Skip to content

feat(github): allow release-asset writes for image attachments#829

Draft
sentry-junior[bot] wants to merge 2 commits into
mainfrom
feat/github-release-image-attachments
Draft

feat(github): allow release-asset writes for image attachments#829
sentry-junior[bot] wants to merge 2 commits into
mainfrom
feat/github-release-image-attachments

Conversation

@sentry-junior

@sentry-junior sentry-junior Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Adds a scoped installation write grant for GitHub Releases so github-issues and github-code can embed images inline (screenshots, diagrams from a Slack thread) via a shared, append-only _attachments release instead of ephemeral Slack file links.

Technique (source: https://gist.github.com/CatalanCabbage/649aae8f9a7b813776b22340b0f07d05): upload the image as a release asset, then reference the stable github.com/.../releases/download/... URL as ![]() markdown — GitHub serves release assets directly, no camo proxy, no third-party host.

What changed:

  • packages/junior-github/src/index.ts: new github.releases-write grant reason, scoped by the target repo's lease scope (same model as issues/PRs). Only release create (POST /repos/{owner}/{repo}/releases) and release-asset upload (POST uploads.github.com/repos/{owner}/{repo}/releases/{id}/assets, numeric release id) are allowed. Release edit/delete and asset delete/overwrite are intentionally left denied by the default fallthrough — the workflow is append-only by policy, not just convention. uploads.github.com added to the plugin's egress domain list and credential header-transform list (Bearer auth, same as api.github.com).
  • Reference doc added to both github-issues and github-code skills (not pr-writer, per scope) with the procedure and rules (unique filenames, no --clobber, never delete the shared release, match host repo visibility to audience, never pass files directly to gh release create since that also publishes via a denied PATCH).
  • SETUP.md note on the new allowlisted scope.

Verified:

  • pnpm test (vitest): 74/74 passing, including new cases for release-create grant, asset-upload grant (via uploads.github.com), denial of non-numeric release ids, denial of release/asset edit/delete, denial of a spoofed non-uploads host, and cross-repo lease-scope isolation (an upload URL for repo B does not inherit repo A's scope).
  • pnpm run lint (oxlint --deny-warnings): clean.
  • pnpm run typecheck (tsc --noEmit): clean.

Known limitations documented in the skill doc: gh release create must not be passed files directly (that path additionally PATCHes to publish, which stays denied) — create the release first, then upload separately. --clobber / asset overwrite is not supported.

Refs #101

Requested by immutable dcramer via Junior.

--

View Junior Session in Sentry

Adds a scoped installation write grant for GitHub Releases (release create
and release-asset upload only; release/asset edit, delete, and asset
overwrite stay denied by the default fallthrough) so the github-issues and
github-code skills can embed images inline via a shared, append-only
_attachments release instead of ephemeral Slack file links.

Refs #101

Co-Authored-By: immutable dcramer <david@sentry.io>
@vercel

vercel Bot commented Jul 10, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
junior-docs Ready Ready Preview, Comment Jul 10, 2026 6:56pm

Request Review

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants