Currently the Makefile uses authenticated GitHub accesses to download a JSON containing all releases (since we're authenticated), including draft ones.
The script that then assembles the downloads page tries to also download the checksums for those draft releases, which fails with a 404 if you are not authenticated (and we probably don't want to show these anyway).
Interestingly the build works on Netlify anyway. Probably the GitHub API token used there doesn't actually have the rights to see draft releases on the Prometheus org. But it still produces build errors for people building the site locally with their own GitHub access token.
Currently the Makefile uses authenticated GitHub accesses to download a JSON containing all releases (since we're authenticated), including draft ones.
The script that then assembles the downloads page tries to also download the checksums for those draft releases, which fails with a 404 if you are not authenticated (and we probably don't want to show these anyway).
Interestingly the build works on Netlify anyway. Probably the GitHub API token used there doesn't actually have the rights to see draft releases on the Prometheus org. But it still produces build errors for people building the site locally with their own GitHub access token.