On 2022-05-13 at 07:04:16, Simon.Richter@xxxxxxxxxx wrote: > From: Simon Richter <Simon.Richter@xxxxxxxxxx> > > When using a Personal Access Token in Microsoft DevOps server, the username > can be empty, so users might expect that pressing return on an username > prompt will work. I don't think this is a good idea. libcurl relies on CURLOPT_USERPWD being set to enable authentication, and before the appearance of http.emptyAuth, it was extremely common for Kerberos users to specify an empty username to get Git to authenticate properly. I probably still have some repositories on my system configured that way. I believe GitHub can also accept an empty username with a PAT, but it can also accept a dummy (e.g., "token"), which I would hope Azure DevOps can do as well. In such a case, the documentation for Azure DevOps should just be updated to tell people to specify something like "token" or their username. -- brian m. carlson (he/him or they/them) Toronto, Ontario, CA
Attachment:
signature.asc
Description: PGP signature
