Usage of Github API with access_token query parameter is deprecated
#1011
Comments
|
Probably not, Shipit uses octokit to query the API, and they only merged the appropriate change 14 hours ago: octokit/octokit.rb#1192 As far as I can tell it's still unreleased so we'll have to wait to get the fix. BTW what is the deprecation timeline? |
|
Actually, @DazWorrall tells me it might come from omniauth-github, but it doesn't seem to be maintained anymore. We might have to fix it ourselves. |
|
Ok, so quick update. The omniauth-github gem was taken over by the omniauth org, so it should actually be maintained. @DazWorrall did open a PR with the fix: omniauth/omniauth-github#84 So I think the best short term action is to use that branch in your Gemfile, and as soon as the PR is merged and released, you should be able to simply update |
|
@casperisfine thanks a ton for all the help, we'll use the branch and update omniauth-github when its fixed. There's no deprecation timeline announced yet: https://developer.github.com/changes/2019-11-05-deprecated-passwords-and-authorizations-api/#deprecation-timeline But their email said this which made some of the people in our org concerned:
|
|
The timeline was posted yesterday: https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/ |
|
A fixed version of omniauth-github was released today: https://rubygems.org/gems/omniauth-github/versions/1.4.0 Unfortunately shipit-engine has a I'll relax that dependency and do a new Shipit release. |
|
I released 0.31.0 this morning with the updated dependency on |
hey guys, we are running shipit-engine
0.27.1, and got an email from github yesterday saying that our shipit app is using access token (with the User-Agent Faraday v0.12.2) as part of a query parameter to access an API endpoint, and that this is deprecatedIs this fixed in the latest published version (0.29.0)?
The text was updated successfully, but these errors were encountered: