Skip to content

tools.func: handle GitHub 300 Multiple Choices in tarball mode #9697

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tremor021 merged 1 commit into from
Dec 5, 2025
Merged

tools.func: handle GitHub 300 Multiple Choices in tarball mode #9697

tremor021 merged 1 commit into from
Dec 5, 2025

Conversation

@MickLesk
Copy link
Member

@MickLesk MickLesk commented Dec 5, 2025

✍️ Description

Pangolin has a branch and tag with the same name (1.12.3). GitHub's tarball_url returns HTTP 300 (not a redirect), so curl saves JSON instead of the tarball → "gzip: stdin: not in gzip format".

Fixed / Improved -> Use explicit refs/tags URL which always returns a proper redirect:

https://github.com/$repo/archive/refs/tags/$tag_name.tar.gz

Example:

GET https://api.github.com/repos/fosrl/pangolin/tarball/1.12.3

HTTP/2 300
{
  "message": "Multiple resource types were returned for this ref",
  "resources": [
    {"type": "branch", "url": ".../refs/heads/1.12.3"},
    {"type": "tag", "url": ".../refs/tags/1.12.3"}
  ]
}

curl -fsSL doesn't follow 300 responses (only 301/302), so it saves the JSON body as the file → tar -xzf fails with "gzip: stdin: not in gzip format".

🔗 Related PR / Issue

Link: #9694

✅ Prerequisites (X in brackets)

  • Self-review completed – Code follows project standards.
  • Tested thoroughly – Changes work as expected.
  • No security risks – No hardcoded secrets, unnecessary privilege escalations, or permission issues.

🛠️ Type of Change (X in brackets)

  • 🐞 Bug fix – Resolves an issue without breaking functionality.
  • New feature – Adds new, non-breaking functionality.
  • 💥 Breaking change – Alters existing functionality in a way that may require updates.
  • 🆕 New script – A fully functional and tested script or script set.
  • 🌍 Website update – Changes to website-related JSON files or metadata.
  • 🔧 Refactoring / Code Cleanup – Improves readability or maintainability without changing functionality.
  • 📝 Documentation update – Changes to README, AppName.md, CONTRIBUTING.md, or other docs.

@MickLesk MickLesk requested a review from a team as a code owner December 5, 2025 19:58
@github-actions github-actions bot added core update script A change that updates a script labels Dec 5, 2025
@MickLesk
fix(tools.func): handle GitHub 300 Multiple Choices in tarball mode
7f6e473 
When a GitHub repository has both a branch and a tag with the same name
(e.g. Pangolin's '1.12.3'), the API's tarball_url and zipball_url return
HTTP 300 Multiple Choices instead of a redirect. curl saves the JSON
response body as the file, causing 'gzip: stdin: not in gzip format'
when tar tries to extract.

This fix uses the explicit refs/tags/ URL format instead:
  https://github.com/$repo/archive/refs/tags/$tag.tar.gz

This URL always returns a proper 302 redirect to the tarball, avoiding
the ambiguity between branch and tag names.

Fixes: #9694
@MickLesk MickLesk force-pushed the fix/tarball-300-multiple-choices branch from 30aafb6 to 7f6e473 Compare December 5, 2025 19:59
@tremor021 tremor021 merged commit dd5993d into main Dec 5, 2025
1 check passed
@tremor021 tremor021 deleted the fix/tarball-300-multiple-choices branch December 5, 2025 22:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tremor021 tremor021 tremor021 approved these changes

@michelroegl-brunner michelroegl-brunner michelroegl-brunner approved these changes

Assignees

No one assigned

Labels

core feature update script A change that updates a script

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@MickLesk @tremor021 @michelroegl-brunner