github OAuth authentication need ?

[Sandro Tosi]

On Mon, Nov 23, 2015 at 3:26 PM, Olivier Berger
<olivier.berger at telecom-sudparis.eu> wrote:
> Hi Sandro (et al),
>
> There currently is an issue with the GitHub token, I think :
> almost all of :
>  $ grep github.com log/log_2015-11-19
> reports 401 Unauthorized errors :-(
>
> This is probably linked to testing the tool for our students project, or
> my local attempts, and consequences.

yeah there was I reason I asked to change it..

> I'm not sure I understand the need for authenticating to github, though,
> as we're doing only read-only queries and some kind of throttling.
>
> Can you share a bit more details ?

if you're not authenticated, then you get rate-limited; there some
link out there that describes it in details, dont remember the exact
url tho

> I'd like to make the token configurable in the yaml file (and possibly
> document its generation) but I'm in doubt about its actuall need.

it's not different than all the other auth methods we use in the other btses

> In any case something should be done to either regenerate a token or
> make rid of it in the running instance of the code on sonntag :-/

nope the token must be there, and cannot be regenerated easily (you
have to do the github webpage and blabla)

> Thanks in advance, and sorry for the mess we might have caused.

please have your students change that token, and please change it also
in the code you run yourself. that would also apply to the other btses
requiring authentication. only the bts on debian machines should use
those login/pwd (yeah ok they are stored publicly, that doesnt mean
the real bts needs to suffer from other tests if the user we use got
banned/limited/suspended/etc)

Thanks,
-- 
Sandro Tosi (aka morph, morpheus, matrixhasu)
My website: http://matrixhasu.altervista.org/
Me at Debian: http://wiki.debian.org/SandroTosi