Valvoıd.
search hotlink icon profile hotlink icon
Package avatar Public | 1.1.x - 1.x.x

On This Page

By default, Fusion fetches packages using unauthenticated API requests. Without authentication, only public packages can be accessed, and rate limits may be reached quickly. To prevent these issues, you can store access tokens in the user's config.json file. Fusion will then automatically apply them when running tasks such as build and replicate, without requiring additional runtime configuration.

Note

Configuring tokens enables authenticated requests to private packages and helps avoid API rate limiting.

User's Config File

To locate your configuration file, run the config command without arguments: 

                fusion config

The first line of the output shows the absolute file path, followed by its current content, if any: 

                /home/<user>/.config/valvoid/fusion/config.json
No config yet.

Note

If the file does not exist yet, create it manually at the shown location.

Once your config.json file is ready, you can add a token for any configured remote API using its domain key. The list below shows the default platforms from the Hub schema that can be configured:

  • valvoid.com: Valvoid, the default package registry
  • gitlab.com: GitLab
  • github.com: GitHub
  • bitbucket.org: Bitbucket

Note

In the examples below, we use GitLab with a pseudo token. Replace the domain key gitlab.com and the token glpat-... with your platform's values.

Common Root Token

A common root token maps to the API domain key and applies to all requests for that API. For example, a configuration like this would authenticate all requests to GitLab: 

                {
    "hub": {
        "apis": {
            "gitlab.com": {
                "tokens": "glpat-cR8Q-g..."
            }
        }
    }
}

This token applies to all dependency sources with the leading API segment gitlab.com/....

Path Segments Token

A path segments token restricts a token to specific package paths, instead of applying it to all requests for an API. It applies only to dependency sources that match both the leading API segment and the wrapped path segments.

For example, to authenticate requests for packages under the GitLab group valvoid/fusion: 

                {
    "hub": {
        "apis": {
            "gitlab.com": {
                "tokens": {
                    "valvoid/fusion": "glpat-oRaiG..."
                }
            }
        }
    }
}

This token applies only to dependency sources with the prefix gitlab.com/valvoid/fusion/....

Multiple Tokens

Token types can also be combined. Fusion will try them starting from the most specific path segment up to the root. 

                    {
    "hub": {
        "apis": {
            "gitlab.com": {
                "tokens": [
                    "glpat-cR8Q-g...", {
                        "valvoid": "glpat-oRaiG..."
                    }
                ]
            }
        }
    }
}

This token applies only to dependency sources with the prefix gitlab.com/valvoid/fusion/....

Token usage order:

  • glpat-oRaiG...: path-specific token (first)
  • glpat-cR8Q-g...: root token (fallback)