You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The documentation suggests that username can be left empty or filled with any empty string when using a PAT as follows
r, err = git.PlainClone(path, false, &git.CloneOptions{
URL: repo_url,
Auth: &gogithttp.BasicAuth{
Username: "", // can be anything except an empty string
Password: token,
},
})
However, I'm finding that this behaves differently for the newer fine-grained tokens (as opposed to classic tokens), where now you're required to provide the actual username in the value.
Here's how to reproduce:
Get a new fine-grained access token from https://github.com/settings/personal-access-tokens/new:
Step 1: Give it a token name (not important)
Step 2: Select Resource Owner (important, select your organization with private repositories)
Step 3: Select All repositories
Step 4: From the list of permissions, find Contents then grant Read-only access.
Step 5: try running the above code with and without username
If it's reproducible, there are a few options I'd like to suggest:
changing the code to maintain the same behavior for both types of tokens. We can do this by getting user info before calling clone,
or
introducing optional type to BasicAuth
or
introducing NonBasicAuth or "FineGrainedAuth"
or
just clarifying in the documentation
Curious to hear if others are able to reproduce this issue
The text was updated successfully, but these errors were encountered:
The documentation suggests that username can be left empty or filled with any empty string when using a PAT as follows
However, I'm finding that this behaves differently for the newer fine-grained tokens (as opposed to classic tokens), where now you're required to provide the actual username in the value.
Here's how to reproduce:
Get a new fine-grained access token from https://github.com/settings/personal-access-tokens/new:
Step 1: Give it a token name (not important)
Step 2: Select Resource Owner (important, select your organization with private repositories)
Step 3: Select All repositories
Step 4: From the list of permissions, find Contents then grant Read-only access.
Step 5: try running the above code with and without username
If it's reproducible, there are a few options I'd like to suggest:
or
or
or
Curious to hear if others are able to reproduce this issue
The text was updated successfully, but these errors were encountered: