

<file context>
@@ -57,8 +58,28 @@ export async function sendEmailWithHtml(
   };
 
-  if (body.replyToEmail?.threadId) {
+  if (body.replyToEmail) {
     message.conversationId = body.replyToEmail.threadId;
+
</file context>

✅ Addressed in 19c22fd

Copy link
Owner Author

@elie222 elie222 Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The code has been reverted - we're now using the original if (body.replyToEmail?.threadId) guard, so this concern no longer applies.

Copy link
Contributor

@baz-reviewer baz-reviewer bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Commit 19c22fd addressed this comment by completely removing the problematic code block (lines 62-77 in the old code). The entire manual threading logic, including the concerning if (body.replyToEmail) condition and the message.conversationId = body.replyToEmail.threadId; assignment, has been deleted. The code now uses Microsoft Graph's native createReply API for proper threading instead of manually setting conversationId and headers.

coderabbitai[bot]
coderabbitai bot reviewed Jan 11, 2026
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Fix all issues with AI agents 
In @apps/web/utils/outlook/mail.ts:
- Around line 356-374: In buildReplyHeaders, the References header is built
incorrectly using the OR operator so headerMessageId is not appended when
references exists; change the logic so References is set to either "<references>
<headerMessageId>" when options.references is present or just
options.headerMessageId when not, ensuring a space-separated concatenation per
RFC 5322 (use options.references + ' ' + options.headerMessageId), and keep the
In-Reply-To header as options.headerMessageId.
📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a40eb8d and 645b789.

📒 Files selected for processing (1)
  • apps/web/utils/outlook/mail.ts
🧰 Additional context used
📓 Path-based instructions (14)
**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/data-fetching.mdc)

**/*.{ts,tsx}: For API GET requests to server, use the swr package
Use result?.serverError with toastError from @/components/Toast for error handling in async operations

**/*.{ts,tsx}: Use wrapper functions for Gmail message operations (get, list, batch, etc.) from @/utils/gmail/message.ts instead of direct API calls
Use wrapper functions for Gmail thread operations from @/utils/gmail/thread.ts instead of direct API calls
Use wrapper functions for Gmail label operations from @/utils/gmail/label.ts instead of direct API calls

**/*.{ts,tsx}: For early access feature flags, create hooks using the naming convention use[FeatureName]Enabled that return a boolean from useFeatureFlagEnabled("flag-key")
For A/B test variant flags, create hooks using the naming convention use[FeatureName]Variant that define variant types, use useFeatureFlagVariantKey() with type casting, and provide a default "control" fallback
Use kebab-case for PostHog feature flag keys (e.g., inbox-cleaner, pricing-options-2)
Always define types for A/B test variant flags (e.g., type PricingVariant = "control" | "variant-a" | "variant-b") and provide type safety through type casting

**/*.{ts,tsx}: Don't use primitive type aliases or misleading types
Don't use empty type parameters in type aliases and interfaces
Don't use this and super in static contexts
Don't use any or unknown as type constraints
Don't use the TypeScript directive @ts-ignore
Don't use TypeScript enums
Don't export imported variables
Don't add type annotations to variables, parameters, and class properties that are initialized with literal expressions
Don't use TypeScript namespaces
Don't use non-null assertions with the ! postfix operator
Don't use parameter properties in class constructors
Don't use user-defined types
Use as const instead of literal types and type annotations
Use either T[] or Array<T> consistently
Initialize each enum member value explicitly
Use export type for types
Use `impo...

Files:

  • apps/web/utils/outlook/mail.ts
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursor/rules/prisma-enum-imports.mdc)

Always import Prisma enums from @/generated/prisma/enums instead of @/generated/prisma/client to avoid Next.js bundling errors in client components

Import Prisma using the project's centralized utility: import prisma from '@/utils/prisma'

Files:

  • apps/web/utils/outlook/mail.ts
apps/web/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/project-structure.mdc)

Import specific lodash functions rather than entire lodash library to minimize bundle size (e.g., import groupBy from 'lodash/groupBy')

apps/web/**/*.{ts,tsx}: Use TypeScript with strict null checks
Do not export types/interfaces that are only used within the same file. Export later if needed
Infer types from Zod schemas using z.infer<typeof schema> instead of duplicating as separate interfaces

Files:

  • apps/web/utils/outlook/mail.ts
**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

**/*.ts: ALL database queries MUST be scoped to the authenticated user/account by including user/account filtering in WHERE clauses to prevent unauthorized data access
Always validate that resources belong to the authenticated user before performing operations, using ownership checks in WHERE clauses or relationships
Always validate all input parameters for type, format, and length before using them in database queries
Use SafeError for error responses to prevent information disclosure. Generic error messages should not reveal internal IDs, logic, or resource ownership details
Only return necessary fields in API responses using Prisma's select option. Never expose sensitive data such as password hashes, private keys, or system flags
Prevent Insecure Direct Object References (IDOR) by validating resource ownership before operations. All findUnique/findFirst calls MUST include ownership filters
Prevent mass assignment vulnerabilities by explicitly whitelisting allowed fields in update operations instead of accepting all user-provided data
Prevent privilege escalation by never allowing users to modify system fields, ownership fields, or admin-only attributes through user input
All findMany queries MUST be scoped to the user's data by including appropriate WHERE filters to prevent returning data from other users
Use Prisma relationships for access control by leveraging nested where clauses (e.g., emailAccount: { id: emailAccountId }) to validate ownership

Files:

  • apps/web/utils/outlook/mail.ts
**/*.{tsx,ts}

📄 CodeRabbit inference engine (.cursor/rules/ui-components.mdc)

**/*.{tsx,ts}: Use Shadcn UI and Tailwind for components and styling
Use next/image package for images
For API GET requests to server, use the swr package with hooks like useSWR to fetch data
For text inputs, use the Input component with registerProps for form integration and error handling

Files:

  • apps/web/utils/outlook/mail.ts
**/*.{tsx,ts,css}

📄 CodeRabbit inference engine (.cursor/rules/ui-components.mdc)

Implement responsive design with Tailwind CSS using a mobile-first approach

Files:

  • apps/web/utils/outlook/mail.ts
**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

**/*.{js,jsx,ts,tsx}: Don't use accessKey attribute on any HTML element
Don't set aria-hidden="true" on focusable elements
Don't add ARIA roles, states, and properties to elements that don't support them
Don't use distracting elements like <marquee> or <blink>
Only use the scope prop on <th> elements
Don't assign non-interactive ARIA roles to interactive HTML elements
Make sure label elements have text content and are associated with an input
Don't assign interactive ARIA roles to non-interactive HTML elements
Don't assign tabIndex to non-interactive HTML elements
Don't use positive integers for tabIndex property
Don't include "image", "picture", or "photo" in img alt prop
Don't use explicit role property that's the same as the implicit/default role
Make static elements with click handlers use a valid role attribute
Always include a title element for SVG elements
Give all elements requiring alt text meaningful information for screen readers
Make sure anchors have content that's accessible to screen readers
Assign tabIndex to non-interactive HTML elements with aria-activedescendant
Include all required ARIA attributes for elements with ARIA roles
Make sure ARIA properties are valid for the element's supported roles
Always include a type attribute for button elements
Make elements with interactive roles and handlers focusable
Give heading elements content that's accessible to screen readers (not hidden with aria-hidden)
Always include a lang attribute on the html element
Always include a title attribute for iframe elements
Accompany onClick with at least one of: onKeyUp, onKeyDown, or onKeyPress
Accompany onMouseOver/onMouseOut with onFocus/onBlur
Include caption tracks for audio and video elements
Use semantic elements instead of role attributes in JSX
Make sure all anchors are valid and navigable
Ensure all ARIA properties (aria-*) are valid
Use valid, non-abstract ARIA roles for elements with ARIA roles
Use valid AR...

