Fix native image upload router helper

[Taye-Staats]

Linked Issues

Closes #
Linear: POLY-89

Summary

Fixes native image upload failures in the Expo app and removes an Expo Router warning caused by a non-route helper living under app/.

The main bug was that listing and profile photo uploads could appear to succeed, but the stored file bytes were malformed on Android, which caused uploaded images to fail rendering later with unknown image format. The fix switches native uploads to Expo's native binary file upload path so manipulated local image files are sent correctly to Convex storage.

This PR also moves app/auth/loginRedirect.ts into a non-route location under lib/auth/ and updates imports/tests so Expo Router no longer treats it like a screen.

How to Test

Steps to verify locally:

• npm run lint

• npm run typecheck

• npm test

• Manual flow:

  1. npm run dev:backend (in terminal A)
  2. npm run dev (in terminal B)
  3. Open the app on Android emulator
  4. Go to profile edit and upload a profile photo from the emulator photo library
  5. Verify the image uploads successfully and renders afterward
  6. Go to create or edit a listing and upload one or more photos
  7. Verify the uploaded listing images render correctly on the listing form and listing details screen
  8. Verify there is no Expo Router warning for app/auth/loginRedirect.ts

Checklist

• Tests added/updated (if applicable)
• Lint/tests pass locally (npm run lint)
• Docs updated (README/ADR/changelog if needed)
• Follows conventional commit format
• No merge conflicts with dev

Screenshots / Demos

Attach before/after screenshots showing:

• successful profile image upload and render
• successful listing image upload and render
• absence of the previous Expo Router non-route warning

Summary by CodeRabbit

• New Features

  • Enhanced upload error messaging with specific error details displayed to users on failed uploads.

• Bug Fixes

  • Improved image upload reliability and control flow with better error handling and abort support.
  • Fixed file size validation to ensure accurate checks before upload.

• Chores

  • Updated dependencies: upgraded react-native-reanimated and added react-native-worklets.
  • Updated TypeScript configuration for improved tooling.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
poly-buys	Ready	Preview, Comment	Apr 18, 2026 11:33pm

[coderabbitai]

Warning

Rate limit exceeded

@Taye-Staats has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 47 minutes and 35 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 47 minutes and 35 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: cd9d99fa-b258-43d4-a77f-70db14d49750

📥 Commits

Reviewing files that changed from the base of the PR and between c7ccb4f and b171c38.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (3)

• frontend/app/profile/edit.tsx
• frontend/components/ImageUploader.tsx
• package.json

📝 Walkthrough

Walkthrough

The PR reorganizes auth module imports to a centralized library location, refactors image upload mechanisms from XHR/fetch to Expo FileSystem API with Promise-based cancellation, adds Expo configuration inheritance to TypeScript, and updates Expo-related dependencies.

Changes

Cohort / File(s)	Summary
Auth Module Reorganization frontend/app/auth/__tests__/loginRedirect.test.ts, frontend/app/auth/login.tsx	Updated imports for getLoginEntryAction and LoginStep from local loginRedirect module to ../../lib/auth/loginRedirect, centralizing auth utilities location.
Image Upload Refactoring frontend/app/profile/edit.tsx, frontend/components/ImageUploader.tsx	Replaced XHR/fetch blob-based uploads with Expo FileSystem.createUploadTask, replaced XHR event handlers with Promise.race for abort/timeout control, updated file validation from blob.size to FileSystem.getInfoAsync, improved error handling with structured logging and error detail display in UI.
Dependencies & Configuration frontend/package.json, tsconfig.json	Updated react-native-reanimated from ^3.19.2 to fixed 4.2.1, added react-native-worklets@0.7.2, and configured TypeScript to inherit from expo/tsconfig.base.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Possibly related PRs

• fix: login redirect bug #78: Modifies getLoginEntryAction function location and updates how it's imported across auth-related modules, directly related to the import path reorganization.
• Fix/team feedback UI issues #75: Changes login step logic and timeout/retry UI in the same frontend/app/auth/login.tsx file being modified.
• Implement profile pictures #88: Overlaps with image upload and profile picture implementation changes in ImageUploader and upload flow mechanics.

Suggested reviewers

• SamanSP1386
• jaydonkc

Poem

🐰 Hopping through imports, so neat and so fine,
Uploads now dance with FileSystem's design,
Promise.race runs where XHR once dwelled,
Expo configurations now gently compelled,
A refactor that bounces with Bunny's delight! 🌟

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Fix native image upload router helper' accurately summarizes the main objectives: fixing native image uploads and addressing the router helper issue by moving loginRedirect out of app/.
Description check	✅ Passed	The description is comprehensive and covers all essential template sections including linked issues, detailed summary, specific testing steps, and checklist. Only minor unchecked items remain.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix-native-image-upload-router-helper

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@frontend/app/profile/edit.tsx`:
- Around line 69-78: The timeout Promise currently clears its timer immediately
via Promise.resolve().finally, preventing the timeout from ever firing; fix by
creating a single uploadPromise = task.uploadAsync() (so upload isn't started
twice), create timeoutPromise that only clears its timer when it actually fires
or when the overall race settles, then run Promise.race([uploadPromise,
abortPromise, timeoutPromise]) and ensure after the race settles you clear the
timeout and, on timeout rejection, call task.cancelAsync(). Use the existing
symbols uploadPromise, task.uploadAsync, timeoutPromise, abortPromise,
timeoutMs, and task.cancelAsync to implement this cleanup and avoid starting
uploadAsync twice.

In `@frontend/components/ImageUploader.tsx`:
- Around line 233-237: The FileSystem calls (FileSystem.getInfoAsync and
FileSystem.createUploadTask) are being invoked for blob: URLs created on web,
which fail; add a Platform.OS === 'web' guard around the validation and upload
logic: if Platform.OS === 'web' detect blob URLs via manipulated.uri and use
fetch() to read the blob and stream/upload via web APIs instead of calling
FileSystem.getInfoAsync or FileSystem.createUploadTask; keep the existing native
path flow (getInfoAsync, size check, createUploadTask) for non-web platforms and
ensure manipulated.uri is routed appropriately in both branches.

In `@frontend/package.json`:
- Around line 40-44: The root-level lockfile contains stale entries for
react-native-reanimated@4.3.0 and react-native-worklets@0.8.1 while
frontend/package.json and frontend/node_modules expect
react-native-reanimated@4.2.1 and react-native-worklets@0.7.2; run npm install
at the workspace root to regenerate the lockfile, ensuring the lockfile and root
node_modules are updated to match the frontend dependencies, then verify the
lockfile no longer contains the old versions and that only
react-native-reanimated@4.2.1 and react-native-worklets@0.7.2 are resolved
across the workspace.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: a27d55d3-de86-46f2-9533-c817844dfab3

📥 Commits

Reviewing files that changed from the base of the PR and between 5dfa982 and c7ccb4f.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (7)

• frontend/app/auth/__tests__/loginRedirect.test.ts
• frontend/app/auth/login.tsx
• frontend/app/profile/edit.tsx
• frontend/components/ImageUploader.tsx
• frontend/lib/auth/loginRedirect.ts
• frontend/package.json
• tsconfig.json