[bitbake-devel] [PATCH] fetch2/git.py: Added handling of the user's password in url
Mark Hatle
mark.hatle at windriver.com
Thu Apr 12 14:56:44 UTC 2018
On 4/12/18 5:16 AM, Mikko.Rapeli at bmw.de wrote:
> On Thu, Apr 12, 2018 at 11:44:53AM +0200, Jakub Dębski wrote:
>> Fetching source code from private repository (using https or http) fails
>> because password passed in url (git://user:pass@domain) is ignored.
>
> Maybe this is by design to prevent credentials leaking into bitbake
> recipes.
>
> Alternative is to set the usernames, passwords etc in e.g. ~/.netrc
> and ~/.ssh/config files which have the same effect.
Yes, this has come up a few times in the past, and it's been rejected -- as we
don't want credentials to end up in bitbake. (Way too easy to accidentally leak
them to others.)
--Mark
> -Mikko
>
More information about the bitbake-devel
mailing list