Files:

  • apps/web/utils/outlook/mail.ts
!(pages/_document).{jsx,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

Don't use the next/head module in pages/_document.js on Next.js projects

Files:

  • apps/web/utils/outlook/mail.ts
**/*.{js,ts,jsx,tsx}

📄 CodeRabbit inference engine (.cursor/rules/utilities.mdc)

**/*.{js,ts,jsx,tsx}: Use lodash utilities for common operations (arrays, objects, strings)
Import specific lodash functions to minimize bundle size (e.g., import groupBy from 'lodash/groupBy')

**/*.{js,ts,jsx,tsx}: Add helper functions to the bottom of files, not the top!
All imports go at the top of files, no mid-file dynamic imports.

Files:

  • apps/web/utils/outlook/mail.ts
**/{utils,helpers,lib}/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/logging.mdc)

Logger should be passed as a parameter to helper functions instead of creating their own logger instances

Files:

  • apps/web/utils/outlook/mail.ts
apps/web/**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

apps/web/**/*.{ts,tsx,js,jsx}: Use @/ path aliases for imports from project root
Use proper error handling with try/catch blocks
Prefer self-documenting code over comments; use descriptive variable and function names instead of explaining intent with comments. Never add comments that just describe what the code does. Only add comments for 'why' not 'what'
Add helper functions to the bottom of files, not the top
All imports go at the top of files, no mid-file dynamic imports
Use getActionErrorMessage(error.error) from @/utils/error to extract user-friendly error messages

Files:

  • apps/web/utils/outlook/mail.ts
apps/web/**/*.{ts,tsx,css}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

Follow tailwindcss patterns with prettier-plugin-tailwindcss

Files:

  • apps/web/utils/outlook/mail.ts
apps/web/**/*.{ts,tsx,js,jsx,json}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

Client-side environment variables must be prefixed with NEXT_PUBLIC_

Files:

  • apps/web/utils/outlook/mail.ts
**/*.{js,ts,jsx,tsx,py,java,cs,rb,go,php,rs,kt,swift,m}

📄 CodeRabbit inference engine (.cursor/rules/notes.mdc)

Prefer self-documenting code over comments; use descriptive variable and function names instead of explaining intent with comments. Never add comments that just describe what the code does - code should explain itself. Only add comments for 'why' not 'what'.

Files:

  • apps/web/utils/outlook/mail.ts
🧠 Learnings (3)
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail thread operations from @/utils/gmail/thread.ts instead of direct API calls

Applied to files:

  • apps/web/utils/outlook/mail.ts
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail message operations (get, list, batch, etc.) from @/utils/gmail/message.ts instead of direct API calls

Applied to files:

  • apps/web/utils/outlook/mail.ts
📚 Learning: 2025-12-31T23:49:09.597Z 
Learnt from: rsnodgrass
Repo: elie222/inbox-zero PR: 1154
File: apps/web/app/api/user/setup-progress/route.ts:0-0
Timestamp: 2025-12-31T23:49:09.597Z
Learning: In apps/web/app/api/user/setup-progress/route.ts, Reply Zero enabled status should be determined solely by checking if the TO_REPLY rule is enabled, as it is the critical/canonical rule that Reply Zero is based on. The other conversation status types (FYI, AWAITING_REPLY, ACTIONED) should not be checked for determining Reply Zero setup progress.
<!-- </add_learning>

Applied to files:

  • apps/web/utils/outlook/mail.ts
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
  • GitHub Check: Baz Reviewer
  • GitHub Check: test
  • GitHub Check: Analyze (javascript-typescript)
🔇 Additional comments (4)
apps/web/utils/outlook/mail.ts (4)

30-30: LGTM!

The internetMessageHeaders field addition correctly matches the Microsoft Graph API's message type and supports the PR's objective of enabling header-based threading.

61-72: LGTM!

The implementation correctly sets both conversationId and threading headers when replying to an email. The conditional check ensures headers are only added when headerMessageId is available.

85-85: LGTM!

The updated comment correctly explains the threading mechanism and provides valuable context about Microsoft Graph's behavior.

113-136: LGTM!

The implementation correctly extracts the headerMessageId and conditionally adds threading headers to maintain proper email thread continuity.

baz-reviewer[bot]
baz-reviewer bot reviewed Jan 11, 2026
View reviewed changes
apps/web/utils/outlook/mail.ts Outdated
Comment on lines 356 to 374
function buildReplyHeaders(options: {
headerMessageId: string;
references?: string;
}): { name: string; value: string }[] {
const headers: { name: string; value: string }[] = [];

if (options.headerMessageId) {
headers.push({
name: "In-Reply-To",
value: options.headerMessageId,
});
headers.push({
name: "References",
value: options.references || options.headerMessageId,
});
}

return headers;
}
Copy link
Contributor

@baz-reviewer baz-reviewer bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could this helper simply return early when there is no headerMessageId and emit a literal array instead of pushing into headers? Something like:

if (!options.headerMessageId) {
  return [];
}
return [
  { name: "In-Reply-To", value: options.headerMessageId },
  { name: "References", value: options.references ?? options.headerMessageId },
];

This keeps the helper short and swaps the || fallback for ??, so an intentional empty references value isn't overwritten.

Prompt for AI Agents:

In apps/web/utils/outlook/mail.ts around lines 356-374, the buildReplyHeaders function
builds headers by pushing into an array and uses || for the references fallback.
Refactor by returning early when options.headerMessageId is falsy (return []), and when
present return a literal array: [{ name: 'In-Reply-To', value: options.headerMessageId
}, { name: 'References', value: options.references ?? options.headerMessageId }].
Replace the || fallback with ?? so an explicit empty references value is preserved.

Fix in Cursor

Finding type: Conciseness

Heads up!

Your free trial ends in 2 days.
To keep getting your PRs reviewed by Baz, update your team's subscription

Copy link
Contributor

@baz-reviewer baz-reviewer bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Commit c0b0aa4 addressed this comment by removing the buildReplyHeaders function entirely and replacing it with a shared utility buildThreadingHeaders imported from @/utils/email/threading. This approach addresses the conciseness concern by moving the logic to a reusable module, and the problematic code with the || fallback no longer exists in this file.

Copy link
Owner Author

@elie222 elie222 Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done. Refactored to a shared buildThreadingHeaders() helper in utils/email/threading.ts that's now used by both Gmail and Outlook. The helper is much simpler and returns early when no headerMessageId is provided.

Repository owner deleted a comment from coderabbitai bot Jan 11, 2026
@elie222
refactor: shared RFC 5322 threading headers for Gmail and Outlook
c0b0aa4 
- Create buildThreadingHeaders() in utils/email/threading.ts
- Fix RFC 5322 compliance: References now appends headerMessageId to existing refs
- Update Outlook to use shared helper instead of local buildReplyHeaders
- Update Gmail to use shared helper instead of inline logic
- Add unit tests for threading header construction
coderabbitai[bot]
coderabbitai bot reviewed Jan 11, 2026
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
apps/web/utils/gmail/mail.ts (1)

94-102: Avoid emitting empty In-Reply-To / References headers on non-replies.
Right now buildThreadingHeaders({ headerMessageId: replyToEmail?.headerMessageId || "" }) returns empty strings when there’s no reply target, and those may end up serialized as blank headers. Prefer only setting these fields when headerMessageId is present.

Proposed fix 
-    // https://datatracker.ietf.org/doc/html/rfc2822#appendix-A.2
-    ...buildThreadingHeaders({
-      headerMessageId: replyToEmail?.headerMessageId || "",
-      references: replyToEmail?.references,
-    }),
+    // https://datatracker.ietf.org/doc/html/rfc2822#appendix-A.2
+    ...(replyToEmail?.headerMessageId
+      ? buildThreadingHeaders({
+          headerMessageId: replyToEmail.headerMessageId,
+          references: replyToEmail.references,
+        })
+      : {}),
🤖 Fix all issues with AI agents 
In @apps/web/utils/outlook/mail.ts:
- Around line 62-77: The current code in mail.ts sets message.conversationId and
populates message.internetMessageHeaders with standard RFC-5322 headers via
buildThreadingHeaders (using body.replyToEmail.headerMessageId and references),
but Graph /me/sendMail will ignore conversationId and reject/ignore standard
headers like "In-Reply-To"/"References"; instead, remove setting
message.conversationId and stop injecting those standard headers into
message.internetMessageHeaders, and switch to using the Graph reply/createReply
APIs (e.g., call the message reply endpoint for the existing thread/message id
from body.replyToEmail.threadId or headerMessageId) or send raw MIME via the
sendMail MIME option to preserve threading; update the logic in the block that
checks body.replyToEmail and the code paths that call sendMail to use the
reply/createReply or raw MIME flow rather than setting internetMessageHeaders.
🧹 Nitpick comments (3)
apps/web/utils/email/threading.test.ts (1)

10-15: Avoid undefined as unknown as string in the test; prefer typing the API to match usage.
Consider changing buildThreadingHeaders to accept headerMessageId?: string | null (and treat missing as “no headers”), then this test can pass undefined without casting (or just remove this test since the empty-string case already covers “no headers”).

apps/web/utils/email/threading.ts (1)

6-19: Prefer returning “no fields” over empty strings to prevent blank header emission.
Given usage via object spread, it’d be safer if “no headerMessageId” returned {} (and the return type used optional fields), rather than { inReplyTo: "", references: "" }. This also lets call sites pass replyToEmail?.headerMessageId without || "".

