fix: support GitHub App tokens for stale PR author matching#193
Merged
Conversation
users.getAuthenticated() fails for GitHub App installation tokens.
Fall back to apps.getAuthenticated() to get the bot login
({app-slug}[bot]) for PR author matching.
Bump to v2.9.1.
Contributor
There was a problem hiding this comment.
Pull request overview
This PR fixes stale PR author matching when the action is authenticated with a GitHub App installation token by falling back from users.getAuthenticated() to apps.getAuthenticated() and mapping the returned app slug to the bot login ({slug}[bot]).
Changes:
- Add an
apps.getAuthenticated()fallback to determineauthenticatedLoginwhenusers.getAuthenticated()fails. - Extend the Jest Octokit mock to include
rest.apps.getAuthenticated. - Bump package version to
v2.9.1(and refresh lockfile / coverage badge).
Show a summary per file
| File | Description |
|---|---|
src/index.js |
Adds GitHub App auth fallback to populate authenticatedLogin for stale PR author matching. |
__tests__/index.test.js |
Updates the Octokit REST mock to include apps.getAuthenticated. |
package.json |
Bumps version to 2.9.1. |
package-lock.json |
Syncs lockfile version fields to 2.9.1. |
badges/coverage.svg |
Updates the generated coverage badge value. |
Copilot's findings
- Files reviewed: 3/5 changed files
- Comments generated: 2
- Include users.getAuthenticated error in debug when both auth
methods fail for easier diagnosis
- Add test verifying {app-slug}[bot] login format works for
stale PR author matching
📦 Draft Release CreatedA draft release v2.9.1 has been created for this PR. Next Steps
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The stale PR auto-close feature (PR #192) uses
users.getAuthenticated()to determine who created the PR. This endpoint fails for GitHub App installation tokens, causingauthenticatedLoginto be empty and the stale PR check to be skipped entirely.Discovered via this workflow run — debug log showed:
Fix
Try
users.getAuthenticated()first (works for PATs), then fall back toapps.getAuthenticated()(works for GitHub App tokens). The app endpoint returns the app slug, which maps to the bot login{app-slug}[bot].Changes
src/index.js: Addapps.getAuthenticated()fallback inrun()__tests__/index.test.js: Addapps.getAuthenticatedmock tomockOctokitTesting
399 tests pass.