Warning/Error when GITHUB_COM_TOKEN expired

[BreakBB]

What would you like help with?

Other

How are you running Renovate?

Self-hosted

If you're self-hosting Renovate, tell us which platform (GitHub, GitLab, etc) and which version of Renovate.

GitLab

Please tell us more about your question or problem

Recently we noticed that our GITHUB_COM_TOKEN expired without us really noticing it. Is there a setting or something so that renovate gives us a hint about the expiration?

Maybe it's possible to add a short note about it in the merge request description, when the token is found, but expired (aka HTTP 401)?

Logs (if relevant)

Logs

Replace this text with your logs, between the starting and ending triple backticks

[rarkins]

What is the exact 401 error message and habit unique to expired tokens or is it a more generic message which covers multiple "bad token" scenarios?

[BreakBB]

This is one of the logs. There is nothing unique for an expired token from what I can see, which helps to differ to other 401 scenarios. I'd say it is still interesting to get some sort of feedback, that the provided GITHUB_COM_TOKEN is not working as expected (since I provided a token, I want it to work).

Logs

``` DEBUG: POST https://api.github.com/graphql = (code=ERR_NON_2XX_3XX_RESPONSE, statusCode=401 retryCount=0, duration=126) (repository=..., branch=REN-tanstack-query-monorepo) DEBUG: GitHub failure: Bad credentials (repository=..., branch=REN-tanstack-query-monorepo) "token": "***********", "err": { "name": "HTTPError", "code": "ERR_NON_2XX_3XX_RESPONSE", "timings": { "start": 1723117493861, "socket": 1723117493862, "lookup": 1723117493870, "connect": 1723117493872, "secureConnect": 1723117493878, "upload": 1723117493878, "response": 1723117493987, "end": 1723117493987, "phases": { "wait": 1, "dns": 8, "tcp": 2, "tls": 6, "request": 0, "firstByte": 109, "download": 0, "total": 126 } }, "message": "Response code 401 (Unauthorized)", "stack": "HTTPError: Response code 401 (Unauthorized)\n at Request. (/usr/local/renovate/node_modules/.pnpm/got@11.8.6/node_modules/got/dist/source/as-promise/index.js:118:42)\n at processTicksAndRejections (node:internal/process/task_queues:95:5)", "options": { "headers": { "user-agent": "RenovateBot/38.21.0 (https://github.com/renovatebot/renovate)", "accept": "application/json, application/vnd.github.v3+json", "authorization": "***********", "content-type": "application/json", "content-length": "874", "accept-encoding": "gzip, deflate, br" }, "url": "https://api.github.com/graphql", "hostType": "github-tags", "username": "", "password": "", "method": "POST", "http2": false }, "response": { "statusCode": 401, "statusMessage": "Unauthorized", "body": { "message": "Bad credentials", "documentation_url": "https://docs.github.com/graphql", "status": "401" }, "headers": { "server": "github.com", "date": "Thu, 08 Aug 2024 11:44:53 GMT", "content-type": "application/json; charset=utf-8", "content-length": "98", "x-github-media-type": "github.v4", "x-ratelimit-limit": "0", "x-ratelimit-remaining": "0", "x-ratelimit-reset": "1723121093", "x-ratelimit-used": "0", "x-ratelimit-resource": "graphql", "access-control-expose-headers": "ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset", "access-control-allow-origin": "*", "strict-transport-security": "max-age=31536000; includeSubdomains; preload", "x-frame-options": "deny", "x-content-type-options": "nosniff", "x-xss-protection": "0", "referrer-policy": "origin-when-cross-origin, strict-origin-when-cross-origin", "content-security-policy": "default-src 'none'", "vary": "Accept-Encoding, Accept, X-Requested-With", "x-github-request-id": "D5F6:2D2DB4:EB46C27:EE11CB5:66B4AFB5" }, "httpVersion": "1.1", "retryCount": 0 } } ```

[rarkins]

I guess if a token is provided, and a 401 is received, we could log a warning once per repo.

[BreakBB]

Sounds good to me 👍🏻

[rarkins]

Converted to issue: #30993