allow-empty-token

action.yml

@@ -12,6 +12,10 @@ inputs:
     description: The GitHub token used to create an authenticated client
     default: ${{ github.token }}
     required: false
+  allow-empty-token:
+    description: Whether to allow for the github-token to be empty. If true, and the github-token is empty, results in anonymous API calls.
+    default: false
+    required: false
   debug:
     description: Whether to tell the GitHub client to log details of its requests. true or false. Default is to run in debug mode when the GitHub Actions step debug logging is turned on.
     default: ${{ runner.debug == '1' }}

dist/index.js

@@ -5609,6 +5609,114 @@ exports.createTokenAuth = createTokenAuth;
 //# sourceMappingURL=index.js.map
 
 
+/***/ }),
+
+/***/ 9567:
+/***/ ((module) => {
+
+"use strict";
+
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// pkg/dist-src/index.js
+var dist_src_exports = {};
+__export(dist_src_exports, {
+  createUnauthenticatedAuth: () => createUnauthenticatedAuth
+});
+module.exports = __toCommonJS(dist_src_exports);
+
+// pkg/dist-src/auth.js
+async function auth(reason) {
+  return {
+    type: "unauthenticated",
+    reason
+  };
+}
+
+// pkg/dist-src/is-rate-limit-error.js
+function isRateLimitError(error) {
+  if (error.status !== 403) {
+    return false;
+  }
+  if (!error.response) {
+    return false;
+  }
+  return error.response.headers["x-ratelimit-remaining"] === "0";
+}
+
+// pkg/dist-src/is-abuse-limit-error.js
+var REGEX_ABUSE_LIMIT_MESSAGE = /\babuse\b/i;
+function isAbuseLimitError(error) {
+  if (error.status !== 403) {
+    return false;
+  }
+  return REGEX_ABUSE_LIMIT_MESSAGE.test(error.message);
+}
+
+// pkg/dist-src/hook.js
+async function hook(reason, request, route, parameters) {
+  const endpoint = request.endpoint.merge(
+    route,
+    parameters
+  );
+  return request(endpoint).catch((error) => {
+    if (error.status === 404) {
+      error.message = `Not found. May be due to lack of authentication. Reason: ${reason}`;
+      throw error;
+    }
+    if (isRateLimitError(error)) {
+      error.message = `API rate limit exceeded. This maybe caused by the lack of authentication. Reason: ${reason}`;
+      throw error;
+    }
+    if (isAbuseLimitError(error)) {
+      error.message = `You have triggered an abuse detection mechanism. This maybe caused by the lack of authentication. Reason: ${reason}`;
+      throw error;
+    }
+    if (error.status === 401) {
+      error.message = `Unauthorized. "${endpoint.method} ${endpoint.url}" failed most likely due to lack of authentication. Reason: ${reason}`;
+      throw error;
+    }
+    if (error.status >= 400 && error.status < 500) {
+      error.message = error.message.replace(
+        /\.?$/,
+        `. May be caused by lack of authentication (${reason}).`
+      );
+    }
+    throw error;
+  });
+}
+
+// pkg/dist-src/index.js
+var createUnauthenticatedAuth = function createUnauthenticatedAuth2(options) {
+  if (!options || !options.reason) {
+    throw new Error(
+      "[@octokit/auth-unauthenticated] No reason passed to createUnauthenticatedAuth"
+    );
+  }
+  return Object.assign(auth.bind(null, options.reason), {
+    hook: hook.bind(null, options.reason)
+  });
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (0);
+
+
 /***/ }),
 
 /***/ 6762:
@@ -15130,8 +15238,12 @@ var utils = __nccwpck_require__(3030);
 var glob = __nccwpck_require__(8090);
 // EXTERNAL MODULE: ./node_modules/@actions/io/lib/io.js
 var io = __nccwpck_require__(7436);
+// EXTERNAL MODULE: ./node_modules/@octokit/auth-token/dist-node/index.js
+var dist_node = __nccwpck_require__(334);
+// EXTERNAL MODULE: ./node_modules/@octokit/auth-unauthenticated/dist-node/index.js
+var auth_unauthenticated_dist_node = __nccwpck_require__(9567);
 // EXTERNAL MODULE: ./node_modules/@octokit/plugin-request-log/dist-node/index.js
-var dist_node = __nccwpck_require__(8883);
+var plugin_request_log_dist_node = __nccwpck_require__(8883);
 // EXTERNAL MODULE: ./node_modules/@octokit/plugin-retry/dist-node/index.js
 var plugin_retry_dist_node = __nccwpck_require__(6298);
 // EXTERNAL MODULE: ./node_modules/node-fetch/lib/index.js
@@ -15213,10 +15325,15 @@ const wrapRequire = new Proxy(require, {
 
 
 
+
+
 process.on('unhandledRejection', handleError);
 main().catch(handleError);
 async function main() {
-    const token = core.getInput('github-token', { required: true });
+    const allowEmptyToken = core.getBooleanInput('allow-empty-token', {
+        required: true
+    });
+    const token = core.getInput('github-token', { required: !allowEmptyToken });
     const debug = core.getBooleanInput('debug');
     const userAgent = core.getInput('user-agent');
     const previews = core.getInput('previews');
@@ -15228,9 +15345,16 @@ async function main() {
         userAgent: userAgent || undefined,
         previews: previews ? previews.split(',') : undefined,
         retry: retryOpts,
-        request: requestOpts
+        request: requestOpts,
+        authStrategy: allowEmptyToken && !token ? auth_unauthenticated_dist_node.createUnauthenticatedAuth : dist_node.createTokenAuth,
+        auth: allowEmptyToken && !token
+            ? {
+                reason: 'No github-token was provided to actions/github-scripts, and allow-empty-token is true.'
+            }
+            : token
     };
-    const github = (0,lib_github.getOctokit)(token, opts, plugin_retry_dist_node/* retry */.XD, dist_node/* requestLog */.g);
+    const GitHubWithPlugins = utils.GitHub.plugin(plugin_retry_dist_node/* retry */.XD, plugin_request_log_dist_node/* requestLog */.g);
+    const github = new GitHubWithPlugins(opts);
     const script = core.getInput('script', { required: true });
     // Using property/value shorthand on `require` (e.g. `{require}`) causes compilation errors.
     const result = await callAsyncFunction({

package-lock.json

@@ -14,6 +14,7 @@
         "@actions/github": "^5.0.0",
         "@actions/glob": "^0.3.0",
         "@actions/io": "^1.1.1",
+        "@octokit/auth-unauthenticated": "^3.0.5",
         "@octokit/core": "^3.5.1",
         "@octokit/plugin-request-log": "^1.0.4",
         "@octokit/plugin-retry": "^3.0.9",
@@ -1074,6 +1075,44 @@
         "@octokit/types": "^6.0.3"
       }
     },
+    "node_modules/@octokit/auth-unauthenticated": {
+      "version": "3.0.5",
+      "resolved": "https://registry.npmjs.org/@octokit/auth-unauthenticated/-/auth-unauthenticated-3.0.5.tgz",
+      "integrity": "sha512-yH2GPFcjrTvDWPwJWWCh0tPPtTL5SMgivgKPA+6v/XmYN6hGQkAto8JtZibSKOpf8ipmeYhLNWQ2UgW0GYILCw==",
+      "dependencies": {
+        "@octokit/request-error": "^3.0.0",
+        "@octokit/types": "^9.0.0"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
+    "node_modules/@octokit/auth-unauthenticated/node_modules/@octokit/openapi-types": {
+      "version": "17.2.0",
+      "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-17.2.0.tgz",
+      "integrity": "sha512-MazrFNx4plbLsGl+LFesMo96eIXkFgEtaKbnNpdh4aQ0VM10aoylFsTYP1AEjkeoRNZiiPe3T6Gl2Hr8dJWdlQ=="
+    },
+    "node_modules/@octokit/auth-unauthenticated/node_modules/@octokit/request-error": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-3.0.3.tgz",
+      "integrity": "sha512-crqw3V5Iy2uOU5Np+8M/YexTlT8zxCfI+qu+LxUB7SZpje4Qmx3mub5DfEKSO8Ylyk0aogi6TYdf6kxzh2BguQ==",
+      "dependencies": {
+        "@octokit/types": "^9.0.0",
+        "deprecation": "^2.0.0",
+        "once": "^1.4.0"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
+    "node_modules/@octokit/auth-unauthenticated/node_modules/@octokit/types": {
+      "version": "9.2.3",
+      "resolved": "https://registry.npmjs.org/@octokit/types/-/types-9.2.3.tgz",
+      "integrity": "sha512-MMeLdHyFIALioycq+LFcA71v0S2xpQUX2cw6pPbHQjaibcHYwLnmK/kMZaWuGfGfjBJZ3wRUq+dOaWsvrPJVvA==",
+      "dependencies": {
+        "@octokit/openapi-types": "^17.2.0"
+      }
+    },
     "node_modules/@octokit/core": {
       "version": "3.6.0",
       "resolved": "https://registry.npmjs.org/@octokit/core/-/core-3.6.0.tgz",
@@ -7024,6 +7063,40 @@
         "@octokit/types": "^6.0.3"
       }
     },
+    "@octokit/auth-unauthenticated": {
+      "version": "3.0.5",
+      "resolved": "https://registry.npmjs.org/@octokit/auth-unauthenticated/-/auth-unauthenticated-3.0.5.tgz",
+      "integrity": "sha512-yH2GPFcjrTvDWPwJWWCh0tPPtTL5SMgivgKPA+6v/XmYN6hGQkAto8JtZibSKOpf8ipmeYhLNWQ2UgW0GYILCw==",
+      "requires": {
+        "@octokit/request-error": "^3.0.0",
+        "@octokit/types": "^9.0.0"
+      },
+      "dependencies": {
+        "@octokit/openapi-types": {
+          "version": "17.2.0",
+          "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-17.2.0.tgz",
+          "integrity": "sha512-MazrFNx4plbLsGl+LFesMo96eIXkFgEtaKbnNpdh4aQ0VM10aoylFsTYP1AEjkeoRNZiiPe3T6Gl2Hr8dJWdlQ=="
+        },
+        "@octokit/request-error": {
+          "version": "3.0.3",
+          "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-3.0.3.tgz",
+          "integrity": "sha512-crqw3V5Iy2uOU5Np+8M/YexTlT8zxCfI+qu+LxUB7SZpje4Qmx3mub5DfEKSO8Ylyk0aogi6TYdf6kxzh2BguQ==",
+          "requires": {
+            "@octokit/types": "^9.0.0",
+            "deprecation": "^2.0.0",
+            "once": "^1.4.0"
+          }
+        },
+        "@octokit/types": {
+          "version": "9.2.3",
+          "resolved": "https://registry.npmjs.org/@octokit/types/-/types-9.2.3.tgz",
+          "integrity": "sha512-MMeLdHyFIALioycq+LFcA71v0S2xpQUX2cw6pPbHQjaibcHYwLnmK/kMZaWuGfGfjBJZ3wRUq+dOaWsvrPJVvA==",
+          "requires": {
+            "@octokit/openapi-types": "^17.2.0"
+          }
+        }
+      }
+    },
     "@octokit/core": {
       "version": "3.6.0",
       "resolved": "https://registry.npmjs.org/@octokit/core/-/core-3.6.0.tgz",

package.json

@@ -36,6 +36,7 @@
     "@actions/github": "^5.0.0",
     "@actions/glob": "^0.3.0",
     "@actions/io": "^1.1.1",
+    "@octokit/auth-unauthenticated": "^3.0.5",
     "@octokit/core": "^3.5.1",
     "@octokit/plugin-request-log": "^1.0.4",
     "@octokit/plugin-retry": "^3.0.9",

src/main.ts

@@ -1,30 +1,30 @@
 import * as core from '@actions/core'
 import * as exec from '@actions/exec'
-import {context, getOctokit} from '@actions/github'
+import {context} from '@actions/github'
-import {defaults as defaultGitHubOptions} from '@actions/github/lib/utils'
+import {
+  defaults as defaultGitHubOptions,
+  GitHub
+} from '@actions/github/lib/utils'
 import * as glob from '@actions/glob'
 import * as io from '@actions/io'
+import {createTokenAuth} from '@octokit/auth-token'
+import {createUnauthenticatedAuth} from '@octokit/auth-unauthenticated'
+import {OctokitOptions} from '@octokit/core/dist-types/types'
 import {requestLog} from '@octokit/plugin-request-log'
 import {retry} from '@octokit/plugin-retry'
-import {RequestRequestOptions} from '@octokit/types'
 import fetch from 'node-fetch'
 import {callAsyncFunction} from './async-function'
-import {RetryOptions, getRetryOptions, parseNumberArray} from './retry-options'
+import {getRetryOptions, parseNumberArray} from './retry-options'
 import {wrapRequire} from './wrap-require'
 
 process.on('unhandledRejection', handleError)
 main().catch(handleError)
 
-type Options = {
-  log?: Console
-  userAgent?: string
-  previews?: string[]
-  retry?: RetryOptions
-  request?: RequestRequestOptions
-}
-
 async function main(): Promise<void> {
-  const token = core.getInput('github-token', {required: true})
+  const allowEmptyToken = core.getBooleanInput('allow-empty-token', {
+    required: true
+  })
+  const token = core.getInput('github-token', {required: !allowEmptyToken})
   const debug = core.getBooleanInput('debug')
   const userAgent = core.getInput('user-agent')
   const previews = core.getInput('previews')
@@ -38,15 +38,25 @@ async function main(): Promise<void> {
     defaultGitHubOptions
   )
 
-  const opts: Options = {
+  const opts: OctokitOptions = {
     log: debug ? console : undefined,
     userAgent: userAgent || undefined,
     previews: previews ? previews.split(',') : undefined,
     retry: retryOpts,
-    request: requestOpts
+    request: requestOpts,
+    authStrategy:
+      allowEmptyToken && !token ? createUnauthenticatedAuth : createTokenAuth,
+    auth:
+      allowEmptyToken && !token
+        ? {
+            reason:
+              'No github-token was provided to actions/github-scripts, and allow-empty-token is true.'
+          }
+        : token
   }
 
-  const github = getOctokit(token, opts, retry, requestLog)
+  const GitHubWithPlugins = GitHub.plugin(retry, requestLog)
+  const github = new GitHubWithPlugins(opts)
   const script = core.getInput('script', {required: true})
 
   // Using property/value shorthand on `require` (e.g. `{require}`) causes compilation errors.