fix(google-calendar): retry PATCH requests and 403 rate-limit errors

[shafi-VM]

What does this PR do?

Google Calendar event creation performs an insert (POST) followed by a PATCH to add metadata such as description, location, and conference data.

The Google Calendar client previously relied on gaxios's default retry configuration, which does not retry PATCH requests or HTTP 403 responses. Since Google's rateLimitExceeded errors can be returned as either 403 or 429, a transient 403 during the follow-up PATCH was never retried, causing the calendar event to become out of sync with the booking while the booking itself still appeared successful.

This PR adds an explicit retryConfig to the Google Calendar client that:

• Adds PATCH to httpMethodsToRetry
• Adds 403 to statusCodesToRetry

POST requests remain intentionally excluded to avoid duplicate event creation.

• Fixes [BUG] Google Calendar PATCH requests excluded from retry logic, causing silent booking/calendar desync #28834

Visual Demo (For contributors especially)

No UI changes. This is a backend integration fix.

Before

httpMethodsToRetry: [GET, HEAD, PUT, OPTIONS, DELETE]
statusCodesToRetry: [[100,199], [429,429], [500,599]]

After

httpMethodsToRetry: [GET, HEAD, PUT, OPTIONS, DELETE, PATCH]
statusCodesToRetry: [[100,199], [403,403], [429,429], [500,599]]

Mandatory Tasks (DO NOT REMOVE)

• I have self-reviewed the code (A decent size PR without self-review might be rejected).
• I have updated the developer docs if this PR makes changes that would require a documentation change. If N/A, write N/A here and check the checkbox. — N/A
• I confirm automated tests are in place that prove my fix is effective or that my feature works.

How should this be tested?

• Environment variables: None required.
• Minimal test data: None required.
• Run:

TZ=UTC yarn vitest run packages/app-store/googlecalendar/lib/__tests__/CalendarService.auth.test.ts

Expected result:

• The calendar client is configured to retry PATCH requests.
• HTTP 403 responses are included in retryable status codes.
• POST requests are not retried.
• All tests pass.

Checklist

N/A — contributing guide followed, project style adhered to, no new warnings introduced, and PR size is small.

[github-actions]

Welcome to Cal.diy, @shafi-VM! Thanks for opening this pull request.

A few things to keep in mind:

• This is Cal.diy, not Cal.com. Cal.diy is a community-driven, fully open-source fork of Cal.com licensed under MIT. Your changes here will be part of Cal.diy — they will not be deployed to the Cal.com production app.
• Please review our Contributing Guidelines if you haven't already.
• Make sure your PR title follows the Conventional Commits format.

A maintainer will review your PR soon. Thanks for contributing!

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 5c4592fd-fcd0-48e3-9434-122fa2eb10be

📥 Commits

Reviewing files that changed from the base of the PR and between 881ac8a and 76e1f5e.

📒 Files selected for processing (2)

• packages/app-store/googlecalendar/lib/CalendarAuth.ts
• packages/app-store/googlecalendar/lib/__tests__/CalendarService.auth.test.ts

🚧 Files skipped from review as they are similar to previous changes (2)

• packages/app-store/googlecalendar/lib/CalendarAuth.ts
• packages/app-store/googlecalendar/lib/tests/CalendarService.auth.test.ts

---

📝 Walkthrough

Walkthrough

A GOOGLE_CALENDAR_RETRY_CONFIG constant is added to CalendarAuth.ts, configuring gaxios retry behavior with a retry count, a list of retryable HTTP methods (PATCH, excluding POST to prevent duplicate event creation), and status code ranges covering transient 403, 429, and 5xx responses. This constant is passed as retryConfig to the calendar_v3.Calendar constructor. In the test file, the non-delegation credential assertion is relaxed to use expect.objectContaining, and a new test suite verifies that the retry policy includes PATCH and 403 responses while excluding POST.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: adding retry configuration for PATCH requests and 403 rate-limit errors in Google Calendar integration.
Description check	✅ Passed	The description is comprehensive and directly related to the changeset, explaining the problem, solution, and testing approach for the Google Calendar retry configuration fix.
Linked Issues check	✅ Passed	The PR successfully addresses all coding requirements from issue #28834: adds PATCH to httpMethodsToRetry, adds 403 to statusCodesToRetry, excludes POST from retries, and includes tests verifying the retry configuration.
Out of Scope Changes check	✅ Passed	All changes are within scope of the linked issue #28834. The modifications to CalendarAuth.ts and the test file are directly related to implementing retry logic for PATCH requests and 403 errors.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

packages/app-store/googlecalendar/lib/__tests__/CalendarService.auth.test.ts (1)

327-331: ⚡ Quick win

Add an assertion for 408 retry coverage in the retry-policy test.

This suite should also assert timeout retries (HTTP 408) so policy regressions are caught when retryConfig is edited.

Suggested test addition

     expect(retryConfig?.httpMethodsToRetry).toContain("PATCH");
     expect(retryConfig?.httpMethodsToRetry).not.toContain("POST");
     expect(retryConfig?.statusCodesToRetry).toContainEqual([403, 403]);
+    expect(retryConfig?.statusCodesToRetry).toContainEqual([408, 408]);

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/app-store/googlecalendar/lib/__tests__/CalendarService.auth.test.ts`
around lines 327 - 331, In the retry-policy test section, add an assertion to
verify that HTTP status code 408 (timeout) is included in the
retryConfig?.statusCodesToRetry array, similar to the existing assertion for
403. This will ensure that timeout retries are covered in the retry policy
configuration and help catch regressions if the retryConfig is modified in the
future. Add the assertion after the existing statusCodesToRetry test line to
maintain consistency with the test structure.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/app-store/googlecalendar/lib/CalendarAuth.ts`:
- Around line 39-44: The statusCodesToRetry configuration in CalendarAuth.ts is
missing HTTP status code 408 (Request Timeout), which is part of gaxios's
default retry behavior. Add a new entry [408, 408] to the statusCodesToRetry
array to include request timeout errors in the retry logic and preserve the
default resilience behavior.

---

Nitpick comments:
In
`@packages/app-store/googlecalendar/lib/__tests__/CalendarService.auth.test.ts`:
- Around line 327-331: In the retry-policy test section, add an assertion to
verify that HTTP status code 408 (timeout) is included in the
retryConfig?.statusCodesToRetry array, similar to the existing assertion for
403. This will ensure that timeout retries are covered in the retry policy
configuration and help catch regressions if the retryConfig is modified in the
future. Add the assertion after the existing statusCodesToRetry test line to
maintain consistency with the test structure.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 045fdac1-97c5-47d1-904f-f38e8ef6e6bf

📥 Commits

Reviewing files that changed from the base of the PR and between 561cf88 and 881ac8a.

📒 Files selected for processing (2)

• packages/app-store/googlecalendar/lib/CalendarAuth.ts
• packages/app-store/googlecalendar/lib/__tests__/CalendarService.auth.test.ts

[coderabbitai]

Caution

Failed to replace (edit) comment. This is likely due to insufficient permissions or the comment being deleted.

Error details

{}

[shafi-VM]

@coderabbitai review

[coderabbitai]

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.