[Bug] Infinite loop risk in GitLab contributions fetch when x-next-page header is malformed

[akhilmodi29]

Bug Description

The fetchGitLabContributions() function in the contributions API route
has no page limit cap. If GitLab returns a malformed x-next-page header
or the same page number repeatedly (due to a proxy or GitLab bug), the
while loop runs forever — hanging the server request indefinitely.

Steps to Reproduce

1. Connect a GitLab account
2. Simulate a malformed x-next-page response header from GitLab
3. Hit /api/metrics/contributions
4. Observe: request hangs indefinitely, never resolves

Expected Behavior

The fetch should stop after a reasonable number of pages and return
whatever data was collected so far — exactly like the GitHub fetch
already does with its while (page <= 10) cap.

Root Cause

In fetchGitLabContributions() inside
src/app/api/metrics/contributions/route.ts, the while loop condition
is only while (page > 0) with no upper bound. The GitHub fetch in
the same file correctly uses while (page <= 10) as a safety cap —
the GitLab fetch is missing this protection.

Fix

Add a MAX_PAGES = 10 constant and update the loop condition:

const MAX_PAGES = 10;
while (page > 0 && page <= MAX_PAGES) {

File Affected

src/app/api/metrics/contributions/route.ts — fetchGitLabContributions()

[akhilmodi29]

can i be assigned to this issue ?

[mittalsonal]

I’d like to work on this issue under GSSoC 2026. I’m going to add the same kind of page-cap safety guard that the GitHub contributions fetch already uses, so a malformed GitLab x-next-page header can’t hang the request indefinitely.

[mittalsonal]

Implemented this in PR #1326.

What changed:

• added a MAX_PAGES = 10 safety cap in fetchGitLabContributions()
• bounded the GitLab pagination loop so malformed or repeated x-next-page values cannot keep the request alive indefinitely
• kept the fix scoped to the GitLab contributions fetch path only

Verification:

• git diff --check

[github-actions]

✅ Closed as completed!

If DevTrack has been useful, a ⭐ star on the repo helps the project grow and reach more developers.

[akhilmodi29]

@Priyanshu-byte-coder Hi, I noticed the other PR was merged. I had started work earlier and wanted to understand if there was anything specific missing or different in my implementation so I can improve future contributions. Thanks!