Possible refactor 
-export function buildThreadingHeaders(options: {
-  headerMessageId: string;
-  references?: string;
-}): { inReplyTo: string; references: string } {
-  if (!options.headerMessageId) {
-    return { inReplyTo: "", references: "" };
-  }
+export function buildThreadingHeaders(options: {
+  headerMessageId?: string | null;
+  references?: string;
+}): { inReplyTo?: string; references?: string } {
+  if (!options.headerMessageId) return {};

   return {
     inReplyTo: options.headerMessageId,
     references: options.references
       ? `${options.references} ${options.headerMessageId}`.trim()
       : options.headerMessageId,
   };
 }
apps/web/utils/outlook/mail.ts (1)

118-147: Optional: avoid the IIFE; compute headers once and assign directly.
Makes the reply payload construction easier to scan/debug without changing behavior.

Example simplification 
-  const replyMessage: OutlookMessageRequest = {
+  const replyMessage: OutlookMessageRequest = {
     subject: formatReplySubject(message.headers.subject),
     body: {
       contentType: "html",
       content: html,
     },
@@
     conversationId: message.threadId,
-    // Set In-Reply-To and References headers for proper threading
-    ...(headerMessageId && {
-      internetMessageHeaders: (() => {
-        const headers = buildThreadingHeaders({
-          headerMessageId,
-          references: message.headers.references,
-        });
-        return [
-          { name: "In-Reply-To", value: headers.inReplyTo },
-          { name: "References", value: headers.references },
-        ];
-      })(),
-    }),
+    ...(headerMessageId
+      ? (() => {
+          const headers = buildThreadingHeaders({
+            headerMessageId,
+            references: message.headers.references,
+          });
+          return {
+            internetMessageHeaders: [
+              { name: "In-Reply-To", value: headers.inReplyTo },
+              { name: "References", value: headers.references },
+            ],
+          };
+        })()
+      : {}),
   };
📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 645b789 and c0b0aa4.

📒 Files selected for processing (4)
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/email/threading.ts
  • apps/web/utils/gmail/mail.ts
  • apps/web/utils/outlook/mail.ts
🧰 Additional context used
📓 Path-based instructions (19)
**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/data-fetching.mdc)

**/*.{ts,tsx}: For API GET requests to server, use the swr package
Use result?.serverError with toastError from @/components/Toast for error handling in async operations

**/*.{ts,tsx}: Use wrapper functions for Gmail message operations (get, list, batch, etc.) from @/utils/gmail/message.ts instead of direct API calls
Use wrapper functions for Gmail thread operations from @/utils/gmail/thread.ts instead of direct API calls
Use wrapper functions for Gmail label operations from @/utils/gmail/label.ts instead of direct API calls

**/*.{ts,tsx}: For early access feature flags, create hooks using the naming convention use[FeatureName]Enabled that return a boolean from useFeatureFlagEnabled("flag-key")
For A/B test variant flags, create hooks using the naming convention use[FeatureName]Variant that define variant types, use useFeatureFlagVariantKey() with type casting, and provide a default "control" fallback
Use kebab-case for PostHog feature flag keys (e.g., inbox-cleaner, pricing-options-2)
Always define types for A/B test variant flags (e.g., type PricingVariant = "control" | "variant-a" | "variant-b") and provide type safety through type casting

**/*.{ts,tsx}: Don't use primitive type aliases or misleading types
Don't use empty type parameters in type aliases and interfaces
Don't use this and super in static contexts
Don't use any or unknown as type constraints
Don't use the TypeScript directive @ts-ignore
Don't use TypeScript enums
Don't export imported variables
Don't add type annotations to variables, parameters, and class properties that are initialized with literal expressions
Don't use TypeScript namespaces
Don't use non-null assertions with the ! postfix operator
Don't use parameter properties in class constructors
Don't use user-defined types
Use as const instead of literal types and type annotations
Use either T[] or Array<T> consistently
Initialize each enum member value explicitly
Use export type for types
Use `impo...

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursor/rules/prisma-enum-imports.mdc)

Always import Prisma enums from @/generated/prisma/enums instead of @/generated/prisma/client to avoid Next.js bundling errors in client components

Import Prisma using the project's centralized utility: import prisma from '@/utils/prisma'

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
apps/web/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/project-structure.mdc)

Import specific lodash functions rather than entire lodash library to minimize bundle size (e.g., import groupBy from 'lodash/groupBy')

apps/web/**/*.{ts,tsx}: Use TypeScript with strict null checks
Do not export types/interfaces that are only used within the same file. Export later if needed
Infer types from Zod schemas using z.infer<typeof schema> instead of duplicating as separate interfaces

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

**/*.ts: ALL database queries MUST be scoped to the authenticated user/account by including user/account filtering in WHERE clauses to prevent unauthorized data access
Always validate that resources belong to the authenticated user before performing operations, using ownership checks in WHERE clauses or relationships
Always validate all input parameters for type, format, and length before using them in database queries
Use SafeError for error responses to prevent information disclosure. Generic error messages should not reveal internal IDs, logic, or resource ownership details
Only return necessary fields in API responses using Prisma's select option. Never expose sensitive data such as password hashes, private keys, or system flags
Prevent Insecure Direct Object References (IDOR) by validating resource ownership before operations. All findUnique/findFirst calls MUST include ownership filters
Prevent mass assignment vulnerabilities by explicitly whitelisting allowed fields in update operations instead of accepting all user-provided data
Prevent privilege escalation by never allowing users to modify system fields, ownership fields, or admin-only attributes through user input
All findMany queries MUST be scoped to the user's data by including appropriate WHERE filters to prevent returning data from other users
Use Prisma relationships for access control by leveraging nested where clauses (e.g., emailAccount: { id: emailAccountId }) to validate ownership

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
**/*.{tsx,ts}

📄 CodeRabbit inference engine (.cursor/rules/ui-components.mdc)

**/*.{tsx,ts}: Use Shadcn UI and Tailwind for components and styling
Use next/image package for images
For API GET requests to server, use the swr package with hooks like useSWR to fetch data
For text inputs, use the Input component with registerProps for form integration and error handling

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
**/*.{tsx,ts,css}

📄 CodeRabbit inference engine (.cursor/rules/ui-components.mdc)

Implement responsive design with Tailwind CSS using a mobile-first approach

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

**/*.{js,jsx,ts,tsx}: Don't use accessKey attribute on any HTML element
Don't set aria-hidden="true" on focusable elements
Don't add ARIA roles, states, and properties to elements that don't support them
Don't use distracting elements like <marquee> or <blink>
Only use the scope prop on <th> elements
Don't assign non-interactive ARIA roles to interactive HTML elements
Make sure label elements have text content and are associated with an input
Don't assign interactive ARIA roles to non-interactive HTML elements
Don't assign tabIndex to non-interactive HTML elements
Don't use positive integers for tabIndex property
Don't include "image", "picture", or "photo" in img alt prop
Don't use explicit role property that's the same as the implicit/default role
Make static elements with click handlers use a valid role attribute
Always include a title element for SVG elements
Give all elements requiring alt text meaningful information for screen readers
Make sure anchors have content that's accessible to screen readers
Assign tabIndex to non-interactive HTML elements with aria-activedescendant
Include all required ARIA attributes for elements with ARIA roles
Make sure ARIA properties are valid for the element's supported roles
Always include a type attribute for button elements
Make elements with interactive roles and handlers focusable
Give heading elements content that's accessible to screen readers (not hidden with aria-hidden)
Always include a lang attribute on the html element
Always include a title attribute for iframe elements
Accompany onClick with at least one of: onKeyUp, onKeyDown, or onKeyPress
Accompany onMouseOver/onMouseOut with onFocus/onBlur
Include caption tracks for audio and video elements
Use semantic elements instead of role attributes in JSX
Make sure all anchors are valid and navigable
Ensure all ARIA properties (aria-*) are valid
Use valid, non-abstract ARIA roles for elements with ARIA roles
Use valid AR...

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
!(pages/_document).{jsx,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

Don't use the next/head module in pages/_document.js on Next.js projects

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
**/*.{js,ts,jsx,tsx}

📄 CodeRabbit inference engine (.cursor/rules/utilities.mdc)

**/*.{js,ts,jsx,tsx}: Use lodash utilities for common operations (arrays, objects, strings)
Import specific lodash functions to minimize bundle size (e.g., import groupBy from 'lodash/groupBy')

**/*.{js,ts,jsx,tsx}: Add helper functions to the bottom of files, not the top!
All imports go at the top of files, no mid-file dynamic imports.

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
**/{utils,helpers,lib}/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/logging.mdc)

Logger should be passed as a parameter to helper functions instead of creating their own logger instances

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
apps/web/**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

apps/web/**/*.{ts,tsx,js,jsx}: Use @/ path aliases for imports from project root
Use proper error handling with try/catch blocks
Prefer self-documenting code over comments; use descriptive variable and function names instead of explaining intent with comments. Never add comments that just describe what the code does. Only add comments for 'why' not 'what'
Add helper functions to the bottom of files, not the top
All imports go at the top of files, no mid-file dynamic imports
Use getActionErrorMessage(error.error) from @/utils/error to extract user-friendly error messages

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
apps/web/**/*.{ts,tsx,css}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

Follow tailwindcss patterns with prettier-plugin-tailwindcss

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
apps/web/**/*.{ts,tsx,js,jsx,json}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

Client-side environment variables must be prefixed with NEXT_PUBLIC_

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
**/*.{js,ts,jsx,tsx,py,java,cs,rb,go,php,rs,kt,swift,m}

📄 CodeRabbit inference engine (.cursor/rules/notes.mdc)

Prefer self-documenting code over comments; use descriptive variable and function names instead of explaining intent with comments. Never add comments that just describe what the code does - code should explain itself. Only add comments for 'why' not 'what'.

Files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
**/*.{test,spec}.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

**/*.{test,spec}.{js,jsx,ts,tsx}: Don't nest describe() blocks too deeply in test files
Don't use callbacks in asynchronous tests and hooks
Don't have duplicate hooks in describe blocks
Don't use export or module.exports in test files
Don't use focused tests
Make sure the assertion function, like expect, is placed inside an it() function call
Don't use disabled tests

Files:

  • apps/web/utils/email/threading.test.ts
**/*.test.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/testing.mdc)

**/*.test.{ts,tsx}: Use vitest as the testing framework
Colocate test files next to the tested file with .test.ts or .test.tsx naming convention (e.g., dir/format.ts and dir/format.test.ts)
Mock server-only using vi.mock("server-only", () => ({}))
Mock Prisma using vi.mock("@/utils/prisma") and the provided mock from @/utils/__mocks__/prisma
Use test helper functions getEmail, getEmailAccount, and getRule from @/__tests__/helpers for creating mock data
Clear all mocks between tests using beforeEach(() => { vi.clearAllMocks(); })
Use descriptive test names that clearly indicate what is being tested
Do not mock the Logger in tests

Files:

  • apps/web/utils/email/threading.test.ts
apps/web/**/*.test.{ts,tsx}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

Co-locate test files next to source files (e.g., utils/example.test.ts). Only E2E and AI tests go in __tests__/

Files:

  • apps/web/utils/email/threading.test.ts
**/*.test.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursor/rules/notes.mdc)

Co-locate test files next to source files (e.g., utils/example.test.ts). Only E2E and AI tests go in __tests__/.

Files:

  • apps/web/utils/email/threading.test.ts
apps/web/utils/gmail/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/gmail-api.mdc)

apps/web/utils/gmail/**/*.{ts,tsx}: Always use wrapper functions from @/utils/gmail/ for Gmail API operations instead of direct provider API calls
Keep Gmail provider-specific implementation details isolated within the apps/web/utils/gmail/ directory

Files:

  • apps/web/utils/gmail/mail.ts
🧠 Learnings (10)
📓 Common learnings 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail thread operations from @/utils/gmail/thread.ts instead of direct API calls
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail thread operations from @/utils/gmail/thread.ts instead of direct API calls

Applied to files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/email/threading.test.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail message operations (get, list, batch, etc.) from @/utils/gmail/message.ts instead of direct API calls

Applied to files:

  • apps/web/utils/email/threading.ts
  • apps/web/utils/outlook/mail.ts
  • apps/web/utils/gmail/mail.ts
📚 Learning: 2025-11-25T14:37:56.430Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/llm-test.mdc:0-0
Timestamp: 2025-11-25T14:37:56.430Z
Learning: Applies to apps/web/__tests__/**/*.test.ts : Prefer using existing helpers from `@/__tests__/helpers.ts` (`getEmailAccount`, `getEmail`, `getRule`, `getMockMessage`, `getMockExecutedRule`) instead of creating custom test data helpers

Applied to files:

  • apps/web/utils/email/threading.test.ts
📚 Learning: 2026-01-01T10:42:29.775Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2026-01-01T10:42:29.775Z
Learning: Applies to **/*.test.{ts,tsx} : Use test helper functions `getEmail`, `getEmailAccount`, and `getRule` from `@/__tests__/helpers` for creating mock data

Applied to files:

  • apps/web/utils/email/threading.test.ts
📚 Learning: 2025-12-31T23:49:09.597Z 
Learnt from: rsnodgrass
Repo: elie222/inbox-zero PR: 1154
File: apps/web/app/api/user/setup-progress/route.ts:0-0
Timestamp: 2025-12-31T23:49:09.597Z
Learning: In apps/web/app/api/user/setup-progress/route.ts, Reply Zero enabled status should be determined solely by checking if the TO_REPLY rule is enabled, as it is the critical/canonical rule that Reply Zero is based on. The other conversation status types (FYI, AWAITING_REPLY, ACTIONED) should not be checked for determining Reply Zero setup progress.
<!-- </add_learning>

Applied to files:

  • apps/web/utils/outlook/mail.ts
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail label operations from @/utils/gmail/label.ts instead of direct API calls

Applied to files:

  • apps/web/utils/gmail/mail.ts
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to apps/web/utils/gmail/**/*.{ts,tsx} : Always use wrapper functions from @/utils/gmail/ for Gmail API operations instead of direct provider API calls

Applied to files:

  • apps/web/utils/gmail/mail.ts
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to apps/web/utils/gmail/**/*.{ts,tsx} : Keep Gmail provider-specific implementation details isolated within the apps/web/utils/gmail/ directory

Applied to files:

  • apps/web/utils/gmail/mail.ts
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Design Gmail wrapper functions to be provider-agnostic to support future email providers like Outlook and ProtonMail

Applied to files:

  • apps/web/utils/gmail/mail.ts
🧬 Code graph analysis (2)
apps/web/utils/email/threading.test.ts (1)
apps/web/utils/email/threading.ts (1)
  • buildThreadingHeaders (6-20)
apps/web/utils/outlook/mail.ts (1)
apps/web/utils/email/threading.ts (1)
  • buildThreadingHeaders (6-20)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
  • GitHub Check: test
  • GitHub Check: Analyze (javascript-typescript)
🔇 Additional comments (2)
apps/web/utils/gmail/mail.ts (1)

24-24: Good centralization of threading header logic.
Nice move pulling threading construction into buildThreadingHeaders.

apps/web/utils/outlook/mail.ts (1)

20-33: internetMessageHeaders addition to the request type looks right.
Keeps the payload explicit and avoids sprinkling any/casts.

baz-reviewer[bot]
baz-reviewer bot reviewed Jan 11, 2026
View reviewed changes
apps/web/utils/email/threading.ts Outdated
Comment on lines 1 to 4
/**
* Build RFC 5322 compliant email threading headers.
* References = parent's References + parent's Message-ID
* https://datatracker.ietf.org/doc/html/rfc2822#appendix-A.2
Copy link
Contributor

@baz-reviewer baz-reviewer bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

/**
 * Build RFC 5322 compliant email threading headers.
 * https://datatracker.ietf.org/doc/html/rfc2822#appendix-A.2
 */

It reads as RFC 5322 but links to RFC 2822; should the referenced RFC number match the URL to avoid confusion?

