From 40b89c51a88df2a6faba9b7f1e20909a0637c45e Mon Sep 17 00:00:00 2001 From: Andrea Fassina Date: Mon, 29 May 2023 12:51:37 +0200 Subject: [PATCH] tools: deps update authenticate github api request PR-URL: https://github.com/nodejs/node/pull/48200 Fixes: https://github.com/nodejs/node/issues/48119 Refs: https://github.com/nodejs/security-wg/issues/973 Reviewed-By: Luigi Pinca Reviewed-By: Marco Ippolito Reviewed-By: Moshe Atlow Reviewed-By: Mestery --- tools/dep_updaters/update-ada.sh | 7 ++++++- tools/dep_updaters/update-base64.sh | 7 ++++++- tools/dep_updaters/update-brotli.sh | 7 ++++++- tools/dep_updaters/update-c-ares.sh | 7 ++++++- tools/dep_updaters/update-cjs-module-lexer.sh | 7 ++++++- tools/dep_updaters/update-icu.sh | 7 ++++++- tools/dep_updaters/update-libuv.sh | 7 ++++++- tools/dep_updaters/update-llhttp.sh | 7 ++++++- tools/dep_updaters/update-nghttp2.sh | 7 ++++++- tools/dep_updaters/update-nghttp3.sh | 7 ++++++- tools/dep_updaters/update-ngtcp2.sh | 7 ++++++- tools/dep_updaters/update-simdutf.sh | 7 ++++++- tools/dep_updaters/update-uvwasi.sh | 7 ++++++- 13 files changed, 78 insertions(+), 13 deletions(-) diff --git a/tools/dep_updaters/update-ada.sh b/tools/dep_updaters/update-ada.sh index a26f854a1b2c52..a714596a88f66f 100755 --- a/tools/dep_updaters/update-ada.sh +++ b/tools/dep_updaters/update-ada.sh @@ -11,7 +11,12 @@ DEPS_DIR="$BASE_DIR/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/ada-url/ada/releases/latest'); +const res = await fetch('https://api.github.com/repos/ada-url/ada/releases/latest', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const { tag_name } = await res.json(); console.log(tag_name.replace('v', '')); diff --git a/tools/dep_updaters/update-base64.sh b/tools/dep_updaters/update-base64.sh index ff39a5f6e82010..7bc8e274ecaf11 100755 --- a/tools/dep_updaters/update-base64.sh +++ b/tools/dep_updaters/update-base64.sh @@ -12,7 +12,12 @@ DEPS_DIR="$BASE_DIR/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/aklomp/base64/releases/latest'); +const res = await fetch('https://api.github.com/repos/aklomp/base64/releases/latest', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const { tag_name } = await res.json(); console.log(tag_name.replace('v', '')); diff --git a/tools/dep_updaters/update-brotli.sh b/tools/dep_updaters/update-brotli.sh index 3e9d6eddeaf665..c8daf695e14a08 100755 --- a/tools/dep_updaters/update-brotli.sh +++ b/tools/dep_updaters/update-brotli.sh @@ -12,7 +12,12 @@ DEPS_DIR="$BASE_DIR/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/google/brotli/releases/latest'); +const res = await fetch('https://api.github.com/repos/google/brotli/releases/latest', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const { tag_name } = await res.json(); console.log(tag_name.replace('v', '')); diff --git a/tools/dep_updaters/update-c-ares.sh b/tools/dep_updaters/update-c-ares.sh index 4bef7d20abca19..fa7186328ba8e9 100755 --- a/tools/dep_updaters/update-c-ares.sh +++ b/tools/dep_updaters/update-c-ares.sh @@ -12,7 +12,12 @@ DEPS_DIR="$BASE_DIR/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/c-ares/c-ares/releases/latest'); +const res = await fetch('https://api.github.com/repos/c-ares/c-ares/releases/latest', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const { tag_name } = await res.json(); console.log(tag_name.replace('cares-', '').replaceAll('_', '.')); diff --git a/tools/dep_updaters/update-cjs-module-lexer.sh b/tools/dep_updaters/update-cjs-module-lexer.sh index 151a57ebb07460..94adeea05e1a16 100755 --- a/tools/dep_updaters/update-cjs-module-lexer.sh +++ b/tools/dep_updaters/update-cjs-module-lexer.sh @@ -11,7 +11,12 @@ DEPS_DIR="$BASE_DIR/deps" NPM="$DEPS_DIR/npm/bin/npm-cli.js" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/nodejs/cjs-module-lexer/tags'); +const res = await fetch('https://api.github.com/repos/nodejs/cjs-module-lexer/tags', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const tags = await res.json(); const { name } = tags.at(0) diff --git a/tools/dep_updaters/update-icu.sh b/tools/dep_updaters/update-icu.sh index 1a5a57853f477c..22f7321c2c8f7a 100755 --- a/tools/dep_updaters/update-icu.sh +++ b/tools/dep_updaters/update-icu.sh @@ -10,7 +10,12 @@ TOOLS_DIR="$BASE_DIR/tools" [ -x "$NODE" ] || NODE=$(command -v node) NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/unicode-org/icu/releases/latest'); +const res = await fetch('https://api.github.com/repos/unicode-org/icu/releases/latest', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const { tag_name } = await res.json(); console.log(tag_name.replace('release-', '').replace('-','.')); diff --git a/tools/dep_updaters/update-libuv.sh b/tools/dep_updaters/update-libuv.sh index ed4d36170451b8..8d45e770fb747b 100755 --- a/tools/dep_updaters/update-libuv.sh +++ b/tools/dep_updaters/update-libuv.sh @@ -12,7 +12,12 @@ DEPS_DIR="$BASE_DIR/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/libuv/libuv/releases/latest'); +const res = await fetch('https://api.github.com/repos/libuv/libuv/releases/latest', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const { tag_name } = await res.json(); console.log(tag_name.replace('v', '')); diff --git a/tools/dep_updaters/update-llhttp.sh b/tools/dep_updaters/update-llhttp.sh index 30fb06667ece5b..dda203609a3a50 100755 --- a/tools/dep_updaters/update-llhttp.sh +++ b/tools/dep_updaters/update-llhttp.sh @@ -13,7 +13,12 @@ DEPS_DIR="${BASE_DIR}/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/nodejs/llhttp/releases/latest'); +const res = await fetch('https://api.github.com/repos/nodejs/llhttp/releases/latest', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const { tag_name } = await res.json(); console.log(tag_name.replace('release/v', '')); diff --git a/tools/dep_updaters/update-nghttp2.sh b/tools/dep_updaters/update-nghttp2.sh index 5ee7f1f08da0a2..d712221b680dcb 100755 --- a/tools/dep_updaters/update-nghttp2.sh +++ b/tools/dep_updaters/update-nghttp2.sh @@ -12,7 +12,12 @@ DEPS_DIR="$BASE_DIR/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/nghttp2/nghttp2/releases/latest'); +const res = await fetch('https://api.github.com/repos/nghttp2/nghttp2/releases/latest', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const { tag_name } = await res.json(); console.log(tag_name.replace('v', '')); diff --git a/tools/dep_updaters/update-nghttp3.sh b/tools/dep_updaters/update-nghttp3.sh index f10165960dabae..dd82aad195cc7e 100755 --- a/tools/dep_updaters/update-nghttp3.sh +++ b/tools/dep_updaters/update-nghttp3.sh @@ -11,7 +11,12 @@ DEPS_DIR="$BASE_DIR/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/ngtcp2/nghttp3/releases'); +const res = await fetch('https://api.github.com/repos/ngtcp2/nghttp3/releases', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const releases = await res.json() const { tag_name } = releases.at(0); diff --git a/tools/dep_updaters/update-ngtcp2.sh b/tools/dep_updaters/update-ngtcp2.sh index 9e9803ee6197e6..b8d8842b73f5be 100755 --- a/tools/dep_updaters/update-ngtcp2.sh +++ b/tools/dep_updaters/update-ngtcp2.sh @@ -11,7 +11,12 @@ DEPS_DIR="$BASE_DIR/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/ngtcp2/ngtcp2/releases'); +const res = await fetch('https://api.github.com/repos/ngtcp2/ngtcp2/releases', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const releases = await res.json() const { tag_name } = releases.at(0); diff --git a/tools/dep_updaters/update-simdutf.sh b/tools/dep_updaters/update-simdutf.sh index 9eaa9f8149ef63..7076b6dd57cdd7 100755 --- a/tools/dep_updaters/update-simdutf.sh +++ b/tools/dep_updaters/update-simdutf.sh @@ -11,7 +11,12 @@ DEPS_DIR="$BASE_DIR/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/simdutf/simdutf/releases/latest'); +const res = await fetch('https://api.github.com/repos/simdutf/simdutf/releases/latest', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const { tag_name } = await res.json(); console.log(tag_name.replace('v', '')); diff --git a/tools/dep_updaters/update-uvwasi.sh b/tools/dep_updaters/update-uvwasi.sh index 8ba9dbd9e1d150..5583f3ffad41ab 100755 --- a/tools/dep_updaters/update-uvwasi.sh +++ b/tools/dep_updaters/update-uvwasi.sh @@ -12,7 +12,12 @@ DEPS_DIR="$BASE_DIR/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION="$("$NODE" --input-type=module <<'EOF' -const res = await fetch('https://api.github.com/repos/nodejs/uvwasi/releases/latest'); +const res = await fetch('https://api.github.com/repos/nodejs/uvwasi/releases/latest', + process.env.GITHUB_TOKEN && { + headers: { + "Authorization": `Bearer ${process.env.GITHUB_TOKEN}` + }, + }); if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res }); const { tag_name } = await res.json(); console.log(tag_name.replace('v', ''));