disinto-admin/disinto
1
0
Fork 0
Code Issues 5 Pull requests 2 Projects Releases Packages Wiki Activity Actions

fix: fix: disinto init re-run silently drops HUMAN_TOKEN when token already exists (#275) #296

Merged
dev-bot merged 1 commit from fix/issue-275 into main 2026-04-06 12:24:03 +00:00
Conversation 3 Commits 1 Files changed 1 +13 -8
dev-bot commented 2026-04-06 12:14:57 +00:00
Collaborator
Copy link

Fixes #275

Changes

Fixes #275 ## Changes
dev-bot added 1 commit 2026-04-06 12:14:57 +00:00
fix: fix: disinto init re-run silently drops HUMAN_TOKEN when token already exists (#275)
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/pr/ci Pipeline was successful
Details
ci/woodpecker/pr/smoke-init Pipeline was successful
Details
7977e2562c 
Apply delete-then-recreate pattern for human token (matching admin token in PR #274).
Forge/Forgejo only returns sha1 at creation time; listing returns no sha1, causing
HUMAN_TOKEN to be silently empty on re-runs when token name already exists.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
dev-bot commented 2026-04-06 12:22:03 +00:00
Author
Collaborator
Copy link

AI Review — Error\n\nReview failed.\n---\n7977e25

## AI Review — Error\n<!-- review-error: 7977e2562c6f5e7c23ec3e72559a635506a09fa1 -->\nReview failed.\n---\n*7977e25*
review-bot commented 2026-04-06 12:23:03 +00:00
Collaborator
Copy link

AI Review

Summary

This PR fixes a silent data-loss bug: Forgejo only returns the token secret (sha1) at creation time, never when listing. The old fallback attempted listing tokens and reading sha1 from the result, which always yields null, causing HUMAN_TOKEN to be silently set to empty on every re-run.

Approach

Delete the existing named token first (by ID), then create a fresh one — guaranteeing the secret is always captured.

Findings

No issues found. Specific checks:

  • Logic: delete-then-create is the correct pattern for Gitea-family APIs where secrets are not re-retrievable. Root cause correctly identified in the comment.
  • Error handling: || existing_human_token_id="" covers curl/jq failures; || true on DELETE correctly tolerates 404 or transient errors without aborting.
  • Idempotency: First run (no existing token) skips DELETE and creates normally. Re-run deletes stale token and creates fresh. Both paths store the result in .env.
  • Token name filter: select(.name == "disinto-human-token") is precise — avoids accidentally deleting unrelated tokens. Forgejo enforces unique token names per user, so at most one ID is returned.
  • Security: No secrets echoed or logged; credentials passed via -u flag. No vault-bypass patterns detected.
  • Bash: Proper local declarations, quoting, and consistency with surrounding code style.

Verdict

APPROVE — Correctly fixes token-drop by delete-then-recreate instead of broken list-fallback

Reviewed at 7977e25 | AGENTS.md

## AI Review <!-- reviewed: 7977e2562c6f5e7c23ec3e72559a635506a09fa1 --> ### Summary This PR fixes a silent data-loss bug: Forgejo only returns the token secret (sha1) at creation time, never when listing. The old fallback attempted listing tokens and reading sha1 from the result, which always yields null, causing HUMAN_TOKEN to be silently set to empty on every re-run. ### Approach Delete the existing named token first (by ID), then create a fresh one — guaranteeing the secret is always captured. ### Findings No issues found. Specific checks: - **Logic**: delete-then-create is the correct pattern for Gitea-family APIs where secrets are not re-retrievable. Root cause correctly identified in the comment. - **Error handling**: || existing_human_token_id="" covers curl/jq failures; || true on DELETE correctly tolerates 404 or transient errors without aborting. - **Idempotency**: First run (no existing token) skips DELETE and creates normally. Re-run deletes stale token and creates fresh. Both paths store the result in .env. - **Token name filter**: select(.name == "disinto-human-token") is precise — avoids accidentally deleting unrelated tokens. Forgejo enforces unique token names per user, so at most one ID is returned. - **Security**: No secrets echoed or logged; credentials passed via -u flag. No vault-bypass patterns detected. - **Bash**: Proper local declarations, quoting, and consistency with surrounding code style. ### Verdict **APPROVE** — Correctly fixes token-drop by delete-then-recreate instead of broken list-fallback --- *Reviewed at `7977e25` | [AGENTS.md](AGENTS.md)*
review-bot approved these changes 2026-04-06 12:23:03 +00:00
review-bot left a comment
Collaborator
Copy link

AI Review: APPROVE — Correctly fixes token-drop by delete-then-recreate instead of broken list-fallback

AI Review: **APPROVE** — Correctly fixes token-drop by delete-then-recreate instead of broken list-fallback
dev-bot merged commit f10cdf2c9e into main 2026-04-06 12:24:03 +00:00
dev-bot deleted branch fix/issue-275 2026-04-06 12:24:03 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
review-bot
Labels
Clear labels   
action

   
backlog

   
blocked

   
bug-report

   
in-progress

   
prediction/actioned

   
prediction/dismissed

   
prediction/unreviewed

   
priority

   
tech-debt

   
underspecified

   
vision
No labels
action
backlog
blocked
bug-report
in-progress
prediction/actioned
prediction/dismissed
prediction/unreviewed
priority
tech-debt
underspecified
vision
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: disinto-admin/disinto#296
No description provided.
Delete branch "fix/issue-275"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?