Suggested change
/**
* Build RFC 5322 compliant email threading headers.
* References = parent's References + parent's Message-ID
* https://datatracker.ietf.org/doc/html/rfc2822#appendix-A.2
/**
* Build RFC 5322 compliant email threading headers.
* References = parent's References + parent's Message-ID
* https://datatracker.ietf.org/doc/html/rfc5322#appendix-A.2

Finding type: Naming and Typos

Heads up!

Your free trial ends tomorrow.
To keep getting your PRs reviewed by Baz, update your team's subscription

Copy link
Owner Author

@elie222 elie222 Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed - updated the URL to point to RFC 5322 instead of RFC 2822.

Copy link
Contributor

@baz-reviewer baz-reviewer bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, thanks for updating the URL to RFC 5322—this keeps the comment consistent and avoids confusion for future readers.

Copy link
Contributor

@baz-reviewer baz-reviewer bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Commit b141df2 addressed this comment. The URL in the documentation comment was updated from rfc2822 to rfc5322 on line 4, making it consistent with the "RFC 5322 compliant" text mentioned in the comment. This resolves the discrepancy that was causing potential confusion.

apps/web/utils/outlook/mail.ts Outdated
Comment on lines 62 to 75
if (body.replyToEmail) {
message.conversationId = body.replyToEmail.threadId;

// Set In-Reply-To and References headers for proper threading
// Microsoft uses these headers (not conversationId) to determine thread membership
if (body.replyToEmail.headerMessageId) {
const headers = buildThreadingHeaders({
headerMessageId: body.replyToEmail.headerMessageId,
references: body.replyToEmail.references,
});
message.internetMessageHeaders = [
{ name: "In-Reply-To", value: headers.inReplyTo },
{ name: "References", value: headers.references },
];
Copy link
Contributor

@baz-reviewer baz-reviewer bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The new code in sendEmailWithHtml attaches In-Reply-To/References via internetMessageHeaders when replying, but Microsoft Graph only lets you set custom (typically X-) headers through that field; standard RFC headers such as In-Reply-To/References are ignored/stripped by the service when you POST /me/sendMail (see graph/outlook-send-mime-message docs). As a result the intended threading fix never reaches Outlook, and the change has no effect.

Prompt for AI Agents:

In apps/web/utils/outlook/mail.ts around lines 62-75, the sendEmailWithHtml function
sets In-Reply-To/References by writing them into message.internetMessageHeaders, but
Microsoft Graph strips standard RFC headers on POST /me/sendMail so those headers never
reach Outlook. Remove the code that assigns In-Reply-To/References to
internetMessageHeaders, replace it with a short comment explaining that Graph strips
standard headers and that conversationId is the only reliable field here, and add a TODO
(or a logged warning) directing implementers to use an alternative delivery method (send
raw MIME via the Graph endpoint or SMTP) if true In-Reply-To/References header
preservation is required. Keep the conversationId assignment intact. Ensure the change
is limited to lines 62-75 and update tests/comments accordingly.

Fix in Cursor

Finding type: Logical Bugs

Heads up!

Your free trial ends tomorrow.
To keep getting your PRs reviewed by Baz, update your team's subscription

Copy link
Contributor

@baz-reviewer baz-reviewer bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Commit 19c22fd addressed this comment by completely removing the problematic internetMessageHeaders code (lines 62-77) that attempted to set In-Reply-To/References headers. Instead of just documenting the limitation as suggested, the code was refactored to use Microsoft Graph's createReply endpoint, which properly handles email threading without requiring manual header manipulation. Comments were added explaining that "Microsoft Graph's sendMail doesn't support In-Reply-To/References headers" and that "Only createReply/createReplyAll endpoints ensure proper threading."

@elie222
fix: use createReply pattern for Outlook email threading
19c22fd 
Microsoft Graph's sendMail endpoint doesn't support In-Reply-To/References
headers via internetMessageHeaders. Refactored to use createReply + send
pattern which properly handles threading.

- Refactor replyToEmail to use createReply + update + send
- Refactor sendEmailWithHtml to use createReply when messageId provided
- Add messageId field to SendEmailBody.replyToEmail type
- Remove unused threading header code from Outlook
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Jan 11, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 issue found across 4 files (changes from recent commits).

Prompt for AI agents (all issues) 

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name="apps/web/utils/outlook/mail.ts">

<violation number="1" location="apps/web/utils/outlook/mail.ts:133">
P2: Return empty string for `id` instead of `replyDraft.id`. After calling `/send`, the draft is deleted and Graph doesn't return the sent message ID. The draft ID becomes invalid.

(Based on your team's feedback about returning empty messageId when sent message cannot be retrieved in Outlook.) [FEEDBACK_USED]</violation>
</file>

Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.

apps/web/utils/outlook/mail.ts Outdated
);

return {
id: replyDraft.id,
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot Jan 11, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2: Return empty string for id instead of replyDraft.id. After calling /send, the draft is deleted and Graph doesn't return the sent message ID. The draft ID becomes invalid.

(Based on your team's feedback about returning empty messageId when sent message cannot be retrieved in Outlook.)

View Feedback

Prompt for AI agents 
Check if this issue is valid — if so, understand the root cause and fix it. At apps/web/utils/outlook/mail.ts, line 133:

<comment>Return empty string for `id` instead of `replyDraft.id`. After calling `/send`, the draft is deleted and Graph doesn't return the sent message ID. The draft ID becomes invalid.

(Based on your team's feedback about returning empty messageId when sent message cannot be retrieved in Outlook.) </comment>

<file context>
@@ -110,55 +92,47 @@ export async function replyToEmail(
+  );
+
+  return {
+    id: replyDraft.id,
+    conversationId: replyDraft.conversationId,
+  };
</file context>
Suggested change
id: replyDraft.id,
id: "", // Draft ID is no longer valid after /send; Graph doesn't return sent message ID

✅ Addressed in b141df2

Copy link
Owner Author

@elie222 elie222 Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed - now returning empty string for id after /send since the draft ID is no longer valid once the message is sent.

Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the feedback! I've updated an existing learning with this new information.

Copy link
Contributor

@baz-reviewer baz-reviewer bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Commit b141df2 addressed this comment. The code was updated to return id: "" instead of id: replyDraft.id in the replyToEmail function (Hunk 1, line 134), with an explanatory comment added on line 132 stating "Draft ID is no longer valid after /send; Graph doesn't return sent message ID". The same fix was also applied to the sendReplyUsingCreateReply function (Hunk 2).

coderabbitai[bot]
coderabbitai bot reviewed Jan 11, 2026
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (2)
apps/web/utils/outlook/mail.ts (2)

102-124: Consider explicit subject handling for consistency.

The refactored replyToEmail relies on the createReply endpoint's default subject handling (typically "Re: " prefix) rather than explicitly setting the subject. While this works for standard replies, it may limit flexibility if custom subjects are needed in the future.

Optional: Add explicit subject handling 
  // Update the draft with our content
  await withOutlookRetry(
    () =>
      client
        .getClient()
        .api(`/me/messages/${replyDraft.id}`)
        .patch({
+         subject: message.headers.subject?.startsWith("Re:")
+           ? message.headers.subject
+           : `Re: ${message.headers.subject}`,
          body: {
            contentType: "html",
            content: html,
          },
        }),
    logger,
  );

341-391: Avoid non-null assertions per coding guidelines.

