Skip to content

fix(GitHub Integration): Fix JWT generation for GitHub API calls#6983

Merged
emyller merged 2 commits intomainfrom
fix/github-jwt-encoding
Mar 18, 2026
Merged

fix(GitHub Integration): Fix JWT generation for GitHub API calls#6983
emyller merged 2 commits intomainfrom
fix/github-jwt-encoding

Conversation

@emyller
Copy link
Copy Markdown
Contributor

@emyller emyller commented Mar 18, 2026
edited
Loading

  • I have read the Contributing Guide.
  • I have added information to docs/ if required so people know about the feature.
  • I have filled in the "Changes" section below.
  • I have filled in the "How did you test this code" section below.

Changes

Closes #6979

All GitHub integration API calls fail with TypeError: Issuer (iss) must be a string. (FLAGSMITH-API-5K9).

Our GITHUB_APP_ID setting is an integer. PyGithub 2.1.1 passes it directly to the JWT iss claim, which worked until #6950 bumped PyJWT to 2.12.0 — a version that validates iss as a string per RFC 7519.

PyGithub already fixed this in v2.7.0 by converting app_id to string internally. This PR upgrades PyGithub to ~2.8 and adds an explicit str() call in our code as a safeguard.

How did you test this code?

New unit tests exercising the full PyGithub + PyJWT stack.

@emyller emyller requested a review from a team as a code owner March 18, 2026 20:42
@emyller emyller requested review from Zaimwa9 and removed request for a team March 18, 2026 20:42
claude[bot]
claude bot reviewed Mar 18, 2026
View reviewed changes
Copy link
Copy Markdown

@claude claude bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Code review skipped — your organization's overage spend limit has been reached.

Code review is billed via overage credits. To resume reviews, an organization admin can raise the monthly limit in Settings → Usage.

Once credits are available, reopen this pull request to trigger a review.

@vercel
Copy link
Copy Markdown

vercel bot commented Mar 18, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

3 Skipped Deployments
Project Deployment Actions Updated (UTC)
docs Ignored Ignored Preview Mar 18, 2026 8:50pm
flagsmith-frontend-preview Ignored Ignored Preview Mar 18, 2026 8:50pm
flagsmith-frontend-staging Ignored Ignored Preview Mar 18, 2026 8:50pm

Request Review

@github-actions github-actions bot added api Issue related to the REST API fix labels Mar 18, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 18, 2026
edited
Loading

Docker builds report

Image Build Status Security report
ghcr.io/flagsmith/flagsmith-e2e:pr-6983 Finished ✅ Skipped
ghcr.io/flagsmith/flagsmith-api-test:pr-6983 Finished ✅ Skipped
ghcr.io/flagsmith/flagsmith-frontend:pr-6983 Finished ✅ Results
ghcr.io/flagsmith/flagsmith:pr-6983 Finished ✅ Results
ghcr.io/flagsmith/flagsmith-private-cloud:pr-6983 Finished ✅ Results

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 18, 2026
edited
Loading

Playwright Test Results (oss - depot-ubuntu-latest-arm-16)

passed  10 passed

Details

stats  10 tests across 7 suites
duration  27.5 seconds
commit  a870a81
info  🔄 Run: #15362 (attempt 1)

Playwright Test Results (oss - depot-ubuntu-latest-16)

passed  10 passed

Details

stats  10 tests across 7 suites
duration  49.1 seconds
commit  a870a81
info  🔄 Run: #15362 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-arm-16)

passed  16 passed

Details

stats  16 tests across 13 suites
duration  55.6 seconds
commit  a870a81
info  🔄 Run: #15362 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-16)

passed  2 passed

Details

stats  2 tests across 2 suites
duration  1 minute, 4 seconds
commit  a870a81
info  🔄 Run: #15362 (attempt 1)

Playwright Test Results (oss - depot-ubuntu-latest-16)

passed  10 passed

Details

stats  10 tests across 7 suites
duration  49.7 seconds
commit  c695180
info  🔄 Run: #15363 (attempt 1)

Playwright Test Results (oss - depot-ubuntu-latest-arm-16)

passed  10 passed

Details

stats  10 tests across 7 suites
duration  46.7 seconds
commit  c695180
info  🔄 Run: #15363 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-16)

passed  16 passed

Details

stats  16 tests across 13 suites
duration  1 minute, 2 seconds
commit  c695180
info  🔄 Run: #15363 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-arm-16)

passed  16 passed

Details

stats  16 tests across 13 suites
duration  39.2 seconds
commit  c695180
info  🔄 Run: #15363 (attempt 1)

@codecov
Copy link
Copy Markdown

codecov bot commented Mar 18, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 98.31%. Comparing base (332df52) to head (c695180).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #6983   +/-   ##
=======================================
  Coverage   98.31%   98.31%           
=======================================
  Files        1334     1335    +1     
  Lines       49748    49782   +34     
=======================================
+ Hits        48911    48945   +34     
  Misses        837      837

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@github-actions github-actions bot added fix and removed fix labels Mar 18, 2026
@emyller emyller self-assigned this Mar 18, 2026
@emyller emyller merged commit faf3a66 into main Mar 18, 2026
32 checks passed
@emyller emyller deleted the fix/github-jwt-encoding branch March 18, 2026 20:57
@flagsmithdev flagsmithdev mentioned this pull request Mar 18, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@claude claude[bot] claude[bot] left review comments

@matthewelwell matthewelwell matthewelwell approved these changes

@Zaimwa9 Zaimwa9 Awaiting requested review from Zaimwa9 Zaimwa9 is a code owner automatically assigned from Flagsmith/flagsmith-back-end

Assignees

@emyller emyller

Labels

api Issue related to the REST API fix

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

GitHub integration unable to fetch issues

2 participants

@emyller @matthewelwell