import: github: Use HTTP "Authorization" header for access tokens.

Fixes <https://bugs.gnu.org/39511>.

The "access_token" query parameter is now deprecated:

  https://developer.github.com/changes/2019-11-05-deprecated-passwords-and-authorizations-api/#authenticating-using-query-parameters

* guix/import/github.scm (fetch-releases-or-tags)[headers]: Add
"Authorization" header when (%github-token) is true.
[decorate]: Remove, and remove callers.
This commit is contained in:
Matt Wette 2020-02-22 11:48:29 +01:00 committed by Ludovic Courtès
parent eb85995738
commit 3d1e42321f
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5

View file

@ -154,18 +154,16 @@ (define headers
;; Ask for version 3 of the API as suggested at
;; <https://developer.github.com/v3/>.
`((Accept . "application/vnd.github.v3+json")
(user-agent . "GNU Guile")))
(user-agent . "GNU Guile")
,@(if (%github-token)
`((Authorization . ,(string-append "token " (%github-token))))
'())))
(define (decorate url)
(if (%github-token)
(string-append url "?access_token=" (%github-token))
url))
(match (json-fetch (decorate release-url) #:headers headers)
(match (json-fetch release-url #:headers headers)
(#()
;; We got the empty list, presumably because the user didn't use GitHub's
;; "release" mechanism, but hopefully they did use Git tags.
(json-fetch (decorate tag-url) #:headers headers))
(json-fetch tag-url #:headers headers))
(x x)))
(define (latest-released-version url package-name)