Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 4 commits
- 2 files changed
- 3 contributors
Commits on Oct 31, 2024
-
Fix token exposure for non-gh hosts in codespaces
This commit introduces a fix for `GITHUB_TOKEN` being exposed to non-github hosts while in a codespace. We no longer return the `GITHUB_TOKEN` for any host except github.com and github.localhost while in a codespace (while the env var `CODESPACES` is `true`). This commit also changes how tokens are returned when no oAuth token is found in a config. Previously, an empty string and the `oauthToken` source was returned. Now, we return an empty string and the `defaultSource` source. The intention behind this change is to make more logical sense by not returning an `oauthToken` source when we didn't get any token. It's also worth mentioning that this change also improves our test coverage - all lines in `tokenForHost` are now covered by tests, and we don't have unreachable code. Co-authored-by: Kynan Ware <47394200+BagToad@users.noreply.github.com>
-
Refactor tokenForHost for readability
Co-authored-by: Kynan Ware <47394200+BagToad@users.noreply.github.com>
-
Commits on Nov 27, 2024
-
Prevent `tokenForHost` from leaking `GITHUB_TOKEN` to non-GitHub host in Codespaces
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v2.11.0...v2.11.1