chore(greenhouse): makes route search validation Zod v4–ready (filter by prefix before parse) and upgrade zod to v4

[hodanoori]

Summary

Route search validation no longer relies on Zod’s ctx.path in z.preprocess (removed in Zod v4). A small helper filters URL search params by known keys and allowed prefixes before parsing with Zod, so the same behavior works with Zod v3 and v4. Upgraded Zod from v3 to v4 (exact version 4.3.6).

Changes Made

1. Added filterSearchParamsByPrefix(raw, knownKeys, allowedPrefixes) in heureka (utils.ts), supernova (lib/utils.ts), doop (lib/helpers.ts), and greenhouse (lib/helpers.ts).
2. Updated heureka /services and /vulnerabilities routes to validate search via the helper + schema (no preprocess using ctx.path).
3. Updated supernova /alerts route to use the helper with ACTIVE_FILTERS_PREFIX and PAUSED_FILTERS_PREFIX.
4. Updated doop /violations route to use the helper with ACTIVE_FILTERS_PREFIX.
5. Updated greenhouse /admin/plugin-presets route to use the helper with SELECTED_FILTER_PREFIX (Zod v4–compatible).
6. Typed supernova getFiltersForUrl as Record<string, string | string[]> and adjusted implementation so search param types align with the route schema.
7. Removed unnecessary type assertions in carbon ErrorFallback (use instanceof Error and fallback for empty message) and in doop/supernova validate-search return values.
8. Upgraded Zod from v3 to v4 (exact version 4.3.6); route search validation uses filterSearchParamsByPrefix instead of ctx.path.

Related Issues

• Issue 1: [Task] (Juno): Upgrade zod from v3.x.x to v4.x.x #1221

Screenshots (if applicable)

none

Testing Instructions

1. pnpm i
2. pnpm TASK

Checklist

• I have performed a self-review of my code.
• I have commented my code, particularly in hard-to-understand areas.
• I have added tests that prove my fix is effective or that my feature works.
• New and existing unit tests pass locally with my changes.
• I have made corresponding changes to the documentation (if applicable).
• My changes generate no new warnings or errors.
• I have created a changeset for my changes.

PR Manifesto

Review the PR Manifesto for best practises.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 8b965c4

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

PR Preview Action v1.6.3
🚀 View preview at https://cloudoperators.github.io/juno/pr-preview/pr-1446/
Built to branch gh-pages at 2026-02-11 08:50 UTC. Preview will be ready when the GitHub Pages deployment is complete.

[taymoor89]

nice, I think that is the correct way to get the allowed url search params and then performing validation 👍

[taymoor89]

But we can slightly improve it. Known keys are already in the schema maintaining a separate list introduces two sources of truths, meaning for any new key we'll have to add it in two places. Could you try to extract known keys from schema? as in using.

Object.keys(searchSchema.shape)

something like this

const searchSchema = z
  .object({
    service: z.string().optional(),
    searchTerm: z.string().optional(),
  })
  .catchall(z.string().or(z.array(z.string())).optional())

function validateViolationsSearch(search: Record<string, unknown>): z.infer<typeof searchSchema> {
  const filtered = filterSearchParamsByPrefix(search, Object.keys(searchSchema.shape), [ACTIVE_FILTERS_PREFIX])
  return searchSchema.parse(filtered)
}

[taymoor89]

same as above let's try to remove two sources of truths for known keys.

[taymoor89]

same as above let's try to remove two sources of truths for known keys.

[taymoor89]

same as above let's try to remove two sources of truths for known keys.

[taymoor89]

same as above let's try to remove two sources of truths for known keys.

[taymoor89]

Because this zod update touches code as well let's add changeset to update patch version of the apps changed.