When URL is github.com it uses GITHUB_TOKEN token, and if gitlab.com uses GITLAB_TOKEN token
OR
Have one generic GIT_AUTH_TOKEN used for authentications (with warning its always used for all connections)
OR
Provide GIT_AUTH_TOKEN array and all tokens be checked/matched for access
Actual Behavior
Regardless of URL if GITHUB_TOKEN is set its always used, always auth is returned.
Set dummy/real GITHUB_TOKEN ( export GITHUB_TOKEN="ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
Set real GITLAB_TOKEN ( export GITLAB_TOKEN="glpat-xxxxxxxxxxxxxxxxxxxx" )
Run remote repo scanning in trivy or any other tool using this library ( trivy repo https://gitlab.com/private-organization/private-repo or trivy repo https://gitlab.com/gitlab-org/gitlab )
Expected Behavior
When URL is
github.comit usesGITHUB_TOKENtoken, and ifgitlab.comusesGITLAB_TOKENtoken OR Have one genericGIT_AUTH_TOKENused for authentications (with warning its always used for all connections) OR ProvideGIT_AUTH_TOKENarray and all tokens be checked/matched for accessActual Behavior
Regardless of URL if
GITHUB_TOKENis set its always used, always auth is returned.https://github.com/aquasecurity/fanal/blob/f400923828e8f96e0b02b7e6098b4715826c018c/artifact/remote/git.go#L111-L132
Steps to Reproduce the Problem
GITHUB_TOKEN(export GITHUB_TOKEN="ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")GITLAB_TOKEN(export GITLAB_TOKEN="glpat-xxxxxxxxxxxxxxxxxxxx")trivy repo https://gitlab.com/private-organization/private-repoortrivy repo https://gitlab.com/gitlab-org/gitlab)git error: authentication requiredSpecifications