You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Certain valid characters in git branch names aren't being escaped properly, leading to a failure to fetch them. A good example is #, which will obviously break API calls if passed through without escaping.
This was broken by #1006. URI::Parser handles this correctly, escaping # to %23, while Addressable::URI leaves it as #. Versions of Octokit from 4.9.0 to current git HEAD are affected.
Steps to reproduce:
Create and push up a branch named foo#bar
Using Octokit, run client.branch("myrepo", "foo#bar")
Expected results:
Octokit fetches the branch and returns metadata.
Actual results:
Octokit returns a 404.
The text was updated successfully, but these errors were encountered:
{
"message": "Branch not found",
"documentation_url": "https://developer.github.com/v3/repos/branches/#get-branch"
}
Although I can see the branch test#this under curl -H "Authorization: token $GITHUB_TOKEN" https://api.github.com/repos/octopup/api-sandbox/branches and the other branches like master work as expected.
Additionally, escaping it directly works as expected:
@hmharvey I believe that's expected. Because of how URL routing works, anything past a literal # doesn't make its way into the server to the app. # always needs to be encoded in order to be used in URLs like this.
Certain valid characters in git branch names aren't being escaped properly, leading to a failure to fetch them. A good example is
#
, which will obviously break API calls if passed through without escaping.This was broken by #1006.
URI::Parser
handles this correctly, escaping#
to%23
, whileAddressable::URI
leaves it as#
. Versions of Octokit from 4.9.0 to current git HEAD are affected.Steps to reproduce:
foo#bar
client.branch("myrepo", "foo#bar")
Expected results:
Octokit fetches the branch and returns metadata.
Actual results:
Octokit returns a 404.
The text was updated successfully, but these errors were encountered: