Skip to content

[jsweep] Clean validate_secrets.cjs#46129

Open
github-actions[bot] wants to merge 2 commits into
mainfrom
signed/jsweep/validate-secrets-cleanup-0290d9f62cca3a52
Open

[jsweep] Clean validate_secrets.cjs#46129
github-actions[bot] wants to merge 2 commits into
mainfrom
signed/jsweep/validate-secrets-cleanup-0290d9f62cca3a52

Conversation

@github-actions

Copy link
Copy Markdown
Contributor

Summary

Cleaned actions/setup/js/validate_secrets.cjs by removing unnecessary try/catch boilerplate in the HTTP helper functions.

Changes

File: validate_secrets.cjs
Context: github-script

Removed unnecessary try/catch blocks

Both makeRequest and makePostRequest had identical try/catch patterns:

// Before
try {
  const res = await fetch(...);
  const data = await res.text();
  return { statusCode: res.status, data };
} catch (err) {
  if (err instanceof Error && err.name === "AbortError") {
    throw new Error("Request timeout");
  }
  throw err; // rethrow-only for all other errors — no value added
}

Replaced with a .catch() chain on the fetch promise:

// After
const res = await fetch(...).catch((err) => {
  throw err instanceof Error && err.name === "AbortError" ? new Error("Request timeout") : err;
});
const data = await res.text();
return { statusCode: res.status, data };

This eliminates the rethrow-only branches while preserving the AbortError → "Request timeout" transformation.

Test improvements

Existing tests already cover the timeout/abort path — all 35 tests in validate_secrets.test.cjs pass.

✅ Validation

  • Formatting: npm run format:cjs
  • Linting: npm run lint:cjs
  • Type checking: npm run typecheck
  • Tests: npm run test:js ✓ (35 tests passed; pre-existing unrelated failures in send_otlp_span.test.cjs and setup_threat_detection.test.cjs are not caused by this change)

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • traces.example.com

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "traces.example.com"

See Network Configuration for more information.

Generated by 🧹 jsweep - JavaScript Unbloater · 62 AIC · ⌖ 8.43 AIC · ⊞ 7.7K ·

  • expires on Jul 18, 2026, 8:57 PM UTC-08:00

Replace verbose try/catch blocks that only transform AbortError and
rethrow everything else with a concise .catch() chain on the fetch
promise in both makeRequest and makePostRequest.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@github-actions

This comment has been minimized.

@github-actions

Copy link
Copy Markdown
Contributor Author

Hey @app/github-actions 👋 — nice cleanup! Removing the redundant try/catch boilerplate from makeRequest and makePostRequest in validate_secrets.cjs makes the error propagation cleaner and the code easier to follow.

One thing worth addressing before this lands:

  • No test coverage changes — the diff touches HTTP helper functions (makeRequest / makePostRequest) but does not include any updates to test files. Even for a refactor/cleanup, a quick smoke test or an assertion that errors still propagate correctly after the try/catch removal would give reviewers more confidence.

If you would like a hand, you can assign this prompt to your coding agent:

Add or update tests for the HTTP helper functions in actions/setup/js/validate_secrets.cjs.
The recent cleanup removed try/catch blocks from makeRequest and makePostRequest so errors now propagate naturally.
Cover the following scenarios:
1. Successful request — should return parsed JSON data.
2. Network/fetch error — should reject/throw without swallowing the error.
3. Non-OK HTTP response — should surface the error to the caller.
Place tests in the appropriate test file alongside validate_secrets.cjs or create one if it does not exist.

Generated by ✅ Contribution Check · 87.5 AIC · ⌖ 15.7 AIC · ⊞ 6.2K ·

@pelikhan
pelikhan marked this pull request as ready for review July 17, 2026 06:58
Copilot AI review requested due to automatic review settings July 17, 2026 06:58
@github-actions

github-actions Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor Author

🧠 Matt Pocock Skills Reviewer has completed the skills-based review. ✅

@github-actions

github-actions Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor Author

⚠️ PR Code Quality Reviewer failed to deliver outputs during code quality review.

@github-actions

github-actions Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor Author

Design Decision Gate 🏗️ completed the design decision gate check.

No ADR enforcement needed: PR #46129 does not have the 'implementation' label and has 0 new lines of code in business logic directories (threshold: 100).

@github-actions

github-actions Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor Author

Test Quality Sentinel completed test quality analysis.

No test files were added or modified in this PR. Test Quality Sentinel skipped.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Refactors HTTP helpers while preserving timeout error handling.

Changes:

  • Replaces try/catch blocks with promise catches.
  • Retains response parsing and return structures.
Show a summary per file
File Description
actions/setup/js/validate_secrets.cjs Simplifies GET and POST request error handling.

Review details

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 1/1 changed files
  • Comments generated: 2
  • Review effort level: Medium

}).catch(err => {
throw err instanceof Error && err.name === "AbortError" ? new Error("Request timeout") : err;
});
const data = await res.text();
}).catch(err => {
throw err instanceof Error && err.name === "AbortError" ? new Error("Request timeout") : err;
});
const data = await res.text();

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skills-Based Review 🧠

Applied /codebase-design — the refactor is clean and the behaviour is preserved.

📋 Key Themes & Highlights

Positive Highlights

  • ✅ Duplication eliminated: the identical try/catch pattern across both functions is gone
  • ✅ The AbortError → "Request timeout" transformation is correctly preserved
  • ✅ All 35 tests pass; validation steps documented in the PR description

Minor Observation

The original try/catch wrapped both fetch() and res.text() together, so an AbortError thrown from res.text() would also have been caught and mapped. The new .catch() is scoped only to the fetch() call, so a hypothetical AbortError from res.text() would now propagate unmapped. In practice res.text() will never throw an AbortError after the signal fires (the fetch has already settled), so the observable behaviour is identical. Worth knowing, not worth blocking.

🧠 Reviewed using Matt Pocock's skills by Matt Pocock Skills Reviewer · 10.2 AIC · ⌖ 4.34 AIC · ⊞ 6.7K
Comment /matt to run again

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Clean refactor — semantically equivalent. The .catch() chain on fetch() correctly captures AbortError (which only fetch() throws, not res.text()), so no error handling is lost.

🧵 Reviewed using Impeccable skills by Impeccable Skills Reviewer · 9.45 AIC · ⌖ 4.89 AIC · ⊞ 5K

@github-actions github-actions Bot mentioned this pull request Jul 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants