Skip to content

fix: authenticate latest release lookup#430

Merged
jgoux merged 1 commit into
mainfrom
codex/authenticate-latest-release-lookup
May 20, 2026
Merged

fix: authenticate latest release lookup#430
jgoux merged 1 commit into
mainfrom
codex/authenticate-latest-release-lookup

Conversation

@jgoux
Copy link
Copy Markdown
Contributor

@jgoux jgoux commented May 20, 2026
edited
Loading

Summary

  • Add an optional github-token input to authenticate the GitHub release lookup used by version: latest.
  • Pass the token through the composite action as SUPABASE_CLI_GITHUB_TOKEN and use it as a bearer token for the /repos/supabase/cli/releases/latest request.
  • Update this repository's CI smoke test and README examples to pass ${{ github.token }} when testing or using latest.

Root Cause

CI failed in test (macos-latest, latest) because the action resolved latest through an unauthenticated GitHub REST API request and hit the low unauthenticated rate limit. The dependency bump in #429 was not the cause; the validate job passed and the failure happened inside the release lookup path.

Impact

Pinned versions continue to work without a token. For version: latest, callers can now pass ${{ github.token }} to avoid unauthenticated API rate limiting while keeping the input optional for backward compatibility.

Validation

  • bun run ci

@jgoux jgoux requested a review from a team as a code owner May 20, 2026 10:24
@jgoux jgoux merged commit 3095b00 into main May 20, 2026
23 checks passed
@jgoux jgoux deleted the codex/authenticate-latest-release-lookup branch May 20, 2026 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Coly010 Coly010 Coly010 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jgoux @Coly010