M Hickford <mirth.hickford@xxxxxxxxx> writes: > Thanks Johannes for the review and the fix. I'll include it in any patch v2. > >> But I have to wonder: why even bother with `git-wincred`? This credential >> helper is so ridiculously limited in its capabilities, it does not even >> support any host that is remotely close to safe (no 2FA, no OAuth, just >> passwords). So I would be just as happy if I weren't asked to spend my >> time to review changes to a credential helper I'd much rather see retired >> than actively worked on. > > git-credential-wincred has the same capabilities as popular helpers > git-credential-cache, git-credential-store, git-credential-osxkeychain > and git-credential-libsecret. Any of which can store OAuth credentials > generated by a helper such as git-credential-oauth [1]. This is > compatible with 2FA (any 2FA happens in browser). Example config: > > [credential] > helper = wincred > helper = oauth > > This patch to store password_expiry_utc is necessary to avoid Git > trying to use OAuth credentials beyond expiry. See > https://github.com/git/git/commit/d208bfdfef97a1e8fb746763b5057e0ad91e283b > for background (I'll add to commit message v2). So, even though earlier Dscho sounded negative on extending wincred helper, are we now on track of enhancing its capabilities? The v3 is now queued in my tree and nobody who knows Windows seem to have made any comments on either v2 or v3---I am wondering if the lack of comments is a good news or no interest. Thanks.
