From: Junio C Hamano <gitster@pobox.com>
To: Jeff King <peff@peff.net>
Cc: Ashlesh Gawande <git@ashlesh.me>,
git@vger.kernel.org, sandals@crustytoothpaste.net
Subject: Re: [PATCH v3] t5550: add netrc tests for http 401/403
Date: Fri, 06 Feb 2026 09:39:54 -0800 [thread overview]
Message-ID: <xmqqtsvtg49h.fsf@gitster.g> (raw)
In-Reply-To: <20260206093840.GC2761602@coredump.intra.peff.net> (Jeff King's message of "Fri, 6 Feb 2026 04:38:40 -0500")
Jeff King <peff@peff.net> writes:
> I think it is fine to check the 403 handling, but note that this _isn't_
> how GitHub would respond. If you try to fetch from a repository you
> don't have access to, it will return a 401 first (so you try to log in)
> and then a 404. The idea being to avoid revealing the existence of the
> repository to unauthorized users.
That is a sensible thing to do on the server side. Presumably when
we talk with such a server we would report 404, right? It is not
like we behave all that differently with either type of errors---as
long as we just give up and do not fall into an infinite loop of
asking "oops, that password did not work, try again", it would be
OK.
>> Just out of curiosity, do we test for these codes with other
>> credential helpers or is this only relevant for .netrc users?
>
> The netrc support here should not involve credential helpers at all. It
> is all being done internally by curl.
Yeah, I phrased my question in a wrong way. As the code paths
involving credential helpers are separate, I wondered if we have
similar test coverage there as well.
> So really, none of this is testing anything novel in Git at all that is
> not covered elsewhere, except for the fact that we pass the flag to curl
> that says "you may use netrc". And so there's some value in adding it in
> that case. But trying to answer your question about other credential
> helpers, no, they're not even entering the picture here.
next prev parent reply other threads:[~2026-02-06 17:39 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-06 9:34 [PATCH] t5550: add netrc tests for http 401/403 Ashlesh Gawande
2026-01-06 10:20 ` Junio C Hamano
2026-01-06 11:47 ` Ashlesh Gawande
2026-01-06 11:40 ` [PATCH v2] " Ashlesh Gawande
2026-01-07 0:32 ` Junio C Hamano
2026-01-07 7:47 ` [PATCH v3] " Ashlesh Gawande
2026-01-31 12:33 ` Ashlesh Gawande
2026-02-06 5:05 ` Junio C Hamano
2026-02-06 9:38 ` Jeff King
2026-02-06 15:25 ` Ashlesh Gawande
2026-02-06 15:53 ` Ashlesh Gawande
2026-02-06 20:44 ` Jeff King
2026-02-06 17:39 ` Junio C Hamano [this message]
2026-02-06 20:53 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqtsvtg49h.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@ashlesh.me \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
--cc=sandals@crustytoothpaste.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.