Bump API schema to {"messag#17065
Hidden character warning
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| // SENTRY_API_SCHEMA_SHA is used in the sentry-docs GHA workflow in getsentry/sentry-api-schema. | ||
| // DO NOT change variable name unless you change it in the sentry-docs GHA workflow in getsentry/sentry-api-schema. | ||
| const SENTRY_API_SCHEMA_SHA = 'b165d78cc294cdc11eb8c9f6b7935c1e9990ff7d'; | ||
| const SENTRY_API_SCHEMA_SHA = '{"message":"API rate limit exceeded for 52.225.73.162. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)","documentation_url":"https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting"}'; |
There was a problem hiding this comment.
API rate limit error committed as schema SHA
High Severity
SENTRY_API_SCHEMA_SHA was overwritten with a GitHub API rate limit JSON error response instead of an actual commit SHA. This will break any downstream logic that uses this value to fetch the correct API schema, since it's no longer a valid git SHA.
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
| // SENTRY_API_SCHEMA_SHA is used in the sentry-docs GHA workflow in getsentry/sentry-api-schema. | ||
| // DO NOT change variable name unless you change it in the sentry-docs GHA workflow in getsentry/sentry-api-schema. | ||
| const SENTRY_API_SCHEMA_SHA = 'b165d78cc294cdc11eb8c9f6b7935c1e9990ff7d'; | ||
| const SENTRY_API_SCHEMA_SHA = '{"message":"API rate limit exceeded for 52.225.73.162. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)","documentation_url":"https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting"}'; |
There was a problem hiding this comment.
Bug: The resolveOpenAPI function does not handle fetch errors when an invalid SENTRY_API_SCHEMA_SHA is provided, leading to unhandled exceptions that can crash the application build and at runtime.
Severity: CRITICAL
Suggested Fix
In resolveOpenAPI, wrap the fetch call and the subsequent response.json() call in a try-catch block. Before parsing the response, add a check for response.ok to ensure the HTTP request was successful. Consider adding a fallback mechanism or logging an error if the schema cannot be fetched.
Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location: src/build/resolveOpenAPI.ts#L11
Potential issue: The `resolveOpenAPI` function fetches a schema from GitHub using a
commit SHA from the `SENTRY_API_SCHEMA_SHA` variable. If the GitHub API rate limit is
exceeded, this variable can be populated with a JSON error message instead of a valid
SHA. This creates a malformed URL, causing the `fetch` request to fail. The function
lacks error handling, such as a `try-catch` block or a `response.ok` check. As a result,
an unhandled exception is thrown when `response.json()` fails, which will crash both the
Next.js build process and runtime requests for API pages.
Did we get this right? 👍 / 👎 to inform future reviews.
No description provided.