You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@mynewt.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2017/08/18 22:12:00 UTC

[jira] [Commented] (MYNEWT-804) Access to private repos using personal access tokens is broken

    [ https://issues.apache.org/jira/browse/MYNEWT-804?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16133690#comment-16133690 ] 

ASF subversion and git services commented on MYNEWT-804:
--------------------------------------------------------

Commit 82f23fe5b88f71fcad3b69b5aabdf163f618a5d6 in mynewt-newt's branch refs/heads/master from [~ccollins476]
[ https://gitbox.apache.org/repos/asf?p=mynewt-newt.git;h=82f23fe ]

newt - Fix handling of private github repos.

MYNEWT-804 Access to private repos using personal access tokens is broken
MYNEWT-805 Better support for private repos

The current handling of private github repos is broken in a few ways:

1. Only used for retrieval of repository.yml; manual login+password
   entry required for cloning.
2. Authentication tokens were handled incorrectly.  These should be
   handled just like passwords.

This commit provides the following fixes:

1. Use configured login and password for cloning as well as
   repository.yml retrieval.
2. Remove 'token' configuration item ('password' works for tokens as
   well).
3. Add 'password_env' configuration item.  This specifies the name of an
   environment variable containing the password for the private repo.
   This setting is only used if 'password' is empty.


> Access to private repos using personal access tokens is broken
> --------------------------------------------------------------
>
>                 Key: MYNEWT-804
>                 URL: https://issues.apache.org/jira/browse/MYNEWT-804
>             Project: Mynewt
>          Issue Type: Bug
>      Security Level: Public(Viewable by anyone) 
>          Components: Newt
>            Reporter: Todd Mitton
>            Assignee: Todd Mitton
>            Priority: Minor
>
> Newt allows you to specify a password or personal access token for private github repos in project.yml. The personal access token support is currently broken. Tokens are basically equivalent to passwords. Requests require both the username and password/token. When a token is specified, newt only sends the token in requests and incorrectly omits the username.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)