Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

allow unauthenticated requests #37

Open
warner opened this issue Aug 14, 2014 · 3 comments
Open

allow unauthenticated requests #37

warner opened this issue Aug 14, 2014 · 3 comments

Comments

@warner
Copy link

warner commented Aug 14, 2014

In sigma/magit-gh-pulls#5 I noticed that some basic operations (listing pull-requests for a public repo) were asking for my github password, when the necessary API calls don't actually require authentication. I haven't studied gh.el carefully enough yet, but I get the sense that all calls are using password/OAuth authentication, whether they really need it or not.

It'd be nice if it didn't ask for a password unless really necessary. For magit-gh-pulls, I think I should be able to list, fetch, branch, and merge, without any special github credentials. (when I finally push my merged branch upstream, I'll need something, but that's the responsibility of the forked git command, nothing new).

I don't deal with private repos very often, so I suspect I don't have as much of a need for authenticated API calls as some folks do. I imagine most checkouts are either in "every API needs authentication" mode (for private repos) or "no APIs need authentication" (for public repos, at least for some operations). I guess one option would be to try the operation without auth, and only ask for creds if it fails. Or maybe put a flag in .git/config to indicate whether the repo is private or not, and then only ask for creds if it's a private repo (or if you're hitting an API that requires auth either way, like.. well, like anything with side-effects: gh-repos-star, gh-repos-fork, etc).

@syl20bnr
Copy link

syl20bnr commented Jan 8, 2015

+1 for unauthenticated request, cc @sigma

@ebpa
Copy link

ebpa commented Sep 7, 2015

+1

@sigma
Copy link
Owner

sigma commented Sep 9, 2015

just a quick note: supporting unauthenticated operations was always the goal, and the main reason why I didn't do anything in that area is that the rate limit for those is at 60 per hour, which is very low. Therefore I figure people might be pretty disappointed quickly even if/when I implement those :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants