No way to query Gitlab version without authentication
Description
Starting with Gitlab v10.2.0, basic HTTP authentication is no longer supported and there is no programatic way to generate private / remote access tokens using the REST API. For those writing scripts against the REST API it would be helpful to know when HTTP auth may be used and when private tokens are required (ie: when writing scripts that target multiple versions of Gitlab both prior to v10.2.0 and later releases). To facilitate writing such scripts it would be helpful if we could query the REST API to get the version of Gitlab installed on the server so subsequent script operations can behave correctly in different contexts. (ie: if version < 10.2.0, use basic auth, else use private token). Luckily there is a REST API endpoint for retrieving the Gitlab version (ie: http(s)://hostname/api/v4/version), however this API endpoint also requires authentication so you end up in this chicken-egg situation. You need to know what version of Gitlab you are targeting in order to correctly configure your authentication, but you need to have your authentication configured already in order to get the Gitlab version.
Proposal
It would be nice if the /version API endpoint were unrestricted so unauthenticated users could figure out which version of Gitlab they are accessing. Then subsequent script behavior can be customized accordingly. In a perfect world this change would be made on as many supported versions of Gitlab as possible (ie: 10.0.x, 10.1.x, 10.2.x, etc.) but at the very least if the change could be made in the latest version of Gitlab and maintained in all future versions then if / when such changes to the API happen again we'll be able to compensate for them based on the Gitlab version number.