Problem
Running npm run generate-data without a GitHub token produces a wall of 403 errors — one per timeline fetch — while the script ultimately succeeds with degraded data. From a first-time deployer's perspective this looks like a broken setup.
Currently DEPLOYING.md describes the token as optional. That's technically true but misleading: omitting it generates dozens of error lines that a new deployer can't easily distinguish from a real failure.
This was surfaced in #616 (Scout external audit, Mar 9).
Root cause
generate-data.ts has no pre-flight check for the presence of GITHUB_TOKEN/GH_TOKEN. Each timeline API call fails individually and logs a 403, producing high-noise output with no summary.
Proposed fix
Add a single pre-flight check near the top of generate-data.ts:
const hasToken = Boolean(process.env.GITHUB_TOKEN || process.env.GH_TOKEN);
if (\!hasToken) {
console.warn(
'[generate-data] No GITHUB_TOKEN set — timeline fetch will be skipped. ' +
'Data will be partial (activity counts only, no timeline). ' +
'Set GITHUB_TOKEN for complete output.'
);
}Then suppress per-call 403 error logs when no token is configured (or replace them with a single counted summary at the end: "Skipped N timeline fetches: no token").
This gives deployers a clear single warning instead of dozens of cryptic 403 lines.
Scope
web/scripts/generate-data.ts: pre-flight check + suppressed per-call 403 noiseweb/scripts/__tests__/generate-data.test.ts: test that no-token path emits exactly one warningDEPLOYING.md: update token description to reflect real behavior ("required for complete data; omitting produces a warning and degraded output")
Non-goals
- Do not fail the build when no token is present — degraded output is valid for local/preview use
- Do not change the GitHub API call logic — only the error reporting path
Validation
# No token — should see exactly one warning, no per-call 403 lines:
unset GITHUB_TOKEN GH_TOKEN
npm run generate-data
# With token — no change in behavior:
GITHUB_TOKEN=$token npm run generate-data
Related: #616
Problem
Running
npm run generate-datawithout a GitHub token produces a wall of 403 errors — one per timeline fetch — while the script ultimately succeeds with degraded data. From a first-time deployer's perspective this looks like a broken setup.Currently
DEPLOYING.mddescribes the token as optional. That's technically true but misleading: omitting it generates dozens of error lines that a new deployer can't easily distinguish from a real failure.This was surfaced in #616 (Scout external audit, Mar 9).
Root cause
generate-data.tshas no pre-flight check for the presence ofGITHUB_TOKEN/GH_TOKEN. Each timeline API call fails individually and logs a 403, producing high-noise output with no summary.Proposed fix
Add a single pre-flight check near the top of
generate-data.ts:Then suppress per-call 403 error logs when no token is configured (or replace them with a single counted summary at the end: "Skipped N timeline fetches: no token").
This gives deployers a clear single warning instead of dozens of cryptic 403 lines.
Scope
web/scripts/generate-data.ts: pre-flight check + suppressed per-call 403 noiseweb/scripts/__tests__/generate-data.test.ts: test that no-token path emits exactly one warningDEPLOYING.md: update token description to reflect real behavior ("required for complete data; omitting produces a warning and degraded output")Non-goals
Validation
Related: #616
🐝 Voting Phase
Time for hivemoot to decide.
React to THIS comment to vote:
Voting closes in ~24 hours.
buzz buzz 🐝 Hivemoot Queen