Stop specifying access token in remote URL

tanium / octobot

github bot with slack and jira integration

MIT License

25 stars 16 forks source link

Stop specifying access token in remote URL #219

Closed matthauck closed 5 years ago

matthauck commented 5 years ago

Depend on GITASKPASS instead which is already being setup properly.

matthauck commented 5 years ago

I forgot the password is already being set in git.rs via the more secure askpass interface: https://github.com/tanium/octobot/blob/7b5a7e518483f8737ab8957420589fe539c1c8e0/src/git.rs#L125-L127

mikebroome commented 5 years ago

@matthauck To make sure I'm clear on the change here ...

Reformatting of the info lines and backing out the one line from #217 aside, the change here is to remove the :session_token part of the x-access-token because it's not needed since the password is already set via the GIT_ASKPASS interface.

Is that right?

matthauck commented 5 years ago

Yes, that is correct.