You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[MINOR]scripts/create-v1-issues.mjs:91 — POST requests missing Content-Type: application/json; issue creation may fail
details
Problem:gh() helper never sets Content-Type: application/json on POST requests that pass a JSON-serialised body
Why it matters: Node's native fetch does not auto-add Content-Type for plain string bodies; if the GitHub API enforces the header (per HTTP spec), all 16 issue-create calls fail with 415 Unsupported Media Type or the body is silently ignored, leaving no issues created and no actionable error from the validation layer
Problem:repository?.includes('/') only checks for the presence of a slash; owner/suborg/repo passes validation, then const [owner, repo] = repository.split('/') silently drops the third segment and targets the wrong repo
Why it matters: Issues would be created in owner/suborg instead of owner/suborg/repo; the error message says "expected owner/repo" but the guard does not enforce that invariant
2026-05-02 — 49c60da
Reviewed: 5ce68c3..49c60da (4 commits)
Blockers: 0 | Majors: 0 | Minors: 1 | Nits: 1
[MINOR]
scripts/create-v1-issues.mjs:91— POST requests missingContent-Type: application/json; issue creation may faildetails
Problem:
gh()helper never setsContent-Type: application/jsonon POST requests that pass a JSON-serialised bodyWhy it matters: Node's native
fetchdoes not auto-addContent-Typefor plain string bodies; if the GitHub API enforces the header (per HTTP spec), all 16 issue-create calls fail with415 Unsupported Media Typeor the body is silently ignored, leaving no issues created and no actionable error from the validation layerFix:
async function gh(path, init = {}) { const res = await fetch(`https://api.github.com${path}`, { ...init, headers: { Accept: 'application/vnd.github+json', Authorization: `Bearer ${token}`, 'X-GitHub-Api-Version': '2022-11-28', + ...(init.body !== undefined ? { 'Content-Type': 'application/json' } : {}), ...(init.headers ?? {}), }, });[NIT]
scripts/create-v1-issues.mjs:18—GITHUB_REPOSITORYvalidation accepts multi-segment paths silentlydetails
Problem:
repository?.includes('/')only checks for the presence of a slash;owner/suborg/repopasses validation, thenconst [owner, repo] = repository.split('/')silently drops the third segment and targets the wrong repoWhy it matters: Issues would be created in
owner/suborginstead ofowner/suborg/repo; the error message says "expected owner/repo" but the guard does not enforce that invariantFix:
5ce68c3077907fb998385fa428b3656043db2577..49c60da5611be873713af8e2c36819da373fa3f6(4 commits, 3 files)49c60da.1tested — GitHub's API is reportedly lenient with Content-Type for JSON bodies, and the post-merge fix commits fix(scripts): honour ISSUE_LABELS override in create-v1-issues #187/fix(scripts): resolve merge conflicts in create-v1-issues branch #188 didn't address this, suggesting the script ran successfully without it. However, relying on undocumented server leniency is fragile. Finding retained as [MINOR].49c60da5611be873713af8e2c36819da373fa3f6