Git dependency not being upgraded

[lowecg]

neil looks to be a very useful tool for quickly updating my deps.edn. I'm currently using liquidz/antq which works well but is too slow from the CLI.

A particular use case is not working as expected where a git reference (private repo) to a stale commit is not being upgraded in my deps.edn:

:aliases   {:test {:extra-paths ["test" "test-resources"]
                    :extra-deps  {io.github.cognitect-labs/test-runner       {:git/tag "v0.5.1" :git/sha "dfb30dd"}
                                  org.slf4j/slf4j-simple                     {:mvn/version "2.0.16"}

                                  ;; the following is not upgraded
                                  io.github.my_org/my-repo {:git/sha "b3759b17f6ec2b6c0c62b7412be12de7181d259c"}}

                    :main-opts   ["-m" "cognitect.test-runner"]
                    :exec-fn     cognitect.test-runner.api/test}}

The following command run has no effect:

% time neil dep upgrade --dry-run; echo $?
neil dep upgrade --dry-run  0.10s user 0.03s system 17% cpu 0.786 total
0

The referenced repo is private, and I have set up private access token (fine grained):

set | grep NEIL
NEIL_GITHUB_TOKEN=github_pat_REDACTED
NEIL_GITHUB_USER=my_github_user

It's not clear from the README as to which type of PAT is best and the required permissions, but I'm using fine grained access with the following accesses:

I even tried the following variations of expressing the dependency with the same result:

• moving the reference from the alias into the main deps entry
• restating the dependency as my_org/my-repo {:git/url "https://github.com/my_org/my-repo.git", :sha "b3759b17f6ec2b6c0c62b7412be12de7181d259c"}

Are git resources supported in private repos?

Am I missing something in my usage?

[borkdude]

The issue is probably that when requesting the latest SHA the github token isn't passed along:

https://github.com/babashka/neil/blob/6728367eff5f03e4e3e13d1b155aef77a5297bea/src/babashka/neil/git.clj#L19-L24