[docs] Update documentation for features from 2026-04-15#716
[docs] Update documentation for features from 2026-04-15#716danielmeppiel wants to merge 1 commit intomainfrom
Conversation
apm marketplace add now uses credentials from the first request when probing marketplace.json, fixing silent failures on private repos. Add a dedicated section in the Marketplaces guide explaining the behavior and the credential resolution order. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
danielmeppiel
added
automation
documentation
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Updates the marketplace guide to document newly supported private marketplace repositories for apm marketplace add, including how credentials are resolved and why the behavior changed.
Changes:
- Added a “Private marketplace repositories” section to the marketplaces guide.
- Documented credential resolution behavior (PAT env vars + git credential helpers) and provided an example.
- Added context about prior silent failures and linked to the Authentication guide.
Show a summary per file
| File | Description |
|---|---|
| docs/src/content/docs/guides/marketplaces.md | Adds documentation for private marketplace repo support and credential resolution for apm marketplace add. |
Copilot's findings
- Files reviewed: 1/1 changed files
- Comments generated: 2
|
|
||
| ## Private marketplace repositories | ||
|
|
||
| Private marketplace repositories work without extra configuration. APM uses the same credential resolution as `apm install`: `GITHUB_APM_PAT`, per-org `GITHUB_APM_PAT_{ORG}` env vars, and git credential helpers are all tried automatically before falling back to unauthenticated access. |
There was a problem hiding this comment.
This sentence claims credentials are tried “before falling back to unauthenticated access,” which can be read as always attempting an unauthenticated request eventually. Since the PR description emphasizes the fix is to avoid an unauthenticated first probe (to prevent 404 confusion), consider rewording to clarify the order for private repos (e.g., credentials are applied on the initial probe/request). This makes the doc consistent with the behavior change being documented.
| Private marketplace repositories work without extra configuration. APM uses the same credential resolution as `apm install`: `GITHUB_APM_PAT`, per-org `GITHUB_APM_PAT_{ORG}` env vars, and git credential helpers are all tried automatically before falling back to unauthenticated access. | |
| Private marketplace repositories work without extra configuration. APM uses the same credential resolution as `apm install`: `GITHUB_APM_PAT`, per-org `GITHUB_APM_PAT_{ORG}` env vars, and git credential helpers are resolved automatically and applied on the initial request for private repositories. |
| Private marketplace repositories work without extra configuration. APM uses the same credential resolution as `apm install`: `GITHUB_APM_PAT`, per-org `GITHUB_APM_PAT_{ORG}` env vars, and git credential helpers are all tried automatically before falling back to unauthenticated access. | ||
|
|
||
| ```bash | ||
| export GITHUB_APM_PAT=github_pat_your_token |
There was a problem hiding this comment.
Even though this is an example token, showing a PAT-shaped value in docs increases the chance users paste real secrets into terminals, logs, or screenshots. Prefer a clearly non-token placeholder (e.g., export GITHUB_APM_PAT=\"<your_token>\") and consider adding a brief note like “do not commit or share this value.”
| export GITHUB_APM_PAT=github_pat_your_token | |
| export GITHUB_APM_PAT="<your_token>" | |
| # Do not commit or share this value. |
sergio-sisternes-epam
left a comment
sergio-sisternes-epam
left a comment
There was a problem hiding this comment.
LGTM -- clean docs addition for the private marketplace fix (#701). The auth link resolves correctly and content is accurate.
Consider the two Copilot suggestions before merging (both minor):
- Reword "before falling back to unauthenticated access" to clarify credentials are applied on the initial request for private repos (consistent with the #701 behavior change).
- Replace
github_pat_your_tokenwith<your_token>placeholder to avoid PAT-shaped values in docs.
Documentation Updates - 2026-04-15
This PR updates the documentation based on features merged in the last 24 hours.
Features Documented
apm marketplace addwith private repos) — from Fix: apm marketplace add silently fails for private repos #701Changes Made
docs/src/content/docs/guides/marketplaces.mdto add a "Private marketplace repositories" section explaining:apm installis used (GITHUB_APM_PAT, per-org env vars, git credential helpers)Merged PRs Referenced
apm marketplace addsilently fails for private repos (usesAuthResolver.try_with_fallback(unauth_first=False)so credentials are applied from the first probe request)Notes
The CHANGELOG already contains the entry for #701 under
[Unreleased]. No other source changes from this commit window required documentation updates — the other unreleased items (SSH timeout fix, compile target fix, OpenCode headers fix, Codex pin) are internal fixes without user-facing documentation gaps.