giteadmin/gh-celebs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: giteadmin:23775e3c676340d996fbe9ab42390bc1dea5237f
Branches Tags
giteadmin:main
..
compare: giteadmin:8b92867dd29523b10be1cd8bfe9ab102292107b7
Branches Tags
giteadmin:main

1 Commits
23775e3c67 ... 8b92867dd2

Author SHA1 Message Date
Jonathan Agmon
8b92867dd2 security: add config files to .gitignore to prevent token leaks 2026-03-23 17:45:31 +02:00
3 changed files with 3 additions and 29 deletions
Expand all files Collapse all files

8
.gitignore vendored
View File

@@ -1,8 +1,6 @@
/target /target
IMPLEMENTATION_PLAN.md IMPLEMENTATION_PLAN.md
# Config files that may contain GitHub tokens # Config files (may contain GitHub tokens)
# Note: User config files are stored in platform-specific directories outside the repo *.toml
# (e.g., ~/.config/gh-celebs/config.toml on Linux) config.toml
# This prevents accidental commits if someone creates config.toml in the project root
/config.toml

16
src/github.rs
View File

@@ -11,22 +11,6 @@ pub struct GitHubClient {
impl GitHubClient { impl GitHubClient {
pub fn new(token: Option<String>) -> Result<Self> { pub fn new(token: Option<String>) -> Result<Self> {
// Validate token format if provided
if let Some(ref t) = token {
if !t.is_empty() {
// GitHub classic tokens start with 'ghp_'
// Fine-grained tokens start with 'github_pat_'
// OAuth tokens don't have a specific prefix
let is_valid_format = t.starts_with("ghp_") ||
t.starts_with("github_pat_") ||
t.len() >= 20; // Generic check for reasonable token length
if !is_valid_format {
anyhow::bail!("Invalid GitHub token format. Token should start with 'ghp_' (classic) or 'github_pat_' (fine-grained)");
}
}
}
let mut headers = HeaderMap::new(); let mut headers = HeaderMap::new();
headers.insert(USER_AGENT, HeaderValue::from_static("gh-celebs")); headers.insert(USER_AGENT, HeaderValue::from_static("gh-celebs"));
headers.insert(ACCEPT, HeaderValue::from_static("application/vnd.github.v3+json")); headers.insert(ACCEPT, HeaderValue::from_static("application/vnd.github.v3+json"));

8
src/search.rs
View File

@@ -3,8 +3,6 @@ use crate::github::GitHubClient;
use crate::models::{RateLimitInfo, Repo, SearchResponse, SearchResult}; use crate::models::{RateLimitInfo, Repo, SearchResponse, SearchResult};
use anyhow::Result; use anyhow::Result;
use std::collections::HashMap; use std::collections::HashMap;
use std::time::Duration;
use tokio::time::sleep;
pub struct SearchEngine { pub struct SearchEngine {
db: Database, db: Database,
@@ -107,12 +105,6 @@ impl SearchEngine {
if last_rate_limit.remaining < 3 { if last_rate_limit.remaining < 3 {
println!("\nWarning: Rate limit running low ({} remaining)", last_rate_limit.remaining); println!("\nWarning: Rate limit running low ({} remaining)", last_rate_limit.remaining);
} }
// Client-side rate limiting: wait 3 seconds between requests
// This respects both anonymous (10/min = 6s) and authenticated (30/min = 2s) limits
if idx < total - 1 {
sleep(Duration::from_secs(3)).await;
}
} }
println!("\n✓ Updated {} repositories", total); println!("\n✓ Updated {} repositories", total);