[jira] [Commented] (MYNEWT-804) Access to private repos using personal access tokens is broken

Fri, 18 Aug 2017 15:12:22 -0700 

    [ 
https://issues.apache.org/jira/browse/MYNEWT-804?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16133690#comment-16133690
 ] 

ASF subversion and git services commented on MYNEWT-804:
--------------------------------------------------------

Commit 82f23fe5b88f71fcad3b69b5aabdf163f618a5d6 in mynewt-newt's branch 
refs/heads/master from [~ccollins476]
[ https://gitbox.apache.org/repos/asf?p=mynewt-newt.git;h=82f23fe ]

newt - Fix handling of private github repos.

MYNEWT-804 Access to private repos using personal access tokens is broken
MYNEWT-805 Better support for private repos

The current handling of private github repos is broken in a few ways:

1. Only used for retrieval of repository.yml; manual login+password
   entry required for cloning.
2. Authentication tokens were handled incorrectly.  These should be
   handled just like passwords.

This commit provides the following fixes:

1. Use configured login and password for cloning as well as
   repository.yml retrieval.
2. Remove 'token' configuration item ('password' works for tokens as
   well).
3. Add 'password_env' configuration item.  This specifies the name of an
   environment variable containing the password for the private repo.
   This setting is only used if 'password' is empty.


> Access to private repos using personal access tokens is broken
> --------------------------------------------------------------
>
>                 Key: MYNEWT-804
>                 URL: https://issues.apache.org/jira/browse/MYNEWT-804
>             Project: Mynewt
>          Issue Type: Bug
>      Security Level: Public(Viewable by anyone) 
>          Components: Newt
>            Reporter: Todd Mitton
>            Assignee: Todd Mitton
>            Priority: Minor
>
> Newt allows you to specify a password or personal access token for private 
> github repos in project.yml. The personal access token support is currently 
> broken. Tokens are basically equivalent to passwords. Requests require both 
> the username and password/token. When a token is specified, newt only sends 
> the token in requests and incorrectly omits the username.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to