rodin/review-bot
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

feat(github): implement GitHub API client foundation #101

Merged
aweiker merged 3 commits from issue-80-a-client into feature/github-support 2026-05-13 04:46:46 +00:00
Conversation 14 Commits 3 Files Changed 3
+12 -2
1 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 3d1260d3b2 - Show all commits
github/client.go
+12 -2
View File
6
 @@ -190,6 +190,9 @@ func (c *Client) doRequest(ctx context.Context, method, reqURL string, accept st
const maxAttempts = 3 const maxAttempts = 3
const maxRetryAfter = 120 * time.Second const maxRetryAfter = 120 * time.Second
// backoff holds per-attempt delays: backoff[i] is the delay before attempt i+1.
// Length must be maxAttempts-1 (one entry per retry gap). Panic early on misconfiguration
gpt-review-bot commented 2026-05-13 04:28:25 +00:00
Outdated
Review
Copy Link
Copy Source

[NIT] Calling timer.Stop after the timer has already fired is unnecessary. It’s harmless but can be removed for clarity.

**[NIT]** Calling timer.Stop after the timer has already fired is unnecessary. It’s harmless but can be removed for clarity.
// so a maxAttempts change without a matching backoff update is caught in tests, not production.
var backoff []time.Duration var backoff []time.Duration
if c.retryBackoff != nil { if c.retryBackoff != nil {
sonnet-review-bot commented 2026-05-13 04:27:43 +00:00
Review
Copy Link
Copy Source

[MINOR] The panic on backoff length mismatch is a deliberate 'catch misconfiguration in tests' guard, but panicking in a library function violates the repo convention ('Return errors; never panic'). The comment justifies it as a programming error caught early, but it means any test that calls SetRetryBackoff with the wrong length (e.g., during future refactoring that changes maxAttempts) will panic rather than getting a useful error. Consider returning an error from doRequest or validating at SetRetryBackoff time instead.

**[MINOR]** The panic on backoff length mismatch is a deliberate 'catch misconfiguration in tests' guard, but panicking in a library function violates the repo convention ('Return errors; never panic'). The comment justifies it as a programming error caught early, but it means any test that calls SetRetryBackoff with the wrong length (e.g., during future refactoring that changes maxAttempts) will panic rather than getting a useful error. Consider returning an error from doRequest or validating at SetRetryBackoff time instead.
backoff = make([]time.Duration, len(c.retryBackoff)) backoff = make([]time.Duration, len(c.retryBackoff))
@@ -197,6 +200,9 @@ func (c *Client) doRequest(ctx context.Context, method, reqURL string, accept st
} else { } else {
sonnet-review-bot commented 2026-05-13 04:32:44 +00:00
Review
Copy Link
Copy Source

[NIT] The defaultBackoff local variable is declared but serves only as a template for the else branch. The variable name and the copy-pattern are fine, but it could be simplified slightly: the if c.retryBackoff != nil && len(c.retryBackoff) == maxRetryAttempts-1 guard duplicates the invariant already enforced by SetRetryBackoff. A comment noting that the length check here is a defensive guard against direct struct construction (bypassing the setter) would clarify the intent.

**[NIT]** The `defaultBackoff` local variable is declared but serves only as a template for the else branch. The variable name and the copy-pattern are fine, but it could be simplified slightly: the `if c.retryBackoff != nil && len(c.retryBackoff) == maxRetryAttempts-1` guard duplicates the invariant already enforced by `SetRetryBackoff`. A comment noting that the length check here is a defensive guard against direct struct construction (bypassing the setter) would clarify the intent.
backoff = []time.Duration{1 * time.Second, 2 * time.Second} backoff = []time.Duration{1 * time.Second, 2 * time.Second}
} }
if len(backoff) != maxAttempts-1 {
rodin commented 2026-05-13 04:27:06 +00:00
Outdated
Review
Copy Link
Copy Source

Fixed. Added a panic guard ensuring len(backoff) == maxAttempts-1. If someone changes maxAttempts without updating the default backoff, this fires immediately in tests rather than silently producing incorrect retry behavior.

