Added key customId to set the custom Id for OUL

[KambleSonam]

Changes

To handle the customId in the OUL flow, customer can add the field, customId in OUL call.
The customId will be verified, sanitised and would be set as the Clevertap Id, which will be used for subsequent calls.

Changes to Public Facing API if any

OUL call will have the parameter customId

clevertap.onUserLogin.push({
  "Site": {
    "Name": "Jack Montana",
    "Identity": 61026032,
    "Email": "jack@gmail.com",
    "Phone": "+14155551234",
    "Gender": "M",
    "DOB": new Date(),
    "customId": "my_custom_id"  // This field will set the custom ID
  }
})

How Has This Been Tested?

• Make OUL call with the customId field. The guid should be updated.
• Perform any event or page refresh, all the calls should have the customId set in the OUL
• Check by making multiple OUL calls

Checklist

• Code compiles without errors
• Version Bump added to package.json & CHANGELOG.md
• All tests pass
• Build process is successful
• Documentation has been updated (if needed)
• Automation tests are passing

Link to Deployed SDK

Use these url for testing :

1. https://static.wizrocket.com/staging/task/WEB-3904/customId_OUL/js/clevertap.min.js
2. https://static.wizrocket.com/staging/task/WEB-3904/customId_OUL/js/sw_webpush.min.js

How to trigger Automations

Just add a empty commit after all your changes are done in the PR with the command

 git commit --allow-empty -m "[run-test] Testing Automation"

This will trigger the automation suite

---

Note

Medium Risk
Touches identity/session linkage in the OUL flow by changing how gcookie is set and persisted, which can affect user attribution if validation/prefixing or cache interactions are wrong. Logging changes are low risk but may impact integrations that rely on error-level signals.

Overview
Adds support for passing customId in onUserLogin payloads: the value is validated (length/charset), lowercased, prefixed for web, then used to set/override the stored gcookie for subsequent requests while avoiding cache-based gcookie overwrites during OUL when a custom ID is present.

Introduces Logger.reportInfo with an "info" prefix and changes null/empty-property removal reporting from reportError to reportInfo to reduce error-level noise. Also bumps the SDK version strings to 2.5.4 and updates CHANGELOG.md.

^{Written by Cursor Bugbot for commit 10197f7. This will update automatically on new commits. Configure here.}

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch task/WEB-3904/customId_OUL

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[francispereira]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[singhkunal2050]

@KambleSonam can you mention the steps on how this has been tested exactly with steps? This would help the QA and Reviewers

[singhkunal2050]

Can we make the public api argument consistent for OUL with init

Refer https://github.com/CleverTap/clevertap-web-sdk/blob/master/src/clevertap.js#L683, we are using customId

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.}

[cursor]

reportInfo still sets wzrkError, sending info as server errors

Medium Severity

The new reportInfo method sets this.wzrkError.c and this.wzrkError.d identically to reportError. Because addSystemDataToObject sends any non-empty wzrkError as wzrk_error in every API payload, informational events (like NULL_VALUE_REMOVED and EMPTY_VALUE_REMOVED) are still transmitted to the server as error data. The change from reportError to reportInfo only affects the console log level; the server-side error reporting behavior is unchanged.

 

[ThisIsRaghavGupta]

Is default false the base case?