[Bug]: Ensure repository search only returns public repositories (#7665)

Co-authored-by: openhands <openhands@all-hands.dev>
2026-01-09 14:57:59 -05:00 · 2025-04-02 15:21:19 -04:00
parent 40dd175a0f
commit 75b3270cf0
2 changed files with 25 additions and 15 deletions
--- a/openhands/integrations/github/github_service.py
+++ b/openhands/integrations/github/github_service.py
@@ -104,13 +104,15 @@ class GitHubService(GitService):
    ) -> list[Repository]:
        MAX_REPOS = 1000
        PER_PAGE = 100  # Maximum allowed by GitHub API
-        all_repos: list[dict]= []
+        all_repos: list[dict] = []
        page = 1

        while len(all_repos) < MAX_REPOS:
            params = {'page': str(page), 'per_page': str(PER_PAGE)}
            if installation_id:
-                url = f'{self.BASE_URL}/user/installations/{installation_id}/repositories'
+                url = (
+                    f'{self.BASE_URL}/user/installations/{installation_id}/repositories'
+                )
                response, headers = await self._fetch_data(url, params)
                response = response.get('repositories', [])
            else:
@@ -136,7 +138,7 @@ class GitHubService(GitService):
                id=repo.get('id'),
                full_name=repo.get('full_name'),
                stargazers_count=repo.get('stargazers_count'),
-                git_provider=ProviderType.GITHUB
+                git_provider=ProviderType.GITHUB,
            )
            for repo in all_repos
        ]
@@ -151,7 +153,14 @@ class GitHubService(GitService):
        self, query: str, per_page: int, sort: str, order: str
    ) -> list[Repository]:
        url = f'{self.BASE_URL}/search/repositories'
-        params = {'q': query, 'per_page': per_page, 'sort': sort, 'order': order}
+        # Add is:public to the query to ensure we only search for public repositories
+        query_with_visibility = f'{query} is:public'
+        params = {
+            'q': query_with_visibility,
+            'per_page': per_page,
+            'sort': sort,
+            'order': order,
+        }

        response, _ = await self._fetch_data(url, params)
        repos = response.get('items', [])
@@ -161,7 +170,7 @@ class GitHubService(GitService):
                id=repo.get('id'),
                full_name=repo.get('full_name'),
                stargazers_count=repo.get('stargazers_count'),
-                git_provider=ProviderType.GITHUB
+                git_provider=ProviderType.GITHUB,
            )
            for repo in repos
        ]
--- a/openhands/integrations/gitlab/gitlab_service.py
+++ b/openhands/integrations/gitlab/gitlab_service.py
@@ -1,8 +1,8 @@
 import os
 from typing import Any
+from urllib.parse import quote_plus

 import httpx
-from urllib.parse import quote_plus 
 from pydantic import SecretStr

 from openhands.integrations.service_types import (
@@ -98,25 +98,26 @@ class GitLabService(GitService):
    async def search_repositories(
        self, query: str, per_page: int = 30, sort: str = 'updated', order: str = 'desc'
    ) -> list[Repository]:
-        url = f'{self.BASE_URL}/search'
+        url = f'{self.BASE_URL}/projects'
        params = {
-            'scope': 'projects',
            'search': query,
            'per_page': per_page,
-            'order_by': sort,
+            'order_by': 'last_activity_at',
            'sort': order,
+            'visibility': 'public',
        }
+
        response, _ = await self._fetch_data(url, params)
        repos = [
            Repository(
                id=repo.get('id'),
                full_name=repo.get('path_with_namespace'),
                stargazers_count=repo.get('star_count'),
-                git_provider=ProviderType.GITLAB
+                git_provider=ProviderType.GITLAB,
            )
            for repo in response
        ]
-        
+
        return repos

    async def get_repositories(
@@ -124,7 +125,7 @@ class GitLabService(GitService):
    ) -> list[Repository]:
        if installation_id:
            return []  # Not implementing installation_token case yet
-        
+
        MAX_REPOS = 1000
        PER_PAGE = 100  # Maximum allowed by GitLab API
        all_repos: list[dict] = []
@@ -136,7 +137,7 @@ class GitLabService(GitService):
            'pushed': 'last_activity_at',
            'updated': 'last_activity_at',
            'created': 'created_at',
-            'full_name': 'name'
+            'full_name': 'name',
        }.get(sort, 'last_activity_at')

        while len(all_repos) < MAX_REPOS:
@@ -146,7 +147,7 @@ class GitLabService(GitService):
                'order_by': order_by,
                'sort': 'desc',  # GitLab uses sort for direction (asc/desc)
                'owned': 1,  # Use 1 instead of True
-                'membership': 1  # Use 1 instead of True
+                'membership': 1,  # Use 1 instead of True
            }
            response, headers = await self._fetch_data(url, params)

@@ -168,7 +169,7 @@ class GitLabService(GitService):
                id=repo.get('id'),
                full_name=repo.get('path_with_namespace'),
                stargazers_count=repo.get('star_count'),
-                git_provider=ProviderType.GITLAB
+                git_provider=ProviderType.GITLAB,
            )
            for repo in all_repos
        ]