Incomplete GH_TOKEN check
hyphus opened this issue · 4 comments
The GH_TOKEN check doesn't account for older tokens that don't start with ghp_ but are otherwise still valid.
Line 118 in 1fcde32
If only the ghp_ format is supported it would be helpful to have the error message indicate that.
Alternatively, the token is validated in the __setup_user_info function already so potentially just GH_TOKEN is set to something may be an option too.
Thanks for the report! There is no reason to require tokens to start with ghp_, only that they are oauth tokens with the legacy scopes. We do not currently support fine-grained tokens (which we have a different check for). I looked over the post where GH announced the shift to labeled tokens at: https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/ and based on that, we can update this check to allow the following:
- 40 Character hex string (to capture old GH tokens)
- Tokens starting with
ghp_(PAT),gho_(OAuth) , andghu_(user-to-server)
Would that cover the token you are trying to utilize?
Yep! That'd cover my use case. Thanks for taking a look!
Yep! That'd cover my use case. Thanks for taking a look!
Great! I just pushed a branch that has an updated validation routine: support_additional_token_formats
Unfortunately, I do not have a valid legacy PAT to test with, so if you could check that your legacy PAT works with that branch, that would be very helpful, and then I can get the updates into main!
The changes in your branch worked great. Thanks!