feat: serializable AbortController/AbortSignal

[pranaygp]

Summary

Makes AbortController and AbortSignal first-class across workflow and step boundaries: serializable as start() arguments, step inputs/outputs, and inside Request objects; observable from real-time and replay paths.

• Native AbortController / AbortSignal survive every serialization boundary (external → workflow → step → external) with full type fidelity for reason (DOMException, Error subclasses, custom classes).
• Calling controller.abort() from the workflow body, from a step, or externally all converge on the same observable state — running steps see the abort in real-time; the workflow sees it deterministically on replay.
• AbortSignal.any() and pre-aborted AbortSignal.abort() are supported inside the workflow VM. AbortSignal.timeout() is intentionally not supported (replay-non-deterministic) and points users to the sleep() + AbortController pattern.

Architecture

AbortController in a workflow is backed by two primitives:

• Hook (durable, replay-deterministic) — abort state lands in the event log as a hook_received event. On replay, the events consumer chains _setAborted(reason) onto promiseQueue so listener firing is tied to the orchestrator's deterministic execution, not microtask scheduling.
• Stream (real-time, cross-compute) — abort payload is also written to a per-controller _system_abort stream so a step running on a different process can observe the abort without waiting for the next replay tick.

When abort() is called from any context, both channels are written. Whichever delivers first drives the visible state; the other path provides redundancy. All three writer sites (workflow-side, step-side patched controller.abort(), external-listener-side) dehydrate via the same dehydrateStepArguments machinery so the hydration step (hydrateStepArguments) round-trips reasons with full fidelity and respects encryption.

System hooks created for abort controllers are tagged isSystem: true (consistent across world-local, world-postgres, and world-vercel). The workflow-server side (vercel/workflow-server#336) honors this when filtering public webhook listings — a hook that backs an abort controller doesn't get exposed via the public webhook endpoint.

What's in this PR

• Reducer/reviver pairs for AbortController and AbortSignal in all three contexts (external, workflow VM, step). Workflow-VM revivers use the real WorkflowAbortSignal class so signal.addEventListener('abort', fn) actually fires (the natural pattern for code that receives a signal from another step).
• createCreateAbortController(ctx) — workflow-VM AbortController that registers a system hook on construction, subscribes to the events consumer for hook_created/hook_received/hook_disposed, and propagates abort() through the suspension handler.
• WorkflowServerWritableStream-based abort packets for real-time delivery to running steps, plus setupAbortStreamReader on the step side that wires the deserialized signal to the stream so an in-flight step's signal.aborted flips even if the replay path hasn't yet reached the workflow.
• cancelAbortReaders walks step args (including the signal nested inside Request) after the step returns to cancel any dangling readers — prevents serverless functions from being kept alive by abort streams.
• Implicit abort-hook disposal at workflow completion — drainPendingQueueItems marks any never-aborted system hook as disposed: true before the synthesized suspension, so unused controllers don't leak rows in the hooks table for the run's TTL.
• isSystem plumbing end-to-end: world types, world-local and world-postgres schemas/storage, and the suspension handler emit it on hook_created.

Docs

• Cancellation — user-facing patterns (AbortSignal usage, run-level cancellation parity)
• How Cancellation Works — hook + stream internals, replay determinism
• Serialization — AbortController/AbortSignal section
• AbortSignal.timeout() error page — explains the VM restriction and the sleep() + AbortController workaround

Tests

• Unit — Round-trip serialization with full type fidelity for reasons (string, DOMException, Error subclasses, encrypted), revival in all three contexts, addEventListener on revived signals, AbortSignal.any() ordering + iteration, hook integration, replay determinism. Includes regression tests for the listener-side JSON.stringify bug and the no-op addEventListener stub bug surfaced in review.
• E2E — Cancels timeouts, parallel steps, in-flight fetch, hook-driven aborts, and a 4-variant matrix verifying that listener firing relative to hook.then() resolution is deterministic across replay (abortHookOrderingWorkflow).

Dependencies

Pairs with vercel/workflow-server#336 (already merged) for isSystem filtering on the public webhook endpoint, so abort hook tokens aren't exposed externally.

