From: Junio C Hamano <gitster@pobox.com>
To: Jeff King <peff@peff.net>
Cc: Ashlesh Gawande <git@ashlesh.me>,
git@vger.kernel.org, sandals@crustytoothpaste.net
Subject: Re: [PATCH v3] t5550: add netrc tests for http 401/403
Date: Fri, 06 Feb 2026 09:39:54 -0800 [thread overview]
Message-ID: <xmqqtsvtg49h.fsf@gitster.g> (raw)
In-Reply-To: <20260206093840.GC2761602@coredump.intra.peff.net> (Jeff King's message of "Fri, 6 Feb 2026 04:38:40 -0500")
Jeff King <peff@peff.net> writes:
> I think it is fine to check the 403 handling, but note that this _isn't_
> how GitHub would respond. If you try to fetch from a repository you
> don't have access to, it will return a 401 first (so you try to log in)
> and then a 404. The idea being to avoid revealing the existence of the
> repository to unauthorized users.
That is a sensible thing to do on the server side. Presumably when
we talk with such a server we would report 404, right? It is not
like we behave all that differently with either type of errors---as
long as we just give up and do not fall into an infinite loop of
asking "oops, that password did not work, try again", it would be
OK.
>> Just out of curiosity, do we test for these codes with other
>> credential helpers or is this only relevant for .netrc users?
>
> The netrc support here should not involve credential helpers at all. It
> is all being done internally by curl.
Yeah, I phrased my question in a wrong way. As the code paths
involving credential helpers are separate, I wondered if we have
similar test coverage there as well.
> So really, none of this is testing anything novel in Git at all that is
> not covered elsewhere, except for the fact that we pass the flag to curl
> that says "you may use netrc". And so there's some value in adding it in
> that case. But trying to answer your question about other credential
> helpers, no, they're not even entering the picture here.
next prev parent reply other threads:[~2026-02-06 17:39 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-06 9:34 [PATCH] t5550: add netrc tests for http 401/403 Ashlesh Gawande
2026-01-06 10:20 ` Junio C Hamano
2026-01-06 11:47 ` Ashlesh Gawande
2026-01-06 11:40 ` [PATCH v2] " Ashlesh Gawande
2026-01-07 0:32 ` Junio C Hamano
2026-01-07 7:47 ` [PATCH v3] " Ashlesh Gawande
2026-01-31 12:33 ` Ashlesh Gawande
2026-02-06 5:05 ` Junio C Hamano
2026-02-06 9:38 ` Jeff King
2026-02-06 15:25 ` Ashlesh Gawande
2026-02-06 15:53 ` Ashlesh Gawande
2026-02-06 20:44 ` Jeff King
2026-02-06 17:39 ` Junio C Hamano [this message]
2026-02-06 20:53 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqtsvtg49h.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@ashlesh.me \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
--cc=sandals@crustytoothpaste.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox