[CI] Migrate bots to use Authorization HTTP Header #28043
Comments
hramos
added
Good first issue
|
Can I tackle this? |
|
maybe this was solved with #28050 as I can not reproduce. I monitored https request with mitmproxy nodejs code const {Octokit} = require('@octokit/rest');
const octokit = new Octokit({
auth: process.env.GITHUB_TOKEN,
});
octokit.pulls.get({owner: 'facebook', repo: 'react-native', pull_number: '28651'})The token is not passed on the
I have to review the |
|
Hello! Can I take this as my first issue? |
|
I'm proposing to update the user agent and octokit version to see if this issue is still occuring in the tracker. What do you think 🧐 |
Is this needed? As @fabriziobertoglio1987 mentioned I believe this is already solved:
So i think we can just close this issue |
|
@cortinico No it is not needed, but imho it is good if we change the user agent of the octokit request. 🤔 1.) It is recommended in the octokit documentation (I have linked it in the PR). So I see it as kind of flag that shows the current version of the code analysis bot. What's your opinion on that @cortinico ? 😊 And yeah, I agree that we can close the issue 💯 |
#32891) Summary: As stated in [https://github.com/facebook/react-native/issues/28043](https://github.com/facebook/react-native/issues/28043) the requests with the `Octokit` lib is not optimal since tracking issues were raised. Since the issue could not be reproduced (see comments in the mentioned issue) I'm proposing to update the `Octokit` package to the newest version and add the required fields as stated [in the documentation](https://octokit.github.io/rest.js/v18#authentication). ## Changelog [Internal] [Changed] - Changed requests of the internal code analysis Pull Request resolved: #32891 Test Plan: Ran the code analysis bot manually ``` cat <(echo eslint; npm run lint --silent -- --format=json; echo flow; npm run flow-check-ios --silent --json; echo flow; npm run flow-check-android --silent --json; echo google-java-format; node scripts/lint-java.js --diff) | GITHUB_PR_NUMBER="$CIRCLE_PR_NUMBER" node bots/code-analysis-bot.js Browserslist: caniuse-lite is outdated. Please run: npx browserslist@latest --update-db Why you should do it regularly: https://github.com/browserslist/browserslist#browsers-data-updating ``` Reviewed By: christophpurrer Differential Revision: D33793194 Pulled By: cortinico fbshipit-source-id: 21b5f9f3911dd82e3254ab009637ab63aa36d30c
|
Fixed by #32891 |
Tracking issue raised by GitHub's API regarding our CI bots script (
bots/code-analysis-bot.js):The access token is publicly available in
.circleci/config.yml.The text was updated successfully, but these errors were encountered: