Don't retry invalid credentials from git credential helpers #6681
Conversation
If the git credential helper returns invalid credentials, we currently get stuck in an infinite retry loop by calling the credentials callback over and over, each time returning the same invalid credentials. This change means we only invoke the credential helper once.
|
Thanks for the pull request, and welcome! The Rust team is excited to review your changes, and you should hear from @nrc (or someone else) soon. If any changes to this PR are deemed necessary, please add them as extra commits. This ensures that the reviewer can see what has changed since they last reviewed the code. Due to the way GitHub handles out-of-date commits, this should also make it reasonably obvious what issues have or haven't been addressed. Large or tricky changes may require several passes of review and changes. Please see the contribution instructions for more information. |
|
Looks like the test failure is unrelated - quoting the comment above the test that failed:
|
|
Thanks for this! Could this piggy-back off |
|
Thanks for your quick reply! I've updated the comment and reused the existing variable. Let me know if there's anything else that could be improved 🙂 |
|
@bors: r+ |
|
📌 Commit 96ab67b has been approved by |
Don't retry invalid credentials from git credential helpers If a git credential helper returns invalid credentials, we currently get stuck in an infinite retry loop by calling the credentials callback over and over, each time returning the same invalid credentials. This change means we only invoke the credential helper once. ## How to reproduce 1. Create a git credential store with some invalid credentials: ``` echo "https://example-user:invalid-credentials@github.com" > ~/invalid-store ``` 2. Tell git to use that as your credential store by adding this to your `~/.gitconfig`: ``` [credential] helper = store --file=/home/<user>/invalid-store ``` 3. Add an invalid Git dependency to a `Cargo.toml`. For instance: ``` [dependencies.fake-repository] git = "https://github.com/fake-user/fake-repository" version = ">= 1.0.0" ``` 4. Try to update the dependencies (e.g. with `cargo update` or `cargo build`). Cargo hangs forever, retrying the invalid credentials.
|
☀️ Test successful - checks-travis, status-appveyor |
Update cargo 9 commits in 865cb70106a6b1171a500ff68f93ab52eea56e72..b33ce7fc9092962b0657b4c25354984b5e5c47e4 2019-02-10 15:49:37 +0000 to 2019-02-19 18:42:50 +0000 - Don't retry invalid credentials from git credential helpers (rust-lang/cargo#6681) - Fix some typos in resolver tests (rust-lang/cargo#6682) - Add an unstable option to build proc macros for both the host and the target (rust-lang/cargo#6547) - Test cases proving RUSTC_WRAPPER can be a relative path (rust-lang/cargo#6638) - Add support for Azure DevOps (rust-lang/cargo#6264) - Update docs for removed `patch` restriction. (rust-lang/cargo#6663) - Fix incorrect help message (rust-lang/cargo#6555) - Stabilize Alternative Registries (rust-lang/cargo#6654) - Having a [patch] section when publishing is not an error (rust-lang/cargo#6535)
If a git credential helper returns invalid credentials, we currently get stuck in an infinite retry loop by calling the credentials callback over and over, each time returning the same invalid credentials. This change means we only invoke the credential helper once.
How to reproduce
~/.gitconfig:Cargo.toml. For instance:cargo updateorcargo build).Cargo hangs forever, retrying the invalid credentials.