forgejo-contrib-forgejo-cli-issues-434.md
Watch20
Star402
Fork
You've already forked forgejo-cli
CodeIssues 44Pull requests 8Releases 11Packages 2WikiActivity
Open
opened 2026-04-20 20:02:25 +02:00 by diegovsky · 5 comments
diegovsky commented 2026-04-20 20:02:25 +02:00
Copy link
fj should add a new subcommand called fj auth git-credential which can be used by git as a credentials helper, allowing users to authenticate easily via HTTPS.
It would also be good for fj auth login to have a new option that automatically adds the above into the git config for the specified host. Like so (using codeberg.org as a host):
[credential "https://codeberg.org"]
helper = !/usr/bin/env fj auth git-credential
Relevant documentation PR: Codeberg/Documentation#733
The github cli provides awesome support for this via gh auth git-credential, so it would be awesome for fj to do the same. Currently, one can do this using OAuth (see link above), but it basically authenticates twice if one already uses fj (one for the cli and another for git-credential-oauth), which is unnecessary.
Clear text password authentication is rather insecure, so providing an integrated credentials helper also helps with that, while being pretty seemless.
fj should add a new subcommand called fj auth git-credential which can be used by git as a credentials helper, allowing users to authenticate easily via HTTPS. It would also be good for fj auth login to have a new option that automatically adds the above into the git config for the specified host. Like so (using codeberg.org as a host): [credential "https://codeberg.org"] helper = !/usr/bin/env fj auth git-credential ### Motivation Relevant documentation PR: https://codeberg.org/Codeberg/Documentation/pulls/733 The github cli provides awesome support for this via gh auth git-credential, so it would be awesome for fj to do the same. Currently, one can do this using OAuth (see link above), but it basically authenticates twice if one already uses fj (one for the cli and another for git-credential-oauth), which is unnecessary. Clear text password authentication is rather insecure, so providing an integrated credentials helper also helps with that, while being pretty seemless. ### Code of Conduct - [x] I agree to act in accordance with the CoC & AI Agreement. - [x] This issue was not generated by an LLM, even in part.👍 3
diegovsky added the Kind/Feature label 2026-04-20 20:02:25 +02:00
Cyborus commented 2026-04-21 18:19:53 +02:00
Member
Copy link
I really like this idea, it's come up a few times where people get confused about fj being authenticated when git isn't.
@diegovsky wrote in #434 (comment):
Clear text password authentication is rather insecure
Well, I think it's worth noting that currently fj does exactly that. It's something I had looked into changing a long time ago now, and I'd still be open to changing.
I really like this idea, it's come up a few times where people get confused about fj being authenticated when git isn't. @diegovsky wrote in https://codeberg.org/forgejo-contrib/forgejo-cli/issues/434#issue-4463151: > Clear text password authentication is rather insecure Well, I think it's worth noting that currently fj does exactly that. It's something I had looked into changing a long time ago now, and I'd still be open to changing.
diegovsky commented 2026-04-22 00:30:39 +02:00
Author
Copy link
I mean, I also believe people should choose for themselves, that is, if someone wants to use clear text, let them be. Seems like all forgejo instances allow it, so why not?
Personaly, I don't wanna use clear text passwords due to the above concerns, but to each their own.
I mean, I also believe people should choose for themselves, that is, if someone wants to use clear text, let them be. Seems like all forgejo instances allow it, so why not? Personaly, I don't wanna use clear text passwords due to the above concerns, but to each their own.
Cyborus commented 2026-04-22 01:34:08 +02:00
Member
Copy link
Ah, my bad, it's not cleartext passwords. fj doesn't accept passwords at all, in fact. It's cleartext access/OAuth tokens.
Ah, my bad, it's not cleartext *passwords*. fj doesn't accept passwords at all, in fact. It's cleartext access/OAuth tokens.
MRDGH2821 commented 2026-06-06 00:20:02 +02:00
Copy link
Is this being considered?
Is this being considered?
Cyborus commented 2026-06-06 04:17:38 +02:00
Member
Copy link
Yes.
Yes.
Sign in to join this conversation.
No Branch/Tag specified
main
renovate/lock-file-maintenance
renovate/serde-saphyr-0.x
docs/contributing
no-port-in-refspec
login/v16.next.forgejo.org
crates-io-publish
0.5.x
compile-time-fluent
0.4.x
localization-alias-demo
api_url_field
v0.5.0
v0.4.1
v0.4.0
v0.3.0
v0.2.0
v0.1.1
v0.1.0
v0.0.4
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels[ Kind/Breaking Breaking change that won't be backward compatible
](#)[ Kind/Bug Something is not working
](#)[ Kind/Design Discussion about UI/UX design
](#)[ Kind/Documentation Documentation changes
](#)[ Kind/Enhancement Improve existing functionality
](#)[ Kind/Feature New functionality
](#)[ Kind/Security This is security issue
](#)[ Kind/Testing Issue or pull request related to testing
](#)[ Kind/Upstream This is an issue with upstream software (Forgejo) that is probably not our fault
](#)
[ Priority
Critical The priority is critical
](#)[ Priority
High The priority is high
](#)[ Priority
Low The priority is low
](#)[ Priority
Medium The priority is medium
](#)
[ Reviewed
Confirmed Issue has been confirmed
](#)[ Reviewed
Duplicate This issue or pull request already exists
](#)[ Reviewed
Invalid Invalid issue
](#)[ Reviewed
Won't Fix This issue won't be fixed
](#)
[ Status
Abandoned Somebody has started to work on this but abandoned work
](#)[ Status
Blocked Something is blocking this issue or pull request
](#)[ Status
Need More Info Feedback is required to reproduce issue or to continue work
](#)
[ Suspicious
](#)
No labels Kind/Breaking Kind/Bug Kind/Design Kind/Documentation Kind/Enhancement Kind/Feature Kind/Security Kind/Testing Kind/Upstream [ Priority
Critical ](/forgejo-contrib/forgejo-cli/issues?labels=173012) [ Priority
High ](/forgejo-contrib/forgejo-cli/issues?labels=173013) [ Priority
Low ](/forgejo-contrib/forgejo-cli/issues?labels=173015) [ Priority
Medium ](/forgejo-contrib/forgejo-cli/issues?labels=173014) [ Reviewed
Confirmed ](/forgejo-contrib/forgejo-cli/issues?labels=173007) [ Reviewed
Duplicate ](/forgejo-contrib/forgejo-cli/issues?labels=173005) [ Reviewed
Invalid ](/forgejo-contrib/forgejo-cli/issues?labels=173006) [ Reviewed
Won't Fix ](/forgejo-contrib/forgejo-cli/issues?labels=173008) [ Status
Abandoned ](/forgejo-contrib/forgejo-cli/issues?labels=173011) [ Status
Blocked ](/forgejo-contrib/forgejo-cli/issues?labels=173010) [ Status
Need More Info ](/forgejo-contrib/forgejo-cli/issues?labels=173009) Suspicious
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
Notifications Subscribe
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".
No due date set.
Dependencies
No dependencies set.
Reference
forgejo-contrib/forgejo-cli#434
WritePreview
Loading…
Add table
| Rows | | | Columns | |
CancelOK
Add a link
Url Description Hint: With a URL in your clipboard, you can paste directly into the editor to create a link.
CancelOK
CancelSave
Reference in a new issue
Repository
forgejo-contrib/forgejo-cli
Title
Body
Create issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
No Yes