Skip to content

fix: handle rate limits, empty repos, and truncated trees#28

Merged
packet-mover merged 1 commit intomainfrom
fix/resilient-scanning
Apr 12, 2026
Merged

fix: handle rate limits, empty repos, and truncated trees#28
packet-mover merged 1 commit intomainfrom
fix/resilient-scanning

Conversation

@packet-mover
Copy link
Copy Markdown
Contributor

@packet-mover packet-mover commented Apr 12, 2026

Summary

  • Added isRateLimitError() helper that checks for *github.RateLimitError and *github.AbuseRateLimitError, called in all 5 client methods to prevent rate limit 403s from being silently swallowed as "no protection"
  • GetTree now returns ErrEmptyRepo on 409 (empty repo) and ErrTruncatedTree when GitHub sets truncated: true
  • Scan catches per-repo errors and marks repos as skipped instead of aborting the entire scan. Rate limit errors still abort.
  • Report now has a three-way split: compliant, non-compliant, and skipped. Skipped repos are excluded from compliance stats and shown in a separate section.
  • Mock client gained TreeErrs map for per-repo tree errors in tests

Fixes three known bugs where the scanner either crashed or silently produced wrong results due to rate limits, empty repos, and truncated trees.

Test plan

  • go test ./... - all 72 tests pass
  • Live run against CodatusHQ org - scanned 2 repos, 1 skipped (private app repo), report posted
  • New httptest tests: empty repo 409, truncated tree, rate limit on all 5 endpoints
  • New scanner tests: skip empty repo, skip truncated tree, abort on rate limit
  • New report tests: report with skipped repos, report with only skipped repos

@packet-mover
fix: handle rate limits, empty repos, and truncated trees
dc63dee 
- Add isRateLimitError() helper checked in all GitHub client methods
  to prevent rate limit 403s from being silently swallowed
- Return ErrEmptyRepo on 409 (empty repo) and ErrTruncatedTree when
  GitHub truncates the tree response
- Skip affected repos instead of aborting the entire scan
- Add skipped repos section to the compliance report
- Skipped repos excluded from compliance stats

Fixes three known bugs: rate limit errors masquerading as "no
protection," empty repos crashing the scan, and truncated trees
producing silent false negatives.
@packet-mover packet-mover merged commit cc58682 into main Apr 12, 2026
2 checks passed
@packet-mover packet-mover deleted the fix/resilient-scanning branch April 12, 2026 09:20
@packet-mover packet-mover mentioned this pull request Apr 12, 2026
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@packet-mover