octokit / auth-token.js Goto Github PK
View Code? Open in Web Editor NEWGitHub API token authentication for browsers and Node.js
License: MIT License
GitHub API token authentication for browsers and Node.js
License: MIT License
There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.
Location: package.json
Error type: The renovate configuration file contains some invalid settings
Message: Invalid configuration option: @pika/pack, Invalid configuration option: author, Invalid configuration option: jest, Invalid configuration option: keywords, Invalid configuration option: license, Invalid configuration option: name, Invalid configuration option: packageRules[0].@octokit/types, Invalid configuration option: packageRules[1].@octokit/core, Invalid configuration option: packageRules[1].@octokit/request, Invalid configuration option: packageRules[1].@pika/pack, Invalid configuration option: packageRules[1].@pika/plugin-build-node, Invalid configuration option: packageRules[1].@pika/plugin-build-web, Invalid configuration option: packageRules[1].@pika/plugin-ts-standard-pkg, Invalid configuration option: packageRules[1].@types/fetch-mock, Invalid configuration option: packageRules[1].@types/jest, Invalid configuration option: packageRules[1].fetch-mock, Invalid configuration option: packageRules[1].jest, Invalid configuration option: packageRules[1].semantic-release, Invalid configuration option: packageRules[1].ts-jest, Invalid configuration option: packageRules[1].typescript, Invalid configuration option: publishConfig, Invalid configuration option: release, Invalid configuration option: renovate, Invalid configuration option: scripts, Invalid configuration option: version
5.2.1
to 5.3.0
.π¨ View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
@octokit/request is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.
There is a collection of frequently asked questions. If those donβt help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot π΄
master
branch failed. π¨I recommend you give this issue a high priority, so other packages depending on you could benefit from your bug fixes and new features.
You can find below the list of errors reported by semantic-release. Each one of them has to be resolved in order to automatically publish your package. Iβm sure you can resolve this πͺ.
Errors are usually caused by a misconfiguration or an authentication problem. With each error reported below you will find explanation and guidance to help you to resolve it.
Once all the errors are resolved, semantic-release will release your package the next time you push a commit to the master
branch. You can also manually restart the failed CI job that runs semantic-release.
If you are not sure how to resolve this, here is some links that can help you:
If those donβt help, or if this issue is reporting something you think isnβt right, you can always ask the humans behind semantic-release.
semantic-release cannot push the version tag to the branch master
on the remote Git repository with URL https://x-access-token:[secure]@github.com/octokit/auth-token.js
.
This can be caused by:
Good luck with your project β¨
Your semantic-release bot π¦π
This code here:
does this:
but it links to https://github.com/octokit/auth-token.js/issues/CODE_OF_CONDUCT.md
instead of https://github.com/octokit/auth-token.js#coc-ov-file
No response
No response
No response
Following the instructions in the readme of this example code:
const TOKEN = "ghp_PersonalAccessToken01245678900000000";
const auth = createTokenAuth(TOKEN);
const authentication = await auth();
const response = await request("HEAD /", {
headers: authentication.headers,
});
const scopes = response.headers["x-oauth-scopes"].split(/,\s+/);
if (scopes.length) {
console.log(
`"${TOKEN}" has ${scopes.length} scopes enabled: ${scopes.join(", ")}`
);
} else {
console.log(`"${TOKEN}" has no scopes enabled`);
}
I get this error:
const scopes = response.headers['x-oauth-scopes'].split(/,\s+/)
^
TypeError: Cannot read properties of undefined (reading 'split')
Also, authentication.headers
is always undefined
. I don't know why it has to be set in the request, since there is no header
property in the authentication object.
There is a closed but unanswered issue on the same topic: #205
Node v10 has been deprecated so there is no need to keep giving support to it in our CI.
You can find more details here
Follow up to #195. I've inquired with GitHub Support and am awaiting their response
What happened?
CodeQL Check Run on this PR fails and it's not possible to merge.
What did you expect to happen?
CodeQL Check Run should pass.
Under Find more information
section of the README, there is:
const response = await request("HEAD /", {
headers: authentication.headers,
});
However, isn't the structure of authentication
object:
{
type: 'token',
token: 'ghp_PersonalAccessToken01245678900000000',
tokenType: 'oauth'
}
so where does the headers
come from?
24.0.23
to 24.0.24
.π¨ View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
@types/jest is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
There is a collection of frequently asked questions. If those donβt help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot π΄
Whatβs missing?
