fix(github): proxy discussions server-side

Keep discussions live in production without exposing a client token.\n\nRoute discussion reads through a server-side API endpoint, preserve\nlegacy env compatibility during migration, and document the required\nenvironment variables.

Author: Abhash-Chakraborty

.env.example

@@ -1,12 +1,11 @@
-# GitHub API Configuration (Optional)
-# To avoid rate limits, you can add a GitHub Personal Access Token
-# Create one at: https://github.com/settings/tokens
-# No special permissions needed for public repositories
+# GitHub API Configuration
+# Used by the server-side /api/github-discussions endpoint.
+# Prefer GITHUB_TOKEN for new setups. DOCUSAURUS_GIT_TOKEN is still supported as a legacy fallback.
+# Create a Classic PAT at: https://github.com/settings/tokens
+# Recommended scopes: public_repo, read:org, read:discussion
 GITHUB_TOKEN=your_github_token_here
 
-# GitHub token used by Docusaurus for dynamic features (discussions, stats, leaderboard)
-# This must be set for the discussions section to fetch live data from GitHub
-# Create a Classic PAT with read:discussion scope at https://github.com/settings/tokens
+# Legacy fallback for existing deployments. Optional if GITHUB_TOKEN is already set.
 DOCUSAURUS_GIT_TOKEN=your_github_token_here
 
 # Shopify Configuration (for Merch Store)

api/github-discussions.js

@@ -0,0 +1,163 @@
+const ORG_NAME = "recodehive";
+const DISCUSSIONS_REPO = "recode-website";
+const DEFAULT_LIMIT = 20;
+const UNAVAILABLE_MESSAGE =
+  "GitHub Discussions are available only when a server-side GITHUB_TOKEN or DOCUSAURUS_GIT_TOKEN is configured.";
+
+function getToken() {
+  return process.env.GITHUB_TOKEN?.trim() || process.env.DOCUSAURUS_GIT_TOKEN?.trim() || "";
+}
+
+function parseLimit(limitParam) {
+  const parsed = Number.parseInt(limitParam, 10);
+  if (!Number.isFinite(parsed) || parsed <= 0) {
+    return DEFAULT_LIMIT;
+  }
+
+  return Math.min(parsed, 50);
+}
+
+function mapDiscussion(discussion) {
+  return {
+    id: discussion.id,
+    title: discussion.title || "Untitled discussion",
+    body: discussion.body || "",
+    author: {
+      login: discussion.author?.login || "Unknown",
+      avatar_url: discussion.author?.avatarUrl || "",
+      html_url: discussion.author?.url || "",
+    },
+    category: {
+      name: discussion.category?.name || "General",
+      emoji: discussion.category?.emoji || "",
+    },
+    created_at: discussion.createdAt,
+    updated_at: discussion.updatedAt,
+    comments: discussion.comments?.totalCount || 0,
+    reactions: {
+      total_count: discussion.reactions?.totalCount || 0,
+    },
+    html_url: discussion.url,
+    labels:
+      discussion.labels?.nodes?.map((label) => ({
+        name: label.name,
+        color: label.color,
+      })) || [],
+  };
+}
+
+async function fetchGitHubDiscussions(token, limit) {
+  const query = `
+    query GetDiscussions($owner: String!, $name: String!, $first: Int!) {
+      repository(owner: $owner, name: $name) {
+        discussions(first: $first, orderBy: { field: UPDATED_AT, direction: DESC }) {
+          totalCount
+          nodes {
+            id
+            title
+            body
+            createdAt
+            updatedAt
+            url
+            author {
+              login
+              avatarUrl
+              url
+            }
+            category {
+              name
+              emoji
+            }
+            comments {
+              totalCount
+            }
+            reactions {
+              totalCount
+            }
+            labels(first: 10) {
+              nodes {
+                name
+                color
+              }
+            }
+          }
+        }
+      }
+    }
+  `;
+
+  const response = await fetch("https://api.github.com/graphql", {
+    method: "POST",
+    headers: {
+      Accept: "application/vnd.github.v3+json",
+      Authorization: `Bearer ${token}`,
+      "Content-Type": "application/json",
+    },
+    body: JSON.stringify({
+      query,
+      variables: {
+        owner: ORG_NAME,
+        name: DISCUSSIONS_REPO,
+        first: limit,
+      },
+    }),
+  });
+
+  if (!response.ok) {
+    throw new Error(`GitHub discussions request failed: ${response.status}`);
+  }
+
+  const payload = await response.json();
+
+  if (payload.errors?.length) {
+    const message = payload.errors.map((error) => error.message).join(", ");
+    throw new Error(message || "GitHub discussions GraphQL query failed");
+  }
+
+  const discussions = payload.data?.repository?.discussions;
+
+  return {
+    available: true,
+    message: null,
+    totalCount: discussions?.totalCount ?? 0,
+    discussions: (discussions?.nodes || []).map(mapDiscussion),
+    fetchedAt: new Date().toISOString(),
+  };
+}
+
+export default async function handler(req, res) {
+  const token = getToken();
+
+  res.setHeader(
+    "Cache-Control",
+    "public, s-maxage=300, stale-while-revalidate=600",
+  );
+
+  if (!token) {
+    res.status(503).json({
+      available: false,
+      message: UNAVAILABLE_MESSAGE,
+      totalCount: null,
+      discussions: [],
+      fetchedAt: null,
+    });
+    return;
+  }
+
+  try {
+    const limit = parseLimit(req.query.limit);
+    const data = await fetchGitHubDiscussions(token, limit);
+    res.status(200).json(data);
+  } catch (error) {
+    res.status(502).json({
+      available: false,
+      message:
+        error instanceof Error
+          ? error.message
+          : "Failed to fetch GitHub discussions.",
+      totalCount: null,
+      discussions: [],
+      fetchedAt: null,
+    });
+  }
+}

