Refactor git credential handling in login workflow #1138
Conversation
|
The documentation is not available anymore as the PR was closed or merged. |
|
This sound good to me! Now let's see if it passes the caudine forks of both @LysandreJik and @sgugger 🤞 |
|
And also tagging @osanseviero for potential DX guidance |
Youhou :D I also forgot to write about the |
|
This is mostly @LysandreJik 's territory and I know too little to be of real help here. The most important thing is to keep |
src/huggingface_hub/_login.py
Outdated
|
|
||
|
|
||
| logger = logging.get_logger(__name__) | ||
|
|
||
|
|
||
| def login(token: Optional[str] = None) -> None: | ||
| def login(token: Optional[str] = None, add_to_git_credential: bool = False) -> None: |
There was a problem hiding this comment.
I would have it default to True here as well :)
There was a problem hiding this comment.
I genuinely think this default value will not affect a lot of people. In the end, the value is only used in the case the token is hard-coded (e.g. login(token="hf_***")) which is a minor case. Anyone that login with the notebook widget or the terminal prompt will get asked if git credentials must be set, regardless of the add_to_git_credential value.
For the record, when set to False a warning message tells the user "hey, be aware that git credentials are not updated". I am also fine with True so that we don't have users complaining that the login doesn't work. But once again, we are not talking about the generic use case here.
There was a problem hiding this comment.
Thanks for the extra context! As a disclaimer, I don't feel very strongly so feel free to go with what you think is best.
Thanks for this great refactor!
There was a problem hiding this comment.
sorry about the confusing feedback! I think it's ok to keep it that way, no big deal at all
it was mostly a (bad) joke targeted at @LysandreJik, I apologize, it was more confusing then necessary. No strong opinion about the actual value here, I think True is fine.
There was a problem hiding this comment.
Ahah ok, let's keep it to False and users will be warned anyway.
|
Thanks for the review @LysandreJik ! I have made the requested changes and added a test. |
* Fix list_models bool parameter * remove cardData deprecation * quality * expect deprecation is code * switch back add_to_git_credential default value see #1138
Fix #1051. Read entire discussion there to get more context.
Also deprecate
HfApi.set_access_tokenwhich was ambiguous (fix #661).Here is the new workflow:
1.a. In
notebook_loginorinterpreter_login, a checkbox/prompt asks the user if the token must be set as git credential. Default value isTrueas I expect most users don't care about it and it would avoid topics will "hey my git clone doesn't work after login, what should I do ?". Since default value is explicitly displayed to the user, it doesn't seem a problem to me.1.b. In
login, an extra boolean argumentadd_to_git_credentialallows the user to set the token in git credential in the non-blocking login process. Default value isFalseas we don't want to overwrite a value without the user knowing. A message is still printed to the user to warn about this possibility.2.a If
add_to_git_credential=False(either programmatically or from user input), git credential stay untouched.2.b. If
add_to_git_credential=True, we check the list of git credential helpers configured on the machine (cache, store, keychain,...)2.b.i If no helper is configured, we display a RED warning "hey you should configure a git credential helper". Login is successful (no error raised) but git credential is not set. Special case: in a Google Colab, we set
"store"as the default credential helper (if not previously set) and we do not print the warning.2.b.ii If at least 1 helper is configured, the credentials are set in all helpers using
git credential approve. A message is printed to the user to confirm it.cc @julien-c @LysandreJik I think this is a workflow as will be as easy as possible for the users while giving them flexibility on overwriting credentials are not. WDYT ?
TODO: