Skip to content

Repository credentials should be looked up only as necessary #657

hugoduncan opened this Issue Jun 21, 2012 · 1 comment

2 participants


User credentials for repositories are handled a little inconsistently at present.

credentials.gpg is always read, while environment variable based look up is enabled in project.clj or profiles.clj with:

:repositories {"private" {:url "" :username "lein" :password :env}}

A user profile based mechanism for defining credential sources might be preferable, with credentials.gpg being lazily loaded only if required, to reduce the number of passphrase challenges.


So the way this turned out, any :repositories entry with a :gpg value will cause that repository to get looked up in the decrypted credentials.clj.gpg file. Thoughts?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.