Skip to content

fix(github): retry label and assignee writes on stale installation tokens#6229

Closed
bohdansolovie wants to merge 1 commit into
JSONbored:mainfrom
bohdansolovie:fix/label-assignee-token-retry-6191
Closed

fix(github): retry label and assignee writes on stale installation tokens#6229
bohdansolovie wants to merge 1 commit into
JSONbored:mainfrom
bohdansolovie:fix/label-assignee-token-retry-6191

Conversation

@bohdansolovie

Copy link
Copy Markdown
Contributor

Summary

  • Wraps ensurePullRequestLabel, removePullRequestLabel, and ensurePullRequestAssignee in withInstallationTokenRetry, matching postPullRequestComment, closePullRequest, and the other GitHub-write helpers.
  • Stale cached installation tokens that produce a 401 now get one eviction + remint retry instead of failing the label/assignee mutation permanently while leaving later write helpers to recover alone.
  • Adds regression coverage for both label helpers and the assignee helper (#6191).

Closes #6191

Scope

  • Code changes stay inside the declared surfaces (src/github/labels.ts, src/github/assignees.ts, matching unit tests)
  • No public API / export surface change beyond fixing helper behavior
  • Reuses the existing withInstallationTokenRetry helper — no new retry semantics invented here

Validation

  • Matching unit tests updated (github-labels.test.ts, github-assignees.test.ts)
  • Focused regression coverage for the exact failure mode called out in #6191
  • CI on this PR (will mark ready after green)

Safety

  • Diff is limited to GitHub label/assignee write retries
  • No scheme / economics / protocol changes
  • Existing non-401 failure paths (missing privileges, agents, rate limits) still return { applied: false } without inventing success

Made with Cursor

@loopover-orb loopover-orb Bot added the gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier. label Jul 15, 2026
@loopover-orb

loopover-orb Bot commented Jul 15, 2026

Copy link
Copy Markdown

Caution

🛑 LoopOver review result - fixes required

Review updated: 2026-07-15 23:54:34 UTC

4 files · 1 AI reviewer · no blockers · CI failing · blocked

🛑 Suggested Action - Fix Blockers

Review summary
This PR wraps the label and assignee write paths (ensurePullRequestLabel, removePullRequestLabel, ensurePullRequestAssignee) in the existing withInstallationTokenRetry helper, matching the retry pattern already used by comment/close-PR write helpers. The wrapping is correct: the GET dedup probes and mutating POST/DELETE calls are inside the retry closure, and existing 404/422/403 handling is preserved and re-executed safely on retry (label creation's already_exists 422 swallow makes a second attempt idempotent). Tests for all three helpers simulate a first-attempt 401 followed by success and assert exactly one token remint and one retry, which is a faithful exercise of the new code path.

Nits — 3 non-blocking
  • src/github/labels.ts: the inline comment on removePullRequestLabel's catch block claiming '401 is NOT swallowed — withInstallationTokenRetry sees it and retries once' is asserting behavior of a helper not shown in this diff; worth a one-line pointer to app.ts's implementation for future readers.
  • Consider a single shared test helper for the 'first request 401s, second succeeds' fetch-stub pattern since it's now duplicated near-identically across three test files.
  • No functional changes needed; if withInstallationTokenRetry's retry count is ever made configurable, add a test asserting it still caps at exactly one retry for these three helpers to guard against future regressions.

CI checks failing

  • validate
  • codecov/patch — 60.00% of diff hit (target 99.00%)
  • validate-tests (1)
Flagged checks (non-blocking)
  • Contributor trust — Contributor flagged for review

Decision drivers

  • ✅ Code review — No blockers (1 reviewer)
  • ✅ Gate result — Passing (No configured blocker found.)
Context & advisory signals — never blocks the verdict
Signal Result Evidence
Linked issue ✅ Linked #6191
Related work ⚠️ 2 scoped overlaps Top overlaps are listed below; lower-confidence bulk is hidden.
Change scope ❌ 8/20 High review scope from cached public metadata (1 linked issue).
Validation posture ✅ 25/25 PR body includes validation/test evidence.
Contributor workload ✅ 10/10 Author activity: 78 registered-repo PR(s), 27 merged, 6 issue(s).
Contributor context ✅ Confirmed Gittensor contributor bohdansolovie; Gittensor profile; 78 PR(s), 6 issue(s).
Improvement ✅ Minor risk: clean · value: minor · LLM: moderate
Review context
Contributor next steps
  • Start here: Review top overlaps.
  • Then work through the remaining 2 steps in the Signals table above.
Signal definitions
  • Related work = same linked issue, overlapping active PRs, or title/path similarity.
  • Change scope = cached public metadata such as size labels, draft state, and review-burden hints.
  • Validation posture = whether the PR provides enough public validation/test evidence for maintainer review.
  • Contributor workload = public contributor activity and cleanup pressure, not a repo-wide quality failure.
  • Contributor context = public GitHub/Gittensor identity context; non-Gittensor status is not a blocker.
🧪 Chat with LoopOver

Ask LoopOver a question about this PR directly in a comment — grounded only in the same cached, public-safe facts shown above, never a new claim.

