Conversation
There was a problem hiding this comment.
Pull request overview
This PR fixes an incorrect warning emitted by start-proxy when credentials use a PAT-like token with a configured username, and expands unit test coverage to validate the corrected behavior.
Changes:
- Adjust PAT-warning logic in
getCredentialsto only warn when a PAT is used and no username is provided. - Refactor/add test utilities (
RecordingLogger.hasMessage,assertNotLogged) and expandgetCredentialstests to cover username/no-username combinations. - Add a VS Code snippet file (unrelated to the warning fix).
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| src/start-proxy.ts | Fixes the PAT warning condition to account for username presence for both token and password configs. |
| src/start-proxy.test.ts | Adds macro-based tests covering PAT warning behavior with/without usernames for token and password inputs. |
| src/testing-utils.ts | Enhances the recording logger with message-search helpers and adds a negative-log assertion helper. |
| lib/start-proxy-action.js | Generated output reflecting the src/start-proxy.ts change. |
| .vscode/tests.code-snippets | Adds an editor snippet (not directly related to the PR’s stated purpose). |
| const check = (val: string) => | ||
| typeof messageOrRegExp === "string" | ||
| ? val.includes(messageOrRegExp) | ||
| : messageOrRegExp.test(val); | ||
|
|
| * one of the `messages` matches `messageOrRegExp`. | ||
| */ | ||
| hasMessage(messageOrRegExp: string | RegExp): boolean { | ||
| return hasLoggedMessage(this.messages, messageOrRegExp); |
| }, | ||
|
|
||
| title: (providedTitle = "") => | ||
| `getCredentials logs a warning when a PAT is used - ${providedTitle}`, |
esbena
left a comment
esbena
left a comment
There was a problem hiding this comment.
LGTM. Thanks for the thorough testing improvements.
| /** | ||
| * Asserts that `message` should not have been logged to `logger`. | ||
| */ | ||
| export function assertNotLogged( |
There was a problem hiding this comment.
Two minor things on this one:
-
Naming: doesn't follow the
check...naming convention ofcheckExpectedLogMessages -
Could be upgraded to
(string | RegExp)[]since we already useshasLoggedMessageunder the hood
esbena
left a comment
esbena
left a comment
There was a problem hiding this comment.
Approving, but please see my thoughts on assertNotLogged
This was missed in #3563 and caught in #3577 (comment).
Risk assessment
For internal use only. Please select the risk level of this change:
Which use cases does this change impact?
Workflow types:
dynamicworkflows (Default Setup, Code Quality, ...).Products:
analysis-kinds: code-scanning.analysis-kinds: code-quality.Environments:
github.comand/or GitHub Enterprise Cloud with Data Residency.How did/will you validate this change?
.test.tsfiles).pr-checks).If something goes wrong after this change is released, what are the mitigation and rollback strategies?
How will you know if something goes wrong after this change is released?
Are there any special considerations for merging or releasing this change?
Merge / deployment checklist