Conversation
chrismaz11
added
the
codex
ChatGPT Codex Connector
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: fbbd279e99
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
src/config/env.ts
Outdated
| ...parsed, | ||
| GITHUB_PRIVATE_KEY: normalizedKey, | ||
| GITHUB_PRIVATE_KEY_PEM: normalizedKey, | ||
| INTERNAL_API_KEY: internalApiKeys[0], |
There was a problem hiding this comment.
Assigning INTERNAL_API_KEY to only internalApiKeys[0] means the rotated keys parsed from INTERNAL_API_KEYS are dropped for downstream consumers that still read the legacy field. In current wiring, createGitHubRouter calls createInternalApiKeyMiddleware(env.INTERNAL_API_KEY), so requests using any non-first rotated key are rejected even though startup accepted them, breaking the advertised key-rotation path in production.
Useful? React with 👍 / 👎.
chrismaz11
deleted the
cm2026-03-1622-41-49verify-trust-signal-system-functionality
branch
1 participant
Motivation
INTERNAL_API_KEYwhile enabling safer production operations.Description
INTERNAL_API_KEYSto the environment schema and implementparseInternalApiKeysto normalize, deduplicate, and validate a merged list fromINTERNAL_API_KEYandINTERNAL_API_KEYS.AppEnvwithINTERNAL_API_KEY(first key) andINTERNAL_API_KEYS(string array) after parsing inparseEnv(src/config/env.ts).src/routes/github.ts).INTERNAL_API_KEYSin.env.exampleandREADME.md.Testing
npm run test(Vitest), all tests passed (52 passed).npm run validate(runslint,typecheck,test, andbuild), which completed successfully.Codex Task