search

babashka / neil

A CLI to add common aliases and features to deps.edn-based projects
MIT License
377 stars 27 forks source link

Git dependency not being upgraded #240

Closed lowecg closed 1 month ago

lowecg commented 2 months ago

neil looks to be a very useful tool for quickly updating my deps.edn. I'm currently using liquidz/antq which works well but is too slow from the CLI.

A particular use case is not working as expected where a git reference (private repo) to a stale commit is not being upgraded in my deps.edn:

:aliases   {:test {:extra-paths ["test" "test-resources"]
                    :extra-deps  {io.github.cognitect-labs/test-runner       {:git/tag "v0.5.1" :git/sha "dfb30dd"}
                                  org.slf4j/slf4j-simple                     {:mvn/version "2.0.16"}

                                  ;; the following is not upgraded
                                  io.github.my_org/my-repo {:git/sha "b3759b17f6ec2b6c0c62b7412be12de7181d259c"}}

                    :main-opts   ["-m" "cognitect.test-runner"]
                    :exec-fn     cognitect.test-runner.api/test}}

The following command run has no effect:

% time neil dep upgrade --dry-run; echo $?
neil dep upgrade --dry-run  0.10s user 0.03s system 17% cpu 0.786 total
0

The referenced repo is private, and I have set up private access token (fine grained):

set | grep NEIL
NEIL_GITHUB_TOKEN=github_pat_REDACTED
NEIL_GITHUB_USER=my_github_user

It's not clear from the README as to which type of PAT is best and the required permissions, but I'm using fine grained access with the following accesses:

image

I even tried the following variations of expressing the dependency with the same result:

Are git resources supported in private repos?

Am I missing something in my usage?

borkdude commented 2 months ago

The issue is probably that when requesting the latest SHA the github token isn't passed along:

https://github.com/babashka/neil/blob/6728367eff5f03e4e3e13d1b155aef77a5297bea/src/babashka/neil/git.clj#L19-L24

lowecg commented 1 month ago

This was an issue with the token.

My mistake was to specify the token in terms of the GitHub user; However, the repos are for an organisation (to which my user is the owner, but that appears to be irrelevant).

The token has to specify the organisation not the user