From 16c7b94e60c6844bfc9fa5f4d1b61db955c1dfd5 Mon Sep 17 00:00:00 2001
From: Jarek Porzucek <17789797+jporzucek@users.noreply.github.com>
Date: Fri, 26 Jan 2024 21:21:53 +0100
Subject: [PATCH] feat(osv): pass GitHub token for DB download  (#26808)

Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
---
 lib/workers/repository/process/vulnerabilities.ts | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/workers/repository/process/vulnerabilities.ts b/lib/workers/repository/process/vulnerabilities.ts
index 49fb8e637383d1..76434db02bef26 100644
--- a/lib/workers/repository/process/vulnerabilities.ts
+++ b/lib/workers/repository/process/vulnerabilities.ts
@@ -15,6 +15,7 @@ import {
   VersioningApi,
   get as getVersioning,
 } from '../../../modules/versioning';
+import { find } from '../../../util/host-rules';
 import { sanitizeMarkdown } from '../../../util/markdown';
 import * as p from '../../../util/promises';
 import { regEx } from '../../../util/regex';
@@ -46,7 +47,13 @@ export class Vulnerabilities {
   private constructor() {}
 
   private async initialize(): Promise<void> {
-    this.osvOffline = await OsvOffline.create();
+    // hard-coded logic to use authentication for github.com based on the githubToken for api.github.com
+    const gitHubHostRule = find({
+      hostType: 'github',
+      url: 'https://api.github.com/',
+    });
+
+    this.osvOffline = await OsvOffline.create(gitHubHostRule?.token);
   }
 
   static async create(): Promise<Vulnerabilities> {