diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 764c64d..0c70da0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -42,6 +42,8 @@ jobs: ${{ runner.os }}- - uses: julia-actions/julia-buildpkg@v1 - uses: julia-actions/julia-runtest@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - uses: julia-actions/julia-processcoverage@v1 - uses: codecov/codecov-action@v1 with: diff --git a/test/read_only_api_tests.jl b/test/read_only_api_tests.jl index 033e08b..a8b20a9 100644 --- a/test/read_only_api_tests.jl +++ b/test/read_only_api_tests.jl @@ -14,17 +14,15 @@ testuser_sshkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVDBxFza4BmQTCTFeTyK"* hasghobj(obj, items) = any(x -> name(x) == name(obj), items) -# This token has public, read-only access, and is required so that our -# tests don't get rate-limited. The only way a malicious party could do harm -# with this token is if they used it to abuse the rate limit associated with -# the token (not too big of a deal). The token is hard-coded in an obsfucated -# manner in an attempt to thwart token-stealing crawlers. -auth = authenticate(string(circshift(["bcc", "3fc", "03a", "33e", - "c09", "363", "5f1", "bd3", - "fc6", "77b", '5', "9cf", - "868", "033"], 3)...)) - -@test rate_limit(; auth = auth)["rate"]["limit"] == 5000 +auth = if haskey(ENV, "GITHUB_TOKEN") + @info "Using GitHub token from ENV" + authenticate(ENV["GITHUB_TOKEN"]) +else + @warn "Using anonymous GitHub access. If you get rate-limited, please set the GITHUB_TOKEN env var to an appropriate value." + GitHub.AnonymousAuth() +end + +@test rate_limit(; auth = auth)["rate"]["limit"] > 0 @testset "Owners" begin # test GitHub.owner