[changeset-bot]

🦋 Changeset detected

Latest commit: 06f6654

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 18 packages

Name	Type
@workflow/core	Patch
workflow	Patch
@workflow/builders	Patch
@workflow/cli	Patch
@workflow/next	Patch
@workflow/nitro	Patch
@workflow/vitest	Patch
@workflow/web-shared	Patch
@workflow/web	Patch
@workflow/world-testing	Patch
tarballs	Patch
@workflow/ai	Patch
@workflow/astro	Patch
@workflow/nest	Patch
@workflow/rollup	Patch
@workflow/sveltekit	Patch
@workflow/vite	Patch
@workflow/nuxt	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
example-nextjs-workflow-turbopack	Ready	Preview, Comment	May 5, 2026 3:40am
example-nextjs-workflow-webpack	Ready	Preview, Comment	May 5, 2026 3:40am
example-workflow	Ready	Preview, Comment	May 5, 2026 3:40am
workbench-astro-workflow	Ready	Preview, Comment	May 5, 2026 3:40am
workbench-express-workflow	Ready	Preview, Comment	May 5, 2026 3:40am
workbench-fastify-workflow	Ready	Preview, Comment	May 5, 2026 3:40am
workbench-hono-workflow	Ready	Preview, Comment	May 5, 2026 3:40am
workbench-nitro-workflow	Ready	Preview, Comment	May 5, 2026 3:40am
workbench-nuxt-workflow	Ready	Preview, Comment	May 5, 2026 3:40am
workbench-sveltekit-workflow	Ready	Preview, Comment	May 5, 2026 3:40am
workbench-tanstack-start-workflow	Ready	Preview, Comment	May 5, 2026 3:40am
workbench-vite-workflow	Ready	Preview, Comment	May 5, 2026 3:40am
workflow-docs	Ready	Preview, ✅ 21 resolved, Open in v0	May 5, 2026 3:40am
workflow-nest	Ready	Preview, Comment	May 5, 2026 3:40am
workflow-swc-playground	Ready	Preview, Comment	May 5, 2026 3:40am
workflow-tanstack-start-workflow	Error		May 5, 2026 3:40am
workflow-tarballs	Ready	Preview, Comment	May 5, 2026 3:40am
workflow-web	Ready	Preview, Comment	May 5, 2026 3:40am

[pranaygp]

Summary of changes since my last review

A lot of activity since — bugs uncovered while exercising the e2e path end-to-end against a live dev server, the merge of #1647, doc corrections, and a deeper test pass.

Status now: branch is current with main, 846 unit tests pass, 21 abort e2e tests pass end-to-end through Next.js + Turbopack.

Bugs fixed

1. signal field dropped from Request serializable type during a main-merge (1bce60fa8) — broke typecheck.

2. DOMException serialization was broken (a9532014a)
   The reducer's first guard was types.isNativeError(value) — but isNativeError(new DOMException(...)) returns false in Node despite DOMException being instanceof Error. So DOMExceptions never matched any reducer and devalue fell through to its arbitrary-POJO failure path. Switched to a constructor-name check. Also fixed 7 pre-existing DOMException test failures on main.

3. Pending queue items dropped at workflow completion (0d025f1f7) — the biggest bug
   controller.abort() called as the last statement of a workflow never propagated to in-flight steps on other compute instances. The runtime warned about the "uncommitted operation" but didn't flush it. End-of-run now drains through the same suspension handler that processes any other suspension — no special-casing for abort. Affects unawaited steps, hooks, sleeps too. Matches normal JS semantics where async work spawned by a function continues after it returns.

4. Abort stream packet used bare JSON.stringify (d70ade7ce)
   Lost type info: controller.abort() with no reason wrote literally {} to the stream (3 bytes); DOMException / custom errors couldn't round-trip. Switched all three sites — suspension-handler workflow-side write, patched-abort step-side write, and setupAbortStreamReader — to use dehydrateStepArguments / hydrateStepArguments. Hook event payload and stream packet now produce byte-identical output.

5. Observability UI rendered abort reasons as raw devl[...] text (7c07e344b)
   observabilityRevivers had no DOMException reviver. devalue.parse threw on ["DOMException", ...], hydrateStepIO's try/catch swallowed it, raw text reached the UI. Added the reviver — JSON viewer now renders DOMException as a proper Error card with name/message/stack.

