fix: Add minLength validation to prevent empty tokens in schema

zuharz · zuharz · commit 832cd96e7ae1 · 2025-07-23T09:37:23.000+02:00
- Added minLength: 1 constraint to Token schema definition in shared.json
- Prevents empty string tokens that would cause runtime HTTP errors
- Regenerated all schema documentation files (.mdx) and TypeScript definitions
- Ensures consistent validation across all connection types (GitHub, GitLab, Gitea, Bitbucket, Gerrit)

This addresses CodeRabbit bot's review comment about preventing zero-length tokens
at the schema level rather than failing at runtime during HTTP requests.
diff --git a/docs/snippets/schemas/v3/bitbucket.schema.mdx b/docs/snippets/schemas/v3/bitbucket.schema.mdx
@@ -23,7 +23,8 @@
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/docs/snippets/schemas/v3/connection.schema.mdx b/docs/snippets/schemas/v3/connection.schema.mdx
@@ -23,7 +23,8 @@
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -240,7 +241,8 @@
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -446,7 +448,8 @@
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -633,7 +636,8 @@
               "anyOf": [
                 {
                   "type": "string",
-                  "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                  "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                  "minLength": 1
                 },
                 {
                   "type": "object",
@@ -742,7 +746,8 @@
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
diff --git a/docs/snippets/schemas/v3/gerrit.schema.mdx b/docs/snippets/schemas/v3/gerrit.schema.mdx
@@ -42,7 +42,8 @@
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
diff --git a/docs/snippets/schemas/v3/gitea.schema.mdx b/docs/snippets/schemas/v3/gitea.schema.mdx
@@ -19,7 +19,8 @@
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/docs/snippets/schemas/v3/github.schema.mdx b/docs/snippets/schemas/v3/github.schema.mdx
@@ -19,7 +19,8 @@
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/docs/snippets/schemas/v3/gitlab.schema.mdx b/docs/snippets/schemas/v3/gitlab.schema.mdx
@@ -19,7 +19,8 @@
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/docs/snippets/schemas/v3/index.schema.mdx b/docs/snippets/schemas/v3/index.schema.mdx
@@ -264,7 +264,8 @@
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -481,7 +482,8 @@
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -687,7 +689,8 @@
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -874,7 +877,8 @@
                       "anyOf": [
                         {
                           "type": "string",
-                          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                          "minLength": 1
                         },
                         {
                           "type": "object",
@@ -983,7 +987,8 @@
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
diff --git a/docs/snippets/schemas/v3/shared.schema.mdx b/docs/snippets/schemas/v3/shared.schema.mdx
@@ -8,7 +8,8 @@
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/packages/schemas/src/v3/bitbucket.schema.ts b/packages/schemas/src/v3/bitbucket.schema.ts
@@ -22,7 +22,8 @@ const schema = {
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/packages/schemas/src/v3/connection.schema.ts b/packages/schemas/src/v3/connection.schema.ts
@@ -22,7 +22,8 @@ const schema = {
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -239,7 +240,8 @@ const schema = {
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -445,7 +447,8 @@ const schema = {
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -632,7 +635,8 @@ const schema = {
               "anyOf": [
                 {
                   "type": "string",
-                  "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                  "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                  "minLength": 1
                 },
                 {
                   "type": "object",
@@ -741,7 +745,8 @@ const schema = {
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
diff --git a/packages/schemas/src/v3/gerrit.schema.ts b/packages/schemas/src/v3/gerrit.schema.ts
@@ -41,7 +41,8 @@ const schema = {
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
diff --git a/packages/schemas/src/v3/gitea.schema.ts b/packages/schemas/src/v3/gitea.schema.ts
@@ -18,7 +18,8 @@ const schema = {
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/packages/schemas/src/v3/github.schema.ts b/packages/schemas/src/v3/github.schema.ts
@@ -18,7 +18,8 @@ const schema = {
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/packages/schemas/src/v3/gitlab.schema.ts b/packages/schemas/src/v3/gitlab.schema.ts
@@ -18,7 +18,8 @@ const schema = {
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/packages/schemas/src/v3/index.schema.ts b/packages/schemas/src/v3/index.schema.ts
@@ -263,7 +263,8 @@ const schema = {
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -480,7 +481,8 @@ const schema = {
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -686,7 +688,8 @@ const schema = {
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -873,7 +876,8 @@ const schema = {
                       "anyOf": [
                         {
                           "type": "string",
-                          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                          "minLength": 1
                         },
                         {
                           "type": "object",
@@ -982,7 +986,8 @@ const schema = {
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
diff --git a/packages/schemas/src/v3/shared.schema.ts b/packages/schemas/src/v3/shared.schema.ts
@@ -7,7 +7,8 @@ const schema = {
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/schemas/v3/shared.json b/schemas/v3/shared.json
@@ -6,7 +6,8 @@
             "anyOf": [
                 {
                     "type": "string",
-                    "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                    "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                    "minLength": 1
                 },
                 {
                     "type": "object",

Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,8 @@`
`23`	`23`	`"anyOf": [`
`24`	`24`	`{`
`25`	`25`	`"type": "string",`
`26`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`26`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`27`	`+ "minLength": 1`
`27`	`28`	`},`
`28`	`29`	`{`
`29`	`30`	`"type": "object",`
Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,8 @@`
`42`	`42`	`"anyOf": [`
`43`	`43`	`{`
`44`	`44`	`"type": "string",`
`45`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`45`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`46`	`+ "minLength": 1`
`46`	`47`	`},`
`47`	`48`	`{`
`48`	`49`	`"type": "object",`
Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,8 @@`
`19`	`19`	`"anyOf": [`
`20`	`20`	`{`
`21`	`21`	`"type": "string",`
`22`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`22`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`23`	`+ "minLength": 1`
`23`	`24`	`},`
`24`	`25`	`{`
`25`	`26`	`"type": "object",`
Original file line number	Diff line number	Diff line change
`@@ -264,7 +264,8 @@`
`264`	`264`	`"anyOf": [`
`265`	`265`	`{`
`266`	`266`	`"type": "string",`
`267`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`267`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`268`	`+ "minLength": 1`
`268`	`269`	`},`
`269`	`270`	`{`
`270`	`271`	`"type": "object",`
`@@ -481,7 +482,8 @@`
`481`	`482`	`"anyOf": [`
`482`	`483`	`{`
`483`	`484`	`"type": "string",`
`484`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`485`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`486`	`+ "minLength": 1`
`485`	`487`	`},`
`486`	`488`	`{`
`487`	`489`	`"type": "object",`
`@@ -687,7 +689,8 @@`
`687`	`689`	`"anyOf": [`
`688`	`690`	`{`
`689`	`691`	`"type": "string",`
`690`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`692`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`693`	`+ "minLength": 1`
`691`	`694`	`},`
`692`	`695`	`{`
`693`	`696`	`"type": "object",`
`@@ -874,7 +877,8 @@`
`874`	`877`	`"anyOf": [`
`875`	`878`	`{`
`876`	`879`	`"type": "string",`
`877`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`880`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`881`	`+ "minLength": 1`
`878`	`882`	`},`
`879`	`883`	`{`
`880`	`884`	`"type": "object",`
`@@ -983,7 +987,8 @@`
`983`	`987`	`"anyOf": [`
`984`	`988`	`{`
`985`	`989`	`"type": "string",`
`986`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`990`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`991`	`+ "minLength": 1`
`987`	`992`	`},`
`988`	`993`	`{`
`989`	`994`	`"type": "object",`
Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,8 @@`
`8`	`8`	`"anyOf": [`
`9`	`9`	`{`
`10`	`10`	`"type": "string",`
`11`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`11`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`12`	`+ "minLength": 1`
`12`	`13`	`},`
`13`	`14`	`{`
`14`	`15`	`"type": "object",`
Original file line number	Diff line number	Diff line change
`@@ -22,7 +22,8 @@ const schema = {`
`22`	`22`	`"anyOf": [`
`23`	`23`	`{`
`24`	`24`	`"type": "string",`
`25`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`25`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`26`	`+ "minLength": 1`
`26`	`27`	`},`
`27`	`28`	`{`
`28`	`29`	`"type": "object",`