magi-cli
Advanced tools
Comparing version 0.13.0 to 0.14.0
@@ -0,1 +1,8 @@ | ||
# [0.14.0](https://github.com/vaadin/magi-cli/compare/v0.13.0...v0.14.0) (2018-09-05) | ||
### Features | ||
* **github-api:** support env.GH_TOKEN, remove username ([#64](https://github.com/vaadin/magi-cli/issues/64)) ([e5b9136](https://github.com/vaadin/magi-cli/commit/e5b9136)) | ||
# [0.13.0](https://github.com/vaadin/magi-cli/compare/v0.12.0...v0.13.0) (2018-09-04) | ||
@@ -2,0 +9,0 @@ |
@@ -7,18 +7,9 @@ 'use strict'; | ||
async function getGitHubApi(auth) { | ||
let {username, token} = config.has('github.com') ? config.get('github.com') : {}; | ||
if (auth || !username || !token) { | ||
console.log('Please provide your GitHub.com authentication credentials') | ||
const usernameAnswer = await ask(`Username${username ? ` (${username})` : ''}: `); | ||
if (usernameAnswer) username = usernameAnswer; | ||
if (!username) { | ||
throw 'Empty username'; | ||
} else { | ||
config.set('github.com.username', username); | ||
} | ||
console.log('Generate OAuth personal access token here: https://github.com/settings/tokens/new?scopes=repo') | ||
let token = process.env.GH_TOKEN || config.get('github.com.token'); | ||
if (auth || !token) { | ||
console.log('Please provide your GitHub personal access token, https://github.com/settings/tokens/new?scopes=repo') | ||
const tokenAnswer = await ask(`Token${token ? ' (press enter to use saved)' : ''}: `); | ||
if (tokenAnswer) token = tokenAnswer; | ||
if (!token) { | ||
throw 'Empty token'; | ||
throw 'Empty GitHub token'; | ||
} else { | ||
@@ -29,5 +20,5 @@ config.set('github.com.token', token); | ||
return new GitHub({username, token}); | ||
return new GitHub({token}); | ||
} | ||
module.exports.getGitHubApi = getGitHubApi; |
{ | ||
"name": "magi-cli", | ||
"version": "0.13.0", | ||
"version": "0.14.0", | ||
"description": "Elements team command-line team member", | ||
@@ -5,0 +5,0 @@ "main": "./bin/magi", |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
42790
210
3