Timeline for What's the proper way to "go get" a private repository?
Current License: CC BY-SA 4.0
7 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jul 12, 2024 at 9:32 | comment | added | Kanak Singhal | It's all about tradeoffs, I didn't say one is better than the other. There are two default ways of doing this - SSH public-private key pair & GitHub PAT. And I've shown both. Github is also providing fine-grained access token which can be used instead of the password (as mentioned). Storing these fine-grain access tokens into netrc is undeniably a viable option for many. Storing the web login password in a file would defiantly be bad and I didn't suggest that I believe, at-least for GitHub & AWS. | |
| Jun 28, 2024 at 14:06 | comment | added | dolmen |
Storing credentials in ~/.aws is bad as well. That's a bad justification for incorrect security practices. Instead use the Git credentials helper appropriate for your password store. See git help credentials.
|
|
| May 9, 2023 at 9:56 | history | edited | Kanak Singhal | CC BY-SA 4.0 |
added 402 characters in body
|
| Aug 20, 2020 at 10:05 | history | edited | Kanak Singhal | CC BY-SA 4.0 |
added 24 characters in body
|
| Aug 20, 2020 at 9:58 | comment | added | Kanak Singhal |
You are probably right. For me, it looks similar to how AWS credentials are stored in ~/.aws. And with GitHub's personal access token, I can fine grain the access according to requirement and control rotations. There's SSH way as well 👆
|
|
| Aug 19, 2020 at 8:25 | comment | added | Joachim | This requires you to store your login credentials in a plain text file on your machine. That's not good. | |
| May 6, 2020 at 15:11 | history | answered | Kanak Singhal | CC BY-SA 4.0 |