"M Hickford via GitGitGadget" <gitgitgadget@xxxxxxxxx> writes: > From: M Hickford <mirth.hickford@xxxxxxxxx> > > Describe problems storing personal access tokens in git-credential-cache > and suggest alternatives. > +PERSONAL ACCESS TOKENS > +---------------------- > + > +Some remotes accept personal access tokens, which are randomly > +generated and hard to memorise. They typically have a lifetime of weeks > +or months. > + > +git-credential-cache is inherently unsuitable for persistent storage of > +personal access tokens. The credential will be forgotten after the cache > +timeout. Even if you configure a long timeout, credentials will be > +forgotten if the daemon dies. Very true. > +To avoid frequently regenerating personal access tokens, configure a > +credential helper with persistent storage. Like libsecret and osxkeychain, you mean? I am wondering if we want to be a bit more helpful by being explicit. I think there is a section in a maual page that has a list of known and often-used credential backends, so referring the readers to that section may be helpful. > Alternatively, configure an > +OAuth credential helper to generate credentials automatically. See > +linkgit:gitcredentials[7]. Indeed.
