Ahmed Abushagur 0e2750dfd9 fix: persist gh auth credentials for interactive sessions (#1491) ... * fix: persist gh auth credentials to disk for interactive sessions When GITHUB_TOKEN is in the environment, gh auth status returns success (gh checks env vars first), so ensure_gh_auth() short-circuits before gh auth login --with-token writes credentials to ~/.config/gh/hosts.yml. The interactive session starts without GITHUB_TOKEN in env, so gh reports "not logged into any GitHub hosts". Fix: always run gh auth login --with-token when GITHUB_TOKEN is set, persisting credentials to disk regardless of gh auth status. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: unset GITHUB_TOKEN env var before gh auth login --with-token gh refuses to store credentials when GITHUB_TOKEN is already set in the environment: "The value of the GITHUB_TOKEN environment variable is being used for authentication." Save the value, unset the env var, pipe it to gh auth login, then re-export. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: address security review — validate token format, skip if already persisted - Add GITHUB_TOKEN format validation (ghp_, gho_, ghu_, ghs_, ghr_, github_pat_) - Add fast path: check gh auth status with env var unset before persisting - Document plaintext credential store behavior (standard gh CLI behavior) Agent: pr-maintainer Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: B <6723574+louisgv@users.noreply.github.com>		2026-02-19 19:30:44 -05:00
..
common.sh	fix: use native OpenRouter model_provider for Codex CLI config (#1490)	2026-02-19 18:47:40 -05:00
github-auth.sh	fix: persist gh auth credentials for interactive sessions (#1491)	2026-02-19 19:30:44 -05:00
key-request.sh	security: prevent command injection in key-request.sh env var loading (#1415)	2026-02-17 13:53:49 -05:00