Line 346 uses non-null assertions (body.replyToEmail!.messageId!), which violates the coding guideline: "Don't use non-null assertions with the ! postfix operator."

♻️ Safer destructuring approach 
 async function sendReplyUsingCreateReply(
   client: OutlookClient,
   body: SendEmailBody,
   logger: Logger,
 ): Promise<SentEmailResult> {
-  const originalMessageId = body.replyToEmail!.messageId!;
+  const originalMessageId = body.replyToEmail?.messageId;
+  if (!originalMessageId) {
+    throw new Error("messageId is required for createReply flow");
+  }

   // Use createReply to create a properly threaded draft
   const replyDraft: Message = await withOutlookRetry(

As per coding guidelines.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c0b0aa4 and 19c22fd.

📒 Files selected for processing (4)
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
  • apps/web/utils/gmail/mail.ts
  • apps/web/utils/outlook/mail.ts
🚧 Files skipped from review as they are similar to previous changes (1)
  • apps/web/utils/gmail/mail.ts
🧰 Additional context used
📓 Path-based instructions (17)
**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/data-fetching.mdc)

**/*.{ts,tsx}: For API GET requests to server, use the swr package
Use result?.serverError with toastError from @/components/Toast for error handling in async operations

**/*.{ts,tsx}: Use wrapper functions for Gmail message operations (get, list, batch, etc.) from @/utils/gmail/message.ts instead of direct API calls
Use wrapper functions for Gmail thread operations from @/utils/gmail/thread.ts instead of direct API calls
Use wrapper functions for Gmail label operations from @/utils/gmail/label.ts instead of direct API calls

**/*.{ts,tsx}: For early access feature flags, create hooks using the naming convention use[FeatureName]Enabled that return a boolean from useFeatureFlagEnabled("flag-key")
For A/B test variant flags, create hooks using the naming convention use[FeatureName]Variant that define variant types, use useFeatureFlagVariantKey() with type casting, and provide a default "control" fallback
Use kebab-case for PostHog feature flag keys (e.g., inbox-cleaner, pricing-options-2)
Always define types for A/B test variant flags (e.g., type PricingVariant = "control" | "variant-a" | "variant-b") and provide type safety through type casting

**/*.{ts,tsx}: Don't use primitive type aliases or misleading types
Don't use empty type parameters in type aliases and interfaces
Don't use this and super in static contexts
Don't use any or unknown as type constraints
Don't use the TypeScript directive @ts-ignore
Don't use TypeScript enums
Don't export imported variables
Don't add type annotations to variables, parameters, and class properties that are initialized with literal expressions
Don't use TypeScript namespaces
Don't use non-null assertions with the ! postfix operator
Don't use parameter properties in class constructors
Don't use user-defined types
Use as const instead of literal types and type annotations
Use either T[] or Array<T> consistently
Initialize each enum member value explicitly
Use export type for types
Use `impo...

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursor/rules/prisma-enum-imports.mdc)

Always import Prisma enums from @/generated/prisma/enums instead of @/generated/prisma/client to avoid Next.js bundling errors in client components

Import Prisma using the project's centralized utility: import prisma from '@/utils/prisma'

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
apps/web/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/project-structure.mdc)

Import specific lodash functions rather than entire lodash library to minimize bundle size (e.g., import groupBy from 'lodash/groupBy')

apps/web/**/*.{ts,tsx}: Use TypeScript with strict null checks
Do not export types/interfaces that are only used within the same file. Export later if needed
Infer types from Zod schemas using z.infer<typeof schema> instead of duplicating as separate interfaces

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

**/*.ts: ALL database queries MUST be scoped to the authenticated user/account by including user/account filtering in WHERE clauses to prevent unauthorized data access
Always validate that resources belong to the authenticated user before performing operations, using ownership checks in WHERE clauses or relationships
Always validate all input parameters for type, format, and length before using them in database queries
Use SafeError for error responses to prevent information disclosure. Generic error messages should not reveal internal IDs, logic, or resource ownership details
Only return necessary fields in API responses using Prisma's select option. Never expose sensitive data such as password hashes, private keys, or system flags
Prevent Insecure Direct Object References (IDOR) by validating resource ownership before operations. All findUnique/findFirst calls MUST include ownership filters
Prevent mass assignment vulnerabilities by explicitly whitelisting allowed fields in update operations instead of accepting all user-provided data
Prevent privilege escalation by never allowing users to modify system fields, ownership fields, or admin-only attributes through user input
All findMany queries MUST be scoped to the user's data by including appropriate WHERE filters to prevent returning data from other users
Use Prisma relationships for access control by leveraging nested where clauses (e.g., emailAccount: { id: emailAccountId }) to validate ownership

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
**/*.{tsx,ts}

📄 CodeRabbit inference engine (.cursor/rules/ui-components.mdc)

**/*.{tsx,ts}: Use Shadcn UI and Tailwind for components and styling
Use next/image package for images
For API GET requests to server, use the swr package with hooks like useSWR to fetch data
For text inputs, use the Input component with registerProps for form integration and error handling

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
**/*.{tsx,ts,css}

📄 CodeRabbit inference engine (.cursor/rules/ui-components.mdc)

Implement responsive design with Tailwind CSS using a mobile-first approach

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

**/*.{js,jsx,ts,tsx}: Don't use accessKey attribute on any HTML element
Don't set aria-hidden="true" on focusable elements
Don't add ARIA roles, states, and properties to elements that don't support them
Don't use distracting elements like <marquee> or <blink>
Only use the scope prop on <th> elements
Don't assign non-interactive ARIA roles to interactive HTML elements
Make sure label elements have text content and are associated with an input
Don't assign interactive ARIA roles to non-interactive HTML elements
Don't assign tabIndex to non-interactive HTML elements
Don't use positive integers for tabIndex property
Don't include "image", "picture", or "photo" in img alt prop
Don't use explicit role property that's the same as the implicit/default role
Make static elements with click handlers use a valid role attribute
Always include a title element for SVG elements
Give all elements requiring alt text meaningful information for screen readers
Make sure anchors have content that's accessible to screen readers
Assign tabIndex to non-interactive HTML elements with aria-activedescendant
Include all required ARIA attributes for elements with ARIA roles
Make sure ARIA properties are valid for the element's supported roles
Always include a type attribute for button elements
Make elements with interactive roles and handlers focusable
Give heading elements content that's accessible to screen readers (not hidden with aria-hidden)
Always include a lang attribute on the html element
Always include a title attribute for iframe elements
Accompany onClick with at least one of: onKeyUp, onKeyDown, or onKeyPress
Accompany onMouseOver/onMouseOut with onFocus/onBlur
Include caption tracks for audio and video elements
Use semantic elements instead of role attributes in JSX
Make sure all anchors are valid and navigable
Ensure all ARIA properties (aria-*) are valid
Use valid, non-abstract ARIA roles for elements with ARIA roles
Use valid AR...

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
!(pages/_document).{jsx,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

Don't use the next/head module in pages/_document.js on Next.js projects

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
**/*.{js,ts,jsx,tsx}

📄 CodeRabbit inference engine (.cursor/rules/utilities.mdc)

**/*.{js,ts,jsx,tsx}: Use lodash utilities for common operations (arrays, objects, strings)
Import specific lodash functions to minimize bundle size (e.g., import groupBy from 'lodash/groupBy')

**/*.{js,ts,jsx,tsx}: Add helper functions to the bottom of files, not the top!
All imports go at the top of files, no mid-file dynamic imports.

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
**/{utils,helpers,lib}/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/logging.mdc)

Logger should be passed as a parameter to helper functions instead of creating their own logger instances

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
apps/web/**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

apps/web/**/*.{ts,tsx,js,jsx}: Use @/ path aliases for imports from project root
Use proper error handling with try/catch blocks
Prefer self-documenting code over comments; use descriptive variable and function names instead of explaining intent with comments. Never add comments that just describe what the code does. Only add comments for 'why' not 'what'
Add helper functions to the bottom of files, not the top
All imports go at the top of files, no mid-file dynamic imports
Use getActionErrorMessage(error.error) from @/utils/error to extract user-friendly error messages

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
apps/web/**/*.{ts,tsx,css}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

Follow tailwindcss patterns with prettier-plugin-tailwindcss

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
apps/web/**/*.{ts,tsx,js,jsx,json}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

Client-side environment variables must be prefixed with NEXT_PUBLIC_

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
**/*.{js,ts,jsx,tsx,py,java,cs,rb,go,php,rs,kt,swift,m}

📄 CodeRabbit inference engine (.cursor/rules/notes.mdc)

Prefer self-documenting code over comments; use descriptive variable and function names instead of explaining intent with comments. Never add comments that just describe what the code does - code should explain itself. Only add comments for 'why' not 'what'.

Files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
  • apps/web/utils/email/types.ts
apps/web/{utils/ai,utils/llms,__tests__}/**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/llm.mdc)

LLM-related code must be organized in specific directories: apps/web/utils/ai/ for main implementations, apps/web/utils/llms/ for core utilities and configurations, and apps/web/__tests__/ for LLM-specific tests

Files:

  • apps/web/__tests__/e2e/flows/helpers/email.ts
**/{scripts,tests,__tests__}/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/logging.mdc)

Use createScopedLogger only for code that doesn't run within a middleware chain, such as standalone scripts or tests

Files:

  • apps/web/__tests__/e2e/flows/helpers/email.ts
**/__tests__/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/testing.mdc)

Place AI tests in the __tests__ directory and do not run them by default as they use a real LLM

Files:

  • apps/web/__tests__/e2e/flows/helpers/email.ts
🧠 Learnings (7)
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail thread operations from @/utils/gmail/thread.ts instead of direct API calls

Applied to files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail message operations (get, list, batch, etc.) from @/utils/gmail/message.ts instead of direct API calls

Applied to files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
📚 Learning: 2025-12-31T23:49:09.597Z 
Learnt from: rsnodgrass
Repo: elie222/inbox-zero PR: 1154
File: apps/web/app/api/user/setup-progress/route.ts:0-0
Timestamp: 2025-12-31T23:49:09.597Z
Learning: In apps/web/app/api/user/setup-progress/route.ts, Reply Zero enabled status should be determined solely by checking if the TO_REPLY rule is enabled, as it is the critical/canonical rule that Reply Zero is based on. The other conversation status types (FYI, AWAITING_REPLY, ACTIONED) should not be checked for determining Reply Zero setup progress.
<!-- </add_learning>

Applied to files:

  • apps/web/utils/outlook/mail.ts
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Design Gmail wrapper functions to be provider-agnostic to support future email providers like Outlook and ProtonMail

Applied to files:

  • apps/web/utils/outlook/mail.ts
📚 Learning: 2025-11-25T14:37:22.660Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail label operations from @/utils/gmail/label.ts instead of direct API calls

Applied to files:

  • apps/web/utils/outlook/mail.ts
📚 Learning: 2025-11-25T14:37:56.430Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/llm-test.mdc:0-0
Timestamp: 2025-11-25T14:37:56.430Z
Learning: Applies to apps/web/__tests__/**/*.test.ts : Prefer using existing helpers from `@/__tests__/helpers.ts` (`getEmailAccount`, `getEmail`, `getRule`, `getMockMessage`, `getMockExecutedRule`) instead of creating custom test data helpers

Applied to files:

  • apps/web/utils/outlook/mail.ts
  • apps/web/__tests__/e2e/flows/helpers/email.ts
📚 Learning: 2026-01-01T10:42:29.775Z 
Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2026-01-01T10:42:29.775Z
Learning: Applies to **/*.test.{ts,tsx} : Use test helper functions `getEmail`, `getEmailAccount`, and `getRule` from `@/__tests__/helpers` for creating mock data

Applied to files:

  • apps/web/__tests__/e2e/flows/helpers/email.ts
🧬 Code graph analysis (1)
apps/web/utils/outlook/mail.ts (4)
apps/web/utils/mail.ts (1)
  • ensureEmailSendingEnabled (132-138)
apps/web/utils/outlook/reply.ts (1)
  • createOutlookReplyContent (3-55)
apps/web/utils/outlook/retry.ts (1)
  • withOutlookRetry (17-79)
apps/web/utils/outlook/client.ts (1)
  • OutlookClient (14-77)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
  • GitHub Check: cubic · AI code reviewer
  • GitHub Check: test
🔇 Additional comments (3)
apps/web/__tests__/e2e/flows/helpers/email.ts (1)

94-94: LGTM - Clear enhancement for Outlook threading support.

The addition of messageId to the replyToEmail payload enables proper threading via Outlook's createReply API. The inline comment clearly documents the purpose.

apps/web/utils/outlook/mail.ts (1)

39-43: LGTM - Proper routing for reply threading.

The branching logic correctly identifies replies by checking for body.replyToEmail?.messageId and routes them through the createReply flow, which ensures proper threading in Outlook.

apps/web/utils/email/types.ts (1)

130-130: LGTM - Well-documented type extension.

The addition of the optional messageId field to replyToEmail enables platform-specific threading for Outlook's createReply API while maintaining backward compatibility. The inline comment clearly documents its purpose.

apps/web/utils/outlook/mail.ts
Comment on lines 73 to 77
// sendMail returns 202 with no body, so we can't get the sent message ID
return {
id: "",
conversationId: message.conversationId,
conversationId: undefined,
};
Copy link
Contributor

@coderabbitai coderabbitai bot Jan 11, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# First, let's look at the file structure and understand the context
cd apps/web || exit 1

# Find the sendEmailWithHtml function to understand the context better
echo "=== Content of utils/outlook/mail.ts around lines 73-77 ==="
sed -n '60,85p' utils/outlook/mail.ts

# Find all calls to sendEmailWithHtml
echo -e "\n=== Callers of sendEmailWithHtml ==="
rg -n 'sendEmailWithHtml' --type ts -g '!node_modules'

# Find imports of this function
echo -e "\n=== Imports of sendEmailWithHtml ==="
rg -n "from.*outlook/mail|sendEmailWithHtml" --type ts -g '!node_modules' | grep -v '.test'

Repository: elie222/inbox-zero

Length of output: 3265

🏁 Script executed:

#!/bin/bash
# Now let's examine the specific usage of the returned ID and conversationId
cd apps/web || exit 1

# Look for patterns where the returned object properties are accessed
echo "=== Usage patterns of sendEmailWithHtml result ==="
rg -B5 -A10 'sendEmailWithHtml' --type ts -g '!node_modules' -g '!**\.test\.ts' | head -100

Repository: elie222/inbox-zero

Length of output: 5015

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check how the result is used in microsoft.ts
echo "=== Usage in utils/email/microsoft.ts (line 566) ==="
sed -n '560,580p' utils/email/microsoft.ts

# Check how the result is used in actions/mail.ts
echo -e "\n=== Usage in utils/actions/mail.ts (line 234) ==="
sed -n '225,245p' utils/actions/mail.ts

# Check meeting-briefs usage
echo -e "\n=== Usage in utils/meeting-briefs/send-briefing.ts ==="
sed -n '105,125p' utils/meeting-briefs/send-briefing.ts

# Check the SentEmailResult type and where it's used
echo -e "\n=== SentEmailResult type definition ==="
rg -n "SentEmailResult|type.*Result" utils/outlook/mail.ts -B2 -A2

Repository: elie222/inbox-zero

Length of output: 2117

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check what happens with the result variable in actions/mail.ts
echo "=== Full context of result usage in actions/mail.ts ==="
sed -n '230,260p' utils/actions/mail.ts

# Check if there are any tests that verify the return value
echo -e "\n=== Tests for sendEmailWithHtml ==="
rg -n "sendEmailWithHtml" __tests__ --type ts -A5 | head -60

Repository: elie222/inbox-zero

Length of output: 1735

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check the full sendEmailWithHtml implementation in microsoft.ts
echo "=== Microsoft provider sendEmailWithHtml method ==="
sed -n '548,575p' utils/email/microsoft.ts

