GitHub: Git password authentication is shutting down

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

Our great sponsors
  • SonarLint - Clean code begins in your IDE with SonarLint
  • talent.io - Download talent.io’s Tech Salary Report
  • InfluxDB - Build time-series-based applications quickly and at scale.
  • Scout APM - Truly a developer’s best friend
  • git-credential-manager

    Secure, cross-platform Git credential storage with authentication to GitHub, Azure Repos, and other popular Git hosting services.

    You can use a supporting Git Credential Manager (such as GCM Core: https://github.com/microsoft/Git-Credential-Manager-Core) to keep using HTTPS and login/password. Instead of typing in your username/password directly in the CLI, it pops up GitHub's login page where you input login/password and then does the dance for you to get an access token from that.

    (Git for Windows default installs GCM Core. Some Linux distros do to. You may even already be using it. I think I've seen some confusion in comments here and elsewhere that they don't realize they are already typing in their username/password to a GCM dialog and that's going to keep working. This is about removing HTTPS Digest auth with direct password transmission over the wire.)

  • tokens

    Just so folks know, you can still use personal access tokens, which basically work as per-application passwords. For someone just getting started with git, I'd recommend they go to https://github.com/settings/tokens, generate a token, and then they can just use that as their password when running `git clone`.

    This will certainly be a little more difficult for newcomers, and not very discoverable, but it is there.

  • SonarLint

    Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.

  • Puts Debuggerer

    Ruby library for improved puts debugging, automatically displaying bonus useful information such as source line number and source code.

    Can't you still use https with this? You use the personal account token for the specific account to log in as the "password". I've been doing this recently with two GitHub accounts.

    In my ~/.gitconfig file, I've included

        [credential "https://github.com"]

  • lazygit

    simple terminal UI for git commands

  • tos

    DigitalOcean's Terms of Service agreement (by digitalocean)

    It may be meant for software developers but has legitimate value in other domains. For example, DigitalOcean has their legal team use it as a way of providing diffs on their terms of service and other policies. This type of use case is where it benefits everyone, in my opinion, to reduce the friction to get started.

    https://github.com/digitalocean/tos

    There are plenty of text file versioning use cases I think, from configuration files for system administrators to LaTeX papers for science students who could benefit and should have an easy path to using it.

  • repo

    GCM Core does support multiple users with GitHub remotes. You have to put the username in the remote URL, for example:

    https://[email protected]/owner/repo

    GCM will store credentials for "alice" only. Repositories that have remote URLs with a different "[email protected]" will use different credentials.

    Remote URLs without a "[email protected]" part at all (like "https://github.com/owner/repo") are treated like the "default" user for GitHub.com, rather than a specific one.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts