Skip to content

Releases: jferrl/go-githubauth

v1.4.0

30 Aug 10:51
@jferrl jferrl
v1.4.0
732f060
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.4.0 Latest
Latest

What's Added

@jferrl in #21

  • Personal Access Token Support: New NewPersonalAccessTokenSource function for classic and fine-grained personal access tokens
  • Advanced Token Caching: Implemented dual-layer token caching system using oauth2.ReuseTokenSource
    • JWT tokens cached until expiration (up to 10 minutes)
    • Installation tokens cached until expiration (up to 1 hour)
  • High-Performance HTTP Client: Custom cleanHTTPClient implementation with connection pooling
    • Based on HashiCorp's go-cleanhttp patterns for production reliability
    • HTTP/2 support with persistent connections
    • No shared global state to prevent race conditions

What's Changed

  • Significant Performance Improvements: Up to 99% reduction in unnecessary token generation and GitHub API calls
  • Enhanced Documentation: Added comprehensive examples for personal access token usage
  • Optimized Memory Usage: Reduced object allocation through intelligent token reuse

Performance

  • GitHub App JWTs: Cached and reused until expiration instead of regenerating on every API call
  • Installation Tokens: Cached until expiration, dramatically reducing GitHub API rate limit consumption
  • Connection Pooling: HTTP connections reused across requests for faster GitHub API interactions
  • Production Ready: Optimized for high-throughput applications and CI/CD systems

Full Changelog: v1.3.0...v1.4.0

Contributors

jferrl
Assets 2
Loading

v1.3.0

17 Aug 11:53
@jferrl jferrl
v1.3.0
8b09c84
Compare
Choose a tag to compare
v1.3.0

What's Changed

  • fix: use go version from go.mod in actions build by @grinish21 in #12
  • feat: add dependabot to keep go version up to date #10 by @grinish21 in #13
  • chore(deps): bump styfle/cancel-workflow-action from 0.10.0 to 0.12.1 by @dependabot[bot] in #15
  • chore(deps): bump Go version and update dependencies by @jferrl in #16
  • chore(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in #18
  • chore(deps): bump codecov/codecov-action from 4 to 5 by @dependabot[bot] in #19
  • feat!: add Go generics support for unified App ID/Client ID authentication by @jferrl in #20

New Contributors

Full Changelog: v1.2.1...v1.3.0

Contributors

jferrl, grinish21, and dependabot
Loading

v1.2.1

08 Aug 06:58
@jferrl jferrl
v1.2.1
2e80df8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.1

What's Changed

  • fix(deps): move jwt to v5.3.0 which fixes vuln GO-2025-3553 by @grinish21 in #9

Full Changelog: v1.2.0...v1.2.1

Contributors

grinish21
Loading

v1.2.0

18 Mar 08:50
@jferrl jferrl
v1.2.0
b616ce7
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.0

What's Changed

New Contributors

Full Changelog: v1.1.1...v1.2.0

Contributors

candiepih
Loading

v1.1.1

09 Sep 13:12
@jferrl jferrl
v1.1.1
56a5b99
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.1

What's Changed

New Contributors

Full Changelog: v1.1.0...v1.1.1

Contributors

jferrl and grinish21
Loading

v1.1.0

10 Aug 18:00
@jferrl jferrl
v1.1.0
1b99770
Compare
Choose a tag to compare
v1.1.0
  • Github enterprise compatibility

Full Changelog: v1.0.2...v1.1.0

Loading

v1.0.2

07 Jun 10:55
@jferrl jferrl
v1.0.2
754377c
Compare
Choose a tag to compare
v1.0.2

Full Changelog: v1.0.1...v1.0.2

Loading

v1.0.1

01 Jun 22:27
@jferrl jferrl
v1.0.1
0615593
Compare
Choose a tag to compare
v1.0.1

Full Changelog: v1.0.0...v1.0.1

Loading

v1.0.0

01 Jun 22:09
@jferrl jferrl
v1.0.0
3e35861
Compare
Choose a tag to compare
v1.0.0

We are excited to announce the release of githubauth v1.0.0. This initial release provides a set of features for GitHub authentication, enabling developers to easily generate and manage GitHub App tokens and installation tokens.

New Features

GitHub App Token Generation

  • Generate JSON Web Tokens (JWT) for GitHub Apps:
    • Function: NewApplicationTokenSource
    • Description: Create a new GitHub App token source using the App ID and a private key.
    • Customizable token expiration with the WithApplicationTokenExpiration option.

GitHub App Installation Token Generation

  • Obtain Installation Tokens:
    • Function: NewInstallationTokenSource
    • Description: Create a new GitHub App installation token source to authenticate as a specific installation.
    • Options to set HTTP client and installation token options using WithHTTPClient and WithInstallationTokenOptions.

Improvements

  • Compliance with GitHub's Security Requirements:
    • Ensures JWT expiration time is no more than 10 minutes into the future.
    • Protects against clock drift by setting the token issue time 60 seconds in the past.

Documentation

  • Comprehensive README with detailed usage examples.
  • Explanation of how the package implements the TokenSource interface from golang.org/x/oauth2.

Installation

To install the package, use:

go get -u github.com/yourusername/githubauth


**Full Changelog**: https://github.com/jferrl/go-githubauth/commits/v1.0.0
Loading