From 6154ecff6adb2790a25a285878b6a13c9674ae5a Mon Sep 17 00:00:00 2001 From: loks0n <22452787+loks0n@users.noreply.github.com> Date: Wed, 8 Jul 2026 19:13:54 +0100 Subject: [PATCH] fix: omit Authorization header in listTags when no access token Sending an empty Bearer token made GitHub reject matching-refs on public repos with 401. Drop the header entirely when no token is set so unauthenticated requests succeed, and default $accessToken to '' so empty() is safe on an uninitialized adapter. Co-Authored-By: Claude Opus 4.8 (1M context) --- src/VCS/Adapter/Git/GitHub.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/VCS/Adapter/Git/GitHub.php b/src/VCS/Adapter/Git/GitHub.php index 5b3f42a5..9c54df63 100644 --- a/src/VCS/Adapter/Git/GitHub.php +++ b/src/VCS/Adapter/Git/GitHub.php @@ -32,7 +32,7 @@ class GitHub extends Git protected string $endpoint = 'https://api.github.com'; - protected string $accessToken; + protected string $accessToken = ''; protected string $jwtToken; @@ -809,7 +809,8 @@ public function listBranches(string $owner, string $repositoryName, int $perPage public function listTags(string $owner, string $repositoryName, string $search = ''): array { $url = "/repos/$owner/$repositoryName/git/matching-refs/tags/"; - $response = $this->call(self::METHOD_GET, $url, ['Authorization' => "Bearer $this->accessToken"]); + $headers = empty($this->accessToken) ? [] : ['Authorization' => "Bearer $this->accessToken"]; + $response = $this->call(self::METHOD_GET, $url, $headers); $statusCode = $response['headers']['status-code'] ?? 0; $responseBody = $response['body'] ?? [];