6. Original review feedback fixes (34f490d69)
   Listener-leak dedup via ABORT_LISTENER_ATTACHED marker symbol. Replaced token.replace('abrt_', '') string surgery in the suspension handler. Documented the deliberate sync-listener-firing divergence in the workflow VM. Added a changeset noting the AbortError → FatalError behavior change.

New / strengthened tests (16 → 21 abort e2e)

The original abortTimeoutWorkflow test only verified the workflow VM's local signal.aborted — which is set synchronously by abort() regardless of whether anything propagates. Strengthened it to inspect the event log for hook_received, then added the missing tests:

Test	Unique coverage
abortFromStepWorkflow (extended)	Step-initiated abort actually cancels an in-flight sibling step (was: only checked the aborted signal state)
abortFetchInFlightWorkflow ★	addEventListener path firing while fetch() is awaiting an HTTP response
abortListenerWorkflow ★	Direct test of signal.addEventListener('abort', cb) on the deserialized step-side signal
abortThrowIfAbortedMidFlightWorkflow ★	throwIfAborted() thrown mid-flight (was: only pre-aborted entry)
abortDeterministicBranchFromStepWorkflow ★	Step-initiated aborts preserve replay determinism (counterpart to the existing workflow-body version)
abortExternalSignalInFlightWorkflow ★	External signal aborted after start(), propagates mid-flight into nested polling + listener steps

Plus a workbench /api/delay route so the fetch-cancellation tests don't depend on a flaky external service.

Test stubs

The original review's biggest concern was 65 .todo stubs. Two things fixed it:

• Merging Fix dangling stream readers, serialization bugs, and refactor abort reducer code #1647 brought in real implementations for many
• The work above strengthened or added more

Current count: 0 .todos in the three abort test files, all assertions are executable.

Original review point status

Concern	Status
c1 — listener leak in reducers	✅ attachAbortListenerOnce + marker symbol
c2 — token.replace('abrt_', '') string surgery	✅ replaced (getAbortStreamIdFromToken helper from #1647)
c3 — AbortError → FatalError behavior change	✅ documented in changeset
c4 — sync listener firing	✅ kept sync (test depends on it for replay determinism), comment now explains the deliberate spec divergence
c5 — unused _runId	❌ withdrawn — actually used post-merge
c6 — tests as .todo stubs	✅ resolved

Docs corrections (64264015b)

While reviewing the implementation I found four real inaccuracies in the cancellation docs and fixed them:

• Self-contradiction about whether signal.aborted is set synchronously when abort() is called in the workflow (it is)
• "Step-side abort handler retries the hook resume" wasn't accurate (it's best-effort with eventual replay convergence — reworded)
• "Pending queue items processed on completion" was wrong at the time (was warn-only) — now it IS true after the drain fix, doc matches the new behavior
• Request.signal scope was oversimplified (only forwards aborted/tagged signals, not all)

Includes #1647

Merged @karthikscale3's follow-up. Highlights from there: dangling-stream-reader fix (cancelAbortReaders after step return), DurableAgent timeout regression (the typeof AbortController !== 'undefined' guard flipped because we added it to the VM globals), is_system migration plumbing through world-postgres + world-local, dedup of ~180 lines of reducer code into shared helpers.

---

CI running on 45d120743. Ready for another look.

[VaguelySerious]

Code LGTM, please update the changesets to be less AI slop, see suggestions

[TooTallNate]

Big PR with sound architecture (dual-channel hook+stream backing for cross-compute abort propagation, with the hook providing durable replay state and the stream providing real-time delivery to running steps). Spent significant time tracing the implementation; calling out one blocking bug, a few moderate concerns, and a follow-up suggestion.

