diff --git a/doc/release-process.md b/doc/release-process.md index 90506e8ef..b12cbd5d6 100644 --- a/doc/release-process.md +++ b/doc/release-process.md @@ -28,10 +28,10 @@ Check that dependencies are up-to-date or have been postponed: $ ./qa/zcash/updatecheck.py ``` -If you are missing the `.updatecheck-token` file required to run this script, -please ask Taylor or another Zcash developer for a copy, or create an -unprivileged personal access token for a github account and save it to the -file in the format `username:hex-token`. +You can optionally create a file `~/.local/share/zcash/updatecheck/token` (or +`$XDG_DATA_HOME/zcash/updatecheck/token` if the `XDG_DATA_HOME` environment +variable is set) to avoid running into GitHub rate limiting. Create an +unprivileged personal access token on GitHub and copy the value into the file. If there are updates that have not been postponed, review their changelogs for urgent security fixes, and if there aren't any, postpone the update by @@ -59,9 +59,8 @@ The release script has the following dependencies: - `help2man` - `debchange` (part of the devscripts Debian package) - -You can optionally install the `progressbar2` Python module with pip to have a -progress bar displayed during the build process. +- the python modules `progressbar2` (optional - displays a progress bar), + `requests` and `xdg` ## Versioning diff --git a/qa/zcash/updatecheck.py b/qa/zcash/updatecheck.py index 9a4b8342d..801eb6e4f 100755 --- a/qa/zcash/updatecheck.py +++ b/qa/zcash/updatecheck.py @@ -3,8 +3,7 @@ # This script checks for updates to zcashd's dependencies. # # The SOURCE_ROOT constant specifies the location of the zcashd codebase to -# check, and the GITHUB_API_* constants specify a personal access token for the -# GitHub API, which need not have any special privileges. +# check. # # All dependencies must be specified inside the get_dependency_list() function # below. A dependency is specified by: @@ -36,6 +35,7 @@ import requests import os import re import sys +import xdg import datetime SOURCE_ROOT = os.path.join(os.path.dirname(os.path.realpath(__file__)), "..", "..") @@ -112,24 +112,22 @@ def get_dependency_list(): return dependencies -class GitHubToken: - def __init__(self): - token_path = os.path.join(SOURCE_ROOT, ".updatecheck-token") - try: - with open(token_path, encoding='utf8') as f: - token = f.read().strip() - self._user = token.split(":")[0] - self._password = token.split(":")[1] - except: - print("Please make sure a GitHub API token is in .updatecheck-token in the root of this repository.") - print("The format is username:hex-token.") - sys.exit(1) +def parse_token(): + token_path = os.path.realpath(os.path.join(SOURCE_ROOT, ".updatecheck-token")) + if not os.path.exists(token_path): + token_path = os.path.join(xdg.xdg_data_home(), "zcash/updatecheck/token") + try: + with open(token_path, encoding='utf8') as f: + token = f.read().strip() + return token.split(":")[-1] + except: + print("You are missing a GitHub API token. This script will probably still work, but") + print("you are more likely to hit an API rate limit. Create a file named") + print(token_path) + print("containing the token to silence this warning.") + return () - def user(self): - return self.user - - def password(self): - return self.password +token = parse_token() class Version(list): def __init__(self, version_tuple): @@ -180,7 +178,6 @@ class GithubTagReleaseLister: self.repo = repo self.regex = regex self.testcases = testcases - self.token = GitHubToken() for tag, expected in testcases.items(): match = re.match(self.regex, tag) @@ -206,7 +203,10 @@ class GithubTagReleaseLister: def all_tag_names(self): url = "https://api.github.com/repos/" + safe(self.org) + "/" + safe(self.repo) + "/git/refs/tags" - r = requests.get(url, auth=requests.auth.HTTPBasicAuth(self.token.user(), self.token.password())) + auth = {} + if token: + auth = { 'Authorization': 'Bearer ' + token } + r = requests.get(url, headers=auth) if r.status_code != 200: print("API request failed (error %d)" % (r.status_code,), file=sys.stderr) print(r.text, file=sys.stderr)