Skip to content

Bump API schema to {"messag #16680

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
getsantry wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump API schema to {"messag #16680

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/build/resolveOpenAPI.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@

// SENTRY_API_SCHEMA_SHA is used in the sentry-docs GHA workflow in getsentry/sentry-api-schema.
// DO NOT change variable name unless you change it in the sentry-docs GHA workflow in getsentry/sentry-api-schema.
const SENTRY_API_SCHEMA_SHA = '42495fc378961e27521a842bf9e6e10e9f864d72';
const SENTRY_API_SCHEMA_SHA = '{"message":"API rate limit exceeded for 68.220.59.224. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)","documentation_url":"https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting"}';

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.
Copy link

@cursor cursor bot Mar 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GitHub API error response committed as schema SHA

High Severity

SENTRY_API_SCHEMA_SHA was replaced with a GitHub API rate-limit error JSON response instead of a valid commit SHA. This value is interpolated into a raw.githubusercontent.com URL on line 29, which will produce an invalid URL and cause the OpenAPI schema fetch to fail, breaking the API docs build.

Fix in Cursor Fix in Web

Copy link

@cursor cursor bot Mar 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CI infrastructure IP address leaked in source code

Low Severity

The accidentally committed GitHub API rate-limit error embeds the IP address 68.220.59.224 of the CI runner infrastructure into the public source code. This is a minor information disclosure that exposes internal infrastructure details.

Fix in Cursor Fix in Web

Copy link

@sentry sentry bot Mar 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: The constant SENTRY_API_SCHEMA_SHA contains a JSON error message instead of a valid Git SHA, which will cause a build-time crash when constructing a URL.
Severity: CRITICAL

Suggested Fix

Replace the corrupted JSON string in SENTRY_API_SCHEMA_SHA with the correct 40-character hexadecimal Git commit SHA for the sentry-api-schema repository. Additionally, consider adding try-catch blocks around the fetch call in resolveOpenAPI() to gracefully handle potential network errors or invalid responses in the future, preventing similar build failures.

Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: src/build/resolveOpenAPI.ts#L11

Potential issue: The constant `SENTRY_API_SCHEMA_SHA` has been assigned a JSON error
string from the GitHub API instead of a valid Git commit SHA. This corrupted value is
used to construct a URL for fetching the OpenAPI schema. The resulting URL is malformed,
causing the `fetch` call to throw a `TypeError`. Since this error occurs within the
`generateStaticParams` function and is not handled by a `try-catch` block, it will lead
to an unhandled promise rejection, crashing the entire Next.js build process and
preventing the documentation site from being deployed.

Did we get this right? 👍 / 👎 to inform future reviews.


const activeEnv = process.env.GATSBY_ENV || process.env.NODE_ENV || 'development';

Expand Down
Loading