  • @loopover ask <question> answers contribution-quality Q&A with source citations and freshness.
  • @loopover chat <question> answers in natural prose from cached decision-pack facts via local inference (maintainer/collaborator; read-only).
  • A plain-language @loopover mention with a real question is routed to the closest matching read-only command automatically — no exact syntax required.

Full command reference: https://gittensory.aethereal.dev/docs/loopover-commands

🧪 Experimental — new and may change.

🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed


💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →.

Checked by LoopOver, a quiet PR intelligence layer for OSS maintainers.

  • Re-run LoopOver review

@codecov

codecov Bot commented Jul 15, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 60.00000% with 14 lines in your changes missing coverage. Please review.
✅ Project coverage is 86.64%. Comparing base (53f3726) to head (195c79a).
⚠️ Report is 2 commits behind head on main.

Files with missing lines Patch % Lines
src/github/assignees.ts 0.00% 14 Missing ⚠️

❗ There is a different number of reports uploaded between BASE (53f3726) and HEAD (195c79a). Click for more details.

HEAD has 1 upload less than BASE
Flag BASE (53f3726) HEAD (195c79a)
shard-1 1 0
Additional details and impacted files
@@            Coverage Diff             @@
##             main    #6229      +/-   ##
==========================================
- Coverage   95.35%   86.64%   -8.72%     
==========================================
  Files         598      598              
  Lines       47127    47127              
  Branches    14994    14994              
==========================================
- Hits        44940    40834    -4106     
- Misses       1463     4910    +3447     
- Partials      724     1383     +659     
Flag Coverage Δ
shard-1 ?
shard-2 36.78% <42.85%> (+0.19%) ⬆️
shard-3 32.36% <5.71%> (+0.02%) ⬆️
shard-4 33.76% <45.71%> (-0.61%) ⬇️
shard-5 31.61% <60.00%> (-0.19%) ⬇️
shard-6 45.21% <42.85%> (+0.30%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
src/github/labels.ts 100.00% <100.00%> (ø)
src/github/assignees.ts 0.00% <0.00%> (-100.00%) ⬇️

... and 111 files with indirect coverage changes

@JSONbored JSONbored marked this pull request as ready for review July 15, 2026 23:44
@JSONbored JSONbored self-requested a review as a code owner July 15, 2026 23:44
…kens

ensurePullRequestLabel, removePullRequestLabel, and ensurePullRequestAssignee now use withInstallationTokenRetry so a 401 (or scope 403) invalidates the cached token and retries once — matching the other GitHub-write helpers.

Closes JSONbored#6191

Co-authored-by: Cursor <cursoragent@cursor.com>
@superagent-security

Copy link
Copy Markdown
Contributor

🚨 Contributor flagged. Click here for more info: Superagent Dashboard

@superagent-security superagent-security Bot added the contributor:flagged Contributor flagged for review by trust analysis. label Jul 15, 2026
@JSONbored JSONbored force-pushed the fix/label-assignee-token-retry-6191 branch from bea0c6b to 195c79a Compare July 15, 2026 23:44
@superagent-security

Copy link
Copy Markdown
Contributor

Superagent didn't find any vulnerabilities or security issues in this PR.

1 similar comment
@superagent-security

Copy link
Copy Markdown
Contributor

Superagent didn't find any vulnerabilities or security issues in this PR.

@loopover-orb

loopover-orb Bot commented Jul 15, 2026

Copy link
Copy Markdown

LoopOver is closing this pull request on the maintainer's behalf (CI is failing (validate, codecov/patch, validate-tests (1))). This is an automated maintenance action — to pursue this change, please open a new pull request with the issues resolved. Closed PRs may be analyzed later to improve review accuracy, but they are not automatically reopened or re-reviewed.

@loopover-orb loopover-orb Bot closed this Jul 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

contributor:flagged Contributor flagged for review by trust analysis. gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

fix(github): label/assignee writes skip the installation-token retry every sibling GitHub-write helper uses

1 participant