fix(ci): use GITHUB_TOKEN in check-vendored-yaml to avoid rate limits#252
fix(ci): use GITHUB_TOKEN in check-vendored-yaml to avoid rate limits#252marythought wants to merge 2 commits intomainfrom
Conversation
The check-vendored-yaml script hits the GitHub Contents API without authentication, causing rate-limit failures (403) in CI. The error manifested as a cryptic "contents is not iterable" TypeError because fetchJson didn't check HTTP status codes. Changes: - Use GITHUB_TOKEN env var for authenticated API requests (already passed by CI workflows, raises rate limit from 60 to 5000 req/hr) - Add HTTP status code checking in fetchJson with clear error messages - Validate that Contents API response is an array before iterating Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request addresses and resolves issues related to GitHub API rate limiting in the Highlights
🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console. Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
The pull request enhances the check-vendored-yaml.ts script by introducing support for GitHub authentication via GITHUB_TOKEN for API requests, improving error handling for non-200 HTTP responses, and adding validation for the GitHub Contents API response type. A review comment highlights an opportunity to improve type safety by removing unnecessary as any casts and explicit any types in the https.get calls.
|
📄 Preview deployed to https://opentdf-docs-pr-252.surge.sh |
1 participant
Summary
check-vendored-yamlusing theGITHUB_TOKENenv var (already passed by both CI workflows)fetchJson— previously a 403 rate-limit response was silently parsed as JSON and passed to afor...ofloop, causing a crypticTypeError: contents is not iterableRoot cause: The script makes unauthenticated requests to the GitHub Contents API (60 req/hr limit). In CI, multiple concurrent jobs or rapid re-runs exhaust this limit, causing the build step to fail with an unhelpful error.
Fix: Use
GITHUB_TOKENfor authenticated requests (5,000 req/hr), and fail with a clear error message if the API still returns a non-200 status.Test plan
npm run check-vendored-yamlstill works (gracefully handles missing token with clear error)🤖 Generated with Claude Code