fix(miner): thread githubToken/apiBaseUrl into the PR-disposition poll#5320
Conversation
Advances #5135 pollPrDispositionFn was called with only options.prDispositionOptions, so the production `loop` command never actually passed a GitHub token or apiBaseUrl into the poller -- unlike runDiscoveryOnce's own call, which already threads them through. pollPrDisposition (unlike runDiscover) has no process.env.GITHUB_TOKEN fallback of its own, so every real PR-disposition poll would have silently run unauthenticated, hitting GitHub's much lower rate limit and failing outright against any private repo. Resolves githubToken once at the CLI-entrypoint layer (mirroring manage-poll.js's own runManagePoll), and threads it into both the discovery call and the disposition poll -- prDispositionOptions can still override it, matching the existing precedence pattern.
|
Superagent didn't find any vulnerabilities or security issues in this PR. |
Deploying with
|
| Status | Name | Latest Commit | Preview URL | Updated (UTC) |
|---|---|---|---|---|
| ✅ Deployment successful! View logs |
gittensory-ui | 851c665 | Commit Preview URL Branch Preview URL |
Jul 12 2026, 01:54 PM |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #5320 +/- ##
=======================================
Coverage 94.37% 94.37%
=======================================
Files 474 474
Lines 40128 40128
Branches 14631 14631
=======================================
Hits 37871 37871
Misses 1582 1582
Partials 675 675
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
|
Warning 🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨 ⏸️ Gittensory review result - manual review recommendedReview updated: 2026-07-12 14:15:11 UTC
⏸️ Suggested Action - Manual Review
Review summary Nits — 5 non-blocking
Concerns raised — review before merging
Review context
Contributor next steps
Signal definitions
[BETA] Chat with GittensoryAsk Gittensory a question about this PR directly in a comment — grounded only in the same cached, public-safe facts shown above, never a new claim.
Full command reference: https://gittensory.aethereal.dev/docs/gittensory-commands 🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed 💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →. Checked by Gittensory, a quiet PR intelligence layer for OSS maintainers.
|
Summary
Follow-up to #5303 (merged before this fix could land on the branch, per the review comment below):
runLoop's call topollPrDispositionFnwas only ever passedoptions.prDispositionOptions, so the productionloopcommand never actually threaded a GitHub token orapiBaseUrlinto the PR-disposition poller — unlikerunDiscoveryOnce's own call, which already does. UnlikerunDiscover,pollPrDispositionhas noprocess.env.GITHUB_TOKENfallback of its own, so every real PR-disposition poll ran unauthenticated: hitting GitHub's much lower unauthenticated rate limit, and failing outright against any private repo.Fix
Resolves
githubTokenonce at the CLI-entrypoint layer (mirroringmanage-poll.js's ownrunManagePoll, which readsprocess.env.GITHUB_TOKENat the top level and threads it down explicitly to every real GitHub caller), and passes it into both the discovery call and the disposition poll.prDispositionOptionscan still override it, matching the existing precedence pattern.Test plan
pollPrDispositionSpyis called withexpect.objectContaining({ githubToken: "ghp_loop_test" }), resolved fromenv.GITHUB_TOKEN— fails without the fix, passes with it.npx vitest run test/unit— 735 files / 14,561 tests passnpx tsc --noEmit -p . --incremental false(fresh, no cache) — cleannpm run test:engine-parity— passnpm run --prefix packages/gittensory-miner build— passgit diff --check— clean