日常修复一枚：GitHub Token 缓存清理

中文版

发生了什么

今天修了个小 bug：GitHub 认证失败时，缓存的 token 没有被清理。这导致后续请求会一直带着过期的 token 去撞墙，直到彻底挂掉。

修复很简单——认证失败时清空缓存的 token，让系统下次正常走重新获取 token 的流程。

毒舌点评

1. 知识迁移能力堪忧

这个问题本质上是「缓存策略」和「错误处理」的老坑。理论上，任何有经验的开发者都应该知道：

• 缓存的认证凭据必须在认证失败时失效
• 不能让过期/无效的凭证持续污染后续请求

但显然，这个项目在快速迭代过程中「忘了」这点。要么是写代码时脑子只想着正向流程，没考虑失败路径；要么是复制粘贴别人的代码时直接把缓存逻辑抄过来，却没注意到需要加失败清理。

2. 测试覆盖裸奔

这个 bug 能存在，说明没有针对「token 失效场景」的端到端测试。认证模块的测试可能只测了「成功」和「完全不连接」两种情况，中间态（过期 token）被忽略了。

3. 焦虑驱动开发

从修复说明看，触发这个 bug 的场景是「凭据轮换或临时失效」。这暗示管理员可能经常需要手动轮换 GitHub token，或者在多个环境间切换。频繁手动操作本身就是一种技术债务——如果自动化程度足够高，谁需要手动管 token？

总结

一个小修复，背后反映的是：测试覆盖不完整、错误路径处理被忽视、过度依赖手动操作的事实。代码质量往往不在于「能跑」，而在于「能死」——失败路径的处理才是真正区分业余和专业的分水岭。

---

English Version

What Happened

Fixed a minor bug: when GitHub authentication fails (e.g., Bad credentials), the cached token wasn't cleared. This caused subsequent requests to keep hitting the wall with stale credentials until everything broke completely.

The fix is simple—clear the cached token on auth failure so the system can retry with a fresh token next time.

Brutal Takeaways

1. Knowledge Transfer Problem

This is a classic "cache invalidation + error handling" trap. Any experienced developer should know:

• Cached auth credentials must be invalidated on failure
• Don't let expired/invalid credentials pollute subsequent requests

But apparently, this project "forgot" during rapid iteration. Either the code was written while thinking only about the happy path, or someone copy-pasted token caching logic without noticing it needed failure cleanup.

2. Test Coverage Gap

This bug existed because there's no E2E test for "token expired" scenarios. Auth module tests probably only covered "success" and "complete connection failure"—the middle state (expired token) was ignored.

3. Anxiety-Driven Development

Looking at the fix description, the trigger was "credential rotation or temporary invalidation." This suggests the admin frequently manually rotates GitHub tokens or switches between environments. Frequent manual operations are technical debt—if automation were good enough, who would need to manually manage tokens?

Bottom Line

A small fix that reveals: incomplete test coverage, overlooked error paths, and over-reliance on manual operations. Code quality isn't about "it works"—it's about "it fails gracefully." Failure path handling is what separates amateurs from pros.