-
Notifications
You must be signed in to change notification settings - Fork 24.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CI] Migrate bots to use Authorization HTTP Header #28043
Comments
Can I tackle this? |
maybe this was solved with #28050 as I can not reproduce. I monitored https request with mitmproxy nodejs code const {Octokit} = require('@octokit/rest');
const octokit = new Octokit({
auth: process.env.GITHUB_TOKEN,
});
octokit.pulls.get({owner: 'facebook', repo: 'react-native', pull_number: '28651'}) The token is not passed on the I have to review the |
Hello! Can I take this as my first issue? |
I'm proposing to update the user agent and octokit version to see if this issue is still occuring in the tracker. What do you think 🧐 |
Is this needed? As @fabriziobertoglio1987 mentioned I believe this is already solved:
So i think we can just close this issue |
@cortinico No it is not needed, but imho it is good if we change the user agent of the octokit request. 🤔 1.) It is recommended in the octokit documentation (I have linked it in the PR). So I see it as kind of flag that shows the current version of the code analysis bot. What's your opinion on that @cortinico ? 😊 And yeah, I agree that we can close the issue 💯 |
#32891) Summary: As stated in [https://github.com/facebook/react-native/issues/28043](https://github.com/facebook/react-native/issues/28043) the requests with the `Octokit` lib is not optimal since tracking issues were raised. Since the issue could not be reproduced (see comments in the mentioned issue) I'm proposing to update the `Octokit` package to the newest version and add the required fields as stated [in the documentation](https://octokit.github.io/rest.js/v18#authentication). ## Changelog [Internal] [Changed] - Changed requests of the internal code analysis Pull Request resolved: #32891 Test Plan: Ran the code analysis bot manually ``` cat <(echo eslint; npm run lint --silent -- --format=json; echo flow; npm run flow-check-ios --silent --json; echo flow; npm run flow-check-android --silent --json; echo google-java-format; node scripts/lint-java.js --diff) | GITHUB_PR_NUMBER="$CIRCLE_PR_NUMBER" node bots/code-analysis-bot.js Browserslist: caniuse-lite is outdated. Please run: npx browserslist@latest --update-db Why you should do it regularly: https://github.com/browserslist/browserslist#browsers-data-updating ``` Reviewed By: christophpurrer Differential Revision: D33793194 Pulled By: cortinico fbshipit-source-id: 21b5f9f3911dd82e3254ab009637ab63aa36d30c
Fixed by #32891 |
Tracking issue raised by GitHub's API regarding our CI bots script (
bots/code-analysis-bot.js
):The access token is publicly available in
.circleci/config.yml
.The text was updated successfully, but these errors were encountered: