Skip to content

feat: add --http-header option for custom header injection#122

Open
Vignesh-285 wants to merge 2 commits intogetsentry:mainfrom
Vignesh-285:feat/http-header-injection
Open

feat: add --http-header option for custom header injection#122
Vignesh-285 wants to merge 2 commits intogetsentry:mainfrom
Vignesh-285:feat/http-header-injection

Conversation

@Vignesh-285
Copy link
Copy Markdown

@Vignesh-285 Vignesh-285 commented Apr 16, 2026

Summary

  • Add a generic --http-header CLI option that injects custom HTTP headers into all outgoing requests
  • Enables bypassing proxies like Cloudflare Access without adding provider-specific flags
  • Uses a module-level global in request.py (same pattern as USER_AGENT) to avoid threading a new parameter through every service file

Changes

  • codecov_cli/helpers/request.py — Added _extra_headers global, set_extra_headers() setter, renamed _set_user_agent()_prepare_headers() to merge extra headers while always protecting User-Agent
  • codecov_cli/main.py — Added --http-header option (multiple=True, format Header-Name:Value) with validation and parsing

Usage

  codecovcli --http-header "CF-Access-Client-Id:abc123" \
             --http-header "CF-Access-Client-Secret:xyz789" \
             do-upload ...

@Vignesh-285
feat: add --http-header option for custom header injection
beac0de 
Allow users to inject custom HTTP headers into all outgoing
requests via a repeatable --http-header flag. This enables
bypassing proxies like Cloudflare Access without adding
provider-specific flags.
@Vignesh-285 Vignesh-285 mentioned this pull request Apr 16, 2026
Open
@Vignesh-285 Vignesh-285 marked this pull request as ready for review April 16, 2026 16:52
cursor[bot]
cursor Bot reviewed Apr 16, 2026
View reviewed changes
Comment thread codecov-cli/tests/test_codecov_cli.py
Comment thread codecov-cli/codecov_cli/main.py Outdated
Comment thread codecov-cli/codecov_cli/main.py
@Vignesh-285
fix: address review feedback for --http-header option
c1fa3ad 
- Strip http_header from telemetry args to prevent leaking secrets
- Reject empty header names (e.g. ":value")
- Fix tests to invoke subcommand so header parsing actually executes
- Add test for empty header name validation
@Vignesh-285 Vignesh-285 force-pushed the feat/http-header-injection branch from beac0de to 45e518e Compare April 16, 2026 17:07
@Vignesh-285 Vignesh-285 reopened this Apr 16, 2026
cursor[bot]
cursor Bot reviewed Apr 16, 2026
View reviewed changes
Copy link
Copy Markdown

@cursor cursor Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit c1fa3ad. Configure here.

Comment thread codecov-cli/codecov_cli/main.py
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Vignesh-285