# Check if the result ID is used anywhere in the provider
echo -e "\n=== Check if messageId/id from result is stored or tracked ==="
rg -n "result\.id|messageId|conversationId" utils/email/microsoft.ts -B2 -A2 | head -80

Repository: elie222/inbox-zero

Length of output: 3288

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check the return type in email/types.ts to understand what's expected
echo "=== EmailProvider interface return type ==="
sed -n '120,135p' utils/email/types.ts

# Check if messageId/threadId from the action response is stored or used
echo -e "\n=== Check action usage of returned messageId/threadId ==="
rg -n "sendEmailBody|sendEmail" utils/actions/mail.ts -B2 -A15 | grep -A 15 "\.action"

# Check if there are database inserts using the messageId
echo -e "\n=== Database operations with messageId ==="
rg -n "prisma.*messageId|messageId.*prisma" apps/web --type ts -g '!node_modules' | head -20

Repository: elie222/inbox-zero

Length of output: 1424

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check Gmail implementation to see what it returns for comparison
echo "=== Gmail sendEmailWithHtml return value ==="
sed -n '108,140p' utils/gmail/mail.ts

# Check how the Gmail implementation handles return values
echo -e "\n=== Gmail sendEmailWithHtml full implementation ==="
sed -n '108,145p' utils/gmail/mail.ts

Repository: elie222/inbox-zero

Length of output: 2104

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check the full EmailProvider interface to see return type
echo "=== Full EmailProvider.sendEmailWithHtml signature ==="
sed -n '120,145p' utils/email/types.ts

# Check if messageId from the action is persisted or used
echo -e "\n=== Check if returned messageId is stored in DB ==="
rg -n "sendEmailAction|sendEmail.*action" utils --type ts -A 30 | grep -A 30 "sendEmailAction"

# Check what happens with the action result
echo -e "\n=== Check client-side action usage ==="
rg -n "sendEmailAction" --type ts --type tsx -g '!node_modules' -B2 -A10 | head -80

Repository: elie222/inbox-zero

Length of output: 1909

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check the Gmail wrapper in the microsoft provider to see how it handles the result
echo "=== Google provider wrapper for sendEmailWithHtml ==="
sed -n '685,715p' utils/email/google.ts

# Check if there are any tests that validate messageId is not empty
echo -e "\n=== Tests checking messageId values ==="
rg -n "messageId.*empty|messageId.*null|messageId.*undefined" __tests__ --type ts -B2 -A2

Repository: elie222/inbox-zero

Length of output: 831

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check if there are any features that actually depend on the messageId from send operation
echo "=== Check features using messageId from sendEmail ==="
rg -n "messageId.*threadId|threadId.*messageId" utils/actions --type ts -B5 -A10

# Check if messageId is used for any persistence or tracking after send
echo -e "\n=== Check if sent messageId is used in persistence ==="
rg -n "result\.messageId|result\.threadId" utils/actions --type ts -B3 -A5

# Check the return type expectation
echo -e "\n=== EmailProvider return type contract ==="
sed -n '125,150p' utils/email/types.ts

Repository: elie222/inbox-zero

Length of output: 2342

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Verify the exact behavior when Outlook returns empty ID
echo "=== Trace the empty ID through all layers ==="

# Step 1: Outlook function returns empty string
echo "Step 1 - Outlook returns:"
sed -n '73,77p' utils/outlook/mail.ts

# Step 2: Microsoft provider transforms it
echo -e "\nStep 2 - Microsoft provider transforms to:"
sed -n '566,572p' utils/email/microsoft.ts

# Step 3: Action returns it
echo -e "\nStep 3 - Action returns:"
sed -n '234,241p' utils/actions/mail.ts

# Check if empty strings are acceptable in the return type
echo -e "\n=== Are empty messageId/threadId acceptable? ==="
sed -n '125,150p' utils/email/types.ts

Repository: elie222/inbox-zero

Length of output: 1414

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check if there's any special handling for empty messageId/threadId in callers
echo "=== Search for empty ID checks in codebase ==="
rg -n "messageId.*==.*\"\"|\"\"|messageId.*===.*\"\"" --type ts --type tsx -g '!node_modules' | head -20

# Check if sendEmailAction is used client-side and how the result is handled
echo -e "\n=== Client-side usage of sendEmailAction ==="
rg -n "sendEmailAction|sendEmail.*action" --type ts --type tsx -g '!node_modules' -g '!.test' -B2 -A8 | head -100

Repository: elie222/inbox-zero

Length of output: 227

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check if the reply flow (which uses createReply and gets real IDs) is the intended path
echo "=== Check replyToEmail implementation ==="
sed -n '88,120p' utils/outlook/mail.ts

# Check the sendReplyUsingCreateReply function to see if it returns real IDs
echo -e "\n=== sendReplyUsingCreateReply function ==="
sed -n '343,380p' utils/outlook/mail.ts

Repository: elie222/inbox-zero

Length of output: 2061

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check the full sendReplyUsingCreateReply to see how it handles the return
echo "=== Full sendReplyUsingCreateReply implementation ==="
sed -n '340,420p' utils/outlook/mail.ts

# Check if there's any code that actually uses the returned messageId from sendEmail
echo -e "\n=== Check if returned messageId is ever used ==="
rg -n "\.messageId|\.threadId" utils/actions/mail.ts -B3 -A3

# Verify the interface contract one more time to be certain about expectations
echo -e "\n=== Confirm the actual return requirement ==="
grep -A 3 "Promise<{" utils/email/types.ts | grep -A 3 "sendEmailWithHtml"

Repository: elie222/inbox-zero

Length of output: 1712

🏁 Script executed:

#!/bin/bash
cd apps/web || exit 1

# Check if Outlook implementation is aware of and accepting this limitation
echo "=== Comment context in Outlook mail ==="
sed -n '30,40p' utils/outlook/mail.ts

# Verify Gmail also returns valid IDs
echo -e "\n=== Verify Gmail implementation can return real IDs ==="
sed -n '108,145p' utils/gmail/mail.ts | tail -20

Repository: elie222/inbox-zero

Length of output: 1063

Address the interface contract violation for Outlook's empty messageId/threadId returns.

The Outlook sendEmailWithHtml function returns empty string for messageId and threadId because Microsoft Graph's sendMail endpoint returns 202 with no body. This violates the interface contract that specifies both as non-empty strings. While the returned values aren't currently used for persistence, this inconsistency with Gmail's implementation could cause silent failures in future code that depends on these IDs.

Consider either:

  • Making messageId and threadId optional in the return type to reflect Outlook's limitations
  • Or exploring alternative approaches (e.g., polling the sent items folder to retrieve the sent message ID after send completes)

Copy link
Owner Author

@elie222 elie222 Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Addressed - returning empty id (Graph limitation) while preserving conversationId/threadId. The interface allows empty strings which is acceptable for Outlook.

Copy link
Contributor

@baz-reviewer baz-reviewer bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Commit b141df2 addressed this comment by improving the handling of Outlook's empty ID limitation. The code now attempts to preserve conversationId by using body.replyToEmail?.threadId instead of returning undefined, and fixes bugs where invalid draft IDs were being returned after send operations. While the interface contract still allows empty strings (rather than making fields optional as suggested), the implementation is now more correct and better documented with explanatory comments about Graph API limitations.

Copy link
Contributor

@coderabbitai coderabbitai bot Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skipped: comment is from another GitHub bot.

baz-reviewer[bot]
baz-reviewer bot reviewed Jan 11, 2026
View reviewed changes
@elie222
fix: address PR review comments
b141df2 
- Fix RFC link in threading.ts (5322 instead of 2822)
- Return empty string for id after /send (draft ID is invalid)
- Preserve threadId in sendEmailWithHtml fallback path
@elie222 elie222 merged commit dbd7963 into main Jan 11, 2026
21 of 22 checks passed
@elie222 elie222 deleted the fix/outlook-reply-threading branch January 11, 2026 17:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

+2 more reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@baz-reviewer baz-reviewer[bot] baz-reviewer[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@elie222