On Sun, Nov 11 2018, Federico Lucifredi wrote: > git clone of non-existent repository results in request for credentials > > REPRODUCING: > sudo apt install git > git clone https://github.com/xorbit/LiFePo4owered-Pi.git #this repo does not exist > > Git will then prompt for username and password on Github. > > I can see a valid data-leak concern (one could probe for private repository names in a brute-force fashion), but then again the UX impact is appalling. Chances of someone typing an invalid repo name are pretty high, and this error message has nothing to do with the actual error. > > RESOLUTION: > The error message should indicate that the repository name does not exist. This is a legitimate thing to complain about, but it has nothing to do with git itself maintained on this mailing list, but the response codes of specific git hosting websites. E.g. here's two issues for fixing this on GitLab: https://gitlab.com/gitlab-org/gitlab-ce/issues/50201 https://gitlab.com/gitlab-org/gitlab-ce/issues/50660 These hosting platforms are intentionally producing bad error messages to not leak information, as you note. So I doubt it's something they'll ever change, the bug I have open with this on GitLab is to make this configurable for privately run instances.
