You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In sigma/magit-gh-pulls#5 I noticed that some basic operations (listing pull-requests for a public repo) were asking for my github password, when the necessary API calls don't actually require authentication. I haven't studied gh.el carefully enough yet, but I get the sense that all calls are using password/OAuth authentication, whether they really need it or not.
It'd be nice if it didn't ask for a password unless really necessary. For magit-gh-pulls, I think I should be able to list, fetch, branch, and merge, without any special github credentials. (when I finally push my merged branch upstream, I'll need something, but that's the responsibility of the forked git command, nothing new).
I don't deal with private repos very often, so I suspect I don't have as much of a need for authenticated API calls as some folks do. I imagine most checkouts are either in "every API needs authentication" mode (for private repos) or "no APIs need authentication" (for public repos, at least for some operations). I guess one option would be to try the operation without auth, and only ask for creds if it fails. Or maybe put a flag in .git/config to indicate whether the repo is private or not, and then only ask for creds if it's a private repo (or if you're hitting an API that requires auth either way, like.. well, like anything with side-effects: gh-repos-star, gh-repos-fork, etc).
The text was updated successfully, but these errors were encountered:
just a quick note: supporting unauthenticated operations was always the goal, and the main reason why I didn't do anything in that area is that the rate limit for those is at 60 per hour, which is very low. Therefore I figure people might be pretty disappointed quickly even if/when I implement those :)
In sigma/magit-gh-pulls#5 I noticed that some basic operations (listing pull-requests for a public repo) were asking for my github password, when the necessary API calls don't actually require authentication. I haven't studied gh.el carefully enough yet, but I get the sense that all calls are using password/OAuth authentication, whether they really need it or not.
It'd be nice if it didn't ask for a password unless really necessary. For magit-gh-pulls, I think I should be able to list, fetch, branch, and merge, without any special github credentials. (when I finally push my merged branch upstream, I'll need something, but that's the responsibility of the forked
git
command, nothing new).I don't deal with private repos very often, so I suspect I don't have as much of a need for authenticated API calls as some folks do. I imagine most checkouts are either in "every API needs authentication" mode (for private repos) or "no APIs need authentication" (for public repos, at least for some operations). I guess one option would be to try the operation without auth, and only ask for creds if it fails. Or maybe put a flag in
.git/config
to indicate whether the repo is private or not, and then only ask for creds if it's a private repo (or if you're hitting an API that requires auth either way, like.. well, like anything with side-effects: gh-repos-star, gh-repos-fork, etc).The text was updated successfully, but these errors were encountered: