fix: Add minLength validation to prevent empty tokens in schema

zuharz · zuharz · commit fde61ef2ea58 · 2025-09-18T08:56:02.000+02:00
- Added minLength: 1 constraint to Token schema definition in shared.json
- Prevents empty string tokens that would cause runtime HTTP errors
- Regenerated all schema documentation files (.mdx) and TypeScript definitions
- Ensures consistent validation across all connection types (GitHub, GitLab, Gitea, Bitbucket, Gerrit)

This addresses CodeRabbit bot's review comment about preventing zero-length tokens
at the schema level rather than failing at runtime during HTTP requests.
diff --git a/docs/snippets/schemas/v3/bitbucket.schema.mdx b/docs/snippets/schemas/v3/bitbucket.schema.mdx
@@ -23,7 +23,8 @@
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/docs/snippets/schemas/v3/connection.schema.mdx b/docs/snippets/schemas/v3/connection.schema.mdx
@@ -23,7 +23,8 @@
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -240,7 +241,8 @@
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -451,7 +453,8 @@
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -638,7 +641,8 @@
               "anyOf": [
                 {
                   "type": "string",
-                  "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                  "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                  "minLength": 1
                 },
                 {
                   "type": "object",
@@ -788,7 +792,8 @@
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
diff --git a/docs/snippets/schemas/v3/gerrit.schema.mdx b/docs/snippets/schemas/v3/gerrit.schema.mdx
@@ -42,7 +42,8 @@
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
diff --git a/docs/snippets/schemas/v3/gitea.schema.mdx b/docs/snippets/schemas/v3/gitea.schema.mdx
@@ -19,7 +19,8 @@
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/docs/snippets/schemas/v3/github.schema.mdx b/docs/snippets/schemas/v3/github.schema.mdx
@@ -19,7 +19,8 @@
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/docs/snippets/schemas/v3/gitlab.schema.mdx b/docs/snippets/schemas/v3/gitlab.schema.mdx
@@ -19,7 +19,8 @@
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/docs/snippets/schemas/v3/index.schema.mdx b/docs/snippets/schemas/v3/index.schema.mdx
@@ -286,7 +286,8 @@
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -503,7 +504,8 @@
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -714,7 +716,8 @@
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -901,7 +904,8 @@
                       "anyOf": [
                         {
                           "type": "string",
-                          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                          "minLength": 1
                         },
                         {
                           "type": "object",
@@ -1051,7 +1055,8 @@
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
diff --git a/docs/snippets/schemas/v3/shared.schema.mdx b/docs/snippets/schemas/v3/shared.schema.mdx
@@ -8,7 +8,8 @@
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/packages/schemas/src/v3/bitbucket.schema.ts b/packages/schemas/src/v3/bitbucket.schema.ts
@@ -22,7 +22,8 @@ const schema = {
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/packages/schemas/src/v3/connection.schema.ts b/packages/schemas/src/v3/connection.schema.ts
@@ -22,7 +22,8 @@ const schema = {
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -239,7 +240,8 @@ const schema = {
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -450,7 +452,8 @@ const schema = {
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
@@ -637,7 +640,8 @@ const schema = {
               "anyOf": [
                 {
                   "type": "string",
-                  "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                  "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                  "minLength": 1
                 },
                 {
                   "type": "object",
@@ -787,7 +791,8 @@ const schema = {
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
diff --git a/packages/schemas/src/v3/gerrit.schema.ts b/packages/schemas/src/v3/gerrit.schema.ts
@@ -41,7 +41,8 @@ const schema = {
           "anyOf": [
             {
               "type": "string",
-              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+              "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+              "minLength": 1
             },
             {
               "type": "object",
diff --git a/packages/schemas/src/v3/gitea.schema.ts b/packages/schemas/src/v3/gitea.schema.ts
@@ -18,7 +18,8 @@ const schema = {
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/packages/schemas/src/v3/github.schema.ts b/packages/schemas/src/v3/github.schema.ts
@@ -18,7 +18,8 @@ const schema = {
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/packages/schemas/src/v3/gitlab.schema.ts b/packages/schemas/src/v3/gitlab.schema.ts
@@ -18,7 +18,8 @@ const schema = {
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/packages/schemas/src/v3/index.schema.ts b/packages/schemas/src/v3/index.schema.ts
@@ -285,7 +285,8 @@ const schema = {
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -502,7 +503,8 @@ const schema = {
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -713,7 +715,8 @@ const schema = {
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
@@ -900,7 +903,8 @@ const schema = {
                       "anyOf": [
                         {
                           "type": "string",
-                          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                          "minLength": 1
                         },
                         {
                           "type": "object",
@@ -1050,7 +1054,8 @@ const schema = {
                   "anyOf": [
                     {
                       "type": "string",
-                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                      "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                      "minLength": 1
                     },
                     {
                       "type": "object",
diff --git a/packages/schemas/src/v3/shared.schema.ts b/packages/schemas/src/v3/shared.schema.ts
@@ -7,7 +7,8 @@ const schema = {
       "anyOf": [
         {
           "type": "string",
-          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+          "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+          "minLength": 1
         },
         {
           "type": "object",
diff --git a/schemas/v3/shared.json b/schemas/v3/shared.json
@@ -6,7 +6,8 @@
             "anyOf": [
                 {
                     "type": "string",
-                    "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"
+                    "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",
+                    "minLength": 1
                 },
                 {
                     "type": "object",

Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,8 @@`
`23`	`23`	`"anyOf": [`
`24`	`24`	`{`
`25`	`25`	`"type": "string",`
`26`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`26`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`27`	`+ "minLength": 1`
`27`	`28`	`},`
`28`	`29`	`{`
`29`	`30`	`"type": "object",`
Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,8 @@`
`42`	`42`	`"anyOf": [`
`43`	`43`	`{`
`44`	`44`	`"type": "string",`
`45`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`45`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`46`	`+ "minLength": 1`
`46`	`47`	`},`
`47`	`48`	`{`
`48`	`49`	`"type": "object",`
Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,8 @@`
`19`	`19`	`"anyOf": [`
`20`	`20`	`{`
`21`	`21`	`"type": "string",`
`22`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`22`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`23`	`+ "minLength": 1`
`23`	`24`	`},`
`24`	`25`	`{`
`25`	`26`	`"type": "object",`
Original file line number	Diff line number	Diff line change
`@@ -286,7 +286,8 @@`
`286`	`286`	`"anyOf": [`
`287`	`287`	`{`
`288`	`288`	`"type": "string",`
`289`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`289`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`290`	`+ "minLength": 1`
`290`	`291`	`},`
`291`	`292`	`{`
`292`	`293`	`"type": "object",`
`@@ -503,7 +504,8 @@`
`503`	`504`	`"anyOf": [`
`504`	`505`	`{`
`505`	`506`	`"type": "string",`
`506`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`507`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`508`	`+ "minLength": 1`
`507`	`509`	`},`
`508`	`510`	`{`
`509`	`511`	`"type": "object",`
`@@ -714,7 +716,8 @@`
`714`	`716`	`"anyOf": [`
`715`	`717`	`{`
`716`	`718`	`"type": "string",`
`717`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`719`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`720`	`+ "minLength": 1`
`718`	`721`	`},`
`719`	`722`	`{`
`720`	`723`	`"type": "object",`
`@@ -901,7 +904,8 @@`
`901`	`904`	`"anyOf": [`
`902`	`905`	`{`
`903`	`906`	`"type": "string",`
`904`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`907`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`908`	`+ "minLength": 1`
`905`	`909`	`},`
`906`	`910`	`{`
`907`	`911`	`"type": "object",`
`@@ -1051,7 +1055,8 @@`
`1051`	`1055`	`"anyOf": [`
`1052`	`1056`	`{`
`1053`	`1057`	`"type": "string",`
`1054`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`1058`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`1059`	`+ "minLength": 1`
`1055`	`1060`	`},`
`1056`	`1061`	`{`
`1057`	`1062`	`"type": "object",`
Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,8 @@`
`8`	`8`	`"anyOf": [`
`9`	`9`	`{`
`10`	`10`	`"type": "string",`
`11`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`11`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`12`	`+ "minLength": 1`
`12`	`13`	`},`
`13`	`14`	`{`
`14`	`15`	`"type": "object",`
Original file line number	Diff line number	Diff line change
`@@ -22,7 +22,8 @@ const schema = {`
`22`	`22`	`"anyOf": [`
`23`	`23`	`{`
`24`	`24`	`"type": "string",`
`25`		`- "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)"`
	`25`	`+ "description": "Direct token value (SECURITY RISK: not recommended for production - use secrets or environment variables instead)",`
	`26`	`+ "minLength": 1`
`26`	`27`	`},`
`27`	`28`	`{`
`28`	`29`	`"type": "object",`