From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-3.0 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,FUZZY_CREDIT,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE shortcircuit=no autolearn=no autolearn_force=no version=3.4.6 Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by dcvr.yhbt.net (Postfix) with ESMTP id 5533A1F452 for ; Mon, 1 May 2023 22:25:38 +0000 (UTC) Authentication-Results: dcvr.yhbt.net; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20221208 header.b=F47NYRmo; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232615AbjEAWZf (ORCPT ); Mon, 1 May 2023 18:25:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56440 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232003AbjEAWZd (ORCPT ); Mon, 1 May 2023 18:25:33 -0400 Received: from mail-pj1-x1034.google.com (mail-pj1-x1034.google.com [IPv6:2607:f8b0:4864:20::1034]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 66D3C26BC for ; Mon, 1 May 2023 15:25:32 -0700 (PDT) Received: by mail-pj1-x1034.google.com with SMTP id 98e67ed59e1d1-24e1d272b09so508165a91.1 for ; Mon, 01 May 2023 15:25:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1682979932; x=1685571932; h=mime-version:user-agent:message-id:in-reply-to:date:references :subject:cc:to:from:sender:from:to:cc:subject:date:message-id :reply-to; bh=dR5xuRld8djT47ou+rJYZhkdC43vUrv9bIWA5uEnmIU=; b=F47NYRmoo4bp40bQbQPmyS0xeRX0Julw3qPaqoG945RbskR+oOA7kF2FYbcYKLEo3f PNR+XmdQ1KettrwAPiJTucneh2kZ/rAyNFx5cLbYGj4GZFE1bG5uatVr+3a5Fw5X22if x4WT+M40K36h524VylIyi6Oe97/TXVHs93wCubHoKaNbHofHe/z7Pya4XMM2waoH9HFv dbiXYvMq/6Zt3c9IFvV9yRfjiHKpPWqF11lx03xr9juAgLhsfDj5NMnuwZU61UV4MWMJ HOpwo+14FuD8ADmmUJ0+AbVDVPvBiTHqqAkhWTVQfu3HEAKe6dPWG+8fKsBuYbFf6jJq 5PaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1682979932; x=1685571932; h=mime-version:user-agent:message-id:in-reply-to:date:references :subject:cc:to:from:sender:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=dR5xuRld8djT47ou+rJYZhkdC43vUrv9bIWA5uEnmIU=; b=b6x14szfwImEKoWflOMfYTOi3RdOfCMKo0EjaYqaMxUQrC+P1aErTQAP52LFIGhoV1 S7Yt4s2U2tL7iIzuqt2667M6k9u1HsGzgsWgXLzIggyXO2S6YIJtiSxege448DFAY7gf YYhWqOL67/vmy/M8iVm42v5p6jYQ/CX8WL8aJTbBGLWBgVYNDNWyNCibOLbjokb7Vj8G s9o9CLQ7SzvURPvse79ZuNZCJDiyyqCsvVFwVDKSBIi4IFm3annZICnbMf9CuEBIQkEC KldqYY29TE295pTP76OoEtf4+t8+eYu/4XOh8QThSMC3cUo6Ik6slQ4pqlNlEyqS/S2o PdUw== X-Gm-Message-State: AC+VfDzMmIqH0ulbpmUKTBW0y++QcX+okJAk57knSKncGe8ofCaxxPYw N1nuzVwCRFJqKqQ4Qjx+KE0= X-Google-Smtp-Source: ACHHUZ6/z861BckJdoWfnge4dKvC6l4nDWuw1hHiMMj/UcGfKItZLj7EDiXu25y3dcYLITyoH8Iyag== X-Received: by 2002:a17:90a:9f94:b0:24e:109a:94e with SMTP id o20-20020a17090a9f9400b0024e109a094emr3135808pjp.7.1682979931783; Mon, 01 May 2023 15:25:31 -0700 (PDT) Received: from localhost (187.137.203.35.bc.googleusercontent.com. [35.203.137.187]) by smtp.gmail.com with ESMTPSA id q4-20020a17090a304400b0024e2230fdafsm273283pjl.54.2023.05.01.15.25.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 01 May 2023 15:25:31 -0700 (PDT) Sender: Junio C Hamano From: Junio C Hamano To: M Hickford Cc: Johannes Schindelin , M Hickford via GitGitGadget , git@vger.kernel.org, "Johannes Sixt [ ]" , "Harshil Jani [ ]" , Jakub =?utf-8?B?QmVyZcW8YcWEc2tp?= , Karsten Blees , Erik Faye-Lund , Javier Roucher Iglesias Subject: Re: [PATCH] credential/wincred: store password_expiry_utc References: <35e1ebe6-e15b-1712-f030-70ab708740db@gmx.de> Date: Mon, 01 May 2023 15:25:31 -0700 In-Reply-To: (M. Hickford's message of "Thu, 30 Mar 2023 06:50:30 +0100") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org M Hickford writes: > Thanks Johannes for the review and the fix. I'll include it in any patch v2. > >> But I have to wonder: why even bother with `git-wincred`? This credential >> helper is so ridiculously limited in its capabilities, it does not even >> support any host that is remotely close to safe (no 2FA, no OAuth, just >> passwords). So I would be just as happy if I weren't asked to spend my >> time to review changes to a credential helper I'd much rather see retired >> than actively worked on. > > git-credential-wincred has the same capabilities as popular helpers > git-credential-cache, git-credential-store, git-credential-osxkeychain > and git-credential-libsecret. Any of which can store OAuth credentials > generated by a helper such as git-credential-oauth [1]. This is > compatible with 2FA (any 2FA happens in browser). Example config: > > [credential] > helper = wincred > helper = oauth > > This patch to store password_expiry_utc is necessary to avoid Git > trying to use OAuth credentials beyond expiry. See > https://github.com/git/git/commit/d208bfdfef97a1e8fb746763b5057e0ad91e283b > for background (I'll add to commit message v2). So, even though earlier Dscho sounded negative on extending wincred helper, are we now on track of enhancing its capabilities? The v3 is now queued in my tree and nobody who knows Windows seem to have made any comments on either v2 or v3---I am wondering if the lack of comments is a good news or no interest. Thanks.