Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport release-24.11] fetchFromGitHub: use the API tarball endpoint for private #374355

Merged
merged 2 commits into from
Jan 16, 2025
Merged

[Backport release-24.11] fetchFromGitHub: use the API tarball endpoint for private #374355

merged 2 commits into from
Jan 16, 2025

Conversation

nixpkgs-ci[bot]
Copy link
Contributor

@nixpkgs-ci nixpkgs-ci bot commented Jan 16, 2025
edited by philiptaron
Loading

Bot-based backport to release-24.11, triggered by a label in #321484.

  • Before merging, ensure that this backport is acceptable for the release.
    • Even as a non-commiter, if you find that it is not acceptable, leave a comment.

me-and and others added 2 commits January 16, 2025 18:30
@me-and @github-actions
fetchFromGitHub: use the API tarball endpoint
0e09a4b 
GitHub currently has two kinds of personal access token: "classic" and
"fine-grained".  Fine-grained personal access tokens, as the name
suggests, allow much more control over what the token can and cannot do,
and in particular allow users to specify which repositories the token
should provide access to.

Unfortunately, fine-grained tokens don't allow access to repository
archive tarballs for private repositories at (say)
https://github.com/me-and/private-demo/archive/HEAD.tar.gz.
Fortunately, the GitHub API endpoint does provide this access, and also
works with classic tokens and -- for public repositories -- no token at
all.

To allow folk to use fine-grained access tokens, use the GitHub API for
accessing private repos.  Keep using the existing interface for
non-private repos, as we can only assume an authenticated user for
private repos, and unauthenticated users have restrictive rate limits on
the API interface.

Fixes #321481

(cherry picked from commit 1a72fa0)
@me-and @github-actions
fetchFromGitHub: refactor for scope clarity
c7b2858 
Co-authored-by: Philip Taron <[email protected]>
(cherry picked from commit 42574f5)
@nixpkgs-ci nixpkgs-ci bot mentioned this pull request Jan 16, 2025
Merged
13 tasks
@nix-owners nix-owners bot requested a review from philiptaron January 16, 2025 18:31
@philiptaron philiptaron merged commit a3a4309 into release-24.11 Jan 16, 2025
32 of 35 checks passed
@philiptaron philiptaron deleted the backport-321484-to-release-24.11 branch January 16, 2025 18:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@philiptaron philiptaron Awaiting requested review from philiptaron

Assignees
No one assigned
Labels
6.topic: fetch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@philiptaron @me-and