IssueHunt
Bug Bounty (New!)
Browse
Sign in with GitHub
sindresorhus/refined-github

Do you want to work on this issue?

You can request for a bounty in order to promote it!

`bypass-checks` breaks codecov link on PR #3938

fisker posted onGitHub

<!-- Thanks for reporting a bug! â›° 1. Make sure the bug is caused by Refined GitHub. Try disabling the extension first. 2. Include a full URL where the bug appears. 3. Include a screenshot/gif Issues without a URL/screenshot will be closed -->

On page like https://github.com/sindresorhus/eslint-plugin-unicorn/pull/1088, the codecov link is https://github.com/sindresorhus/eslint-plugin-unicorn/pull/1088/checks?check_run_id=1797833452, but enables bypass-checks, the link will be https://codecov.io/, should link to the page for this RR on codecov.io

<img width="178" alt="More details on CodeCov link" src="https://user-images.githubusercontent.com/1402241/106792005-41dbb500-661b-11eb-9e6b-7e8143f11620.png">

Each GitHub app can decide where this points to. One would think that it leads to a page with… uhm… more details, but here they're using it to advertise the app.

As a generic solution, what if tried to detect this? A naive check would be:

if details.pathname.length < 10
  leave as is
posted by fregante about 4 years ago

Just ran into this while developing a Github app, it drove me crazy thinking that there was some regression in my own code. Thankfully, it wasn't :sweat_smile:

@fregante It's a required insertion by Github, for example my application is an internal one who's UI is just Github Checks. I'm forced to have that unhelpful link :(

posted by jaredallard about 4 years ago

How about 

if (directLink.details_url === 'https://codecov.io') {
    link.href = `https://codecov.io/gh/${owner}/${repo}/pull/${prNumber}?src=pr&el=h1`
}

Or maybe we can just change this feature to not directly link to details_url, but show a popover with output.summary and details_url? (I prefer this)

posted by fisker about 4 years ago

How about

if (directLink.details_url === 'https://codecov.io') {

I suggested the generic version to avoid having to customize this for every service. Perhaps you can contact codecov to fix their link if you want a better one.

but show a popover with output.summary and details_url? (I prefer this)

Not a bad idea, we could add a second link or icon pointing to details_url next to the native link. It would make it less seamless, but it wouldn't have a chance of breaking like this (which happened before for a similar reason)

It's a required insertion by Github

I get that, but doesn't your GitHub App exist on its own domain as well? Or do you only show this data on GitHub Checks?

posted by fregante about 4 years ago

It's a required insertion by Github

I get that, but doesn't your GitHub App exist on its own domain as well? Or do you only show this data on GitHub Checks?

Yep, my application uses GitHub Checks specifically so it can avoid the (added) complexity of a web interface.

posted by jaredallard about 4 years ago

I observed the same issue with Mergeable: https://github.com/mergeability/mergeable/issues/520

posted by laughedelic about 4 years ago

we could add a second link or icon pointing to details_url next to the native link

We could do this. It would solve the issue for everyone, we only need to figure out how/where/what icon to show for this new link.

posted by fregante about 4 years ago

I feel like an allowlist (e.g. only bypass known ones) will be a better solution.

posted by kidonng over 3 years ago

Let's do that. Searching for "bypass-checks" in this repo might surface some of those "known ones"

posted by fregante over 3 years ago

Fund this Issue

$0.00
Funded
Only logged in users can fund an issue

Pull requests

Company
AboutMission
Community
SpectrumEmbed
Support
FAQTerms of usePrivacy policyCode of conductCredits
Connect
FacebookTwitter

© 2019 BoostIO, Inc.