Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Repository credentials should be looked up only as necessary #657

Closed
hugoduncan opened this Issue · 1 comment

2 participants

@hugoduncan

User credentials for repositories are handled a little inconsistently at present.

credentials.gpg is always read, while environment variable based look up is enabled in project.clj or profiles.clj with:

:repositories {"private" {:url "https://secret.com/repo" :username "lein" :password :env}}

A user profile based mechanism for defining credential sources might be preferable, with credentials.gpg being lazily loaded only if required, to reduce the number of passphrase challenges.

@technomancy
Owner

So the way this turned out, any :repositories entry with a :gpg value will cause that repository to get looked up in the decrypted credentials.clj.gpg file. Thoughts?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.