Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Improve logging around authorization headers
Henry Mercer committed Jan 6, 2023
1 parent 5eba74a commit b2b4782
Showing 3 changed files with 12 additions and 11 deletions.
10 changes: 6 additions & 4 deletions lib/codeql.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/codeql.js.map
View file

Large diffs are not rendered by default.

11 changes: 5 additions & 6 deletions src/codeql.ts
View file
@@ -514,14 +514,13 @@ async function downloadCodeQL(
// from the same GitHub instance the Action is running on.
// This avoids leaking Enterprise tokens to dotcom.
// We also don't want to send an authorization header if there's already a token provided in the URL.
if (
codeqlURL.startsWith(`${apiDetails.url}/`) &&
!searchParams.has("token")
) {
logger.debug("Downloading CodeQL bundle with token.");
if (searchParams.has("token")) {
logger.debug("CodeQL tools URL contains an authorization token.");
} else if (codeqlURL.startsWith(`${apiDetails.url}/`)) {
logger.debug("Providing an authorization token to download CodeQL tools.");
headers.authorization = `token ${apiDetails.auth}`;
} else {
logger.debug("Downloading CodeQL bundle without token.");
logger.debug("Downloading CodeQL tools without an authorization token.");
}
logger.info(
`Downloading CodeQL tools from ${codeqlURL}. This may take a while.`

0 comments on commit b2b4782

Please sign in to comment.