homebrew-github-api-token.md

Description

When using Homebrew (http://brew.sh) and searching formulas or pull requests you may get the dreaded error message: Github API Rate limit exceeded

Let's fix that! (yeah!)

---

Short version

Create a new Personal Token in your Github Account Settings (Sidebar: Applications) and then copy the Token. In the Terminal, use export HOMEBREW_GITHUB_API_TOKEN=YOURAPITOKENWITHFUNKYNUMBERSHERE (change that to your API Token) or add that to your .bash_profile and then do source .bash_profile.

Step 1 - Create a Personal Access Token for Homebrew

1. Login to your Github Account or create one if you don't have one yet.
2. In the top menu to the right, click the tools icon (Account Settings).
3. Click on “Applications” in the sidebar (to the left).
4. In the box with the title “Personal Access Tokens”, press the “Create new token” button.
5. In the next box (Create a new Personal Access Token) set the name of your Token (i used homebrew but you can use anything you want). Press “Create Token”.
6. When done, you will see your token we just created in the “Personal Access Tokens” box. Copy the Token by select the token or click the copy icon to the right of the Token text.
7. The Token text should look something like this: 9927d2878ffa105fc5236c762f2fd7zfd28b841d (not a real token, just an example)

IMPORTANT! Remember To Keep The Token Safe As It Works As A “Password” For Your Github Account.

Step 2 - Set the Github API Token for Homebrew in the Terminal

1. Fire up your Terminal.app (or iTerm.app)
2. Use the command export HOMEBREW_GITHUB_API_TOKEN=9927d2878ffa105fc5236c762f2fd7zfd28b841d (but use your own API Token, and not the fake example one that don't work) and press enter.
3. It's now set, however, instead of repating this every session, let's add this to our .bash_profile (if you don't know about this, see this link.)
4. Open your .bash_profile in your favorite text editor (in this case, we use Nano in the Terminal). Make sure that you are in your Home directory (if unsure, use cd $HOME and press enter).
5. Add the exact same line as in step 2. Press ctrl + o (to save) and then ctrl + x (to quit Nano)
6. In your Terminal, do the command source .bash_profile (loads the changes in the .bash_profile file to the active session)
7. Well, that's it!

---

###Helpful links

• Homebrew WIKI
• Set up a Developers Enviroment on Mac OS X
• A short guide to the Mac OS X Terminal

---

Tags: homebrew, brew, github api, token, api token, terminal, mac os x

It is "Developer Settings" now, not "Applications".

Which “scopes” does this token need to have selected? Any at all? Otherwise, shouldn't I unselect all scopes (least privilege)?

No idea. But I guess no scope would be to narrow. :)

…

On Mon, 7 Jun 2021, 15:54 Markus Kuhn, ***@***.***> wrote: ***@***.**** commented on this gist. ------------------------------ Which “scopes” does this token need to have selected? Any at all? — You are receiving this because you commented. Reply to this email directly, view it on GitHub <https://gist.github.com/7347306870779bfa664e#gistcomment-3771542>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AACLUOCR4KDPC5PWOAAT623TRTFPZANCNFSM4KQ2ROEQ> .

No scope seems to work fine for me so far. After all, Homebrew doesn't actually need any of the rights available, as this use of the token seems all just about enabling GitHub to identify users, to be able to rate-limit abusers, not to enable for Homebrew any particular API functionality on your own repos or user data.

I checked my token and nothing was selected, so you're right. Sorry, have no clue. Den mån 7 juni 2021 kl 19:14 skrev Markus Kuhn ***@***.***>:

…

***@***.**** commented on this gist. ------------------------------ No scope seems to work fine for me so far. After all, Homebrew doesn't actually need any of the rights available, as this use of the token seems all just about enabling GitHub to identify users, to be able to rate-limit abusers, not to enable for Homebrew any particular API functionality on your own repos or user data. — You are receiving this because you commented. Reply to this email directly, view it on GitHub <https://gist.github.com/7347306870779bfa664e#gistcomment-3771751>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AACLUOFW3GJYOO3TZTHD27DTRT5A7ANCNFSM4KQ2ROEQ> .

I'd have thought that read:packages Download packages from GitHub Package Registry was the desired permission.

@hughdbrown: I think read:packages is only needed to enable your application to download your own private packages, i.e. not for homebrew, where everything is public.

You should NOT allow home-brew access to any of your scopes. The token is only necessary for you to access the GitHub API on a non anonymous provision. Giving home-brew any access to your GitHub ressources would be a major security breach.