From c847c21f3b244a5d1fc008f22469f93443969eaf Mon Sep 17 00:00:00 2001
From: A1lo <yin199909@aliyun.com>
Date: Wed, 7 May 2025 05:54:14 +0800
Subject: [PATCH] Workflows: Authenticating the GitHub API call with GitHub
 token (#4703)

---
 .github/workflows/release-win7.yml            | 2 +-
 .github/workflows/scheduled-assets-update.yml | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release-win7.yml b/.github/workflows/release-win7.yml
index 239de1b5..6595dc07 100644
--- a/.github/workflows/release-win7.yml
+++ b/.github/workflows/release-win7.yml
@@ -51,7 +51,7 @@ jobs:
           GOSDK=$(go env GOROOT)
           rm -r $GOSDK/*
           cd $GOSDK
-          curl -O -L https://github.com/XTLS/go-win7/releases/latest/download/go-for-win7-linux-amd64.zip
+          curl -O -L -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" https://github.com/XTLS/go-win7/releases/latest/download/go-for-win7-linux-amd64.zip
           unzip ./go-for-win7-linux-amd64.zip -d $GOSDK
           rm ./go-for-win7-linux-amd64.zip
 
diff --git a/.github/workflows/scheduled-assets-update.yml b/.github/workflows/scheduled-assets-update.yml
index fb3ca455..c5149d92 100644
--- a/.github/workflows/scheduled-assets-update.yml
+++ b/.github/workflows/scheduled-assets-update.yml
@@ -45,12 +45,12 @@ jobs:
               INFO=($(echo $i | awk 'BEGIN{FS=" ";OFS=" "} {print $1,$2,$3,$4}'))
               FILE_NAME="${INFO[3]}.dat"
               echo -e "Verifying HASH key..."
-              HASH="$(curl -sL "https://raw.githubusercontent.com/${INFO[0]}/${INFO[1]}/release/${INFO[2]}.dat.sha256sum" | awk -F ' ' '{print $1}')"
+              HASH="$(curl -sL -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" "https://raw.githubusercontent.com/${INFO[0]}/${INFO[1]}/release/${INFO[2]}.dat.sha256sum" | awk -F ' ' '{print $1}')"
               if [ -s "./resources/${FILE_NAME}" ] && [ "$(sha256sum "./resources/${FILE_NAME}" | awk -F ' ' '{print $1}')" == "${HASH}" ]; then
                   continue
               else
                   echo -e "Downloading https://raw.githubusercontent.com/${INFO[0]}/${INFO[1]}/release/${INFO[2]}.dat..."
-                  curl -L "https://raw.githubusercontent.com/${INFO[0]}/${INFO[1]}/release/${INFO[2]}.dat" -o ./resources/${FILE_NAME}
+                  curl -L -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" "https://raw.githubusercontent.com/${INFO[0]}/${INFO[1]}/release/${INFO[2]}.dat" -o ./resources/${FILE_NAME}
                   echo -e "Verifying HASH key..."
                   [ "$(sha256sum "./resources/${FILE_NAME}" | awk -F ' ' '{print $1}')" == "${HASH}" ] || { echo -e "The HASH key of ${FILE_NAME} does not match cloud one."; exit 1; }
                   echo "unhit=true" >> $GITHUB_OUTPUT