Remove unnecessary step for CodeQL workflow:
auth-token.js/.github/workflows/codeql.yml
Lines 23 to 26 in 9c313b2
Why?
Right now, when CodeQL
workflow runs, it prints the following warning message:
[CodeQL-Build](https://github.com/octokit/plugin-rest-endpoint-methods.js/runs/5705550731?check_suite_focus=true)
1 issue was detected with this workflow: git checkout HEAD^2 is no longer necessary. Please remove this step as Code Scanning recommends analyzing the merge commit for best results.
Example: https://github.com/octokit/auth-token.js/runs/5961724265?check_suite_focus=true
2.4.0
to 2.4.1
.π¨ View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
@octokit/core is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
There is a collection of frequently asked questions. If those donβt help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot π΄
7.5.0
to 7.5.1
.π¨ View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
fetch-mock is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 2 commits.
e50ffe3
Merge pull request #453 from birtles/fixCaptureStackTrace
22f1ee0
Check for Error.captureStackTrace before using it
See the full diff
There is a collection of frequently asked questions. If those donβt help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot π΄
Previously, I was using this type:
import type { Token } from "@octokit/auth-token/dist-types/types.js"
With the conversion to ESModules (I think), the file is no longer accessible, so I have to do with this:
// Module '"@octokit/auth-token"' declares 'Token' locally, but it is not exported. ts(2459)
import type { Token } from "@octokit/auth-token"
But the type forgot to be exported
"@octokit/auth-token": "^5.0.1",
No response
17.0.2
to 17.0.3
.π¨ View failing branch.
This version is covered by your current version range and after updating it in your project the build failed.
semantic-release is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
getGitAuthUrl
(e7bede1)The new version differs by 6 commits.
e7bede1
fix: pass a branch name to getGitAuthUrl
8426b42
chore(package): update tempy to version 0.4.0
804fc2a
docs(Troubleshooting): release not found in prereleases branch (e.g. beta
) after rebase on master
) (#1444)
389e331
chore(package): update got to version 10.5.2
a93c96f
revert: fix: allow plugins to set environment variables to be used by other plugins
68f7e92
fix: allow plugins to set environment variables to be used by other plugins
See the full diff
There is a collection of frequently asked questions. If those donβt help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot π΄
This issue contains a list of Renovate updates and their statuses.
These updates are awaiting their schedule. Click on a checkbox to ignore the schedule.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
This issue is reserved for people who never contributed to Open Source before. We know that the process of creating a pull request is the biggest barrier for new contributors. This issue is for you π
The Pika CDN is now Skypack, see https://www.pika.dev/cdn. The CDN at https://cdn.pika.dev/ no longer works, all URLs must be replaced with the new CDN: https://cdn.skypack.dev/. We currently recommend using cdn.pika.dev
to import the library into the browser, but that no longer works. Replacing it with cdn.skypack.dev
will make it work again.
π Claim this issue: Comment below.
More than one person can work on this issue, don't worry if it's already claimed.
π Update the file \README.md (press the little pen Icon) and edit as shown below:
@@ -33,11 +33,11 @@ It is useful if you want to support multiple authentication strategies, as itβ
Browsers
</th><td width=100%>
-Load `@octokit/auth-token` directly from [cdn.pika.dev](https://cdn.pika.dev)
+Load `@octokit/auth-token` directly from [cdn.skypack.dev](https://cdn.skypack.dev)
```html
<script type="module">
- import { createTokenAuth } from "https://cdn.pika.dev/@octokit/auth-token";
+ import { createTokenAuth } from "https://cdn.skypack.dev/@octokit/auth-token";
</script>
```
πΎ Commit your changes
π Start a Pull Request. There are two ways how you can start a pull request:
π Done Ask for a review :)
If there are more than one pull requests with the correct change, we will merge the first one, but attribute the change to all authors who made the same change using @Co-authored-by
, so yo can be sure your contribution will count.
Leave a comment below!
This issue was created by First-Timers-Bot.
Hello π
In the README on this repo, there is a string that Github Secret Scanning detects as a secret:
createTokenAuth("v1.d3d433526f780fbcc3129004e2731b3904ad0b86");
I expect this secret is either no longer valid or entirely fake, and so isn't a security concern. However, it does create an alert whenever someone vendors a version of this repo into their codebase.
Can this be modified so as to not trigger Github Secret Scanning somehow? I would propose a PR, but I'm not sure of the exact regex being used to detect Github App Installation Access Tokens.
Thank you!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.