Skip to content

Fix in getFrogbot.sh - Use credentials only when REMOTE_PATH is set#1347

Merged
orto17 merged 1 commit into
jfrog:devfrom
orto17:fix/getfrogbot-anonymous-public-download
Jun 4, 2026
Merged

Fix in getFrogbot.sh - Use credentials only when REMOTE_PATH is set#1347
orto17 merged 1 commit into
jfrog:devfrom
orto17:fix/getfrogbot-anonymous-public-download

Conversation

@orto17

@orto17 orto17 commented Jun 4, 2026

Copy link
Copy Markdown
Contributor
  • All tests passed. If this feature is not already covered by the tests, I added new tests.
  • This pull request is on the dev branch.
  • I used gofmt for formatting the code before submitting the pull request.
  • Update documentation about new features / new supported technologies

Minimal fix in buildscripts/getFrogbot.sh: credentials are only used when REMOTE_PATH is set (i.e. when JF_RELEASES_REPO is configured).

Updated: download_to, head_request, storage_request

Behavior:

No JF_RELEASES_REPO → download/checksum calls to releases.jfrog.io are anonymous (no JF_ACCESS_TOKEN / JF_USER).
JF_RELEASES_REPO set → same as before: Bearer token or basic auth against the customer’s JF_URL.
This restores the pre–2.34.0 / v3.1.x pattern and addresses both customer 401 reports. dash -n still passes.

@orto17 @cursoragent
Only send platform credentials when JF_RELEASES_REPO is set.
0ce6ff9 
Restore REMOTE_PATH gating in download_to, head_request, and storage_request so installs from releases.jfrog.io stay anonymous when JF_ACCESS_TOKEN or JF_USER are set for the scan only.

Co-authored-by: Cursor <cursoragent@cursor.com>
@orto17 orto17 added the safe to test Approve running integration tests on a pull request label Jun 4, 2026
@github-actions github-actions Bot removed the safe to test Approve running integration tests on a pull request label Jun 4, 2026
@attiasas attiasas self-requested a review June 4, 2026 08:58
attiasas
attiasas approved these changes Jun 4, 2026
View reviewed changes

@attiasas attiasas left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, make sure if you also need it for v3

eranturgeman
eranturgeman approved these changes Jun 4, 2026
View reviewed changes

@eranturgeman eranturgeman left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@orto17 orto17 merged commit 05cf3f3 into jfrog:dev Jun 4, 2026
19 of 33 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@attiasas attiasas attiasas approved these changes

@eranturgeman eranturgeman eranturgeman approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@orto17 @attiasas @eranturgeman