docusaurus.config.ts

@@ -19,7 +19,6 @@ const config: Config = {
   projectName: "recode-website",
 
   onBrokenLinks: "throw",
-  // onBrokenMarkdownLinks moved to markdown.hooks
 
   // Google Analytics and Theme Scripts
   scripts: [
@@ -271,8 +270,6 @@ const config: Config = {
     },
   },
 
-  // Migrated legacy setting to markdown.hooks.onBrokenMarkdownLinks
-
   themes: ["@docusaurus/theme-mermaid"],
 
   plugins: [

eslint.config.mjs

@@ -4,6 +4,9 @@ import tsPlugin from "@typescript-eslint/eslint-plugin";
 import reactPlugin from "eslint-plugin-react";
 
 export default [
+  {
+    ignores: ["node_modules/", "build/", ".docusaurus/", "static/", "dist/"],
+  },
   {
     files: ["**/*.{ts,tsx}"],
     ignores: ["node_modules/", "build/", ".docusaurus/", "static/", "dist/"],

package.json

@@ -14,8 +14,8 @@
     "write-translations": "docusaurus write-translations",
     "write-heading-ids": "docusaurus write-heading-ids",
     "typecheck": "tsc",
-    "lint": "eslint \"**/*.{js,jsx,ts,tsx}\"",
-    "lint:fix": "eslint \"**/*.{js,jsx,ts,tsx}\" --fix",
+    "lint": "eslint .",
+    "lint:fix": "eslint . --fix",
     "format": "prettier --write \"**/*.{js,jsx,ts,tsx,json,css}\"",
     "format:check": "prettier --check .",
     "prepare": "husky"

src/lib/statsProvider.tsx

@@ -7,7 +7,7 @@ import React, {
   useState,
   type ReactNode,
 } from "react";
-import { githubService, type GitHubOrgStats } from "../services/githubService";
+import { githubService } from "../services/githubService";
 
 // Time filter types
 export type TimeFilter = "week" | "month" | "year" | "all";
@@ -435,17 +435,18 @@ export function CommunityStatsProvider({
         };
 
         // Fetch both org stats and repos in parallel
-        const [orgStats, repos] = await Promise.all([
+        const [orgStats, repos, discussionsCount] = await Promise.all([
           githubService.fetchOrganizationStats(signal),
           fetchAllOrgRepos(headers),
+          githubService.fetchDiscussionsCount(signal),
         ]);
 
         // Set org stats immediately
         setGithubStarCount(orgStats.totalStars);
         setGithubContributorsCount(orgStats.totalContributors);
         setGithubForksCount(orgStats.totalForks);
         setGithubReposCount(orgStats.publicRepositories);
-        setGithubDiscussionsCount(orgStats.discussionsCount);
+        setGithubDiscussionsCount(discussionsCount ?? orgStats.discussionsCount);
         setLastUpdated(new Date(orgStats.lastUpdated));
 
         // Process leaderboard data with concurrent processing