Fixed. Added a panic guard ensuring `len(backoff) == maxAttempts-1`. If someone changes `maxAttempts` without updating the default backoff, this fires immediately in tests rather than silently producing incorrect retry behavior.
panic(fmt.Sprintf("github: backoff length %d does not match maxAttempts-1 (%d)", len(backoff), maxAttempts-1))
security-review-bot marked this conversation as resolved Outdated
security-review-bot commented 2026-05-13 04:28:53 +00:00
Outdated
Review
Copy Link
Copy Source

[MINOR] doRequest panics if the computed backoff length doesn't match maxAttempts-1. While intended to catch misconfiguration in tests, panics can crash the process and create a denial-of-service if this method is misused in production. Prefer returning an error or falling back to a safe default to avoid process termination.

**[MINOR]** doRequest panics if the computed backoff length doesn't match maxAttempts-1. While intended to catch misconfiguration in tests, panics can crash the process and create a denial-of-service if this method is misused in production. Prefer returning an error or falling back to a safe default to avoid process termination.
}
// maxErrorBodyBytes limits how much of an error response body is stored. // maxErrorBodyBytes limits how much of an error response body is stored.
// Kept small (4 KiB) to reduce the risk of sensitive data leakage if callers // Kept small (4 KiB) to reduce the risk of sensitive data leakage if callers
6
 @@ -255,6 +261,10 @@ func (c *Client) doRequest(ctx context.Context, method, reqURL string, accept st
return nil, fmt.Errorf("do request: %w", err) return nil, fmt.Errorf("do request: %w", err)
} }
// Capture response metadata before handleResponse takes body ownership.
rodin commented 2026-05-13 04:27:06 +00:00
Outdated
Review
Copy Link
Copy Source

Fixed. Now capturing resp.StatusCode and Retry-After header into local variables before calling handleResponse, making the ownership transfer explicit. The caller no longer touches resp after handing it off.

Fixed. Now capturing `resp.StatusCode` and `Retry-After` header into local variables *before* calling `handleResponse`, making the ownership transfer explicit. The caller no longer touches `resp` after handing it off.
respStatus := resp.StatusCode
retryAfterHeader := resp.Header.Get("Retry-After")
body, done, err := c.handleResponse(resp, maxResponseBytes, maxErrorBodyBytes) body, done, err := c.handleResponse(resp, maxResponseBytes, maxErrorBodyBytes)
if done { if done {
return body, err return body, err
1
 @@ -262,10 +272,10 @@ func (c *Client) doRequest(ctx context.Context, method, reqURL string, accept st
lastErr = err lastErr = err
// Retry on 429 rate limit // Retry on 429 rate limit
if resp.StatusCode == http.StatusTooManyRequests && attempt < maxAttempts-1 { if respStatus == http.StatusTooManyRequests && attempt < maxAttempts-1 {
// Check for Retry-After header and override backoff if present. // Check for Retry-After header and override backoff if present.
// Supports both integer seconds (common) and HTTP-date format (RFC 7231). // Supports both integer seconds (common) and HTTP-date format (RFC 7231).
gpt-review-bot commented 2026-05-13 04:28:25 +00:00
Review
Copy Link
Copy Source

[MINOR] The error message references "(truncated)" for oversized success responses, but the function returns an error without returning a truncated body. Consider rewording to avoid implying truncated data was returned.

**[MINOR]** The error message references "(truncated)" for oversized success responses, but the function returns an error without returning a truncated body. Consider rewording to avoid implying truncated data was returned.
if ra := resp.Header.Get("Retry-After"); ra != "" { if ra := retryAfterHeader; ra != "" {
if seconds, err := strconv.Atoi(ra); err == nil && seconds > 0 { if seconds, err := strconv.Atoi(ra); err == nil && seconds > 0 {
delay := time.Duration(seconds) * time.Second delay := time.Duration(seconds) * time.Second
if delay > maxRetryAfter { if delay > maxRetryAfter {
1