search

nextauthjs / next-auth

Authentication for the Web.
https://authjs.dev
ISC License
23.24k stars 3.18k forks source link

Unclear what GitHub bot considers to be a valid reproduction #11181

Closed benmccann closed 3 weeks ago

benmccann commented 4 weeks ago

What is the improvement or update you wish to see?

A clearer explanation of what a valid reproduction URL is

Is there any context that might help us understand?

My perfectly cromulent issue was closed. I tried again and it was closed again https://github.com/nextauthjs/next-auth/issues/11179 https://github.com/nextauthjs/next-auth/issues/11180

Does the docs page already exist? Please link to it.

No response

balazsorban44 commented 3 weeks ago

The GitHub bot works correctly.

A valid reproduction is explained in the bug template: https://github.com/nextauthjs/next-auth/blob/c8600257a49e6808104fe4fffae142c18656ad77/.github/ISSUE_TEMPLATE/1_bug_framework.yml?plain=1#L44

We are open to tweak the comment to be more helpful however. You can suggest an improvement via a PR to this file: https://github.com/nextauthjs/next-auth/blob/main/.github/invalid-reproduction.md or the bug template above.

Please refrain from swearing, this goes against our Code of Conduct. This is a warning.

To answer those issues, currently preact is an expected dependency, as it is used for default page rendering, no matter the framework integration.

More specifically, it is the core library (which all framework integrations depend on) that uses it for rendering. See:

https://github.com/nextauthjs/next-auth/blob/c8600257a49e6808104fe4fffae142c18656ad77/packages/core/package.json#L70

and

https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/lib/pages/index.ts

benmccann commented 3 weeks ago

Thanks. I saw the description for that field, but I don't understand what check is being run on the URL there to determine if the issue should be automatically closed.

benmccann commented 3 weeks ago

After digging through the source of the bot I found that it rejects all URLs that are not github.com: https://github.com/balazsorban44/nissuer/blob/62b543dc5c52218175b7f302461a1640f4cf19ae/index.js#L49

The bot is then configured in this project to also block github.com/nextauthjs.*

Looking through recently filed issues, it seems the bot is closing the majority of filed issues. The majority of those don't have what I would consider to be valid reproductions, but there are a number of false positives. The bot can also be configured to use a comment or label, which might be a softer approach, but updating the documentation to clarify how "valid" is defined would probably be sufficient

balazsorban44 commented 3 weeks ago

Appreciate your PR!

benmccann commented 3 weeks ago

No problem! Thanks for the details and apologies for not expressing my frustration more tactfully