The $subject is a case where nothing is broken except potential user expectations, but as argued in 2/2 I think we really should rename this before we kick it out the door. Having a "fetch" configuration configure "git push" is really confusing, and once we need to support it backing out of it would be a hassle. Then 1/2 clarifies how it really works, and what it's aimed to do, and notes the major caveat that the check doesn't cover "pushurl" configuration, which in some setups is the only place you'll put passwords in URLs. I think it likewise makes sense to have that in v2.37.0 so we won't lull users into a false sense of security. This is a relatively large change for an "rc", but the only code changes are s/fetch\.credentialsInUrl/transfer.credentialsInUrl/g, the rest is all docs. There's a trivial conflict with my just-submitted https://lore.kernel.org/git/cover-0.1-00000000000-20220615T103609Z-avarab@xxxxxxxxx: The relevant "test_expect_success" line needs a "LIBCURL" prerequisite added in the merge conflict. Ævar Arnfjörð Bjarmason (2): fetch doc: note "pushurl" caveat about "credentialsInUrl", elaborate transfer doc: move fetch.credentialsInUrl to "transfer" config namespace Documentation/RelNotes/2.37.0.txt | 6 +++-- Documentation/config/fetch.txt | 14 ------------ Documentation/config/transfer.txt | 38 +++++++++++++++++++++++++++++++ remote.c | 4 ++-- t/t5516-fetch-push.sh | 14 ++++++------ t/t5601-clone.sh | 10 ++++---- 6 files changed, 56 insertions(+), 30 deletions(-) -- 2.36.1.1239.gfba91521d90
