fix(libfetchers): set GitHub API version header, closes #255

Sets the `X-GitHub-Api-Version` header to `2022-11-28` for calls to the GitHub API. This follows the later version as per https://docs.github.com/en/rest/about-the-rest-api/api-versions?apiVersion=2022-11-28. This affected the check on whether to use the API versus unauthenticated calls as well, given the headers would no longer be empty if the authentication token were missing. The workaround used here is to use a check similar to an existing check for the token. In the current implementation, headers are (still) similarly sent to non-authenticated as well as GitHub on-prem calls. For what it's worth, manual curl calls with such a header seemed to break nor unauthenticated calls nor ones to the github.com API. Change-Id: I6e10839e6b99cb65eb451e923b2a64f5d3c0f578
2024-09-22 12:46:46 +02:00 · 2024-09-22 12:46:46 +02:00 · a778b0f85a
parent 5f298f74c9
commit a778b0f85a
3 changed files with 37 additions and 4 deletions
--- a/doc/manual/change-authors.yml
+++ b/doc/manual/change-authors.yml
@ -78,6 +78,9 @@ jade:
  forgejo: jade
  github: lf-

+kiara:
+  github: KiaraGrouwstra
+
 kjeremy:
  github: kjeremy

--- a/doc/manual/rl-next/x-github-api-header.md
+++ b/doc/manual/rl-next/x-github-api-header.md
@ -0,0 +1,23 @@
+---
+synopsis: "Set `X-GitHub-Api-Version` header"
+issues: [fj#255]
+cls: [1925]
+category: Development
+credits: kiara
+---
+
+Sets the `X-GitHub-Api-Version` header to `2022-11-28` for calls to the
+GitHub API.
+This follows the later version as per
+https://docs.github.com/en/rest/about-the-rest-api/api-versions?apiVersion=2022-11-28.
+
+This affected the check on whether to use the API versus unauthenticated
+calls as well, given the headers would no longer be empty if the
+authentication token were missing.
+The workaround to this used here is to use a check similar to an existing
+check for the token.
+
+In the current implementation, headers are (still) similarly sent to
+non-authenticated as well as GitHub on-prem calls.
+For what it's worth, manual curl calls with such a header seemed to
+break nor unauthenticated calls nor ones to the github.com API.
--- a/src/libfetchers/github.cc
+++ b/src/libfetchers/github.cc
@ -289,10 +289,10 @@ struct GitHubInputScheme : GitArchiveInputScheme
        // urls so we do not run into rate limits.
        const auto urlFmt =
            host != "github.com"
-            ? "https://%s/api/v3/repos/%s/%s/tarball/%s"
-            : headers.empty()
-            ? "https://%s/%s/%s/archive/%s.tar.gz"
-            : "https://api.%s/repos/%s/%s/tarball/%s";
+                ? "https://%s/api/v3/repos/%s/%s/tarball/%s"
+                : !getAccessToken(host)
+                    ? "https://%s/%s/%s/archive/%s.tar.gz"
+                    : "https://api.%s/repos/%s/%s/tarball/%s";

        const auto url = fmt(urlFmt, host, getOwner(input), getRepo(input),
            input.getRev()->to_string(Base::Base16, false));
@ -308,6 +308,13 @@ struct GitHubInputScheme : GitArchiveInputScheme
            .applyOverrides(input.getRef(), input.getRev())
            .clone(destDir);
    }
+
+    Headers makeHeadersWithAuthTokens(const std::string & host) const
+    {
+        Headers headers = GitArchiveInputScheme::makeHeadersWithAuthTokens(host);
+        headers.emplace_back("X-GitHub-Api-Version", "2022-11-28");
+        return headers;
+    }
 };

 struct GitLabInputScheme : GitArchiveInputScheme