Blocking

attachAbortListenerOnce writes plain JSON; the reader hydrates with hydrateStepArguments

serialization.ts:671–682 — the listener attached when a native external AbortController crosses the external→workflow or workflow→step boundary writes the abort packet using bare JSON.stringify:

const packet = new TextEncoder().encode(
  JSON.stringify({ reason: signal.reason })
);
ops.push(writer.write(packet).then(() => writer.close()));

But setupAbortStreamReader (serialization.ts:1046–1051) reads with hydrateStepArguments(result.value, runId, encryptionKey), which expects a format-prefixed (and possibly encrypted) buffer per the established envelope.

When attachAbortListenerOnce's packet hits the reader, hydrateStepArguments throws "unknown serialization format" (or fails encryption). The reader's try { … } catch { controller.abort() } (lines 1052–1054) catches that — but with no reason. The user sees signal.reason === undefined even though the external caller did controller.abort('my-reason').

The two other writer sites (runtime/suspension-handler.ts:218–223 for the workflow-side write, and the patched controller.abort() in serialization.ts:1147–1170 for step-initiated aborts) both use dehydrateStepArguments correctly. This site was missed in that refactor.

The fix is mechanical — replace the JSON.stringify with dehydrateStepArguments({aborted:true, reason: signal.reason}, runId, encryptionKey). Worth adding a regression test that aborts externally with a non-trivial reason (e.g. a string, or a DOMException) and asserts signal.reason round-trips into the step. The existing tests use no-reason aborts which mask this entirely.

Wire-format change isn't capability-gated

The new AbortController and AbortSignal entries in SerializableSpecial (serialization/types.ts:127–132) are emitted unconditionally. An older @workflow/core worker deserializing inputs/payloads that contain the new shape will throw "unknown type" from devalue. There's no entry in the getRunCapabilities table to gate this on workflowCoreVersion, unlike the existing pattern (e.g. encryption format).

For partial-deploy / cross-deployment scenarios — e.g. a resumeHook(token, payload) from a newer deployment targeting an older run, or start({deploymentId}) cross-deployment — the older side will fail to revive. AGENTS.md's pattern is: bump workflowCoreVersion, add a capability flag, gate the producer on getRunCapabilities(targetRun.executionContext.workflowCoreVersion).serializableAbortController, fall back to a snapshot-only revive (e.g. an already-aborted signal with the snapshot reason) when the target doesn't support it.

This matters less if the abort feature is gated behind an opt-in user flag for the first release, or only used internally — but for shipping in start() args / resumeHook() payloads / step return values, the gating needs to be in place.

Workflow-server isSystem filtering dependency (already noted in PR description)

The PR description acknowledges this depends on workflow-server PR #336. Confirming for completeness: without server-side isSystem: true filtering, the public webhook endpoint would expose abort hook tokens, allowing externally-initiated aborts via the hook URL. Token format is abrt_<ULID> — not trivially guessable, but not encrypted either. The isSystem flag must be honored server-side before this can ship to production.

Moderate

Workflow VM revivers produce no-op addEventListener stubs

serialization.ts:5975–6016 (workflow-internal revivers) construct plain object stubs with addEventListener: () => {}. A workflow that does signal.addEventListener('abort', fn) after receiving a deserialized signal will silently never fire that callback. The proper class (WorkflowAbortSignal in workflow/abort-controller.ts:18) already exists; the workflow-VM revivers should use it. This is a silent correctness bug for the natural pattern of "register a listener on a signal you received as an arg."

First-run vs replay listener-firing site

On first-run, abort() fires listeners synchronously at the abort() call site. On replay, the events consumer chains _setAborted(reason) onto promiseQueue and listeners fire at the next promise-queue tick — typically before the workflow code reaches the corresponding abort() line. The abortHookOrderingWorkflow test was added to cover this and is currently skipped (commit test: skip abort+hook ordering e2e tests pending full integration).

This is acceptable as a documented constraint (the same shape as hook payloads), but: (a) the test should either be enabled and pass before merge or explicitly removed with a comment explaining the deferral, (b) the user-facing docs (cancellation.mdx) should document that listener firing relative to surrounding code is non-deterministic and should not be used for control flow that depends on the surrounding state.

Abort hooks never disposed

workflow/abort-controller.ts:151–154 handles hook_disposed events but nothing in the PR creates one. WorkflowAbortController has no dispose() method, and drainPendingQueueItems doesn't mark abort hooks as disposed: true before the synthetic suspension. Result: every new AbortController() that's never aborted leaks one row in the postgres hooks table for the run's lifetime (cleaned up only by run TTL).

Realistically bounded by user behavior — most workflows construct one or two controllers, not thousands — but worth either: (a) implicit dispose on workflow completion in drainPendingQueueItems, (b) a dispose method exposed on WorkflowAbortController, or (c) documenting the lifetime.

AbortSignal.any() listener cleanup + iteration

workflow/abort-controller.ts:200–229:

• No removeEventListener on input signals after the composite aborts. If any input signal outlives the composite (e.g. an external long-lived controller), the listener closure (capturing composite) prevents GC. Bounded by run lifetime so not catastrophic, but real.
• signals is iterated twice. A single-shot iterable (e.g. a generator) produces zero entries on the second pass. Native AbortSignal.any materializes the iterable into an array first; this implementation should too: const arr = Array.from(signals).

Unit test doesn't import the function under test

abort-controller-step.test.ts:85–161 reimplements reviveAbortController locally rather than importing it. The comment admits "Uses mock data directly to avoid dynamic imports that can cause hangs in vitest's module mock system." This means a regression in the production reviveAbortController won't surface in unit tests — only in the e2e tests in 99_e2e.ts. Worth sorting out the vitest mock issue rather than maintaining a parallel implementation in the test file.

Cold-start race window

setupAbortStreamReader opens a stream reader during step argument hydration, but reader.read() is async (network round-trip). User code in the step body can run before the first read resolves. If the workflow aborted concurrently with step pickup (after step.input was serialized but before the step's reader started), the user's first synchronous if (signal.aborted) check returns false even though the abort packet was already written.

Not a regression from any prior state — the snapshot-in-payload mechanism handles aborts that happened before enqueue, so this only affects the narrow window between enqueue and step pickup. But worth either: (a) a synchronous getChunks(limit:1) snapshot on the abort stream during reviver bootstrap to surface any already-written packet before user code runs, or (b) documenting the window so users know to await something async (a signal.throwIfAborted() check after the first await) rather than rely on synchronous polling.

Stale PR description

The PR description says "Implementation TBD — tests provide the specification to build against" and "all .todo stubs." Both are wrong by a wide margin — the PR has 78 commits, real implementation across 61 files, and ~120 it() blocks with full assertions. Reviewers reading the description may approve a 7000-line implementation thinking it's a spec-only PR. Worth updating before merge.

Follow-up suggestion: native AbortSignal.timeout() support

The timeout() static currently throws and points users to a sleep-based workaround. There's no architectural reason the workflow VM can't support it natively — the workaround is mechanical:

timeout(ms: number): WorkflowAbortSignal {
  const controller = new WorkflowAbortController();
  ctx.promiseQueue = ctx.promiseQueue.then(async () => {
    await ctx.sleep(ms);
    controller.abort(new DOMException('signal timed out', 'TimeoutError'));
  });
  return controller.signal;
}

Replay determinism comes for free since sleep() records a wait event and controller.abort() already goes through the hook machinery. Strictly improves UX vs. the workaround:

• signal.reason.name === 'TimeoutError' (matches native), instead of 'AbortError' from the manual workaround.
• Less boilerplate.
• No void foot-gun.

Would need createAbortSignalStatics to take more than _vmGlobalThis — the orchestrator ctx (the same one passed to createCreateAbortController) gives access to sleep and promiseQueue. Modest refactor.

Not blocking — the workaround is documented and works — but worth considering as a follow-up PR. Better DX and removes a docs page that says "this thing doesn't work, here's how to fake it" which is awkward to ship as-is.

Nits

• createAbortSignalStatics(_vmGlobalThis: Record<string, any>) — parameter is unused; if you do the timeout follow-up the signature changes anyway, but worth dropping the unused param now.
• DOMException code field isn't preserved by the reducer (serialization/reducers/common.ts:6092–6102). Recovered via constructor lookup for spec-listed names (AbortError, TimeoutError, etc.) so the common case works; lost for custom names. Probably fine but worth a sentence in the changeset.
• The aborted: true field in the dehydrated payload (suspension-handler.ts:218–223 etc.) is decorative — the consumer only reads payload.reason. Could just dehydrate the reason directly.
• Request.signal re-tagging via copyAbortInternals (serialization.ts:5947–5952) depends on platform-specific Request internals. Worth a cross-runtime test (undici, Node 22, browser).
• Reducer side-effect attaches a listener to user-provided signal objects via reduceAbortWithListener. The ABORT_LISTENER_ATTACHED symbol guards against duplicates, but it's still surprising that serializing an object adds a listener to it. Worth documenting somewhere.

What looks good

• The dual hook+stream architecture is the right factoring: hook for durable replay state, stream for real-time delivery. Symmetric writer paths (workflow-side, step-side, external-side) all dehydrate via the same machinery (modulo the bug above).
• getAbortStreamId / getAbortStreamIdFromToken round-tripping through the abrt_ prefix is clean.
• cancelAbortReaders walking args/this/closure (and explicitly descending into Request.signal) for step cleanup is thorough.
• ABORT_LISTENER_ATTACHED dedup symbol prevents fanout-listener accumulation when a single signal is passed to N steps.
• The isSystem: true plumbing is consistent across world-postgres, world-local, and the schema migration — all that's missing is the workflow-server side.
• AbortSignal.any() correctly handles already-aborted inputs in iteration order (matches native).
• The AbortSignal.timeout() workaround is documented and works — even if it'd be nicer to support natively.

Summary

Five blocking issues to address before merge: (1) the JSON.stringify bug in attachAbortListenerOnce, (2) capability gating on workflowCoreVersion, (3) the dependency on workflow-server #336, (4) workflow-VM revivers using no-op stubs instead of WorkflowAbortSignal, (5) the stale PR description.

Several moderate concerns worth at least documenting: replay listener-firing divergence, hook leak on undisposed controllers, AbortSignal.any cleanup/iteration, cold-start race window.

Architecture is sound; the implementation needs a few corrections to match the design intent.

[pranaygp]

@TooTallNate — addressed your review feedback in 409d9dc. Five fixes:

1. attachAbortListenerOnce now uses dehydrateStepArguments instead of bare JSON.stringify. Reasons (DOMException, Error subclasses, custom classes, encrypted) round-trip with full type fidelity now. Added a regression test that aborts an external AbortController with a DOMException reason and asserts the receiver sees signal.reason instanceof DOMException — this would have failed under the previous code.

2. Workflow-VM revivers now use the real WorkflowAbortSignal class instead of plain-object stubs with addEventListener: () => {}. signal.addEventListener('abort', fn) after deserialization now actually fires. Added two regression tests covering pre-aborted and post-aborted paths.

3. Implicit abort-hook disposal at workflow completion — drainPendingQueueItems marks any never-aborted system hook as disposed: true so unused AbortControllers don't leave abandoned rows in the hooks table for the run's TTL. User hooks are intentionally left alone.

4. AbortSignal.any() fixes — materializes the iterable once with Array.from(signals) so single-shot iterables (generators) work, and removes its abort listeners from input signals after the composite aborts. Also dropped the unused _vmGlobalThis parameter while touching the signature. Two regression tests added.

5. Unskipped the 4-variant abortHookOrderingWorkflow e2e tests. Bumped the workflow's trailing sleep from 1s to 10s so the test harness has time to resume the user hook before the workflow returns and using disposes it.

Skipped per discussion with @pranaygp: capability gating on workflowCoreVersion. Decision: this feature is greenfield and only ships in v5, so cross-deployment compatibility isn't a real concern for this release. We can revisit if/when we ship to a stable channel where mixed-version runs are expected.

Already in place: isSystem plumbing across world-local/world-postgres/world-vercel. The workflow-server side (vercel/workflow-server#336) is already merged.

Not done (deferred to follow-up): native AbortSignal.timeout() support — your sketch is correct and is a UX improvement, but not blocking for this PR. Will land separately.

PR description has been updated to reflect what's actually shipping. The drain-pending-queue changeset now mentions the disposal behavior.

Verification: 913/913 unit tests pass; 26/26 abort e2e tests pass (the 4 newly-unskipped + 22 existing).