Read from environment variable GITHUB_AUTH_TOKEN if set.

[dylansm]

This prevents the need for another token file.

[ConradIrwin]

Hey @dylansm, are any other tools using this convention?

[dylansm]

In terms of Github tools that use this particular variable name? None that I know of. But Rails, AWS gem and many more tools make use of environment variables as an alternative to writing to files that might inadvertently be committed to a repository, e.g.

[ConradIrwin]

Ok, my biggest concern is that this makes the code/interface more complicated, and I don't understand the user-benefit (it's not like people are likely to have this environment variable set, and so we can just "automatically work" for a large number of users).

You need to have the token on disk somewhere (whether it's in ~/.zshrc or .env or ~/.gist), so it doesn't really make a different which file it is in (as far as I can tell).

Can you expand a bit on your actual use-case here? Otherwise I don't think it's worth the overhead

[dylansm]

Having the choice to use an environment variable seems to me to be less invasive (for users) than creating a new dotfile. I prefer to keep my keys and secrets in a single file to spreading them all over my user directory.

[cweagans]

^ same. I keep secrets in one file for simplicity, and those secrets are generally environment variables. IMO, it really doesn't add that much overhead (technical or otherwise).

[cweagans]

Variable name should be namespaced somehow to prevent conflicts. For instance, GIST_GITHUB_API_TOKEN or something.

[kenorb]

My use case is to load the token from the variable instead of the file, so I can use with Travis CI where I can encrypt the variable or pass it as a secret variable, otherwise, the file needs to be part of the repository, therefore visible for all.

Another use case when used with Docker, it's safer to pass the key as the variable during the run, instead of keeping it as a file inside the container for other people to access.

[kenorb]

One-liner to patch the installed gist gem:

patch -d "$(gem env gemdir)"/gems/gist-* -p1 < <(curl -s https://github.com/defunkt/gist/commit/5843e9827f529cba020d08ac764d70c8db8fbd71.patch) 

Tested PR and it works as expected. Although a better variable as suggested would be nice.

[mrusme]

Could we stick with GITHUB_TOKEN? It seems to be what @github uses and I came across it in various client projects as well. See here.

[ConradIrwin]

Closing as too much time has passed, I'm still open to this change using GITHUB_TOKEN for compatibiltiy with other tools