404 when GET repositories/contents/{PATH} and PATH contains (properly encoded) spaces

[victor-gp]

Select Topic Area

Bug

Body

Context, pain point

In the sharkdp/bat project, there are a number of git submodules mapped to this directory. Some of the paths for these submodules contain spaces in the filename.

e.g.: JavaScript (Babel), Org mode.

There's a Dependabot action to update those submodules. It's currently broken because of this bug. It always errors when trying to fetch the first submodule file with spaces in its filename (JavaScript (Babel) [^1]).

2025-02-01T03:34:09.3613620Z   proxy | 2025/02/01 03:34:09 [066] GET https://api.github.com:443/repos/sharkdp/bat/contents/assets/syntaxes/02_Extra/JavaScript%20(Babel)?ref=4fc55cfcec44dba3f67bd79cac9ccf64dc18eb08
2025-02-01T03:34:09.3614825Z   proxy | 2025/02/01 03:34:09 [066] * authenticating github api request with token for api.github.com
2025-02-01T03:34:09.4715821Z   proxy | 2025/02/01 03:34:09 [066] 404 https://api.github.com:443/repos/sharkdp/bat/contents/assets/syntaxes/02_Extra/JavaScript%20(Babel)?ref=4fc55cfcec44dba3f67bd79cac9ccf64dc18eb08
2025-02-01T03:34:09.4737486Z updater | 2025/02/01 03:34:09 ERROR <job_956925857> Error during file fetching; aborting: assets/syntaxes/02_Extra/JavaScript (Babel) not found

The bug

Testing these GET requests with curl shows that the GitHub API's response is incorrect/ incoherent:

curl -I "https://api.github.com:443/repos/sharkdp/bat/contents/assets/syntaxes/02_Extra/JavaScript%20\(Babel\)\?ref\=4fc55cfcec44dba3f67bd79cac9ccf64dc18eb08"
#=> 302
#   location: https://api.github.com/repositories/130464961/contents/assets/syntaxes/02_Extra/JavaScript%20/(Babel/)

... but fetching this location url returns a 404.

I tried with a couple more submodule files: Julia, and Org mode:

curl -I "https://api.github.com:443/repos/sharkdp/bat/contents/assets/syntaxes/02_Extra/Julia\?ref\=7e804b27a019b5805c8ea04bfbd8c9b8d47e3bcc"
#=> 302
#   location: https://api.github.com/repositories/130464961/contents/assets/syntaxes/02_Extra/Julia

curl -I "https://api.github.com:443/repos/sharkdp/bat/contents/assets/syntaxes/02_Extra/Org%20mode\?ref\=7e804b27a019b5805c8ea04bfbd8c9b8d47e3bcc"
#=> 302
#   location: https://api.github.com/repositories/130464961/contents/assets/syntaxes/02_Extra/Org%20mode

The Julia URL works properly but the Org-mode one also returns a 404.

Meaning: I don't know if the parentheses in Javascript (Babel) are an issue, but what's certain is that the space is.

Other unknowns:

• is this an issue limited to submodule files with spaces in the name or does it affect every kind of file?
• does it only affect files with spaces in the filename, or can the spaces be in any segment of the path?

Trying to date the regression

The submodules Dependabot action used to work just fine, until at least July 2024. That's when Dependabot created the last PRs for bumping submodules.

Since as early as November 2024, the Dependabot action fails on the same step (fetching that JavaScript (Babel) submodule file). On this same PR, there's a previous Dependabot error on July 26, but it's error message is not as conclusive.

These submodule mappings last changed 5+ years ago so they can't be the cause for this regression. The Dependabot configuration last changed 2y ago.

[1] It's always Javascript (Babel) because it always fetches the submodules in the same order (not alphanumerical).

[github-actions[bot]]

💬 Your Product Feedback Has Been Submitted 🎉

Thank you for taking the time to share your insights with us! Your feedback is invaluable as we build a better GitHub experience for all our users.

Here's what you can expect moving forward ⏩

• Your input will be carefully reviewed and cataloged by members of our product teams. 
  • Due to the high volume of submissions, we may not always be able to provide individual responses.
  • Rest assured, your feedback will help chart our course for product improvements.
• Other users may engage with your post, sharing their own perspectives or experiences. 
• GitHub staff may reach out for further clarification or insight. 
  • We may 'Answer' your discussion if there is a current solution, workaround, or roadmap/changelog post related to the feedback.

Where to look to see what's shipping 👀

• Read the Changelog for real-time updates on the latest GitHub features, enhancements, and calls for feedback.
• Explore our Product Roadmap, which details upcoming major releases and initiatives.

What you can do in the meantime 💻

• Upvote and comment on other user feedback Discussions that resonate with you.
• Add more information at any point! Useful details include: use cases, relevant labels, desired outcomes, and any accompanying screenshots.

As a member of the GitHub community, your participation is essential. While we can't promise that every suggestion will be implemented, we want to emphasize that your feedback is instrumental in guiding our decisions and priorities.

Thank you once again for your contribution to making GitHub even better! We're grateful for your ongoing support and collaboration in shaping the future of our platform. ⭐