Skip to content

fix: retry attestation verification on transient GitHub API errors#2687

Draft
brynary wants to merge 1 commit intomainfrom
verify-retry
Draft

fix: retry attestation verification on transient GitHub API errors#2687
brynary wants to merge 1 commit intomainfrom
verify-retry

Conversation

@brynary
Copy link
Copy Markdown
Member

@brynary brynary commented Feb 10, 2026

Summary

  • gh attestation verify during qlty upgrade occasionally fails due to transient HTTP 5xx from GitHub's attestation API
  • Adds retry loop (up to 3 attempts) with linear backoff when stderr/stdout contains HTTP 5 or connection reset
  • Non-transient failures (bad attestation, auth errors) still fail immediately

Test plan

  • Verify cargo check passes
  • Verify cargo test passes
  • Manually test qlty upgrade --verify-attestations succeeds on a valid release

🤖 Generated with Claude Code

@brynary @claude
fix: retry attestation verification on transient GitHub API errors
0cf141e 
GitHub's attestation API occasionally returns HTTP 5xx errors, causing
`gh attestation verify` to fail and block CLI upgrades. Retry up to 3
times with backoff when the output indicates a transient server error.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@qltysh
Copy link
Copy Markdown
Contributor

qltysh bot commented Feb 10, 2026

Qlty

Coverage Impact - ubuntu-latest

⬇️ Merging this pull request will decrease total coverage on main by 0.03%.

Modified Files with Diff Coverage (1)

RatingFile% DiffUncovered Line #s
Coverage rating: F Coverage rating: F
qlty-cli/src/attestation.rs0.0%19-73
Total0.0%
🤖 Increase coverage with AI coding...

In the `verify-retry` branch, add test coverage for this new code:

- `qlty-cli/src/attestation.rs` -- Line 19-73

🚦 See full report on Qlty Cloud »

🛟 Help

  • Diff Coverage: Coverage for added or modified lines of code (excludes deleted files). Learn more.

  • Total Coverage: Coverage for the whole repository, calculated as the sum of all File Coverage. Learn more.

  • File Coverage: Covered Lines divided by Covered Lines plus Missed Lines. (Excludes non-executable lines including blank lines and comments.)

    • Indirect Changes: Changes to File Coverage for files that were not modified in this PR. Learn more.

@qltysh
Copy link
Copy Markdown
Contributor

qltysh bot commented Feb 10, 2026

Qlty

Coverage Impact - macos-15

⬇️ Merging this pull request will decrease total coverage on main by 0.03%.

Modified Files with Diff Coverage (1)

RatingFile% DiffUncovered Line #s
Coverage rating: F Coverage rating: F
qlty-cli/src/attestation.rs0.0%19-73
Total0.0%
🤖 Increase coverage with AI coding...

In the `verify-retry` branch, add test coverage for this new code:

- `qlty-cli/src/attestation.rs` -- Line 19-73

🚦 See full report on Qlty Cloud »

🛟 Help

  • Diff Coverage: Coverage for added or modified lines of code (excludes deleted files). Learn more.

  • Total Coverage: Coverage for the whole repository, calculated as the sum of all File Coverage. Learn more.

  • File Coverage: Covered Lines divided by Covered Lines plus Missed Lines. (Excludes non-executable lines including blank lines and comments.)

    • Indirect Changes: Changes to File Coverage for files that were not modified in this PR. Learn more.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@brynary