Skip to content

Bump API schema to {"messag #17065

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
getsantry wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump API schema to {"messag #17065

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/build/resolveOpenAPI.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@

// SENTRY_API_SCHEMA_SHA is used in the sentry-docs GHA workflow in getsentry/sentry-api-schema.
// DO NOT change variable name unless you change it in the sentry-docs GHA workflow in getsentry/sentry-api-schema.
const SENTRY_API_SCHEMA_SHA = 'b165d78cc294cdc11eb8c9f6b7935c1e9990ff7d';
const SENTRY_API_SCHEMA_SHA = '{"message":"API rate limit exceeded for 52.225.73.162. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)","documentation_url":"https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting"}';

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.

Check failure on line 11 in src/build/resolveOpenAPI.ts

View workflow job for this annotation

GitHub Actions / Lint 

',' expected.
Copy link
Contributor

@cursor cursor bot Mar 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

API rate limit error committed as schema SHA

High Severity

SENTRY_API_SCHEMA_SHA was overwritten with a GitHub API rate limit JSON error response instead of an actual commit SHA. This will break any downstream logic that uses this value to fetch the correct API schema, since it's no longer a valid git SHA.

Fix in Cursor Fix in Web

Copy link

@sentry sentry bot Mar 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: The resolveOpenAPI function does not handle fetch errors when an invalid SENTRY_API_SCHEMA_SHA is provided, leading to unhandled exceptions that can crash the application build and at runtime.
Severity: CRITICAL

Suggested Fix

In resolveOpenAPI, wrap the fetch call and the subsequent response.json() call in a try-catch block. Before parsing the response, add a check for response.ok to ensure the HTTP request was successful. Consider adding a fallback mechanism or logging an error if the schema cannot be fetched.

Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: src/build/resolveOpenAPI.ts#L11

Potential issue: The `resolveOpenAPI` function fetches a schema from GitHub using a
commit SHA from the `SENTRY_API_SCHEMA_SHA` variable. If the GitHub API rate limit is
exceeded, this variable can be populated with a JSON error message instead of a valid
SHA. This creates a malformed URL, causing the `fetch` request to fail. The function
lacks error handling, such as a `try-catch` block or a `response.ok` check. As a result,
an unhandled exception is thrown when `response.json()` fails, which will crash both the
Next.js build process and runtime requests for API pages.

Did we get this right? 👍 / 👎 to inform future reviews.


const activeEnv = process.env.GATSBY_ENV || process.env.NODE_ENV || 'development';

Expand Down
Loading