Summary
fetch_github_teams() currently returns an empty list on GitHub API/network failures, and sync_user_github_teams() treats that as authoritative state. This can remove users from all github-team groups during transient outages.
Why this matters
A temporary API error (rate limit, network hiccup, timeout) can accidentally revoke group-based resource access for users.
Current behavior
fetch_github_teams() logs warning and returns [] on failure.sync_user_github_teams() removes memberships not in the incoming team list.
Expected behavior
Transient failures should not be interpreted as "user belongs to zero teams".
Proposed fix
- Make fetch return an explicit failure signal (e.g.
None/Result type) instead of [].
- Skip removal sync when team-fetch status is unknown/failed.
- Add tests for failure-path semantics to prevent regressions.
Acceptance criteria
- No github-team membership removals happen when team fetch fails.
- Existing successful sync behavior remains unchanged.
- Unit tests cover success and failure paths.
Summary
fetch_github_teams()currently returns an empty list on GitHub API/network failures, andsync_user_github_teams()treats that as authoritative state. This can remove users from allgithub-teamgroups during transient outages.Why this matters
A temporary API error (rate limit, network hiccup, timeout) can accidentally revoke group-based resource access for users.
Current behavior
fetch_github_teams()logs warning and returns[]on failure.sync_user_github_teams()removes memberships not in the incoming team list.Expected behavior
Transient failures should not be interpreted as "user belongs to zero teams".
Proposed fix
None/Result type) instead of[].Acceptance criteria