Validate credentials

[pavkout]

Summary

• Adds a validateCredentials method to the GitHub and GitLab provider implementations that hits the provider's GET /user REST API endpoint — a lightweight, authoritative check that reliably returns HTTP 401 for revoked tokens or uninstalled GitHub Apps (unlike the git wire protocol, which can succeed anonymously on public repos).
• Adds an optional validateCredentials method to the GitRemoteProvider interface, with a fallback to fetchRemoteBranches for providers that don't implement it.
• Exposes a new validateGitRepositoryCredentials IPC handler in git-service.ts that looks up the stored credential for a project/workspace and delegates to the appropriate validation strategy.
• Adds a git.validate-credentials route and a useGitValidateCredentialsFetcher hook so the UI can trigger credential validation on demand.
• Credentials are also validated eagerly on loadGitRepository (after GitVCS.init()) to surface revoked tokens as HTTP 4xx errors, which triggers the existing re-auth banner logic.

Test plan

• Connect a project to a GitHub/GitLab repo with a valid token — confirm no error is shown.
• Revoke the token (or uninstall the GitHub App) and reload the project — confirm the re-auth banner appears.
• Verify that a project linked to a public GitHub repo with a revoked token still shows the re-auth hint (regression case for the wire-protocol false-positive).
• Confirm the fallback path works for non-GitHub/GitLab providers (e.g. manual PAT credentials).

[Copilot]

Pull request overview

This PR introduces an explicit “validate current Git credentials” flow to better detect revoked/invalid OAuth tokens (notably for GitHub where anonymous git access can still succeed on public repos), and wires that validation into the project settings UI and Electron IPC.

Changes:

• Add an optional validateCredentials() capability to git remote providers and implement it for GitHub and GitLab via GET /user.
• Add a new /git/validate-credentials client loader route + fetcher hook, backed by a new git.validateGitRepositoryCredentials IPC endpoint in the main process.
• Update the project settings form to call the validation fetcher and use its errors to drive the OAuth re-auth banner / hide author email selection when auth errors are present.

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
packages/insomnia/src/ui/components/project/project-settings-form.tsx	Switches from loading repo data to calling the new credential-validation fetcher and uses returned errors in the Git auth banner UI.
packages/insomnia/src/sync/git/providers/types.ts	Extends the provider interface with optional validateCredentials().
packages/insomnia/src/sync/git/providers/gitlab.ts	Implements credential validation against GitLab’s GET /user.
packages/insomnia/src/sync/git/providers/github.ts	Implements credential validation against GitHub’s GET /user.
packages/insomnia/src/routes/git.validate-credentials.tsx	Adds a new route + fetcher hook for validating credentials from the renderer.
packages/insomnia/src/main/ipc/electron.ts	Adds a new IPC channel type for credential validation.
packages/insomnia/src/main/git-service.ts	Adds the main-process validation implementation and registers the IPC handler; also validates credentials during loadGitRepository init.
packages/insomnia/src/entry.preload.ts	Exposes the new validation API on window.main.git.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[mcturco]

• Let's update the toast content to the following:
  • Push failed
    Connection has expired. Re-authenticate (underlined)
• Just noticed that I have misspelled "Re-authenticate" in my designs, sorry about that! Can we update that everywhere?
• For all links in the red banners, can we change the color from purple to white?
• In the red banners, can we reduce the space between the icon and the content by half?

[pavkout]

• Let's update the toast content to the following:

  • Push failed
    Connection has expired. Re-authenticate (underlined)

• Just noticed that I have misspelled "Re-authenticate" in my designs, sorry about that! Can we update that everywhere?

• For all links in the red banners, can we change the color from purple to white?

• In the red banners, can we reduce the space between the icon and the content by half?

@mcturco I have completed the suggested changes 🚀