ScoopInstaller
fix(autoupdate): Ensure GitHub API requests use token
Motivation and Context
When retrieve hash from GitHub API, the token was not included in the request header.
Changes
- fix(autoupdate): Ensure GitHub API requests use token.
- refactor(autoupdate): .
Related Issues/PRs:
- https://github.com/ScoopInstaller/Scoop/pull/6416
- https://github.com/ScoopInstaller/Scoop/issues/6381#issuecomment-3410135538
- https://github.com/ScoopInstaller/GithubActions/issues/64
How Has This Been Tested?
- https://github.com/z-Fng/Scoop-Extras/actions/runs/18986905102/job/54232436898
Checklist:
- [x] I have read the Contributing Guide.
- [x] I have ensured that I am targeting the
developbranch. - [ ] I have updated the documentation accordingly.
- [ ] I have updated the tests accordingly.
- [x] I have added an entry in the CHANGELOG.
Summary by CodeRabbit
- Bug Fixes
- Fixed missing API token in GitHub mode request headers, enabling proper authentication for GitHub-based autoupdate requests.
[!IMPORTANT]
Review skipped
Draft detected.
Please check the settings in the CodeRabbit UI or the
.coderabbit.yamlfile in this repository. To trigger a single review, invoke the@coderabbitai reviewcommand.You can disable this status message by setting the
reviews.review_statustofalsein the CodeRabbit configuration file.
Walkthrough
Added GitHub API token authentication to the autoupdate mechanism. When extracting JSON hashes from GitHub's API, the code now conditionally attaches an Authorization header with the token and sets the appropriate API version header for authenticated requests.
Changes
| Cohort / File(s) | Summary |
|---|---|
GitHub API Authentication CHANGELOG.md, lib/autoupdate.ps1 |
Added conditional logic in find_hash_in_json to include Authorization header with GitHub token and X-GitHub-Api-Version header when requesting from api.github.com. Updated changelog with bug fix entry documenting the missing API token header addition. |
Estimated code review effort
🎯 2 (Simple) | ⏱️ ~8 minutes
- Straightforward conditional header attachment with minimal new logic
- Changes are focused and directly related to a single feature
- Changelog update is documentation-only
- Consider verifying: token availability check logic, header formatting correctness, and GitHub API version compatibility
Poem
🐰 A token now travels with every request,
Through GitHub's API gates, authenticated best,
Headers aligned, credentials in place,
Autoupdate hops forth at a swifter pace! 🚀
Pre-merge checks and finishing touches
❌ Failed checks (1 warning)
| Check name | Status | Explanation | Resolution |
|---|---|---|---|
| Docstring Coverage | ⚠️ Warning | Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. | You can run @coderabbitai generate docstrings to improve docstring coverage. |
✅ Passed checks (2 passed)
| Check name | Status | Explanation |
|---|---|---|
| Title check | ✅ Passed | The pull request title 'fix(autoupdate): Ensure GitHub API requests use token' is closely related to the main objective of the changeset, which is to add the missing API token to GitHub API request headers in autoupdate functionality. The title clearly communicates the core fix but is slightly less specific than the commit message or PR description. However, it accurately represents the primary change and would be understood by teammates reviewing the history. |
| Description Check | ✅ Passed | Check skipped - CodeRabbit’s high-level summary is enabled. |
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.
Comment @coderabbitai help to get the list of available commands and usage tips.
![coderabbitai[bot] avatar](https://avatars.githubusercontent.com/in/347564?v=4 "Published by a pub.dev verified publisher"){kind=small}