Bump API schema to {"messag#17758
Hidden character warning
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 8ad285c. Configure here.
| // SENTRY_API_SCHEMA_SHA is used in the sentry-docs GHA workflow in getsentry/sentry-api-schema. | ||
| // DO NOT change variable name unless you change it in the sentry-docs GHA workflow in getsentry/sentry-api-schema. | ||
| const SENTRY_API_SCHEMA_SHA = '4d727be1ea79676354f4242387b3645ac0e0dcf9'; | ||
| const SENTRY_API_SCHEMA_SHA = '{"message":"API rate limit exceeded for 40.76.191.138. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)","documentation_url":"https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting"}'; |
There was a problem hiding this comment.
GitHub API error message committed as schema SHA
High Severity
SENTRY_API_SCHEMA_SHA was overwritten with a GitHub API rate limit error JSON string instead of a valid git commit SHA. This value is interpolated into a raw.githubusercontent.com URL on line 27 to fetch the OpenAPI schema, which will now fail for all non-local-development builds, completely breaking API documentation generation.
Reviewed by Cursor Bugbot for commit 8ad285c. Configure here.
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
| const SENTRY_API_SCHEMA_SHA = '{"message":"API rate limit exceeded for 40.76.191.138. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)","documentation_url":"https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting"}'; | ||
|
|
||
| const activeEnv = process.env.GATSBY_ENV || process.env.NODE_ENV || 'development'; | ||
|
|
There was a problem hiding this comment.
Bug: If SENTRY_API_SCHEMA_SHA contains an invalid value, the fetch call will throw an unhandled TypeError due to a malformed URL, crashing the build process.
Severity: HIGH
Suggested Fix
Wrap the fetch call in resolveOpenAPI within a try/catch block to handle potential TypeError exceptions from malformed URLs. Additionally, add a check for response.ok to handle non-2xx HTTP responses and prevent build failures.
Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent. Verify if this is a real issue. If it is, propose a fix; if not, explain why it's
not valid.
Location: src/build/resolveOpenAPI.ts#L9-L12
Potential issue: The `SENTRY_API_SCHEMA_SHA` environment variable, when it contains a
non-SHA value like a GitHub API rate-limit error, is interpolated directly into the URL
for a `fetch` call. This creates a malformed URL, causing `fetch` to throw a
`TypeError`. Because this call is not wrapped in a `try/catch` block and lacks a
`response.ok` check, the resulting unhandled promise rejection propagates up the call
stack from `resolveOpenAPI()` and crashes the entire documentation site's build process.
Did we get this right? 👍 / 👎 to inform future reviews.
No description provided.