On Fri, Apr 30, 2021 at 8:37 PM Derrick Stolee via GitGitGadget <gitgitgadget@xxxxxxxxx> wrote: > > From: Derrick Stolee <dstolee@xxxxxxxxxxxxx> > > Git allows URLs of the following pattern: > > https://username:password@domain/route [...] > Some Git hosting providers are working to completely drop > username/password credential strategies, which will make URLs of this > form stop working. However, that requires certain changes to credential > managers that need to be released and sufficiently adopted before making > such a server-side change. > > In the meantime, it might be helpful to alert users that they are doing > something insecure with these URLs. Another helpful thing to do might be to add --user and maybe --password options to some commands like 'clone', 'fetch', 'remote add', etc. I think historically we considered that authentication wasn't Git's responsibility. If we now think it should be concerned about this, then --user and --password options might be a good way to start taking responsibility. For example `git clone --user XXX --password YYY https://git.example.com/git/git.git` could use an HTTP header to send the credentials, and then after the clone maybe (if a terminal is used) ask if the user would like to save the credentials using a credential manager. I think this could be both as easy, or even easier, to use than an URL with credentials and more secure. We could also make things more secure over time by suggesting better credential managers as they improve. Also I wonder if on Linux a credential manager could encrypt HTTP credentials and store them locally using the user's private ssh key if there is one. Thanks, Christian.
