bypass Vercel deployment protection on preview API calls

action API calls to preview deployments were getting 401'd by Vercel's
deployment protection. add x-vercel-protection-bypass header to the 3
server-to-server fetch sites when VERCEL_AUTOMATION_BYPASS_SECRET is set.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Colin McDonnell
2026-02-13 15:25:32 +00:00
committed by pullfrog[bot]
parent d7759734f2
commit dc611c9f78
7 changed files with 1633 additions and 1597 deletions
+14 -4
View File
@@ -139418,7 +139418,14 @@ var Octokit2 = Octokit.plugin(requestLog, legacyRestEndpointMethods, paginateRes
// utils/apiUrl.ts
function getApiUrl() {
return process.env.API_URL || "https://pullfrog.com";
const url4 = process.env.API_URL || "https://pullfrog.com";
log.debug(`resolved API_URL: ${url4}`);
return url4;
}
function getVercelBypassHeaders() {
const secret = process.env.VERCEL_AUTOMATION_BYPASS_SECRET;
if (!secret) return {};
return { "x-vercel-protection-bypass": secret };
}
// utils/retry.ts
@@ -139477,7 +139484,8 @@ async function acquireTokenViaOIDC(opts) {
method: "POST",
headers: {
Authorization: `Bearer ${oidcToken}`,
"Content-Type": "application/json"
"Content-Type": "application/json",
...getVercelBypassHeaders()
},
signal: controller.signal
};
@@ -144014,7 +144022,8 @@ function UploadFileTool(ctx) {
method: "POST",
headers: {
Authorization: `Bearer ${ctx.apiToken}`,
"Content-Type": "application/json"
"Content-Type": "application/json",
...getVercelBypassHeaders()
},
body: JSON.stringify({
filename,
@@ -146731,7 +146740,8 @@ async function fetchRunContext(params) {
method: "GET",
headers: {
Authorization: `Bearer ${params.token}`,
"Content-Type": "application/json"
"Content-Type": "application/json",
...getVercelBypassHeaders()
},
signal: controller.signal
}