[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jgit-dev] approaching release 3.4

On Thu, Sep 4, 2014 at 5:30 PM, Luca Milanesio <luca.milanesio@xxxxxxxxx> wrote:
Hi Matthias,
I think there is a major regression that needs to be fixed (see [1]) as it potentially breaks any operation with credentials encoded in the Git URL.

Regression was introduced with the support of the .netrc (see [2]) without honouring the credentials (user:pass@host) encoded in the URL: as a result any existing Git connections using the credentials in this way would eventually break.
The fix should be easy (just use the password in the URIish if present) and would then restore the existing behaviour.

If we are going to release 3.4 without fixing this regression, we should warn the users in the release notes that any credential in the URL is not honoured anymore.

I am aware of this problem and will try to fix it before we release 3.5 (I talked about 3.4 by mistake, this was released
in June already).

--
Matthias