feat!: dispatch repo listing by auth type#33
Merged
packet-mover merged 1 commit intomainfrom Apr 19, 2026
Merged
Conversation
Replaces Config{Org, Token} with a sealed Auth interface:
PATAuth{Token, Name} for personal access tokens and
InstallationAuth{Token, Name} for GitHub App installation tokens.
Scan(ctx, auth, opts...) type-switches on the auth to pick the right
listing endpoint. PATAuth calls /orgs/{Name}/repos and falls back to
/users/{Name}/repos on 404, so CLI usage works for both org and user
accounts. InstallationAuth calls /installation/repositories, which is
explicitly installation-scoped and returns only the repos the app was
granted access to, fixing the bug where subset installs leaked other
public repos and personal-account installs 404'd entirely.
Breaking change: Config is removed. Callers must pass PATAuth or
InstallationAuth. cmd/scanner already updated to PATAuth.
GitHubClient interface gains ListReposByAccount and
ListReposByInstallation; ListRepos is removed.
Tests:
- TestListReposByAccount_FallsBackToUserOn404 covers the 404 -> user path
- TestListReposByAccount_500PassesThrough ensures non-404 errors do not
trigger the fallback (preventing outage masking)
- TestListReposByInstallation_{SinglePage,Pagination,APIError,RateLimit}
- TestScan_DispatchesByAuthType exercises the public Scan() dispatch
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
packet-mover
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Config{Org, Token}with a sealedAuthinterface (PATAuthorInstallationAuth)Scan()type-switches on auth and picks the right listing endpointPATAuth→/orgs/{Name}/reposwith fallback to/users/{Name}/reposon 404 (fixes 404 on personal-account CLI use)InstallationAuth→/installation/repositories(fixes "Selected repositories" subset installs leaking public repos, and personal-account installs 404'ing)Breaking change:
Configis gone. Callers passPATAuthorInstallationAuth. CLI incmd/scanneralready updated.Test plan
TestListReposByAccount_FallsBackToUserOn404— 404 triggers user fallbackTestListReposByAccount_500PassesThrough— non-404 errors are not masked by fallbackTestListReposByInstallation_{SinglePage,Pagination,APIError,RateLimit}— new installation-scoped listing pathTestScan_DispatchesByAuthType— publicScan()routes PATAuth → org endpoint and InstallationAuth → installation endpoint🤖 Generated with Claude Code